{"id":13494513,"url":"https://github.com/latchset/jwcrypto","last_synced_at":"2025-05-14T13:08:42.007Z","repository":{"id":28166007,"uuid":"31667038","full_name":"latchset/jwcrypto","owner":"latchset","description":"Implements JWK,JWS,JWE specifications using python-cryptography","archived":false,"fork":false,"pushed_at":"2024-07-08T18:53:18.000Z","size":726,"stargazers_count":453,"open_issues_count":9,"forks_count":120,"subscribers_count":18,"default_branch":"main","last_synced_at":"2025-04-10T03:47:55.570Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/latchset.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-03-04T16:27:37.000Z","updated_at":"2025-03-29T14:34:58.000Z","dependencies_parsed_at":"2023-11-28T22:31:15.246Z","dependency_job_id":"d8fa5bf6-cf03-4958-a572-33f2c380739f","html_url":"https://github.com/latchset/jwcrypto","commit_stats":{"total_commits":303,"total_committers":41,"mean_commits":7.390243902439025,"dds":0.2541254125412541,"last_synced_commit":"9f2cd3abaaf80ebdbdd25f58131665f532b673e6"},"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/latchset%2Fjwcrypto","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/latchset%2Fjwcrypto/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/latchset%2Fjwcrypto/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/latchset%2Fjwcrypto/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/latchset","download_url":"https://codeload.github.com/latchset/jwcrypto/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254149974,"owners_count":22022852,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T19:01:25.694Z","updated_at":"2025-05-14T13:08:36.968Z","avatar_url":"https://github.com/latchset.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"[![PyPI](https://img.shields.io/pypi/v/jwcrypto.svg)](https://pypi.org/project/jwcrypto/)\n[![Changelog](https://img.shields.io/github/v/release/latchset/jwcrypto?label=changelog)](https://github.com/latchset/jwcrypto/releases)\n[![Build Status](https://github.com/latchset/jwcrypto/actions/workflows/build.yml/badge.svg)](https://github.com/latchset/jwcrypto/actions/workflows/build.yml)\n[![ppc64le Build](https://github.com/latchset/jwcrypto/actions/workflows/ppc64le.yml/badge.svg)](https://github.com/latchset/jwcrypto/actions/workflows/ppc64le.yml)\n[![Code Scan](https://github.com/latchset/jwcrypto/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/latchset/jwcrypto/actions/workflows/codeql-analysis.yml)\n[![Documentation Status](https://readthedocs.org/projects/jwcrypto/badge/?version=latest)](https://jwcrypto.readthedocs.io/en/latest/?badge=latest)\n\nJWCrypto\n========\n\nAn implementation of the JOSE Working Group documents:\n- RFC 7515 - JSON Web Signature (JWS)\n- RFC 7516 - JSON Web Encryption (JWE)\n- RFC 7517 - JSON Web Key (JWK)\n- RFC 7518 - JSON Web Algorithms (JWA)\n- RFC 7519 - JSON Web Token (JWT)\n- RFC 7520 - Examples of Protecting Content Using JSON Object Signing and\n  Encryption (JOSE)\n\nInstallation\n============\n\n    pip install jwcrypto\n\nDocumentation\n=============\n\nhttp://jwcrypto.readthedocs.org\n\nDeprecation Notices\n===================\n\n2020.12.11: The RSA1_5 algorithm is now considered deprecated due to numerous\nimplementation issues that make it a very problematic tool to use safely.\nThe algorithm can still be used but requires explicitly allowing it on object\ninstantiation. If your application depends on it there are examples of how to\nre-enable RSA1_5 usage in the tests files.\n\nNote: if you enable support for `RSA1_5` and the attacker can send you chosen\nciphertext and is able to measure the processing times of your application,\nthen your application will be vulnerable to a Bleichenbacher RSA padding\noracle, allowing the so-called \"Million messages attack\". That attack allows\nto decrypt intercepted messages (even if they were encrypted with RSA-OAEP) or\nforge signatures (both RSA-PKCS#1 v1.5 and RSASSA-PSS).\n\nGiven JWT is generally used in tokens to sign authorization assertions or to\nencrypt private key material, this is a particularly severe issue, and must\nnot be underestimated.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flatchset%2Fjwcrypto","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flatchset%2Fjwcrypto","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flatchset%2Fjwcrypto/lists"}