Fixed a problem with going from a JWK dictionary to a JWK class instance.

Author: rohe

doc/keyhandling.rst

@@ -86,6 +86,67 @@ and::
     >>> ec_key.has_private_key()
     True
 
+When it comes to exporting keys a :py:class:`cryptojwt.jwk.JWK` instance
+only know how to serialize into the format described in JWK_.
+
+    >>> from cryptojwt.jwk.rsa import new_rsa_key
+    >>> rsa_key = new_rsa_key()
+    >>> rsa_key.serialize()
+    {
+    'kty': 'RSA',
+    'kid': 'NXhZYllJOXdLSW50aUVkcGY4XzZrSVF5blI5aEYxeEJDdFZLV2tHZDlFUQ',
+    'n': 'xRgpX7q-kvQ02EhkHi63TQBR0RMcGCnxCugxtcPmaIX8brilwbkwQyZraEHzW
+    zj-gaQyro_dWR7QqbhgiQ6U9Hj3x6HINJuw7LbqR_GE4TvTu3rJXPh3MqTs7yK6GcgK
+    soTv8wQy6Pwl7gjrQRk37zfIHWLkxU-crz2dd1QdSmStlxRjbczik66llF5ENXE3wVz
+    raPAdjIv1Y4n5dT3kw7QerVv2Dntn5TJ_8QSkmDJW-FA2TQbKBnOd_OgYeKZnGx5cng
+    uWa23uQZTxfGnE7IXA2XYpZhHIgAGMXQ0SaR07MwIZDmreI_Mxypg2ES7XT42qhnxXU
+    iGm9fA8nhHjwQ',
+    'e': 'AQAB'
+    }
+
+
+What you get when doing it like above is the representation of the public key.
+You can also get the values for the private key like this::
+
+    >>> from cryptojwt.jwk.rsa import new_rsa_key
+    >>> rsa_key = new_rsa_key()
+    >>> rsa_key.serialize(private=True)
+    {
+    'kty': 'RSA',
+    'kid': 'NXhZYllJOXdLSW50aUVkcGY4XzZrSVF5blI5aEYxeEJDdFZLV2tHZDlFUQ',
+    'n': 'xRgpX7q-kvQ02EhkHi63TQBR0RMcGCnxCugxtcPmaIX8brilwbkwQyZraEHz
+    Wzj-gaQyro_dWR7QqbhgiQ6U9Hj3x6HINJuw7LbqR_GE4TvTu3rJXPh3MqTs7yK6Gc
+    gKsoTv8wQy6Pwl7gjrQRk37zfIHWLkxU-crz2dd1QdSmStlxRjbczik66llF5ENXE3
+    wVzraPAdjIv1Y4n5dT3kw7QerVv2Dntn5TJ_8QSkmDJW-FA2TQbKBnOd_OgYeKZnGx
+    5cnguWa23uQZTxfGnE7IXA2XYpZhHIgAGMXQ0SaR07MwIZDmreI_Mxypg2ES7XT42q
+    hnxXUiGm9fA8nhHjwQ',
+    'e': 'AQAB',
+    'd': 's-2jz73WvqdsGsqzg45YTlZtWrXcXv7jC3b_8pTdoiw3UAkHYXwjYBoR0cLr
+    XCsCxO1WS2AQzYxBJ7-neVezih9o7Hl4IPbFJMSzymvlSA1q9OtaKqK1hqljl8gXJv
+    QlN-X-e9coduPB6LWBtxNDqgI9kP44JRzRyHUybL6AYuk970_RoqxH2nr8FqMZbNWl
+    Vk2X-v06EcO4E_ROSl8vqpb811UidXIvWAJw36LAUw0BTpdvpejSVM1B7PZWbzD91T
+    4vwJYOAVdwWxpmA5HEXRbpNJLnMJus7iq7EVyG2ZbA4TXT-EIoASKMyxJtAuKMDk6c
+    SISWay6LwjdBgVMAAQ',
+    'p': '588dwE505-i7wL5mWkhH19xS1RzKahFhA66ZVmPjBaA88TBlaZxsdqEADwqX
+    oMq_XIUh-P5Tc-ueiCw5rUVNTMb45HWr5fnQXtnJt4yMukNpERABIcWvZWLQg_ONW4
+    iAKid9MLg5EYd2VkAAwXwzzdD1hiYEcxMwQVQ3nLmQ8AE',
+    'q': '2amgmjQD5Jx7kAR-9oLFjnuvgbUMBOUieQKUCpeJu8q00S7kHb2Hy6ZsanJ-
+    -Biu1XKz1lxelpN2upsjiKU7f08PB_IPCenBZIU3YwozZd15wCoSyKtffgqk5RXeyi
+    3I1ULKXHxr3L7g-7Yi_APgtInQncNnm0Q_t7A_c-P888E'
+    }
+
+And you can of course create a key from a JWK representation::
+
+    >>> from cryptojwt.jwk.rsa import new_rsa_key
+    >>> from cryptojwt.jwk.jwk import key_from_jwk_dict
+    >>> rsa_key = new_rsa_key()
+    >>> jwk = rsa_key.serialize(private=True)
+    >>> _key = key_from_jwk_dict(jwk)
+    >>> type(_key)
+    <class 'cryptojwt.jwk.rsa.RSAKey'>
+    >>> _key.has_private_key()
+    True
+
 
 
 .. _cryptography: https://cryptography.io/en/latest/

src/cryptojwt/jwk/jwk.py

@@ -3,6 +3,9 @@
 from cryptography.hazmat import backends
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives.asymmetric.rsa import rsa_crt_dmp1
+from cryptography.hazmat.primitives.asymmetric.rsa import rsa_crt_dmq1
+from cryptography.hazmat.primitives.asymmetric.rsa import rsa_crt_iqmp
 
 from ..exception import WrongKeyType
 from ..exception import UnknownKeyType
@@ -53,13 +56,26 @@ def key_from_jwk_dict(jwk_dict):
             base64url_to_long(_jwk_dict["n"]))
         if _jwk_dict.get("p", None) is not None:
             # Rsa private key.
+            p_long = base64url_to_long(_jwk_dict["p"])
+            q_long = base64url_to_long(_jwk_dict["q"])
+            d_long = base64url_to_long(_jwk_dict["d"])
+
+            if 'dp' not in _jwk_dict:
+                dp_long = rsa_crt_dmp1(d_long, p_long)
+            else:
+                dp_long = base64url_to_long(_jwk_dict["dp"])
+            if 'dq' not in _jwk_dict:
+                dq_long = rsa_crt_dmq1(d_long, q_long)
+            else:
+                dq_long = base64url_to_long(_jwk_dict["dq"])
+            if 'qi' not in _jwk_dict:
+                qi_long = rsa_crt_iqmp(p_long, q_long)
+            else:
+                qi_long = base64url_to_long(_jwk_dict["qi"])
+
             rsa_priv_numbers = rsa.RSAPrivateNumbers(
-                base64url_to_long(_jwk_dict["p"]),
-                base64url_to_long(_jwk_dict["q"]),
-                base64url_to_long(_jwk_dict["d"]),
-                base64url_to_long(_jwk_dict["dp"]),
-                base64url_to_long(_jwk_dict["dq"]),
-                base64url_to_long(_jwk_dict["qi"]), rsa_pub_numbers)
+                p_long, q_long, d_long,
+                dp_long, dq_long, qi_long, rsa_pub_numbers)
             _jwk_dict['priv_key'] = rsa_priv_numbers.private_key(
                 backends.default_backend())
             _jwk_dict['pub_key'] = _jwk_dict['priv_key'].public_key()

tests/test_02_jwk.py

@@ -574,3 +574,10 @@ def test_load_pem_file_ec():
     key = ECKey().load(full_path('570-ec-sect571r1-keypair.pem'))
     assert key.has_private_key()
 
+
+def test_key_from_jwk_dict():
+    rsa_key = new_rsa_key()
+    jwk = rsa_key.serialize(private=True)
+    _key = key_from_jwk_dict(jwk)
+    assert isinstance(_key, RSAKey)
+    assert _key.has_private_key()