Merge branch 'develop' into python_3_10

Author: jschlyter

doc/jwe.rst

@@ -43,10 +43,10 @@ There is a lower level way of doing the same, it will look like this::
     >>> from cryptojwt.jwk.rsa import import_private_rsa_key_from_file
     >>> from cryptojwt.jwe.jwe_rsa import JWE_RSA
 
-    >>> priv_key = import_private_rsa_key_from_file(KEY)
+    >>> priv_key = import_private_rsa_key_from_file('certs/key.pem')
     >>> pub_key = priv_key.public_key()
     >>> plain = b'Now is the time for all good men to come to the aid of ...'
-    >>> _rsa = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
+    >>> _rsa = JWE_RSA(plain, alg="RSA-OAEP", enc="A128CBC-HS256")
     >>> jwe = _rsa.encrypt(pub_key)
 
 Here the key is an cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey
@@ -61,7 +61,7 @@ Decrypting using the encrypted message above.
     >>> from cryptojwt.jwe.jwe import factory
     >>> from cryptojwt.jwk.rsa import RSAKey
 
-    >>> _decryptor = factory(jwe, alg="RSA1_5", enc="A128CBC-HS256")
+    >>> _decryptor = factory(jwe, alg="RSA-OAEP", enc="A128CBC-HS256")
     >>> _dkey = RSAKey(priv_key=priv_key)
     >>> msg = _decryptor.decrypt(jwe, [_dkey])
 

src/cryptojwt/jwe/__init__.py

@@ -32,6 +32,11 @@
     ],
 }
 
+DEPRECATED = {
+    "alg": ["RSA1_5"],
+    "enc": [],
+}
+
 
 class Encrypter(object):
     """Abstract base class for encryption algorithms."""

src/cryptojwt/jwx.py

@@ -1,13 +1,15 @@
 """A basic class on which to build the JWS and JWE classes."""
 import json
 import logging
+import warnings
 
 import requests
 
 from cryptojwt.jwk import JWK
 from cryptojwt.key_bundle import KeyBundle
 
 from .exception import HeaderError
+from .jwe import DEPRECATED
 from .jwk.jwk import key_from_jwk_dict
 from .jwk.rsa import RSAKey
 from .jwk.rsa import import_rsa_key
@@ -91,6 +93,8 @@ def __init__(self, msg=None, with_digest=False, httpc=None, **kwargs):
                         raise ValueError("x5u")
                 else:
                     self._dict[key] = _val
+                if key in DEPRECATED and _val in DEPRECATED[key]:
+                    warnings.warn(f"{key}={_val} deprecated")
 
     def _set_jwk(self, val):
         if isinstance(val, dict):

src/cryptojwt/key_jar.py

@@ -318,7 +318,6 @@ def load_keys(self, issuer_id, jwks_uri="", jwks=None, replace=False):
             should be replace.
         :return: Dictionary with usage as key and keys as values
         """
-
         logger.debug("Initiating key bundle for issuer: %s" % issuer_id)
 
         _issuer = self.return_issuer(issuer_id)