def decrypt(self,
nonce: bytes,
key: SymmetricKey,
alg: Optional[CoseAlgorithms] = None) -> bytes:
"""
Decrypts the payload.
:param nonce: Nonce for decryption. Length tof the nonce depends on the AEAD. Nonce cannot be empty or None.
:param key: A Symmetric COSE key object containing the symmetric key bytes and a optionally an AEAD algorithm.
:param alg: If the 'alg' parameter is unset in the COSE key object, this parameter cannot be None.
:raises ValueError: When the nonce is empty or None
:raises CoseIllegalKeyType: When the key is not of type 'SymmetricKey'.
:returns: plaintext as bytes
"""
if nonce == b"" or nonce is None:
raise ValueError(f"{nonce} is not a valid nonce value")
if not isinstance(key, SymmetricKey):
raise CoseIllegalKeyType(
"COSE key should be of type 'SymmetricKey', got {}".format(
type(key)))
return key.decrypt(ciphertext=self.payload,
aad=self._enc_structure,
nonce=nonce,
alg=alg)
def test_symmetric_key_aeads(kid, alg, key_ops, base_iv, k, pl, aad, nonce,
algo, ct):
key = SymmetricKey(kid=kid, alg=alg, key_ops=key_ops, base_iv=base_iv, k=k)
assert ct == key.encrypt(pl, aad, nonce, algo)
# switch to another key operation
key.key_ops = KeyOps.DECRYPT
assert pl == key.decrypt(ct, aad, nonce, algo)