def test_aes_key_wrap_wrap_key_without_alg(self):
     key = COSEKey.from_symmetric_key(alg="A128GCM", kid="01")
     ctx = AESKeyWrap({1: -3}, {},
                      sender_key=COSEKey.from_symmetric_key(alg="A128KW"))
     with pytest.raises(ValueError) as err:
         ctx.extract(key=key)
         pytest.fail("extract() should fail.")
     assert "alg should be set." in str(err.value)
 def test_aes_key_wrap_apply_with_invalid_key(self):
     key = COSEKey.from_symmetric_key(key="xxx", alg="HS256", kid="01")
     ctx = AESKeyWrap({1: -3}, {},
                      sender_key=COSEKey.from_symmetric_key(alg="A128KW"))
     with pytest.raises(EncodeError) as err:
         ctx.apply(key, context={"alg": "A128GCM"})
         pytest.fail("apply() should fail.")
     assert "Failed to wrap key." in str(err.value)
 def test_aes_key_wrap_wrap_key_without_ciphertext(self):
     key = COSEKey.from_symmetric_key(alg="A128GCM", kid="01")
     ctx = AESKeyWrap({1: -3}, {},
                      sender_key=COSEKey.from_symmetric_key(alg="A128KW"))
     with pytest.raises(DecodeError) as err:
         ctx.extract(key=key, alg="A128GCM")
         pytest.fail("extract() should fail.")
     assert "Failed to decode key." in str(err.value)
 def test_aes_key_wrap_apply_without_key(self):
     ctx = AESKeyWrap({1: -3}, {},
                      sender_key=COSEKey.from_symmetric_key(alg="A128KW"))
     with pytest.raises(ValueError) as err:
         ctx.apply()
         pytest.fail("apply() should fail.")
     assert "key should be set." in str(err.value)
Ejemplo n.º 5
0
 def test_direct_hkdf_extract_with_invalid_key(self):
     key = COSEKey.from_symmetric_key(key="a", alg="HS256")
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     with pytest.raises(ValueError) as err:
         ctx.extract(key, alg="A128GCM")
         pytest.fail("extract() should fail.")
     assert "context should be set." in str(err.value)
Ejemplo n.º 6
0
 def test_direct_hkdf_verify_key(self):
     material = COSEKey.from_symmetric_key(
         key=base64url_decode(
             "hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
         alg="A256GCM",
     )
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     context = {
         "alg": "AES-CCM-16-64-128",
         "party_u": {
             "identity": "lighting-client",
         },
         "party_v": {
             "identity": "lighting-server",
         },
         "supp_pub": {
             "other": "Encryption Example 02",
         },
     }
     key = ctx.apply(material, context=context)
     ctx.verify_key(
         base64url_decode("hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
         key.key,
         context=context,
     )
Ejemplo n.º 7
0
 def test_direct_hkdf_extract_with_invalid_context(self):
     key = COSEKey.from_symmetric_key(alg="A128GCM")
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     with pytest.raises(ValueError) as err:
         ctx.extract(key, alg="A128GCM", context=[None, None, None])
         pytest.fail("extract() should fail.")
     assert "Invalid context information." in str(err.value)
 def test_aes_key_wrap_constructor_with_invalid_alg(self):
     with pytest.raises(ValueError) as err:
         AESKeyWrap({1: -1}, {},
                    sender_key=COSEKey.from_symmetric_key(alg="A128KW"))
         pytest.fail("AESKeyWrap() should fail.")
     assert "algs in protected and sender_key do not match." in str(
         err.value)
Ejemplo n.º 9
0
 def test_direct_hkdf_apply_without_alg(self):
     material = COSEKey.from_symmetric_key(token_bytes(16))
     ctx = DirectHKDF({1: -10}, {4: b"01"})
     with pytest.raises(ValueError) as err:
         ctx.apply(material)
         pytest.fail("apply() should fail.")
     assert "context should be set." in str(err.value)
Ejemplo n.º 10
0
 def test_direct_hkdf_verify_key_with_invalid_material(self):
     material = COSEKey.from_symmetric_key(
         key=base64url_decode(
             "hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
         alg="A256GCM",
     )
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     context = {
         "alg": "AES-CCM-16-64-128",
         "party_u": {
             "identity": "lighting-client",
         },
         "party_v": {
             "identity": "lighting-server",
         },
         "supp_pub": {
             "other": "Encryption Example 02",
         },
     }
     key = ctx.apply(
         material,
         context=context,
     )
     with pytest.raises(VerifyError) as err:
         ctx.verify_key(
             b"xxxxxxxxxx",
             key.key,
             context=context,
         )
         pytest.fail("verify_key() should fail.")
     assert "Failed to verify key." in str(err.value)
Ejemplo n.º 11
0
 def test_ecdh_aes_key_wrap_extract_without_context(self):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     ctx = ECDH_AESKeyWrap({1: -29}, {4: b"01"})
     with pytest.raises(ValueError) as err:
         ctx.extract(enc_key, alg="ChaCha20/Poly1305")
         pytest.fail("extract() should fail.")
     assert "context should be set." in str(err.value)
Ejemplo n.º 12
0
 def test_ecdh_aes_key_wrap_apply_without_context(self, sender_key_es):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     sender = ECDH_AESKeyWrap({1: -29}, {4: b"01"},
                              sender_key=sender_key_es)
     with pytest.raises(ValueError) as err:
         sender.apply(enc_key, recipient_key=recipient_public_key)
         pytest.fail("apply() should fail.")
     assert "context should be set." in str(err.value)
Ejemplo n.º 13
0
 def test_ecdh_aes_key_wrap_apply_without_recipient_key(
         self, sender_key_es):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     sender = ECDH_AESKeyWrap({1: -29}, {4: b"01"},
                              sender_key=sender_key_es)
     with pytest.raises(ValueError) as err:
         sender.apply(enc_key, context={"alg": "A128GCM"})
         pytest.fail("apply() should fail.")
     assert "recipient_key should be set in advance." in str(err.value)
 def test_aes_key_wrap_constructor_a256kw_with_key(self):
     ctx = AESKeyWrap(
         {1: -5},
         {},
         sender_key=COSEKey.from_symmetric_key(alg="A256KW",
                                               key=token_bytes(32)),
     )
     assert isinstance(ctx, AESKeyWrap)
     assert ctx.alg == -5
 def test_aes_key_wrap_constructor_a256kw_invalid_key_length(self):
     with pytest.raises(ValueError) as err:
         AESKeyWrap(
             {1: -5},
             {},
             sender_key=COSEKey.from_symmetric_key(key="xxx", alg="A256KW"),
         )
         pytest.fail("AESKeyWrap() should fail.")
     assert "Invalid key length: 3." in str(err.value)
 def test_aes_key_wrap_constructor_a128kw_with_invalid_alg_in_sender_key(
         self):
     with pytest.raises(ValueError) as err:
         AESKeyWrap(
             {1: -3},
             {},
             sender_key=COSEKey.from_symmetric_key(alg="A128GCM"),
         )
         pytest.fail("AESKeyWrap() should fail.")
     assert "Invalid alg in sender_key: 1." in str(err.value)
Ejemplo n.º 17
0
 def test_ecdh_aes_key_wrap_apply_with_invalid_key_to_wrap(
         self, sender_key_es, recipient_public_key):
     mac_key = COSEKey.from_symmetric_key(key="xxx", alg="HS256")
     rec = Recipient.new(protected={"alg": "ECDH-ES+A128KW"},
                         sender_key=sender_key_es)
     with pytest.raises(EncodeError) as err:
         rec.apply(mac_key,
                   recipient_key=recipient_public_key,
                   context={"alg": "A128GCM"})
         pytest.fail("apply() should fail.")
     assert "Failed to wrap key." in str(err.value)
Ejemplo n.º 18
0
 def test_direct_hkdf_apply_with_invalid_context(self, invalid, msg):
     material = COSEKey.from_symmetric_key(
         key=base64url_decode(
             "hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
         alg="A256GCM",
     )
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     with pytest.raises(ValueError) as err:
         ctx.apply(key=material, context=invalid)
         pytest.fail("apply() should fail.")
     assert msg in str(err.value)
Ejemplo n.º 19
0
 def test_direct_constructor(self):
     k = COSEKey.from_symmetric_key(alg="HS256")
     ctx = Direct({1: -6}, {})
     assert isinstance(ctx, Direct)
     assert ctx.alg == -6
     with pytest.raises(NotImplementedError):
         ctx.apply(k)
         pytest.fail("apply() should fail.")
     with pytest.raises(NotImplementedError):
         ctx.extract(k)
         pytest.fail("extract() should fail.")
Ejemplo n.º 20
0
 def test_direct_hkdf_extract_with_raw_context(self):
     context = [
         10,
         [b"lighting-client", None, None],
         [b"lighting-server", None, None],
         [128, cbor2.dumps({1: -10}), b"Encryption Example 02"],
     ]
     key = COSEKey.from_symmetric_key(alg="A128GCM")
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     decoded = ctx.extract(key, context=context)
     assert decoded.alg == 10
     assert len(decoded.key) == 16
Ejemplo n.º 21
0
 def test_direct_hkdf_apply_without_salt(self):
     context = [
         10,
         [b"lighting-client", None, None],
         [b"lighting-server", None, None],
         [128, cbor2.dumps({1: -10}), b"Encryption Example 02"],
     ]
     material = COSEKey.from_symmetric_key(token_bytes(16))
     ctx = DirectHKDF({1: -10}, {4: b"01"})
     key = ctx.apply(material, context=context)
     assert key.alg == 10
     assert len(key.key) == 16
Ejemplo n.º 22
0
 def test_ecdh_aes_key_wrap_apply_with_invalid_recipient_key(
         self, sender_key_es, recipient_private_key):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     rec = Recipient.new(protected={"alg": "ECDH-ES+A128KW"},
                         sender_key=sender_key_es)
     with pytest.raises(ValueError) as err:
         rec.apply(enc_key,
                   recipient_key=recipient_private_key,
                   context={"alg": "A128GCM"})
         pytest.fail("apply() should fail.")
     assert "public_key should be elliptic curve public key." in str(
         err.value)
Ejemplo n.º 23
0
    def test_ecdh_aes_key_wrap_encode_and_extract_with_ecdh_es(
            self, sender_key_es, recipient_public_key, recipient_private_key):
        enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
        sender = ECDH_AESKeyWrap({1: -29}, {4: b"01"},
                                 sender_key=sender_key_es)
        sender.apply(enc_key,
                     recipient_key=recipient_public_key,
                     context={"alg": "A128GCM"})
        assert sender.ciphertext is not None

        encoded = sender.to_list()
        recipient = Recipient.from_list(encoded)
        decoded_key = recipient.extract(recipient_private_key,
                                        alg="ChaCha20/Poly1305",
                                        context={"alg": "A128GCM"})
        assert enc_key.key == decoded_key.key
Ejemplo n.º 24
0
 def test_ecdh_aes_key_wrap_through_cose_api(self, recipient_public_key,
                                             recipient_private_key):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     rec = Recipient.from_jwk({
         "kty": "EC",
         "crv": "P-256",
         "alg": "ECDH-ES+A128KW"
     })
     rec.apply(enc_key,
               recipient_key=recipient_public_key,
               context={"alg": "A128GCM"})
     ctx = COSE.new(alg_auto_inclusion=True)
     encoded = ctx.encode_and_encrypt(b"Hello world!",
                                      enc_key,
                                      recipients=[rec])
     assert b"Hello world!" == ctx.decode(encoded,
                                          recipient_private_key,
                                          context={"alg": "A128GCM"})
Ejemplo n.º 25
0
 def test_direct_hkdf_verify_key_with_raw_context(self):
     material = COSEKey.from_symmetric_key(
         key=base64url_decode(
             "hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
         alg="A256GCM",
     )
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     context = [
         10,
         [b"lighting-client", None, None],
         [b"lighting-server", None, None],
         [128, cbor2.dumps({1: -10}), b"Encryption Example 02"],
     ]
     key = ctx.apply(material, context=context)
     ctx.verify_key(
         base64url_decode("hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
         key.key,
         context=context,
     )
Ejemplo n.º 26
0
 def test_ecdh_aes_key_wrap_through_cose_api_without_kid(self):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     rec = Recipient.from_jwk({
         "kty": "EC",
         "crv": "P-256",
         "alg": "ECDH-ES+A128KW"
     })
     pub_key = COSEKey.from_jwk({
         "kty":
         "EC",
         # "kid": "01",
         "crv":
         "P-256",
         "x":
         "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
         "y":
         "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
     })
     rec.apply(enc_key, recipient_key=pub_key, context={"alg": "A128GCM"})
     ctx = COSE.new(alg_auto_inclusion=True)
     priv_key = COSEKey.from_jwk({
         "kty":
         "EC",
         # "kid": "01",
         "alg":
         "ECDH-ES+A128KW",
         "crv":
         "P-256",
         "x":
         "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
         "y":
         "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
         "d":
         "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8",
     })
     encoded = ctx.encode_and_encrypt(b"Hello world!",
                                      enc_key,
                                      recipients=[rec])
     assert b"Hello world!" == ctx.decode(encoded,
                                          priv_key,
                                          context={"alg": "A128GCM"})
Ejemplo n.º 27
0
 def test_ecdh_aes_key_wrap_extract_with_invalid_recipient_private_key(
         self, recipient_public_key):
     enc_key = COSEKey.from_symmetric_key(alg="ChaCha20/Poly1305")
     rec = Recipient.from_jwk({
         "kty": "EC",
         "crv": "P-256",
         "alg": "ECDH-ES+A128KW"
     })
     rec.apply(enc_key,
               recipient_key=recipient_public_key,
               context={"alg": "A128GCM"})
     ctx = COSE.new(alg_auto_inclusion=True)
     recipient_private_key = COSEKey.from_jwk({
         "kty":
         "EC",
         "kid":
         "01",
         # "alg": "ECDH-ES+A128KW",
         "crv":
         "P-256",
         "x":
         "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
         "y":
         "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
         "d":
         "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8",
     })
     encoded = ctx.encode_and_encrypt(b"Hello world!",
                                      enc_key,
                                      recipients=[rec])
     with pytest.raises(DecodeError) as err:
         ctx.decode(encoded,
                    recipient_private_key,
                    context={"alg": "A128GCM"})
         pytest.fail("extract() should fail.")
     assert "Failed to decode key." in str(err.value)
Ejemplo n.º 28
0
 def test_direct_key_extract(self):
     k = COSEKey.from_symmetric_key(alg="HS256")
     ctx = DirectKey({1: -6}, {})
     decoded = ctx.extract(k)
     assert decoded.alg == 5
     assert k.key == decoded.key
Ejemplo n.º 29
0
 def test_direct_key_apply(self):
     k = COSEKey.from_symmetric_key(alg="HS256")
     ctx = DirectKey({1: -6}, {})
     encoded = ctx.apply(k)
     assert encoded.alg == 5
     assert k.key == encoded.key
Ejemplo n.º 30
0
 def test_direct_hkdf_extract_with_json_context(self, alg, alg_id, key_len):
     key = COSEKey.from_symmetric_key(alg="A128GCM")
     ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
     decoded = ctx.extract(key, context={"alg": alg})
     assert decoded.alg == alg_id
     assert len(decoded.key) == key_len