def test_ecdh(self):
# pylint: disable=too-many-locals
a_rng = botan2.RandomNumberGenerator('user')
b_rng = botan2.RandomNumberGenerator('user')
kdf = 'KDF2(SHA-384)'
for grp in ['secp256r1', 'secp384r1', 'brainpool256r1']:
a_priv = botan2.PrivateKey.create('ECDH', grp, a_rng)
b_priv = botan2.PrivateKey.create('ECDH', grp, b_rng)
a_op = botan2.PKKeyAgreement(a_priv, kdf)
b_op = botan2.PKKeyAgreement(b_priv, kdf)
a_pub = a_op.public_value()
b_pub = b_op.public_value()
salt = a_rng.get(8) + b_rng.get(8)
a_key = a_op.agree(b_pub, 32, salt)
b_key = b_op.agree(a_pub, 32, salt)
self.assertEqual(a_key, b_key)
a_pem = a_priv.to_pem()
a_priv_x = a_priv.get_field('x')
new_a = botan2.PrivateKey.load_ecdh(grp, a_priv_x)
self.assertEqual(a_pem, new_a.to_pem())
def test_dh(self):
a_rng = botan2.RandomNumberGenerator('user')
b_rng = botan2.RandomNumberGenerator('user')
for dh_grp in ['secp256r1', 'curve25519']:
dh_kdf = 'KDF2(SHA-384)'.encode('utf-8')
a_dh_priv = botan2.PrivateKey.create('ecdh', dh_grp, a_rng)
b_dh_priv = botan2.PrivateKey.create('ecdh', dh_grp, b_rng)
a_dh = botan2.PKKeyAgreement(a_dh_priv, dh_kdf)
b_dh = botan2.PKKeyAgreement(b_dh_priv, dh_kdf)
a_dh_pub = a_dh.public_value()
b_dh_pub = b_dh.public_value()
salt = a_rng.get(8) + b_rng.get(8)
a_key = a_dh.agree(b_dh_pub, 32, salt)
b_key = b_dh.agree(a_dh_pub, 32, salt)
self.assertEqual(a_key, b_key)