def test_direct_hkdf_verify_key(self):
material = COSEKey.from_symmetric_key(
key=base64url_decode(
"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
alg="A256GCM",
)
ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
context = {
"alg": "AES-CCM-16-64-128",
"party_u": {
"identity": "lighting-client",
},
"party_v": {
"identity": "lighting-server",
},
"supp_pub": {
"other": "Encryption Example 02",
},
}
key = ctx.apply(material, context=context)
ctx.verify_key(
base64url_decode("hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
key.key,
context=context,
)
def test_cose_wg_examples_rfc8152_c_3_2_with_json(self):
cwt_str = "D8608443A1010AA1054D89F52F65A1C580933B5261A76C581C753548A19B1307084CA7B2056924ED95F2E3B17006DFE931B687B847818343A10129A2335061616262636364646565666667676868044A6F75722D73656372657440"
recipient = Recipient.new({1: -10}, {
-20: b"aabbccddeeffgghh",
4: b"our-secret"
})
context = {
"alg": "AES-CCM-16-64-128",
"apu": {
"id": "lighting-client",
},
"apv": {
"id": "lighting-server",
},
"supp_pub": {
"other": "Encryption Example 02",
},
}
material = COSEKey.from_symmetric_key(
base64url_decode("hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
alg="A256GCM",
)
enc_key = recipient.apply(material, context=context)
ctx = COSE.new()
encoded = ctx.encode_and_encrypt(
b"This is the content.",
key=enc_key,
nonce=bytes.fromhex("89F52F65A1C580933B5261A76C"),
protected={1: 10},
recipients=[recipient],
)
assert encoded == bytes.fromhex(cwt_str)
material = COSEKey.from_symmetric_key(
key=base64url_decode(
"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
alg="A256GCM",
kid="our-secret",
)
context = {
"alg": "AES-CCM-16-64-128",
"apu": {
"id": "lighting-client",
},
"apv": {
"id": "lighting-server",
},
"supp_pub": {
"other": "Encryption Example 02",
},
}
res = ctx.decode(encoded, context=context, keys=[material])
assert res == b"This is the content."
def test_direct_hkdf_verify_key_with_invalid_material(self):
material = COSEKey.from_symmetric_key(
key=base64url_decode(
"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
alg="A256GCM",
)
ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
context = {
"alg": "AES-CCM-16-64-128",
"party_u": {
"identity": "lighting-client",
},
"party_v": {
"identity": "lighting-server",
},
"supp_pub": {
"other": "Encryption Example 02",
},
}
key = ctx.apply(
material,
context=context,
)
with pytest.raises(VerifyError) as err:
ctx.verify_key(
b"xxxxxxxxxx",
key.key,
context=context,
)
pytest.fail("verify_key() should fail.")
assert "Failed to verify key." in str(err.value)
def test_direct_hkdf_verify_key_with_raw_context(self):
material = COSEKey.from_symmetric_key(
key=base64url_decode(
"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
alg="A256GCM",
)
ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
context = [
10,
[b"lighting-client", None, None],
[b"lighting-server", None, None],
[128, cbor2.dumps({1: -10}), b"Encryption Example 02"],
]
key = ctx.apply(material, context=context)
ctx.verify_key(
base64url_decode("hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
key.key,
context=context,
)
def test_direct_hkdf_apply_with_invalid_context(self, invalid, msg):
material = COSEKey.from_symmetric_key(
key=base64url_decode(
"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
alg="A256GCM",
)
ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
with pytest.raises(ValueError) as err:
ctx.apply(key=material, context=invalid)
pytest.fail("apply() should fail.")
assert msg in str(err.value)
def test_direct_hkdf_apply_with_invalid_key(self):
ctx = DirectHKDF({1: -10}, {-20: b"aabbccddeeff"})
with pytest.raises(EncodeError) as err:
ctx.apply(
key=base64url_decode(
"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"),
context={
"alg": "AES-CCM-16-64-128",
"party_u": {
"identity": "lighting-client",
},
"party_v": {
"identity": "lighting-server",
},
"supp_pub": {
"other": "Encryption Example 02",
},
},
)
pytest.fail("apply() should fail.")
assert "Failed to derive key." in str(err.value)
def test_base64url_decode_without_padding(self):
res = base64url_decode("aaaabbbb")
assert len(res) == 6