def _create_keypair(key_type: KeyType, seed: Union[str, bytes] = None) -> Key: """Instantiate a new keypair with an optional seed value.""" if key_type == KeyType.ED25519: alg = KeyAlg.ED25519 method = None # elif key_type == KeyType.BLS12381G1: # alg = KeyAlg.BLS12_381_G1 elif key_type == KeyType.BLS12381G2: alg = KeyAlg.BLS12_381_G2 method = SeedMethod.BlsKeyGen # elif key_type == KeyType.BLS12381G1G2: # alg = KeyAlg.BLS12_381_G1G2 else: raise WalletError(f"Unsupported key algorithm: {key_type}") if seed: try: if key_type == KeyType.ED25519: # not a seed - it is the secret key seed = validate_seed(seed) return Key.from_secret_bytes(alg, seed) else: return Key.from_seed(alg, seed, method=method) except AskarError as err: if err.code == AskarErrorCode.INPUT: raise WalletError("Invalid seed for key generation") from None else: return Key.generate(alg)
async def _unpack_message(session: Session, enc_message: bytes) -> Tuple[str, str, str]: """Decode a message using the DIDComm v1 'unpack' algorithm.""" try: wrapper = JweEnvelope.from_json(enc_message) except ValidationError: raise WalletError("Invalid packed message") alg = wrapper.protected.get("alg") is_authcrypt = alg == "Authcrypt" if not is_authcrypt and alg != "Anoncrypt": raise WalletError("Unsupported pack algorithm: {}".format(alg)) recips = extract_pack_recipients(wrapper.recipients()) payload_key, sender_vk = None, None for recip_vk in recips: recip_key_entry = await session.fetch_key(recip_vk) if recip_key_entry: payload_key, sender_vk = _extract_payload_key( recips[recip_vk], recip_key_entry.key) break if not payload_key: raise WalletError("No corresponding recipient key found in {}".format( tuple(recips))) if not sender_vk and is_authcrypt: raise WalletError( "Sender public key not provided for Authcrypt message") cek = Key.from_secret_bytes(KeyAlg.C20P, payload_key) message = cek.aead_decrypt( wrapper.ciphertext, nonce=wrapper.iv, tag=wrapper.tag, aad=wrapper.protected_bytes, ) return message, recip_vk, sender_vk
def test_ecdh_1pu_wrapped_expected(): ephem = Key.from_jwk(""" {"kty": "OKP", "crv": "X25519", "x": "k9of_cpAajy0poW5gaixXGs9nHkwg1AFqUAFa39dyBc", "d": "x8EVZH4Fwk673_mUujnliJoSrLz0zYzzCWp5GUX2fc8"} """) alice = Key.from_jwk(""" {"kty": "OKP", "crv": "X25519", "x": "Knbm_BcdQr7WIoz-uqit9M0wbcfEr6y-9UfIZ8QnBD4", "d": "i9KuFhSzEBsiv3PKVL5115OCdsqQai5nj_Flzfkw5jU"} """) bob = Key.from_jwk(""" {"kty": "OKP", "crv": "X25519", "x": "BT7aR0ItXfeDAldeeOlXL_wXqp-j5FltT0vRSG16kRw", "d": "1gDirl_r_Y3-qUa3WXHgEXrrEHngWThU3c9zj9A2uBg"} """) alg = "ECDH-1PU+A128KW" enc = "A256CBC-HS512" apu = "Alice" apv = "Bob and Charlie" protected_b64 = b64_url( f'{{"alg":"{alg}",' f'"enc":"{enc}",' f'"apu":"{b64_url(apu)}",' f'"apv":"{b64_url(apv)}",' '"epk":' '{"kty":"OKP",' '"crv":"X25519",' '"x":"k9of_cpAajy0poW5gaixXGs9nHkwg1AFqUAFa39dyBc"}}').encode("ascii") protected = (f'{{"alg":"{alg}",' f'"enc":"{enc}",' f'"apu":"{b64_url(apu)}",' f'"apv":"{b64_url(apv)}",' '"epk":' '{"kty":"OKP",' '"crv":"X25519",' '"x":"k9of_cpAajy0poW5gaixXGs9nHkwg1AFqUAFa39dyBc"}}') assert protected == ( '{"alg":"ECDH-1PU+A128KW",' '"enc":"A256CBC-HS512",' '"apu":"QWxpY2U",' # Alice '"apv":"Qm9iIGFuZCBDaGFybGll",' # Bob and Charlie '"epk":' '{"kty":"OKP",' '"crv":"X25519",' '"x":"k9of_cpAajy0poW5gaixXGs9nHkwg1AFqUAFa39dyBc"}}') cek = Key.from_secret_bytes( KeyAlg.A256CBC_HS512, bytes.fromhex("fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0" "efeeedecebeae9e8e7e6e5e4e3e2e1e0" "dfdedddcdbdad9d8d7d6d5d4d3d2d1d0" "cfcecdcccbcac9c8c7c6c5c4c3c2c1c0"), ) iv = bytes.fromhex("000102030405060708090a0b0c0d0e0f") message = b"Three is a magic number." enc = cek.aead_encrypt(message, nonce=iv, aad=protected_b64) ciphertext, cc_tag = enc.ciphertext, enc.tag assert b64_url(ciphertext) == "Az2IWsISEMDJvyc5XRL-3-d-RgNBOGolCsxFFoUXFYw" assert b64_url(cc_tag) == "HLb4fTlm8spGmij3RyOs2gJ4DpHM4hhVRwdF_hGb3WQ" derived = Ecdh1PU(alg, apu, apv)._derive_key( KeyAlg.A128KW, ephem, sender_key=alice, receiver_key=bob, cc_tag=cc_tag, receive=False, ) assert derived.get_secret_bytes() == bytes.fromhex( "df4c37a0668306a11e3d6b0074b5d8df") encrypted_key = derived.wrap_key(cek).ciphertext_tag assert b64_url(encrypted_key) == ( "pOMVA9_PtoRe7xXW1139NzzN1UhiFoio8lGto9cf0t8PyU-" "sjNXH8-LIRLycq8CHJQbDwvQeU1cSl55cQ0hGezJu2N9IY0QN") # test sender_wrap_key encrypted_key_2 = Ecdh1PU(alg, apu, apv).sender_wrap_key( KeyAlg.A128KW, ephem, alice, bob, cek, cc_tag=cc_tag, ) assert encrypted_key_2.ciphertext_tag == encrypted_key # Skipping key derivation for Charlie. # Assemble encrypted_key, iv, cc_tag, ciphertext, and headers into a JWE envelope here. # Receiver disassembles envelope and.. derived_recv = Ecdh1PU(alg, apu, apv)._derive_key( KeyAlg.A128KW, ephem, sender_key=alice, receiver_key=bob, cc_tag=cc_tag, receive=True, ) cek_recv = derived_recv.unwrap_key(KeyAlg.A256CBC_HS512, encrypted_key) assert cek_recv.get_jwk_secret() == cek.get_jwk_secret() message_recv = cek_recv.aead_decrypt(ciphertext, nonce=iv, aad=protected_b64, tag=cc_tag) assert message_recv == message # test receiver_wrap_key cek_recv_2 = Ecdh1PU(alg, apu, apv).receiver_unwrap_key( KeyAlg.A128KW, KeyAlg.A256CBC_HS512, ephem, sender_key=alice, receiver_key=bob, ciphertext=encrypted_key, cc_tag=cc_tag, ) assert cek_recv_2.get_jwk_secret() == cek.get_jwk_secret()