def verify_key( self, material: bytes, expected_key: bytes, context: Union[List[Any], Dict[str, Any]], ): if isinstance(context, dict): alg = self._alg if isinstance(self._alg, int) else 0 context = to_cis(context, alg) else: self._validate_context(context) # Verify key. try: hkdf = HKDF( algorithm=self._hash_alg, length=COSE_KEY_LEN[context[0]] // 8, salt=self._salt, info=self._dumps(context), ) hkdf.verify(material, expected_key) except Exception as err: raise VerifyError("Failed to verify key.") from err return
def test_unicode_typeerror(self, backend): with pytest.raises(TypeError): HKDF(hashes.SHA256(), 16, salt="foo", info=None, backend=backend) with pytest.raises(TypeError): HKDF(hashes.SHA256(), 16, salt=None, info="foo", backend=backend) with pytest.raises(TypeError): hkdf = HKDF(hashes.SHA256(), 16, salt=None, info=None, backend=backend) hkdf.derive("foo") with pytest.raises(TypeError): hkdf = HKDF(hashes.SHA256(), 16, salt=None, info=None, backend=backend) hkdf.verify("foo", b"bar") with pytest.raises(TypeError): hkdf = HKDF(hashes.SHA256(), 16, salt=None, info=None, backend=backend) hkdf.verify(b"foo", "bar")
def test_already_finalized(self, backend): hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) hkdf.derive(b"\x01" * 16) with pytest.raises(AlreadyFinalized): hkdf.derive(b"\x02" * 16) hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) hkdf.verify(b"\x01" * 16, b"gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u") with pytest.raises(AlreadyFinalized): hkdf.verify(b"\x02" * 16, b"gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u") hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend )
def test_verify(self, backend): hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) hkdf.verify(b"\x01" * 16, b"gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u")
def test_verify_invalid(self, backend): hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) with pytest.raises(InvalidKey): hkdf.verify(b"\x02" * 16, b"gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u")
def test_unicode_typeerror(self, backend): with pytest.raises(TypeError): HKDF( hashes.SHA256(), 16, salt=six.u("foo"), info=None, backend=backend ) with pytest.raises(TypeError): HKDF( hashes.SHA256(), 16, salt=None, info=six.u("foo"), backend=backend ) with pytest.raises(TypeError): hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) hkdf.derive(six.u("foo")) with pytest.raises(TypeError): hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) hkdf.verify(six.u("foo"), b"bar") with pytest.raises(TypeError): hkdf = HKDF( hashes.SHA256(), 16, salt=None, info=None, backend=backend ) hkdf.verify(b"foo", six.u("bar"))
# The book can be downloaded from https://leanpub.com/cryptop # Online Crypto Playgroud https://8gwifi.org # Author Anish Nath backend = default_backend() salt = os.urandom(16) info = b"hkdf-example" hkdf = HKDF( algorithm=hashes.SHA256(), length=32, salt=salt, info=info, backend=backend ) key = hkdf.derive(b"input key") base64.b64encode(key) # Recreate the HKDF Instace to Verify the hkdf = HKDF( algorithm=hashes.SHA256(), length=32, salt=salt, info=info, backend=backend ) hkdf.verify(b"input key", key)