Exemple #1
0
 def test_unwrap_invalid_wrapped_key_length(self, backend):
     # Keys to unwrap must be at least 16 bytes
     with pytest.raises(
         keywrap.InvalidUnwrap, match='Must be at least 16 bytes'
     ):
         keywrap.aes_key_unwrap_with_padding(
             b"sixteen_byte_key", b"\x00" * 15, backend
         )
Exemple #2
0
 def test_unwrap(self, backend, params):
     wrapping_key = binascii.unhexlify(params["k"])
     wrapped_key = binascii.unhexlify(params["c"])
     if params.get("fail") is True:
         with pytest.raises(keywrap.InvalidUnwrap):
             keywrap.aes_key_unwrap_with_padding(wrapping_key, wrapped_key,
                                                 backend)
     else:
         unwrapped_key = keywrap.aes_key_unwrap_with_padding(
             wrapping_key, wrapped_key, backend)
         assert params["p"] == binascii.hexlify(unwrapped_key)
Exemple #3
0
 def test_unwrap(self, backend, params):
     wrapping_key = binascii.unhexlify(params["k"])
     wrapped_key = binascii.unhexlify(params["c"])
     if params.get("fail") is True:
         with pytest.raises(keywrap.InvalidUnwrap):
             keywrap.aes_key_unwrap_with_padding(
                 wrapping_key, wrapped_key, backend
             )
     else:
         unwrapped_key = keywrap.aes_key_unwrap_with_padding(
             wrapping_key, wrapped_key, backend
         )
         assert params["p"] == binascii.hexlify(unwrapped_key)
Exemple #4
0
 def test_unwrap_additional_vectors(self, backend, params):
     wrapping_key = binascii.unhexlify(params["key"])
     wrapped_key = binascii.unhexlify(params["output"])
     unwrapped_key = keywrap.aes_key_unwrap_with_padding(
         wrapping_key, wrapped_key, backend
     )
     assert unwrapped_key == binascii.unhexlify(params["input"])
Exemple #5
0
def test_keywrap_with_padding(backend, wycheproof):
    wrapping_key = binascii.unhexlify(wycheproof.testcase["key"])
    key_to_wrap = binascii.unhexlify(wycheproof.testcase["msg"])
    expected = binascii.unhexlify(wycheproof.testcase["ct"])

    result = keywrap.aes_key_wrap_with_padding(wrapping_key, key_to_wrap,
                                               backend)
    if wycheproof.valid or wycheproof.acceptable:
        assert result == expected

    if wycheproof.valid or (wycheproof.acceptable and not len(expected) < 16):
        result = keywrap.aes_key_unwrap_with_padding(wrapping_key, expected,
                                                     backend)
        assert result == key_to_wrap
    else:
        with pytest.raises(keywrap.InvalidUnwrap):
            keywrap.aes_key_unwrap_with_padding(wrapping_key, expected,
                                                backend)
Exemple #6
0
 def test_unwrap(self, backend, subtests):
     params = _load_all_params(
         os.path.join("keywrap", "kwtestvectors"),
         ["KWP_AD_128.txt", "KWP_AD_192.txt", "KWP_AD_256.txt"],
         load_nist_vectors,
     )
     for param in params:
         with subtests.test():
             wrapping_key = binascii.unhexlify(param["k"])
             wrapped_key = binascii.unhexlify(param["c"])
             if param.get("fail") is True:
                 with pytest.raises(keywrap.InvalidUnwrap):
                     keywrap.aes_key_unwrap_with_padding(
                         wrapping_key, wrapped_key, backend)
             else:
                 unwrapped_key = keywrap.aes_key_unwrap_with_padding(
                     wrapping_key, wrapped_key, backend)
                 assert param["p"] == binascii.hexlify(unwrapped_key)
Exemple #7
0
 def test_unwrap_additional_vectors(self, backend, subtests):
     params = _load_all_params("keywrap", ["kwp_botan.txt"],
                               load_nist_vectors)
     for param in params:
         with subtests.test():
             wrapping_key = binascii.unhexlify(param["key"])
             wrapped_key = binascii.unhexlify(param["output"])
             unwrapped_key = keywrap.aes_key_unwrap_with_padding(
                 wrapping_key, wrapped_key, backend)
             assert unwrapped_key == binascii.unhexlify(param["input"])
Exemple #8
0
def test_keywrap_with_padding(backend, wycheproof):
    wrapping_key = binascii.unhexlify(wycheproof.testcase["key"])
    key_to_wrap = binascii.unhexlify(wycheproof.testcase["msg"])
    expected = binascii.unhexlify(wycheproof.testcase["ct"])

    result = keywrap.aes_key_wrap_with_padding(
        wrapping_key, key_to_wrap, backend
    )
    if wycheproof.valid or wycheproof.acceptable:
        assert result == expected

    if wycheproof.valid or (wycheproof.acceptable and not len(expected) < 16):
        result = keywrap.aes_key_unwrap_with_padding(
            wrapping_key, expected, backend
        )
        assert result == key_to_wrap
    else:
        with pytest.raises(keywrap.InvalidUnwrap):
            keywrap.aes_key_unwrap_with_padding(
                wrapping_key, expected, backend
            )
Exemple #9
0
 def unwrap(self, wrapkey):
     '''Return the secret key'''
     secret = keywrap.aes_key_unwrap_with_padding(
         wrapkey, self._wrappedkey, default_backend())
     return secret
Exemple #10
0
def unwrap_key_aes_pad(wrapped_key: bytes, wrapping_key: bytes) -> bytes:
    return keywrap.aes_key_unwrap_with_padding(wrapping_key, wrapped_key)
Exemple #11
0
 def test_unwrap_invalid_key_length(self, backend):
     with pytest.raises(ValueError, match='must be a valid AES key length'):
         keywrap.aes_key_unwrap_with_padding(b"badkey", b"\x00" * 16,
                                             backend)
Exemple #12
0
 def test_unwrap_invalid_key_length(self, backend):
     with pytest.raises(ValueError, match='must be a valid AES key length'):
         keywrap.aes_key_unwrap_with_padding(
             b"badkey", b"\x00" * 16, backend
         )