def _decode_auth(encoded_packet: bytes) -> Tuple[Union[AuthHeader, Nonce], int]: try: decoded_auth, _, message_start_index = rlp.codec.consume_item( encoded_packet, TAG_SIZE ) except DecodingError as error: raise ValidationError( "Packet authentication section is not proper RLP" ) from error if is_bytes(decoded_auth): validate_nonce(decoded_auth) return Nonce(decoded_auth), message_start_index elif is_list_like(decoded_auth): validate_length(decoded_auth, 5, "auth header") for index, element in enumerate(decoded_auth): if not is_bytes(element): raise ValidationError( f"Element {index} in auth header is not bytes: {element}" ) auth_header = AuthHeader( auth_tag=decoded_auth[0], id_nonce=decoded_auth[1], auth_scheme_name=decoded_auth[2], ephemeral_public_key=decoded_auth[3], encrypted_auth_response=decoded_auth[4], ) validate_auth_header(auth_header) return auth_header, message_start_index else: raise Exception("unreachable: RLP can only encode bytes and lists")
def validate_auth_header(auth_header: AuthHeader) -> None: validate_nonce(auth_header.auth_tag) if auth_header.auth_scheme_name != AUTH_SCHEME_NAME: raise ValidationError( f"Auth header uses scheme {auth_header.auth_scheme_name!r}, but only " f"{AUTH_SCHEME_NAME!r} is supported" ) validate_length(auth_header.id_nonce, ID_NONCE_SIZE, "id nonce")
def validate_nonce(nonce: bytes) -> None: validate_length(nonce, NONCE_SIZE, "nonce")
def validate_aes128_key(key: AES128Key) -> None: validate_length(key, AES128_KEY_SIZE, "AES128 key")