Exemple #1
0
def _decode_auth(encoded_packet: bytes) -> Tuple[Union[AuthHeader, Nonce], int]:
    try:
        decoded_auth, _, message_start_index = rlp.codec.consume_item(
            encoded_packet, TAG_SIZE
        )
    except DecodingError as error:
        raise ValidationError(
            "Packet authentication section is not proper RLP"
        ) from error

    if is_bytes(decoded_auth):
        validate_nonce(decoded_auth)
        return Nonce(decoded_auth), message_start_index
    elif is_list_like(decoded_auth):
        validate_length(decoded_auth, 5, "auth header")
        for index, element in enumerate(decoded_auth):
            if not is_bytes(element):
                raise ValidationError(
                    f"Element {index} in auth header is not bytes: {element}"
                )
        auth_header = AuthHeader(
            auth_tag=decoded_auth[0],
            id_nonce=decoded_auth[1],
            auth_scheme_name=decoded_auth[2],
            ephemeral_public_key=decoded_auth[3],
            encrypted_auth_response=decoded_auth[4],
        )
        validate_auth_header(auth_header)
        return auth_header, message_start_index
    else:
        raise Exception("unreachable: RLP can only encode bytes and lists")
Exemple #2
0
def validate_auth_header(auth_header: AuthHeader) -> None:
    validate_nonce(auth_header.auth_tag)
    if auth_header.auth_scheme_name != AUTH_SCHEME_NAME:
        raise ValidationError(
            f"Auth header uses scheme {auth_header.auth_scheme_name!r}, but only "
            f"{AUTH_SCHEME_NAME!r} is supported"
        )
    validate_length(auth_header.id_nonce, ID_NONCE_SIZE, "id nonce")
Exemple #3
0
def validate_nonce(nonce: bytes) -> None:
    validate_length(nonce, NONCE_SIZE, "nonce")
Exemple #4
0
def validate_aes128_key(key: AES128Key) -> None:
    validate_length(key, AES128_KEY_SIZE, "AES128 key")