Esempio n. 1
0
def test_fail_on_illegal_keyops_verifying(ops):
    msg = Sign1Message(phdr={'ALG': 'ES256'},
                       payload="signed message".encode('utf-8'))

    ec2_key = EC2Key.generate_key(crv='P_256')
    msg.key = ec2_key

    msg = msg.encode()

    msg = CoseMessage.decode(msg)
    # set an illegal key op
    if ops in {
            'ENCRYPT', 'DECRYPT', 'WRAP', 'UNWRAP', 'MAC_CREATE', 'MAC_VERIFY'
    }:
        with pytest.raises(CoseIllegalKeyOps) as excinfo:
            ec2_key.key_ops = [ops]

        assert "Invalid COSE key operation" in str(excinfo.value)
        return
    else:
        ec2_key.key_ops = [ops]

    msg.key = ec2_key

    with pytest.raises(CoseIllegalKeyOps) as excinfo:
        msg.verify_signature()

    assert "Illegal key operations specified." in str(excinfo.value)
Esempio n. 2
0
def test_ec2_key_generation_encoding_decoding(crv):
    trails = 256

    for i in range(trails):
        ec2_test = EC2Key.generate_key(crv=crv)
        ec2_encoded = ec2_test.encode()
        ec2_decoded = CoseKey.decode(ec2_encoded)
        assert _is_valid_ec2_key(ec2_decoded)
Esempio n. 3
0
def test_fail_on_non_matching_algorithms_phdr(alg):
    msg = Sign1Message(phdr={'ALG': 'ES256'},
                       payload="signed message".encode('utf-8'))

    ec2_key = EC2Key.generate_key(crv='P_256', optional_params={'ALG': alg})
    msg.key = ec2_key

    with pytest.raises(CoseIllegalAlgorithm) as excinfo:
        msg.encode()

    assert "Conflicting algorithms" in str(excinfo.value)
Esempio n. 4
0
def test_fail_on_illegal_keyops_signing(ops):
    msg = Sign1Message(phdr={'ALG': 'ES256'},
                       payload="signed message".encode('utf-8'))

    ec2_key = EC2Key.generate_key(crv='P_256',
                                  optional_params={'KEY_OPS': [ops]})
    msg.key = ec2_key

    with pytest.raises(CoseIllegalKeyOps) as excinfo:
        msg.encode()

    assert "Illegal key operations specified." in str(excinfo.value)
Esempio n. 5
0
    def _generate_ephemeral_key(self) -> None:
        """
        Generate a new ephemeral key if the key was not already set.

        :return: None
        """

        if self.ephemeral_key is not None:
            return

        chosen_suite = CipherSuite.from_id(self.cipher_suite)

        if chosen_suite.dh_curve in [X25519, X448]:
            self.ephemeral_key = OKPKey.generate_key(crv=chosen_suite.dh_curve)
        else:
            self.ephemeral_key = EC2Key.generate_key(crv=chosen_suite.dh_curve)
Esempio n. 6
0
def test_unknown_header_attribute_encoding_decoding():
    msg = Enc0Message(phdr={
        Algorithm: AESCCM1664128,
        "Custom-Header-Attr1": 7879
    },
                      uhdr={
                          KID: 8,
                          IV: unhexlify(b'00000000000000000000000000'),
                          "Custom-Header-Attr2": 879
                      })
    msg.key = SymmetricKey.generate_key(key_len=16)

    assert "Custom-Header-Attr1" in msg.phdr
    assert "Custom-Header-Attr2" in msg.uhdr

    msg = msg.encode()

    msg_decoded = CoseMessage.decode(msg)
    assert "Custom-Header-Attr1" in msg_decoded.phdr
    assert "Custom-Header-Attr2" in msg_decoded.uhdr

    msg = EncMessage(phdr={
        Algorithm: AESCCM1664128,
        "Custom-Header-Attr1": 7879
    },
                     uhdr={
                         KID: 8,
                         IV: unhexlify(b'00000000000000000000000000'),
                         "Custom-Header-Attr2": 878
                     },
                     recipients=[
                         DirectEncryption(uhdr={
                             Algorithm: Direct,
                             "Custom-Header-Attr3": 9999
                         })
                     ])
    msg.key = SymmetricKey.generate_key(key_len=16)

    assert "Custom-Header-Attr1" in msg.phdr
    assert "Custom-Header-Attr2" in msg.uhdr
    assert "Custom-Header-Attr3" in msg.recipients[0].uhdr

    msg = msg.encode()

    msg_decoded = CoseMessage.decode(msg)
    assert "Custom-Header-Attr1" in msg_decoded.phdr
    assert "Custom-Header-Attr2" in msg_decoded.uhdr
    assert "Custom-Header-Attr3" in msg_decoded.recipients[0].uhdr

    msg = Mac0Message(phdr={
        Algorithm: HMAC256,
        "Custom-Header-Attr1": 7879
    },
                      uhdr={
                          KID: 8,
                          IV: unhexlify(b'00000000000000000000000000'),
                          "Custom-Header-Attr2": 878
                      })
    msg.key = SymmetricKey.generate_key(key_len=16)

    assert "Custom-Header-Attr1" in msg.phdr
    assert "Custom-Header-Attr2" in msg.uhdr

    msg = msg.encode()

    msg_decoded = CoseMessage.decode(msg)

    assert "Custom-Header-Attr1" in msg_decoded.phdr
    assert "Custom-Header-Attr2" in msg_decoded.uhdr

    msg = MacMessage(phdr={
        Algorithm: HMAC256,
        "Custom-Header-Attr1": 7879
    },
                     uhdr={
                         KID: 8,
                         IV: unhexlify(b'00000000000000000000000000'),
                         "Custom-Header-Attr2": 878
                     },
                     recipients=[
                         DirectEncryption(uhdr={
                             Algorithm: Direct,
                             "Custom-Header-Attr3": 9999
                         })
                     ])
    msg.key = SymmetricKey.generate_key(key_len=16)

    assert "Custom-Header-Attr1" in msg.phdr
    assert "Custom-Header-Attr2" in msg.uhdr
    assert "Custom-Header-Attr3" in msg.recipients[0].uhdr

    msg = msg.encode()

    msg_decoded = CoseMessage.decode(msg)
    assert "Custom-Header-Attr1" in msg_decoded.phdr
    assert "Custom-Header-Attr2" in msg_decoded.uhdr
    assert "Custom-Header-Attr3" in msg_decoded.recipients[0].uhdr

    msg = SignMessage(phdr={"Custom-Header-Attr1": 7879},
                      uhdr={
                          KID: 8,
                          IV: unhexlify(b'00000000000000000000000000'),
                          "Custom-Header-Attr2": 878
                      },
                      signers=[
                          CoseSignature(phdr={
                              Algorithm: Es256,
                              "Custom-Header-Attr3": 9999
                          },
                                        key=EC2Key.generate_key(crv=P256))
                      ])

    assert "Custom-Header-Attr1" in msg.phdr
    assert "Custom-Header-Attr2" in msg.uhdr

    msg = msg.encode()

    msg_decoded = CoseMessage.decode(msg)

    assert "Custom-Header-Attr1" in msg_decoded.phdr
    assert "Custom-Header-Attr2" in msg_decoded.uhdr
    assert "Custom-Header-Attr3" in msg_decoded.signers[0].phdr

    msg = Sign1Message(phdr={
        Algorithm: Es256,
        "Custom-Header-Attr1": 7879
    },
                       uhdr={
                           KID: 8,
                           "Custom-Header-Attr2": 878
                       })
    msg.key = EC2Key.generate_key(crv=P256)

    assert "Custom-Header-Attr1" in msg.phdr
    assert "Custom-Header-Attr2" in msg.uhdr

    msg = msg.encode()

    msg_decoded = CoseMessage.decode(msg)
    assert "Custom-Header-Attr1" in msg_decoded.phdr
    assert "Custom-Header-Attr2" in msg_decoded.uhdr
Esempio n. 7
0
def test_ec2_key_generation(crv):
    key = EC2Key.generate_key(crv)

    assert _is_valid_ec2_key(key)