def test_unwrap_invalid_wrapped_key_length(self, backend): # Keys to unwrap must be at least 16 bytes with pytest.raises( keywrap.InvalidUnwrap, match='Must be at least 16 bytes' ): keywrap.aes_key_unwrap_with_padding( b"sixteen_byte_key", b"\x00" * 15, backend )
def test_unwrap(self, backend, params): wrapping_key = binascii.unhexlify(params["k"]) wrapped_key = binascii.unhexlify(params["c"]) if params.get("fail") is True: with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap_with_padding(wrapping_key, wrapped_key, backend) else: unwrapped_key = keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend) assert params["p"] == binascii.hexlify(unwrapped_key)
def test_unwrap(self, backend, params): wrapping_key = binascii.unhexlify(params["k"]) wrapped_key = binascii.unhexlify(params["c"]) if params.get("fail") is True: with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend ) else: unwrapped_key = keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend ) assert params["p"] == binascii.hexlify(unwrapped_key)
def test_unwrap_additional_vectors(self, backend, params): wrapping_key = binascii.unhexlify(params["key"]) wrapped_key = binascii.unhexlify(params["output"]) unwrapped_key = keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend ) assert unwrapped_key == binascii.unhexlify(params["input"])
def test_keywrap_with_padding(backend, wycheproof): wrapping_key = binascii.unhexlify(wycheproof.testcase["key"]) key_to_wrap = binascii.unhexlify(wycheproof.testcase["msg"]) expected = binascii.unhexlify(wycheproof.testcase["ct"]) result = keywrap.aes_key_wrap_with_padding(wrapping_key, key_to_wrap, backend) if wycheproof.valid or wycheproof.acceptable: assert result == expected if wycheproof.valid or (wycheproof.acceptable and not len(expected) < 16): result = keywrap.aes_key_unwrap_with_padding(wrapping_key, expected, backend) assert result == key_to_wrap else: with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap_with_padding(wrapping_key, expected, backend)
def test_unwrap(self, backend, subtests): params = _load_all_params( os.path.join("keywrap", "kwtestvectors"), ["KWP_AD_128.txt", "KWP_AD_192.txt", "KWP_AD_256.txt"], load_nist_vectors, ) for param in params: with subtests.test(): wrapping_key = binascii.unhexlify(param["k"]) wrapped_key = binascii.unhexlify(param["c"]) if param.get("fail") is True: with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend) else: unwrapped_key = keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend) assert param["p"] == binascii.hexlify(unwrapped_key)
def test_unwrap_additional_vectors(self, backend, subtests): params = _load_all_params("keywrap", ["kwp_botan.txt"], load_nist_vectors) for param in params: with subtests.test(): wrapping_key = binascii.unhexlify(param["key"]) wrapped_key = binascii.unhexlify(param["output"]) unwrapped_key = keywrap.aes_key_unwrap_with_padding( wrapping_key, wrapped_key, backend) assert unwrapped_key == binascii.unhexlify(param["input"])
def test_keywrap_with_padding(backend, wycheproof): wrapping_key = binascii.unhexlify(wycheproof.testcase["key"]) key_to_wrap = binascii.unhexlify(wycheproof.testcase["msg"]) expected = binascii.unhexlify(wycheproof.testcase["ct"]) result = keywrap.aes_key_wrap_with_padding( wrapping_key, key_to_wrap, backend ) if wycheproof.valid or wycheproof.acceptable: assert result == expected if wycheproof.valid or (wycheproof.acceptable and not len(expected) < 16): result = keywrap.aes_key_unwrap_with_padding( wrapping_key, expected, backend ) assert result == key_to_wrap else: with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap_with_padding( wrapping_key, expected, backend )
def unwrap(self, wrapkey): '''Return the secret key''' secret = keywrap.aes_key_unwrap_with_padding( wrapkey, self._wrappedkey, default_backend()) return secret
def unwrap_key_aes_pad(wrapped_key: bytes, wrapping_key: bytes) -> bytes: return keywrap.aes_key_unwrap_with_padding(wrapping_key, wrapped_key)
def test_unwrap_invalid_key_length(self, backend): with pytest.raises(ValueError, match='must be a valid AES key length'): keywrap.aes_key_unwrap_with_padding(b"badkey", b"\x00" * 16, backend)
def test_unwrap_invalid_key_length(self, backend): with pytest.raises(ValueError, match='must be a valid AES key length'): keywrap.aes_key_unwrap_with_padding( b"badkey", b"\x00" * 16, backend )