def test_ecdh_setup_cek():
jwenc = JWE_EC(plain, alg="ECDH-ES+A128KW", enc="A128GCM")
cek0 = as_bytes(rndstr(16))
cek, encrypted_key, iv, params, ret_epk = jwenc.enc_setup(plain,
cek=cek0,
key=eck_bob)
assert cek == cek0
def test_ecdh_setup_iv():
jwenc = JWE_EC(plain, alg="ECDH-ES+A128KW", enc="A128GCM")
iv0 = rndstr(16)
cek, encrypted_key, iv, params, ret_epk = jwenc.enc_setup(plain,
iv=iv0,
key=eck_bob)
assert iv == iv0
def test_ecdh_encrypt_decrypt_direct_key():
# Alice starts of
jwenc = JWE_EC(plain, alg="ECDH-ES", enc="A128GCM")
cek, encrypted_key, iv, params, ret_epk = jwenc.enc_setup(plain,
key=eck_bob)
kwargs = {
'params': params,
'cek': cek,
'iv': iv,
'encrypted_key': encrypted_key
}
assert "epk" in params
assert not encrypted_key
jwt = jwenc.encrypt(**kwargs)
# Bob decrypts
ret_jwe = factory(jwt, alg="ECDH-ES", enc="A128GCM")
jwdec = JWE_EC()
jwdec.dec_setup(ret_jwe.jwt, key=bob)
msg = jwdec.decrypt(ret_jwe.jwt)
assert msg == plain
def test_ecdh_encrypt_decrypt_keywrapped_key():
jwenc = JWE_EC(plain, alg="ECDH-ES+A128KW", enc="A128GCM")
cek, encrypted_key, iv, params, ret_epk = jwenc.enc_setup(plain,
key=eck_bob)
kwargs = {}
kwargs['params'] = params
kwargs['cek'] = cek
kwargs['iv'] = iv
kwargs['encrypted_key'] = encrypted_key
assert "epk" in params
assert encrypted_key
jwt = jwenc.encrypt(**kwargs)
ret_jwe = factory(jwt, alg="ECDH-ES+A128KW", enc="A128GCM")
jwdec = JWE_EC()
jwdec.dec_setup(ret_jwe.jwt, key=bob)
msg = jwdec.decrypt(ret_jwe.jwt)
assert msg == plain
def test_ecdh_setup_unknown_alg_2():
jwenc = JWE_EC(plain, alg="ECDH-ES", enc="A384GCM")
with pytest.raises(ValueError):
jwenc.enc_setup(plain, key=eck_bob)
def test_ecdh_enc_setup_enk_eckey():
jwenc = JWE_EC(plain, alg="ECDH-ES+A128KW", enc="A128GCM")
assert jwenc.enc_setup(plain, key=eck_bob, epk=eck_alice)
def test_ecdh_enc_setup_wrong_key():
jwenc = JWE_EC(plain, alg="ECDH-ES+A128KW", enc="A128GCM")
with pytest.raises(ValueError):
jwenc.enc_setup(plain, key=priv_key)