def test_unserialize_wrong(self):
s = SPAKE2_A(b"password", params=Params1024)
s.start()
data = s.serialize()
SPAKE2_A.from_serialized(data, params=Params1024) # this is ok
self.assertRaises(spake2.WrongGroupError,
SPAKE2_A.from_serialized, data) # default is P2048
self.assertRaises(spake2.WrongGroupError,
SPAKE2_A.from_serialized, data,
params=Params3072)
self.assertRaises(spake2.WrongSideSerialized,
SPAKE2_B.from_serialized, data,
params=Params1024)
ss = SPAKE2_Symmetric(b"password", params=Params1024)
ss.start()
sdata = ss.serialize()
SPAKE2_Symmetric.from_serialized(sdata, params=Params1024) # ok
self.assertRaises(spake2.WrongGroupError, # default is P2048
SPAKE2_Symmetric.from_serialized, sdata)
self.assertRaises(spake2.WrongGroupError,
SPAKE2_Symmetric.from_serialized, sdata,
params=Params3072)
self.assertRaises(spake2.WrongSideSerialized,
SPAKE2_Symmetric.from_serialized, data, # from A
params=Params1024)
def test_failure_wrong_id(self):
pw = b"password"
s1 = SPAKE2_Symmetric(pw, idSymmetric=b"sym")
s2 = SPAKE2_Symmetric(pw, idSymmetric=b"not-sym")
m1,m2 = s1.start(), s2.start()
k1,k2 = s1.finish(m2), s2.finish(m1)
self.assertNotEqual(hexlify(k1), hexlify(k2))
def test_serialize(self):
pw = b"password"
s1,s2 = SPAKE2_Symmetric(pw), SPAKE2_Symmetric(pw)
m1,m2 = s1.start(), s2.start()
s1 = SPAKE2_Symmetric.from_serialized(s1.serialize())
k1,k2 = s1.finish(m2), s2.finish(m1)
self.assertEqual(hexlify(k1), hexlify(k2))
def test_success_id(self):
pw = b"password"
s1 = SPAKE2_Symmetric(pw, idSymmetric=b"sym")
s2 = SPAKE2_Symmetric(pw, idSymmetric=b"sym")
m1,m2 = s1.start(), s2.start()
k1,k2 = s1.finish(m2), s2.finish(m1)
self.assertEqual(hexlify(k1), hexlify(k2))
def test_unserialize_wrong(self):
s = SPAKE2_A(b"password", params=params.Params1024)
s.start()
data = s.serialize()
SPAKE2_A.from_serialized(data, params=params.Params1024) # this is ok
self.assertRaises(spake2.WrongGroupError,
SPAKE2_A.from_serialized, data) # default is P2048
self.assertRaises(spake2.WrongGroupError,
SPAKE2_A.from_serialized, data,
params=params.Params3072)
self.assertRaises(spake2.WrongSideSerialized,
SPAKE2_B.from_serialized, data,
params=params.Params1024)
ss = SPAKE2_Symmetric(b"password", params=params.Params1024)
ss.start()
sdata = ss.serialize()
SPAKE2_Symmetric.from_serialized(sdata, params=params.Params1024) # ok
self.assertRaises(spake2.WrongGroupError, # default is P2048
SPAKE2_Symmetric.from_serialized, sdata)
self.assertRaises(spake2.WrongGroupError,
SPAKE2_Symmetric.from_serialized, sdata,
params=params.Params3072)
self.assertRaises(spake2.WrongSideSerialized,
SPAKE2_Symmetric.from_serialized, data, # from A
params=params.Params1024)
def test_symmetric(self):
PRG1 = PRG(b"1")
PRG2 = PRG(b"2")
pw = b"password"
s1 = SPAKE2_Symmetric(pw, entropy_f=PRG1)
s2 = SPAKE2_Symmetric(pw, entropy_f=PRG2)
m11,m12 = s1.start(), s2.start()
self.assertEqual(hexlify(m11), b"5308f692d38c4034ad6e2e1054c469ca1dbe990bcaec4bbd3ad78c7d968eadd0b3")
self.assertEqual(hexlify(m12), b"5329e2d5f9b7a53e609204115c6458921b0bb27419ce82a27679fc5961002897df")
k1,k2 = s1.finish(m12), s2.finish(m11)
self.assertEqual(hexlify(k1),
b"9c4fccaa3f0740615cee6fd10ed5d3a311b91b5bdc65f53e4ea7cb2fe8aa96eb")
self.assertEqual(hexlify(k1), hexlify(k2))
self.assertEqual(len(k1), len(sha256().digest()))
def test_serialize(self):
pw = b"password"
s1,s2 = SPAKE2_Symmetric(pw), SPAKE2_Symmetric(pw)
m1,m2 = s1.start(), s2.start()
s1 = SPAKE2_Symmetric.from_serialized(s1.serialize())
k1,k2 = s1.finish(m2), s2.finish(m1)
self.assertEqual(hexlify(k1), hexlify(k2))
def test_wrong_side(self):
pw = b"password"
sA1,sA2 = SPAKE2_A(pw), SPAKE2_A(pw)
sA1.start()
msgA = sA2.start()
self.assertRaises(spake2.OffSides, sA1.finish, msgA)
sB1,sB2 = SPAKE2_B(pw), SPAKE2_B(pw)
sB1.start()
msgB = sB2.start()
self.assertRaises(spake2.OffSides, sB1.finish, msgB)
self.assertRaises(spake2.OffSides, sA2.finish, b"C"+msgB)
sS = SPAKE2_Symmetric(pw)
sS.start()
self.assertRaises(spake2.OffSides, sS.finish, msgA)
sS = SPAKE2_Symmetric(pw)
sS.start()
self.assertRaises(spake2.OffSides, sS.finish, msgB)
def test_reflect(self):
pw = b"password"
s1 = SPAKE2_Symmetric(pw)
m1 = s1.start()
# reflect Alice's message back to her
self.assertRaises(spake2.ReflectionThwarted, s1.finish, m1)
def test_failure_wrong_password(self):
s1,s2 = SPAKE2_Symmetric(b"password"), SPAKE2_Symmetric(b"wrong")
m1,m2 = s1.start(), s2.start()
k1,k2 = s1.finish(m2), s2.finish(m1)
self.assertNotEqual(hexlify(k1), hexlify(k2))