def initiator(ephemeral_initiator_key, test_vectors):
if test_vectors['I']['cred_type'] == 0:
local_auth_key = None
local_cred = cbor2.loads(test_vectors['I']['cred'])
else:
local_auth_key = CoseKey.decode(test_vectors['I']['cred'])
local_cred = CoseKey.decode(test_vectors['I']['cred'])
if test_vectors['R']['cred_type'] == 0:
remote_auth_key = None
remote_cred = cbor2.loads(test_vectors['R']['cred'])
else:
remote_auth_key = CoseKey.decode(test_vectors['R']['cred'])
remote_cred = CoseKey.decode(test_vectors['R']['cred'])
return Initiator(
corr=test_vectors['S']['corr'],
method=test_vectors['S']['method'],
cred=(local_cred, local_auth_key),
cred_idi=cbor2.loads(test_vectors['I']['cred_id']),
auth_key=CoseKey.decode(test_vectors['I']['auth_key']),
selected_cipher=test_vectors['I']['selected'],
supported_ciphers=[CipherSuite.from_id(c) for c in test_vectors["I"]["supported"]],
conn_idi=test_vectors['I']['conn_id'],
remote_cred_cb=lambda x: (remote_cred, remote_auth_key),
ephemeral_key=ephemeral_initiator_key,
)
def responder(ephemeral_responder_key, test_vectors):
if test_vectors['R']['cred_type'] == 0:
local_cred = cbor2.loads(test_vectors['R']['cred'])
local_auth_key = None
else:
local_cred = CoseKey.decode(test_vectors['R']['cred'])
local_auth_key = CoseKey.decode(test_vectors['R']['cred'])
if test_vectors['I']['cred_type'] == 0:
remote_cred = cbor2.loads(test_vectors['I']['cred'])
remote_auth_key = None
else:
remote_cred = CoseKey.decode(test_vectors['I']['cred'])
remote_auth_key = CoseKey.decode(test_vectors['I']['cred'])
responder = Responder(
conn_idr=test_vectors["R"]["conn_id"],
cred_idr=cbor2.loads(test_vectors['R']['cred_id']),
auth_key=CoseKey.decode(test_vectors['R']['auth_key']),
cred=(local_cred, local_auth_key),
supported_ciphers=[
CipherSuite.from_id(c) for c in test_vectors["R"]["supported"]
],
remote_cred_cb=lambda arg: (remote_cred, remote_auth_key),
ephemeral_key=ephemeral_responder_key)
responder.cred_idi = test_vectors['I']['cred_id']
return responder
def test_okp_key_construction(crv):
key = OKPKey(crv=crv, x=os.urandom(32), d=os.urandom(32), optional_params={'ALG': 'EDDSA'})
assert _is_valid_okp_key(key)
serialized = key.encode()
_ = CoseKey.decode(serialized)
def test_symmetric_key_generation_encoding_decoding(length):
trails = 10
for i in range(trails):
sym_test = SymmetricKey.generate_key(length)
sym_encoded = sym_test.encode()
sym_decoded = CoseKey.decode(sym_encoded)
assert _is_valid_symmetric_key(sym_decoded)
def test_okp_key_generation_encoding_decoding(crv):
trails = 256
for i in range(trails):
okp_test = OKPKey.generate_key(crv=crv)
okp_encoded = okp_test.encode()
okp_decoded = CoseKey.decode(okp_encoded)
assert _is_valid_okp_key(okp_decoded)
def test_ec2_key_generation_encoding_decoding(crv):
trails = 256
for i in range(trails):
ec2_test = EC2Key.generate_key(crv=crv)
ec2_encoded = ec2_test.encode()
ec2_decoded = CoseKey.decode(ec2_encoded)
assert _is_valid_ec2_key(ec2_decoded)
def test_unknown_key_attribute():
key = EC2Key(crv='P_256',
d=p256_d,
optional_params={"subject_name": "signing key"})
assert "subject_name" in key
assert key['subject_name'] == "signing key"
k = key.encode()
decoded_key = CoseKey.decode(k)
assert decoded_key['subject_name'] == "signing key"
def test_symmetric_key_example2():
simple_dict = {
'KTY': KtySymmetric,
'ALG': A128GCM,
'K': unhexlify(b'000102030405060708090a0b0c0d0e0f')}
cose_key = CoseKey.from_dict(simple_dict)
# encode/serialize key
serialized_key = cose_key.encode()
assert str(serialized_key) == \
str(b'\xa3\x01\x04\x03\x01 P\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f')
assert str(CoseKey.decode(serialized_key)) == "<COSE_Key(Symmetric): " \
"{'SymKpK': \"b'\\\\x00\\\\x01\\\\x02\\\\x03\\\\x04' ... (16 B)\", " \
"'KpKty': 'KtySymmetric', 'KpAlg': 'A128GCM'}>"
def test_key_set_curve():
key = 'a401012006215820898ff79a02067a16ea1eccb90fa52246f5aa4dd6ec076bba0259d904b7ec8b0c2358208f781a095372f85b6d' \
'9f6109ae422611734d7dbfa0069a2df2935bb2e053bf35'
key = CoseKey.decode(unhexlify(key))
assert key.crv == Ed25519
key.crv = X25519
assert key.crv == X25519
with pytest.raises(CoseUnsupportedCurve) as excinfo:
key.crv = 3 # P-521
assert "Invalid COSE curve" in str(excinfo.value)
key.crv = X448.identifier
assert key.crv == X448
def test_unknown_key_attributes():
key = 'a401012004215820a3ff263595beb377d1a0ce1d04dad2d40966ac6bcb622051b84659184d5d9a326c7375626a656374206e616d6560'
key = CoseKey.decode(unhexlify(key))
assert "subject name" in key