def test_official_id_nonce_signature(id_nonce, ephemeral_public_key,
local_secret_key, id_nonce_signature):
created_signature = V4HandshakeScheme.create_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
private_key=local_secret_key,
)
assert created_signature == id_nonce_signature
def test_official_auth_header_packet_preparation(
tag,
auth_tag,
id_nonce,
encoded_message,
local_private_key,
auth_response_key,
encryption_key,
ephemeral_public_key,
auth_message_rlp,
):
message_type_id = encoded_message[0]
message_type = v5_registry[message_type_id]
message = rlp.decode(encoded_message[1:], message_type)
assert message.to_bytes() == encoded_message
id_nonce_signature = V4HandshakeScheme.create_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
private_key=local_private_key,
)
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=encryption_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=auth_response_key,
enr=None,
ephemeral_public_key=ephemeral_public_key,
)
packet_wire_bytes = packet.to_wire_bytes()
assert packet_wire_bytes == auth_message_rlp
def test_id_nonce_signing(private_key, id_nonce, ephemeral_key):
ephemeral_public_key = PrivateKey(ephemeral_key).public_key.to_bytes()
signature = V4HandshakeScheme.create_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
private_key=private_key,
)
signature_object = NonRecoverableSignature(signature)
message_hash = sha256(ID_NONCE_SIGNATURE_PREFIX + id_nonce +
ephemeral_public_key).digest()
assert signature_object.verify_msg_hash(message_hash,
PrivateKey(private_key).public_key)
def test_valid_id_nonce_signature_validation(private_key, id_nonce,
ephemeral_key):
ephemeral_public_key = PrivateKey(ephemeral_key).public_key.to_bytes()
signature = V4HandshakeScheme.create_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
private_key=private_key,
)
public_key = PrivateKey(private_key).public_key.to_compressed_bytes()
V4HandshakeScheme.validate_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
signature=signature,
public_key=public_key,
)
def test_official_auth_response_encryption(
secret_key, id_nonce, enr, auth_response_key, ephemeral_public_key, auth_cipher_text
):
id_nonce_signature = V4HandshakeScheme.create_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
private_key=secret_key,
)
assert (
compute_encrypted_auth_response(
auth_response_key=auth_response_key,
id_nonce_signature=id_nonce_signature,
enr=enr,
)
== auth_cipher_text
)
def test_invalid_id_nonce_signature_validation():
id_nonce = b"\xff" * 10
private_key = b"\x11" * 32
ephemeral_public_key = b"\x22" * 64
signature = V4HandshakeScheme.create_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
private_key=private_key,
)
public_key = PrivateKey(private_key).public_key.to_compressed_bytes()
different_public_key = PrivateKey(b"\x22" *
32).public_key.to_compressed_bytes()
different_id_nonce = b"\x00" * 10
different_ephemeral_public_key = b"\x00" * 64
assert different_public_key != public_key
assert different_id_nonce != id_nonce
assert different_ephemeral_public_key != ephemeral_public_key
with pytest.raises(ValidationError):
V4HandshakeScheme.validate_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce, ephemeral_public_key),
signature=signature,
public_key=different_public_key,
)
with pytest.raises(ValidationError):
V4HandshakeScheme.validate_id_nonce_signature(
signature_inputs=SignatureInputs(different_id_nonce,
ephemeral_public_key),
signature=signature,
public_key=public_key,
)
with pytest.raises(ValidationError):
V4HandshakeScheme.validate_id_nonce_signature(
signature_inputs=SignatureInputs(id_nonce,
different_ephemeral_public_key),
signature=signature,
public_key=public_key,
)