def test_unicode_typeerror(self, backend): with pytest.raises(TypeError): ConcatKDFHash( hashes.SHA256(), 16, otherinfo="foo", # type: ignore[arg-type] backend=backend, ) with pytest.raises(TypeError): ckdf = ConcatKDFHash(hashes.SHA256(), 16, otherinfo=None, backend=backend) ckdf.derive("foo") # type: ignore[arg-type] with pytest.raises(TypeError): ckdf = ConcatKDFHash(hashes.SHA256(), 16, otherinfo=None, backend=backend) ckdf.verify("foo", b"bar") # type: ignore[arg-type] with pytest.raises(TypeError): ckdf = ConcatKDFHash(hashes.SHA256(), 16, otherinfo=None, backend=backend) ckdf.verify(b"foo", "bar") # type: ignore[arg-type]
def test_unicode_typeerror(self, backend): with pytest.raises(TypeError): ConcatKDFHash( hashes.SHA256(), 16, otherinfo=u"foo", backend=backend ) with pytest.raises(TypeError): ckdf = ConcatKDFHash( hashes.SHA256(), 16, otherinfo=None, backend=backend ) ckdf.derive(u"foo") with pytest.raises(TypeError): ckdf = ConcatKDFHash( hashes.SHA256(), 16, otherinfo=None, backend=backend ) ckdf.verify(u"foo", b"bar") with pytest.raises(TypeError): ckdf = ConcatKDFHash( hashes.SHA256(), 16, otherinfo=None, backend=backend ) ckdf.verify(b"foo", u"bar")
def test_invalid_verify(self, backend): prk = binascii.unhexlify( b"52169af5c485dcc2321eb8d26d5efa21fb9b93c98e38412ee2484cf14f0d0d23" ) oinfo = binascii.unhexlify( b"a1b2c3d4e53728157e634612c12d6d5223e204aeea4341565369647bd184bcd2" b"46f72971f292badaa2fe4124612cba") ckdf = ConcatKDFHash(hashes.SHA256(), 16, oinfo, backend) with pytest.raises(InvalidKey): ckdf.verify(prk, b"wrong key")
def test_verify(self, backend): prk = binascii.unhexlify( b"52169af5c485dcc2321eb8d26d5efa21fb9b93c98e38412ee2484cf14f0d0d23" ) okm = binascii.unhexlify(b"1c3bc9e7c4547c5191c0d478cccaed55") oinfo = binascii.unhexlify( b"a1b2c3d4e53728157e634612c12d6d5223e204aeea4341565369647bd184bcd2" b"46f72971f292badaa2fe4124612cba") ckdf = ConcatKDFHash(hashes.SHA256(), 16, oinfo, backend) ckdf.verify(prk, okm)
def test_invalid_verify(self, backend): prk = binascii.unhexlify( b"52169af5c485dcc2321eb8d26d5efa21fb9b93c98e38412ee2484cf14f0d0d23" ) oinfo = binascii.unhexlify( b"a1b2c3d4e53728157e634612c12d6d5223e204aeea4341565369647bd184bcd2" b"46f72971f292badaa2fe4124612cba" ) ckdf = ConcatKDFHash(hashes.SHA256(), 16, oinfo, backend) with pytest.raises(InvalidKey): ckdf.verify(prk, b"wrong key")
def test_unicode_typeerror(self, backend): with pytest.raises(TypeError): ConcatKDFHash( hashes.SHA256(), 16, otherinfo=u"foo", backend=backend ) with pytest.raises(TypeError): ckdf = ConcatKDFHash( hashes.SHA256(), 16, otherinfo=None, backend=backend ) ckdf.derive(u"foo") with pytest.raises(TypeError): ckdf = ConcatKDFHash( hashes.SHA256(), 16, otherinfo=None, backend=backend ) ckdf.verify(u"foo", b"bar") with pytest.raises(TypeError): ckdf = ConcatKDFHash( hashes.SHA256(), 16, otherinfo=None, backend=backend ) ckdf.verify(b"foo", u"bar")
def test_verify(self, backend): prk = binascii.unhexlify( b"52169af5c485dcc2321eb8d26d5efa21fb9b93c98e38412ee2484cf14f0d0d23" ) okm = binascii.unhexlify(b"1c3bc9e7c4547c5191c0d478cccaed55") oinfo = binascii.unhexlify( b"a1b2c3d4e53728157e634612c12d6d5223e204aeea4341565369647bd184bcd2" b"46f72971f292badaa2fe4124612cba" ) ckdf = ConcatKDFHash(hashes.SHA256(), 16, oinfo, backend) assert ckdf.verify(prk, okm) is None
import base64 import os from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.concatkdf import ConcatKDFHash from cryptography.hazmat.backends import default_backend # The sample code is extracted from the book Python Cryptography # The book can be downloaded from https://leanpub.com/cryptop # Online Crypto Playgroud https://8gwifi.org # Author Anish Nath backend = default_backend() otherinfo = b"concatkdf-example" ckdf = ConcatKDFHash(algorithm=hashes.SHA256(), length=32, otherinfo=otherinfo, backend=backend) # CKDF Derive key key = ckdf.derive(b"input key") base64.b64encode(key) # CKDF Verify Key ckdf = ConcatKDFHash(algorithm=hashes.SHA256(), length=32, otherinfo=otherinfo, backend=backend) ckdf.verify(b"input key", key)