def initiator(ephemeral_initiator_key, test_vectors): if test_vectors['I']['cred_type'] == 0: local_auth_key = None local_cred = cbor2.loads(test_vectors['I']['cred']) else: local_auth_key = CoseKey.decode(test_vectors['I']['cred']) local_cred = CoseKey.decode(test_vectors['I']['cred']) if test_vectors['R']['cred_type'] == 0: remote_auth_key = None remote_cred = cbor2.loads(test_vectors['R']['cred']) else: remote_auth_key = CoseKey.decode(test_vectors['R']['cred']) remote_cred = CoseKey.decode(test_vectors['R']['cred']) return Initiator( corr=test_vectors['S']['corr'], method=test_vectors['S']['method'], cred=(local_cred, local_auth_key), cred_idi=cbor2.loads(test_vectors['I']['cred_id']), auth_key=CoseKey.decode(test_vectors['I']['auth_key']), selected_cipher=test_vectors['I']['selected'], supported_ciphers=[CipherSuite.from_id(c) for c in test_vectors["I"]["supported"]], conn_idi=test_vectors['I']['conn_id'], remote_cred_cb=lambda x: (remote_cred, remote_auth_key), ephemeral_key=ephemeral_initiator_key, )
def responder(ephemeral_responder_key, test_vectors): if test_vectors['R']['cred_type'] == 0: local_cred = cbor2.loads(test_vectors['R']['cred']) local_auth_key = None else: local_cred = CoseKey.decode(test_vectors['R']['cred']) local_auth_key = CoseKey.decode(test_vectors['R']['cred']) if test_vectors['I']['cred_type'] == 0: remote_cred = cbor2.loads(test_vectors['I']['cred']) remote_auth_key = None else: remote_cred = CoseKey.decode(test_vectors['I']['cred']) remote_auth_key = CoseKey.decode(test_vectors['I']['cred']) responder = Responder( conn_idr=test_vectors["R"]["conn_id"], cred_idr=cbor2.loads(test_vectors['R']['cred_id']), auth_key=CoseKey.decode(test_vectors['R']['auth_key']), cred=(local_cred, local_auth_key), supported_ciphers=[ CipherSuite.from_id(c) for c in test_vectors["R"]["supported"] ], remote_cred_cb=lambda arg: (remote_cred, remote_auth_key), ephemeral_key=ephemeral_responder_key) responder.cred_idi = test_vectors['I']['cred_id'] return responder
def test_okp_key_construction(crv): key = OKPKey(crv=crv, x=os.urandom(32), d=os.urandom(32), optional_params={'ALG': 'EDDSA'}) assert _is_valid_okp_key(key) serialized = key.encode() _ = CoseKey.decode(serialized)
def test_symmetric_key_generation_encoding_decoding(length): trails = 10 for i in range(trails): sym_test = SymmetricKey.generate_key(length) sym_encoded = sym_test.encode() sym_decoded = CoseKey.decode(sym_encoded) assert _is_valid_symmetric_key(sym_decoded)
def test_okp_key_generation_encoding_decoding(crv): trails = 256 for i in range(trails): okp_test = OKPKey.generate_key(crv=crv) okp_encoded = okp_test.encode() okp_decoded = CoseKey.decode(okp_encoded) assert _is_valid_okp_key(okp_decoded)
def test_ec2_key_generation_encoding_decoding(crv): trails = 256 for i in range(trails): ec2_test = EC2Key.generate_key(crv=crv) ec2_encoded = ec2_test.encode() ec2_decoded = CoseKey.decode(ec2_encoded) assert _is_valid_ec2_key(ec2_decoded)
def test_unknown_key_attribute(): key = EC2Key(crv='P_256', d=p256_d, optional_params={"subject_name": "signing key"}) assert "subject_name" in key assert key['subject_name'] == "signing key" k = key.encode() decoded_key = CoseKey.decode(k) assert decoded_key['subject_name'] == "signing key"
def test_symmetric_key_example2(): simple_dict = { 'KTY': KtySymmetric, 'ALG': A128GCM, 'K': unhexlify(b'000102030405060708090a0b0c0d0e0f')} cose_key = CoseKey.from_dict(simple_dict) # encode/serialize key serialized_key = cose_key.encode() assert str(serialized_key) == \ str(b'\xa3\x01\x04\x03\x01 P\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f') assert str(CoseKey.decode(serialized_key)) == "<COSE_Key(Symmetric): " \ "{'SymKpK': \"b'\\\\x00\\\\x01\\\\x02\\\\x03\\\\x04' ... (16 B)\", " \ "'KpKty': 'KtySymmetric', 'KpAlg': 'A128GCM'}>"
def test_key_set_curve(): key = 'a401012006215820898ff79a02067a16ea1eccb90fa52246f5aa4dd6ec076bba0259d904b7ec8b0c2358208f781a095372f85b6d' \ '9f6109ae422611734d7dbfa0069a2df2935bb2e053bf35' key = CoseKey.decode(unhexlify(key)) assert key.crv == Ed25519 key.crv = X25519 assert key.crv == X25519 with pytest.raises(CoseUnsupportedCurve) as excinfo: key.crv = 3 # P-521 assert "Invalid COSE curve" in str(excinfo.value) key.crv = X448.identifier assert key.crv == X448
def test_unknown_key_attributes(): key = 'a401012004215820a3ff263595beb377d1a0ce1d04dad2d40966ac6bcb622051b84659184d5d9a326c7375626a656374206e616d6560' key = CoseKey.decode(unhexlify(key)) assert "subject name" in key