def test_official_auth_header_packet_preparation(tag,
auth_tag,
id_nonce,
encoded_message,
local_private_key,
auth_response_key,
encryption_key,
ephemeral_public_key,
auth_message_rlp):
message_type_id = encoded_message[0]
message_type = default_message_type_registry[message_type_id]
message = rlp.decode(encoded_message[1:], message_type)
assert message.to_bytes() == encoded_message
id_nonce_signature = V4IdentityScheme.create_id_nonce_signature(
id_nonce=id_nonce,
ephemeral_public_key=ephemeral_public_key,
private_key=local_private_key,
)
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=encryption_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=auth_response_key,
enr=None,
ephemeral_public_key=ephemeral_public_key,
)
packet_wire_bytes = packet.to_wire_bytes()
assert packet_wire_bytes == auth_message_rlp
def test_auth_header_preparation_without_enr(tag,
auth_tag,
id_nonce,
initiator_key,
auth_response_key,
ephemeral_public_key):
message = PingMessage(
request_id=5,
enr_seq=1,
)
id_nonce_signature = b"\x00" * 32
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=initiator_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=auth_response_key,
enr=None,
ephemeral_public_key=ephemeral_public_key
)
decrypted_auth_response = aesgcm_decrypt(
key=auth_response_key,
nonce=ZERO_NONCE,
cipher_text=packet.auth_header.encrypted_auth_response,
authenticated_data=b"",
)
decoded_auth_response = rlp.decode(decrypted_auth_response)
assert is_list_like(decoded_auth_response) and len(decoded_auth_response) == 3
assert decoded_auth_response[0] == int_to_big_endian(AUTH_RESPONSE_VERSION)
assert decoded_auth_response[1] == id_nonce_signature
assert decoded_auth_response[2] == []
def test_auth_header_preparation(tag,
auth_tag,
id_nonce,
initiator_key,
auth_response_key,
ephemeral_public_key):
enr = ENR(
sequence_number=1,
signature=b"",
kv_pairs={
b"id": b"v4",
b"secp256k1": b"\x02" * 33,
}
)
message = PingMessage(
request_id=5,
enr_seq=enr.sequence_number,
)
id_nonce_signature = b"\x00" * 32
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=initiator_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=auth_response_key,
enr=enr,
ephemeral_public_key=ephemeral_public_key
)
assert packet.tag == tag
assert packet.auth_header.auth_tag == auth_tag
assert packet.auth_header.id_nonce == id_nonce
assert packet.auth_header.auth_scheme_name == AUTH_SCHEME_NAME
assert packet.auth_header.ephemeral_public_key == ephemeral_public_key
decrypted_auth_response = aesgcm_decrypt(
key=auth_response_key,
nonce=ZERO_NONCE,
cipher_text=packet.auth_header.encrypted_auth_response,
authenticated_data=b"",
)
decoded_auth_response = rlp.decode(decrypted_auth_response)
assert is_list_like(decoded_auth_response) and len(decoded_auth_response) == 3
assert decoded_auth_response[0] == int_to_big_endian(AUTH_RESPONSE_VERSION)
assert decoded_auth_response[1] == id_nonce_signature
assert ENR.deserialize(decoded_auth_response[2]) == enr
decrypted_message = aesgcm_decrypt(
key=initiator_key,
nonce=auth_tag,
cipher_text=packet.encrypted_message,
authenticated_data=tag,
)
assert decrypted_message[0] == message.message_type
assert rlp.decode(decrypted_message[1:], PingMessage) == message
def complete_handshake(self, response_packet: Packet) -> HandshakeResult:
if not self.is_response_packet(response_packet):
raise ValueError(
f"Packet {response_packet} is not the expected response packet"
)
if not isinstance(response_packet, WhoAreYouPacket):
raise TypeError(
"Invariant: Only WhoAreYou packets are valid responses")
who_are_you_packet = response_packet
# compute session keys
(
ephemeral_private_key,
ephemeral_public_key,
) = self.identity_scheme.create_handshake_key_pair()
remote_public_key_object = PublicKey.from_compressed_bytes(
self.remote_enr.public_key)
remote_public_key_uncompressed = remote_public_key_object.to_bytes()
session_keys = self.identity_scheme.compute_session_keys(
local_private_key=ephemeral_private_key,
remote_public_key=remote_public_key_uncompressed,
local_node_id=self.local_enr.node_id,
remote_node_id=self.remote_node_id,
id_nonce=who_are_you_packet.id_nonce,
is_locally_initiated=True,
)
# prepare response packet
id_nonce_signature = self.identity_scheme.create_id_nonce_signature(
id_nonce=who_are_you_packet.id_nonce,
ephemeral_public_key=ephemeral_public_key,
private_key=self.local_private_key,
)
if who_are_you_packet.enr_sequence_number < self.local_enr.sequence_number:
enr = self.local_enr
else:
enr = None
auth_header_packet = AuthHeaderPacket.prepare(
tag=self.tag,
auth_tag=get_random_auth_tag(),
id_nonce=who_are_you_packet.id_nonce,
message=self.initial_message,
initiator_key=session_keys.encryption_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=session_keys.auth_response_key,
enr=enr,
ephemeral_public_key=ephemeral_public_key,
)
return HandshakeResult(
session_keys=session_keys,
enr=None,
message=None,
auth_header_packet=auth_header_packet,
)
def test_auth_header_message_decryption(tag, auth_tag, id_nonce, initiator_key,
auth_response_key,
ephemeral_public_key, enr, message):
id_nonce_signature = b"\x00" * 32
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=initiator_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=auth_response_key,
enr=enr,
ephemeral_public_key=ephemeral_public_key)
decrypted_message = packet.decrypt_message(initiator_key)
assert decrypted_message == message
def test_invalid_auth_header_decryption_with_wrong_key(tag, auth_tag, id_nonce,
initiator_key,
ephemeral_public_key,
message):
id_nonce_signature = b"\x00" * 32
encryption_key = b"\x00" * AES128_KEY_SIZE
decryption_key = b"\x11" * AES128_KEY_SIZE
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=initiator_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=encryption_key,
enr=None,
ephemeral_public_key=ephemeral_public_key)
with pytest.raises(DecryptionError):
packet.decrypt_auth_response(decryption_key)
def test_auth_header_decryption_without_enr(tag, auth_tag, id_nonce,
initiator_key, auth_response_key,
ephemeral_public_key, message):
id_nonce_signature = b"\x00" * 32
packet = AuthHeaderPacket.prepare(
tag=tag,
auth_tag=auth_tag,
id_nonce=id_nonce,
message=message,
initiator_key=initiator_key,
id_nonce_signature=id_nonce_signature,
auth_response_key=auth_response_key,
enr=None,
ephemeral_public_key=ephemeral_public_key)
recovered_id_nonce_signature, recovered_enr = packet.decrypt_auth_response(
auth_response_key)
assert recovered_id_nonce_signature == id_nonce_signature
assert recovered_enr is None