# Crypto veilid tests import pytest import veilid from veilid.api import CryptoSystem @pytest.mark.asyncio async def test_valid_crypto_kinds(api_connection: veilid.VeilidAPI): kinds = await api_connection.valid_crypto_kinds() assert len(kinds) > 0 @pytest.mark.asyncio async def test_get_crypto_system(api_connection: veilid.VeilidAPI): for kind in await api_connection.valid_crypto_kinds(): cs = await api_connection.get_crypto_system(kind) async with cs: assert await cs.kind() == kind @pytest.mark.asyncio async def test_get_crypto_system_invalid(api_connection: veilid.VeilidAPI): with pytest.raises(veilid.VeilidAPIErrorInvalidArgument) as exc: await api_connection.get_crypto_system(veilid.CryptoKind.CRYPTO_KIND_NONE) assert exc.value.context == "unsupported cryptosystem" assert exc.value.argument == "kind" assert exc.value.value == "NONE" @pytest.mark.asyncio async def test_hash_and_verify_password(api_connection: veilid.VeilidAPI): for kind in await api_connection.valid_crypto_kinds(): cs = await api_connection.get_crypto_system(kind) async with cs: nonce = await cs.random_nonce() salt = nonce.to_bytes() # Password match phash = await cs.hash_password(b"abc123", salt) assert await cs.verify_password(b"abc123", phash) # Password mismatch await cs.hash_password(b"abc1234", salt) assert not await cs.verify_password(b"abc12345", phash) @pytest.mark.asyncio async def test_sign_and_verify_signature(api_connection: veilid.VeilidAPI): for kind in await api_connection.valid_crypto_kinds(): cs = await api_connection.get_crypto_system(kind) async with cs: kp1 = await cs.generate_key_pair() kp2 = await cs.generate_key_pair() # Signature match sig = await cs.sign(kp1.key(), kp1.secret(), b"abc123") assert await cs.verify(kp1.key(), b"abc123", sig) # Signature mismatch sig2 = await cs.sign(kp1.key(), kp1.secret(), b"abc1234") assert await cs.verify(kp1.key(), b"abc1234", sig2) assert not await cs.verify(kp1.key(), b"abc12345", sig2) assert not await cs.verify(kp2.key(), b"abc1234", sig2) @pytest.mark.asyncio async def test_sign_and_verify_signatures(api_connection: veilid.VeilidAPI): for kind in await api_connection.valid_crypto_kinds(): cs = await api_connection.get_crypto_system(kind) async with cs: kind = await cs.kind() kp1 = await cs.generate_key_pair() # BareSignature match sigs = await api_connection.generate_signatures(b"abc123", [kp1]) keys = [kp1.key()] assert (await api_connection.verify_signatures(keys, b"abc123", sigs)) == keys # BareSignature mismatch assert (await api_connection.verify_signatures([kp1.key()], b"abc1234", sigs)) is None @pytest.mark.asyncio async def test_generate_shared_secret(api_connection: veilid.VeilidAPI): for kind in await api_connection.valid_crypto_kinds(): cs = await api_connection.get_crypto_system(kind) async with cs: kp1 = await cs.generate_key_pair() kp2 = await cs.generate_key_pair() kp3 = await cs.generate_key_pair() ssA = await cs.generate_shared_secret(kp1.key(), kp2.secret(), b"abc123") ssB = await cs.generate_shared_secret(kp2.key(), kp1.secret(), b"abc123") assert ssA == ssB ssC = await cs.generate_shared_secret(kp2.key(), kp1.secret(), b"abc1234") assert ssA != ssC ssD = await cs.generate_shared_secret(kp3.key(), kp1.secret(), b"abc123") assert ssA != ssD