@@ -327,7 +327,7 @@ def test_cose_usage_examples_cose_mac_hpke(self):
327327 mac_key = COSEKey .generate_symmetric_key (alg = "HS256" )
328328
329329 # The sender side:
330- rpk = COSEKey .from_jwk (
330+ rpk1 = COSEKey .from_jwk (
331331 {
332332 "kty" : "EC" ,
333333 "kid" : "01" ,
@@ -336,27 +336,45 @@ def test_cose_usage_examples_cose_mac_hpke(self):
336336 "y" : "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4" ,
337337 }
338338 )
339- r = Recipient .new (
339+ r1 = Recipient .new (
340340 protected = {
341341 COSEHeaders .ALG : COSEAlgs .HPKE_BASE_P256_SHA256_AES128GCM ,
342342 },
343343 unprotected = {
344344 COSEHeaders .KID : b"01" ,
345345 },
346- recipient_key = rpk ,
346+ recipient_key = rpk1 ,
347+ )
348+ rpk2 = COSEKey .from_jwk (
349+ {
350+ "kty" : "OKP" ,
351+ "kid" : "02" ,
352+ "crv" : "X25519" ,
353+ "x" : "y3wJq3uXPHeoCO4FubvTc7VcBuqpvUrSvU6ZMbHDTCI" ,
354+ },
355+ )
356+ r2 = Recipient .new (
357+ protected = {
358+ COSEHeaders .ALG : COSEAlgs .HPKE_BASE_X25519_SHA256_CHACHA20POLY1305 ,
359+ },
360+ unprotected = {
361+ COSEHeaders .KID : b"02" ,
362+ },
363+ recipient_key = rpk2 ,
347364 )
348365 sender = COSE .new ()
349366 encoded = sender .encode (
350367 b"This is the content." ,
351368 mac_key ,
352369 protected = {COSEHeaders .ALG : COSEAlgs .HS256 }, # alg: HS256
353- recipients = [r ],
370+ recipients = [r1 , r2 ],
371+ external_aad = b"COSE-HPKE app" ,
354372 )
355373
356374 # print(encoded.hex())
357375
358376 # The recipient side:
359- rsk = COSEKey .from_jwk (
377+ rsk1 = COSEKey .from_jwk (
360378 {
361379 "kty" : "EC" ,
362380 "kid" : "01" ,
@@ -367,7 +385,18 @@ def test_cose_usage_examples_cose_mac_hpke(self):
367385 }
368386 )
369387 recipient = COSE .new ()
370- assert b"This is the content." == recipient .decode (encoded , rsk )
388+ assert b"This is the content." == recipient .decode (encoded , rsk1 , external_aad = b"COSE-HPKE app" )
389+
390+ rsk2 = COSEKey .from_jwk (
391+ {
392+ "kty" : "OKP" ,
393+ "kid" : "02" ,
394+ "crv" : "X25519" ,
395+ "x" : "y3wJq3uXPHeoCO4FubvTc7VcBuqpvUrSvU6ZMbHDTCI" ,
396+ "d" : "vsJ1oX5NNi0IGdwGldiac75r-Utmq3Jq4LGv48Q_Qc4" ,
397+ },
398+ )
399+ assert b"This is the content." == recipient .decode (encoded , rsk2 , external_aad = b"COSE-HPKE app" )
371400
372401 def test_cose_usage_examples_cose_encrypt0 (self ):
373402 enc_key = COSEKey .generate_symmetric_key (alg = "ChaCha20/Poly1305" , kid = "01" )
@@ -465,6 +494,7 @@ def test_cose_usage_examples_cose_encrypt0_hpke(self):
465494 unprotected = {
466495 COSEHeaders .KID : b"01" ,
467496 },
497+ external_aad = b"COSE-HPKE app" ,
468498 )
469499
470500 # print(encoded.hex())
@@ -482,7 +512,7 @@ def test_cose_usage_examples_cose_encrypt0_hpke(self):
482512 }
483513 )
484514 recipient = COSE .new ()
485- assert b"This is the content." == recipient .decode (encoded , rsk )
515+ assert b"This is the content." == recipient .decode (encoded , rsk , external_aad = b"COSE-HPKE app" )
486516
487517 def test_cose_usage_examples_cose_encrypt (self ):
488518 enc_key = COSEKey .generate_symmetric_key (alg = "ChaCha20/Poly1305" , kid = "01" )
@@ -570,7 +600,7 @@ def test_cose_usage_examples_cose_encrypt_countersignature(self):
570600 def test_cose_usage_examples_cose_encrypt_hpke (self ):
571601 # The sender side:
572602 enc_key = COSEKey .generate_symmetric_key (alg = "A128GCM" )
573- rpk = COSEKey .from_jwk (
603+ rpk1 = COSEKey .from_jwk (
574604 {
575605 "kty" : "EC" ,
576606 "kid" : "01" ,
@@ -579,14 +609,31 @@ def test_cose_usage_examples_cose_encrypt_hpke(self):
579609 "y" : "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4" ,
580610 }
581611 )
582- r = Recipient .new (
612+ r1 = Recipient .new (
583613 protected = {
584614 COSEHeaders .ALG : COSEAlgs .HPKE_BASE_P256_SHA256_AES128GCM ,
585615 },
586616 unprotected = {
587617 COSEHeaders .KID : b"01" ,
588618 },
589- recipient_key = rpk ,
619+ recipient_key = rpk1 ,
620+ )
621+ rpk2 = COSEKey .from_jwk (
622+ {
623+ "kty" : "OKP" ,
624+ "kid" : "02" ,
625+ "crv" : "X25519" ,
626+ "x" : "y3wJq3uXPHeoCO4FubvTc7VcBuqpvUrSvU6ZMbHDTCI" ,
627+ },
628+ )
629+ r2 = Recipient .new (
630+ protected = {
631+ COSEHeaders .ALG : COSEAlgs .HPKE_BASE_X25519_SHA256_CHACHA20POLY1305 ,
632+ },
633+ unprotected = {
634+ COSEHeaders .KID : b"02" ,
635+ },
636+ recipient_key = rpk2 ,
590637 )
591638 sender = COSE .new ()
592639 encoded = sender .encode (
@@ -595,13 +642,14 @@ def test_cose_usage_examples_cose_encrypt_hpke(self):
595642 protected = {
596643 COSEHeaders .ALG : COSEAlgs .A128GCM ,
597644 },
598- recipients = [r ],
645+ recipients = [r1 , r2 ],
646+ external_aad = b"COSE-HPKE app" ,
599647 )
600648
601649 # print(encoded.hex())
602650
603651 # The recipient side:
604- rsk = COSEKey .from_jwk (
652+ rsk1 = COSEKey .from_jwk (
605653 {
606654 "kty" : "EC" ,
607655 "kid" : "01" ,
@@ -612,7 +660,19 @@ def test_cose_usage_examples_cose_encrypt_hpke(self):
612660 }
613661 )
614662 recipient = COSE .new ()
615- assert b"This is the content." == recipient .decode (encoded , rsk )
663+ assert b"This is the content." == recipient .decode (encoded , rsk1 , external_aad = b"COSE-HPKE app" )
664+
665+ rsk2 = COSEKey .from_jwk (
666+ {
667+ "kty" : "OKP" ,
668+ "kid" : "02" ,
669+ "crv" : "X25519" ,
670+ "x" : "y3wJq3uXPHeoCO4FubvTc7VcBuqpvUrSvU6ZMbHDTCI" ,
671+ "d" : "vsJ1oX5NNi0IGdwGldiac75r-Utmq3Jq4LGv48Q_Qc4" ,
672+ },
673+ )
674+ assert b"This is the content." == recipient .decode (encoded , rsk2 , external_aad = b"COSE-HPKE app" )
675+ assert False
616676
617677 def test_cose_usage_examples_cose_encrypt_hpke_with_1st_layer_hpke (self ):
618678 # The sender side:
0 commit comments