Add external_aad and aad_context to Recipient.apply.

dajiaji · dajiaji · commit aaae0ae48c12 · 2022-11-19T14:10:41.000+09:00
diff --git a/cwt/recipient_algs/aes_key_wrap.py b/cwt/recipient_algs/aes_key_wrap.py
@@ -41,6 +41,8 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
         if not key:
             raise ValueError("key should be set.")
diff --git a/cwt/recipient_algs/direct_hkdf.py b/cwt/recipient_algs/direct_hkdf.py
@@ -88,6 +88,8 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
 
         if not key:
diff --git a/cwt/recipient_algs/direct_key.py b/cwt/recipient_algs/direct_key.py
@@ -23,6 +23,8 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
         if not key:
             raise ValueError("key should be set.")
diff --git a/cwt/recipient_algs/ecdh_aes_key_wrap.py b/cwt/recipient_algs/ecdh_aes_key_wrap.py
@@ -55,6 +55,8 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
 
         if not key:
diff --git a/cwt/recipient_algs/ecdh_direct_hkdf.py b/cwt/recipient_algs/ecdh_direct_hkdf.py
@@ -64,6 +64,8 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
 
         if not self._sender_key:
diff --git a/cwt/recipient_algs/hpke.py b/cwt/recipient_algs/hpke.py
@@ -36,12 +36,25 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
+        # if not key:
+        #     raise ValueError("key should be set.")
         if not recipient_key:
             raise ValueError("recipient_key should be set.")
-
+        # if recipient_key.kid:
+        #     self._protected[4] = key.kid
         self._recipient_key = recipient_key
         self._kem_key = self._to_kem_key(recipient_key)
+        # enc_structure = ["Enc_Recipient", self._dumps(self._protected), external_aad]
+        # aad = self._dumps(enc_structure)
+        # enc, sender = self._suite.create_sender_context(self._kem_key)
+        # self._unprotected[-4][4] = enc
+        # try:
+        #     self._ciphertext = sender.seal(key.key, aad=aad)
+        # except Exception as err:
+        #     raise EncodeError("Failed to seal.") from err
         return self._recipient_key
 
     def to_list(self, payload: bytes = b"", external_aad: bytes = b"", aad_context: str = "Enc_Recipient") -> List[Any]:
diff --git a/cwt/recipient_interface.py b/cwt/recipient_interface.py
@@ -160,6 +160,8 @@ def apply(
         recipient_key: Optional[COSEKeyInterface] = None,
         salt: Optional[bytes] = None,
         context: Optional[Union[List[Any], Dict[str, Any]]] = None,
+        external_aad: bytes = b"",
+        aad_context: str = "Enc_Recipient",
     ) -> COSEKeyInterface:
         """
         Applies a COSEKey as a material to prepare a MAC/encryption key with
@@ -179,6 +181,9 @@ def apply(
             salt (Optional[bytes]): A salt used for deriving a key.
             context (Optional[Union[List[Any], Dict[str, Any]]]): Context
                 information structure.
+            external_aad (bytes): External additional authenticated data for AEAD.
+            aad_context (bytes): An additional authenticated data context to build
+                an Enc_structure internally.
         Returns:
             COSEKeyInterface: A generated key or passed-throug key which is used
                 as ``key`` parameter of COSE.encode_* functions.
@@ -233,7 +238,9 @@ def decrypt(
             key (COSEKeyInterface): The external key to be used for extracting the key.
             alg (Optional[int]): The algorithm of the key extracted.
             context (Optional[Union[List[Any], Dict[str, Any]]]): Context information structure.
-            external_aad (bytes): External additional authenticated data.
+            external_aad (bytes): External additional authenticated data for AEAD.
+            aad_context (bytes): An additional authenticated data context to build
+                an Enc_structure internally.
         Returns:
             bytes: The decrypted plain text.
         Raises:
