Merge pull request #439 from kentakayama/allow-key-wrap-in-context

dajiaji · web-flow · commit cd6bc630c8b0 · 2023-10-10T19:38:50.000+09:00
Allow AES-KW algorithm in context
diff --git a/cwt/utils.py b/cwt/utils.py
@@ -6,6 +6,7 @@
 
 from .const import (
     COSE_ALGORITHMS_CEK,
+    COSE_ALGORITHMS_KEY_WRAP,
     COSE_ALGORITHMS_MAC,
     COSE_ALGORITHMS_SYMMETRIC,
     COSE_HEADER_PARAMETERS,
@@ -121,7 +122,11 @@ def to_cis(context: Dict[str, Any], recipient_alg: Optional[int] = None) -> List
     if "alg" not in context:
         raise ValueError("alg not found.")
     # if context["alg"] not in COSE_NAMED_ALGORITHMS_SUPPORTED:
-    if context["alg"] not in COSE_ALGORITHMS_CEK and context["alg"] not in COSE_ALGORITHMS_MAC:
+    if (
+        context["alg"] not in COSE_ALGORITHMS_CEK
+        and context["alg"] not in COSE_ALGORITHMS_MAC
+        and context["alg"] not in COSE_ALGORITHMS_KEY_WRAP
+    ):
         raise ValueError(f'Unsupported or unknown alg for context information: {context["alg"]}.')
     alg = COSE_NAMED_ALGORITHMS_SUPPORTED[context["alg"]]
     res.append(alg)
diff --git a/tests/test_utils.py b/tests/test_utils.py
@@ -72,6 +72,19 @@ def test_to_cis_without_supp_pub_other(self):
         )
         assert isinstance(res, list)
 
+    def test_to_cis_without_apu_apv_supp_pub_other(self):
+        res = to_cis(
+            {
+                "alg": "A128KW",
+                "supp_pub": {
+                    "key_data_length": 128,
+                    "protected": {"alg": "ECDH-ES+A128KW"},
+                    "other": "SUIT Payload Encryption",
+                },
+            }
+        )
+        assert isinstance(res, list)
+
     @pytest.mark.parametrize(
         "invalid, msg",
         [
@@ -131,14 +144,6 @@ def test_to_cis_without_supp_pub_other(self):
                 {"alg": "AES-CCM-16-64-128", "supp_pub": {"other": 123}},
                 "supp_pub.other should be str.",
             ),
-            (
-                {"alg": "A128KW"},
-                "Unsupported or unknown alg for context information: A128KW.",
-            ),
-            (
-                {"alg": "A128KW", "supp_pub": {}},
-                "Unsupported or unknown alg for context information: A128KW.",
-            ),
         ],
     )
     def test_to_cis_with_invalid_args(self, invalid, msg):
