Automatisation/browser-cli
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases 5 Wiki Activity

Fix ML-KEM encapsulation ordering
Testing / test (push) Successful in 22s
Details

Browse Source
This commit is contained in:
Daniel Dolezal
2026-05-05 10:40:06 +02:00
parent 98396a7c7e
commit 9096efd36a
2 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_auth.py
+17
View File
@@ -12,6 +12,9 @@ from browser_cli.auth import (
load_authorized_keys_with_names,
load_private_key,
new_nonce,
pq_kex_client_encapsulate,
pq_kex_server_decapsulate,
pq_kex_server_keypair,
sign,
verify,
)
@@ -108,6 +111,20 @@ class TestSignVerify:
assert verify("aabbcc", b"nonce", {}, "00" * 64) is False
class TestPostQuantumKex:
def test_mlkem_roundtrip_when_backend_supports_it(self):
keypair = pq_kex_server_keypair()
if keypair is None:
pytest.skip("ML-KEM backend not available")
priv, pub = keypair
ciphertext_hex, client_secret = pq_kex_client_encapsulate(pub.hex())
server_secret = pq_kex_server_decapsulate(priv, ciphertext_hex)
assert server_secret == client_secret
assert len(server_secret) == 32
class TestAuthorizedKeys:
def test_add_and_load(self, tmp_path):
path = tmp_path / "authorized_keys"