PicoHSM always returns bytes().

No need for casting.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

tests/pico-hsm/test_004_key_domains.py

@@ -76,7 +76,7 @@ def test_import_dkek_ok(device):
     assert(resp[1] == DEFAULT_DKEK_SHARES-2)
 
     kcv = hashlib.sha256(b'\x00'*32).digest()[:8]
-    assert(bytes(resp[2:]) == kcv)
+    assert(resp[2:] == kcv)
 
 def test_clear_key_domain(device):
     kd = device.get_key_domain(key_domain=0)

tests/pico-hsm/test_005_dkek.py

@@ -33,5 +33,5 @@ def test_dkek(device):
     assert(resp[1] == DEFAULT_DKEK_SHARES-2)
 
     kcv = hashlib.sha256(b'\x00'*32).digest()[:8]
-    assert(bytes(resp[2:]) == kcv)
+    assert(resp[2:] == kcv)
 

tests/pico-hsm/test_021_key_import.py

@@ -30,7 +30,7 @@ def test_prepare_dkek(device):
     resp = device.import_dkek(DEFAULT_DKEK)
     resp = device.import_dkek(DEFAULT_DKEK)
     kcv = hashlib.sha256(b'\x00'*32).digest()[:8]
-    assert(bytes(resp[2:]) == kcv)
+    assert(resp[2:] == kcv)
 
 @pytest.mark.parametrize(
     "modulus", [1024, 2048, 4096]

tests/pico-hsm/test_022_key_exchange.py

@@ -29,7 +29,7 @@ def test_prepare_dkek(device):
     resp = device.import_dkek(DEFAULT_DKEK)
     resp = device.import_dkek(DEFAULT_DKEK)
     kcv = hashlib.sha256(b'\x00'*32).digest()[:8]
-    assert(bytes(resp[2:]) == kcv)
+    assert(resp[2:] == kcv)
 
 @pytest.mark.parametrize(
     "curve", [ec.SECP192R1, ec.SECP256R1, ec.SECP384R1, ec.SECP521R1, ec.SECP256K1, ec.BrainpoolP256R1, ec.BrainpoolP384R1, ec.BrainpoolP512R1]
@@ -44,10 +44,10 @@ def test_exchange_ecc(device, curve):
     sharedB = pkeyB.exchange(ec.ECDH(), pbkeyA)
     sharedA = device.exchange(keyid, pbkeyB)
 
-    assert(bytes(sharedA) == sharedB)
+    assert(sharedA == sharedB)
 
     sharedAA = pkeyA.exchange(ec.ECDH(), pbkeyB)
-    assert(bytes(sharedA) == sharedAA)
+    assert(sharedA == sharedAA)
 
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
     device.delete_file(DOPrefixes.EE_CERTIFICATE_PREFIX, keyid)

tests/pico-hsm/test_025_key_export.py

@@ -66,7 +66,7 @@ def test_export_import_dkek(device):
     resp = device.import_dkek(DEFAULT_DKEK, key_domain=0)
 
 def test_export_key_in_ok(device):
-    resp = bytes(device.export_key(keyid_in))
+    resp = device.export_key(keyid_in)
     kcv = hashlib.sha256(b'\x00'*32).digest()[:8]
     assert(kcv == resp[:8])
     assert(resp[8] == 12)
@@ -88,7 +88,7 @@ def test_export_import(device):
     pkey_gen = ec.generate_private_key(ec.BrainpoolP256R1())
     keyid = device.import_key(pkey_gen)
 
-    resp = bytes(device.export_key(keyid))
+    resp = device.export_key(keyid)
     kcv = hashlib.sha256(b'\x00'*32).digest()[:8]
     assert(kcv == resp[:8])
     assert(resp[8] == 12)

tests/pico-hsm/test_050_cipher.py

@@ -43,11 +43,11 @@ def test_cipher_aes_cipher(device, size):
     encryptor = cipher.encryptor()
     ctA = encryptor.update(MESSAGE) + encryptor.finalize()
     ctB = device.cipher(Algorithm.ALGO_AES_CBC_ENCRYPT, keyid, MESSAGE)
-    assert(bytes(ctB) == ctA)
+    assert(ctB == ctA)
 
     decryptor = cipher.decryptor()
     plA = decryptor.update(ctA) + decryptor.finalize()
     plB = device.cipher(Algorithm.ALGO_AES_CBC_DECRYPT, keyid, ctA)
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
-    assert(bytes(plB) == plA)
-    assert(bytes(plB) == MESSAGE)
+    assert(plB == plA)
+    assert(plB == MESSAGE)

tests/pico-hsm/test_051_chachapoly.py

@@ -49,14 +49,14 @@ def test_cipher_chachapoly_cipher(device):
 
     chacha = aead.ChaCha20Poly1305(pkey)
     ctg = chacha.encrypt(iv, MESSAGE, AAD)
-    assert(bytes(ctd) == ctg)
+    assert(ctd == ctg)
 
     pld = device.chachapoly(keyid, EncryptionMode.DECRYPT, data=ctd, aad=AAD)
 
     plg = chacha.decrypt(iv, ctg, AAD)
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
-    assert(bytes(pld) == plg)
-    assert(bytes(pld) == MESSAGE)
+    assert(pld == plg)
+    assert(pld == MESSAGE)
 
 def test_cipher_chachapoly_random_iv(device):
     pkey, keyid = generate_key(device)
@@ -65,14 +65,14 @@ def test_cipher_chachapoly_random_iv(device):
 
     chacha = aead.ChaCha20Poly1305(pkey)
     ctg = chacha.encrypt(iv, MESSAGE, AAD)
-    assert(bytes(ctd) == ctg)
+    assert(ctd == ctg)
 
     pld = device.chachapoly(keyid, EncryptionMode.DECRYPT, data=ctd, iv=iv, aad=AAD)
 
     plg = chacha.decrypt(iv, ctg, AAD)
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
-    assert(bytes(pld) == plg)
-    assert(bytes(pld) == MESSAGE)
+    assert(pld == plg)
+    assert(pld == MESSAGE)
 
 def test_cipher_chachapoly_no_aad(device):
     pkey, keyid = generate_key(device)
@@ -81,14 +81,14 @@ def test_cipher_chachapoly_no_aad(device):
 
     chacha = aead.ChaCha20Poly1305(pkey)
     ctg = chacha.encrypt(iv, MESSAGE, b'')
-    assert(bytes(ctd) == ctg)
+    assert(ctd == ctg)
 
     pld = device.chachapoly(keyid, EncryptionMode.DECRYPT, data=ctd, iv=iv)
 
     plg = chacha.decrypt(iv, ctg, b'')
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
-    assert(bytes(pld) == plg)
-    assert(bytes(pld) == MESSAGE)
+    assert(pld == plg)
+    assert(pld == MESSAGE)
 
 def test_cipher_chachapoly_bad_random_iv(device):
     pkey, keyid = generate_key(device)
@@ -97,7 +97,7 @@ def test_cipher_chachapoly_bad_random_iv(device):
 
     chacha = aead.ChaCha20Poly1305(pkey)
     ctg = chacha.encrypt(iv, MESSAGE, AAD)
-    assert(bytes(ctd) == ctg)
+    assert(ctd == ctg)
 
     iv = os.urandom(12)
     with pytest.raises(APDUResponse) as e:
@@ -115,7 +115,7 @@ def test_cipher_chachapoly_bad_aad(device):
 
     chacha = aead.ChaCha20Poly1305(pkey)
     ctg = chacha.encrypt(iv, MESSAGE, AAD)
-    assert(bytes(ctd) == ctg)
+    assert(ctd == ctg)
 
     with pytest.raises(APDUResponse) as e:
         pld = device.chachapoly(keyid, EncryptionMode.DECRYPT, data=ctd, iv=iv, aad=AAD + b'bad')

tests/pico-hsm/test_060_mac.py

@@ -46,7 +46,7 @@ def test_mac_hmac(device, size, algo):
     h.update(MESSAGE)
     resB = h.finalize()
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
-    assert(bytes(resA) == resB)
+    assert(resA == resB)
 
 @pytest.mark.parametrize(
     "size", [128, 192, 256]
@@ -59,5 +59,5 @@ def test_mac_cmac(device, size):
     c.update(MESSAGE)
     resB = c.finalize()
     device.delete_file(DOPrefixes.KEY_PREFIX, keyid)
-    assert(bytes(resA) == resB)
+    assert(resA == resB)
 

tests/pico-hsm/test_070_hkdf.py

@@ -56,14 +56,14 @@ class TestHKDF:
             info=INFO,
         )
         resB = hkdf.derive(pkey)
-        assert(bytes(resA) == resB)
+        assert(resA == resB)
         hkdf = HKDF(
             algorithm=algo(),
             length=out_len,
             salt=salt,
             info=INFO,
         )
-        hkdf.verify(pkey, bytes(resA))
+        hkdf.verify(pkey, resA)
 
     def test_hkdf_fail(self, device, size, algo, out_len):
         pkey = os.urandom(size // 8)
@@ -79,4 +79,4 @@ class TestHKDF:
         )
         pkey = os.urandom(size // 8)
         with pytest.raises(exceptions.InvalidKey):
-            hkdf.verify(pkey, bytes(resA))
+            hkdf.verify(pkey, resA)

tests/pico-hsm/test_071_pbkdf2.py

@@ -59,14 +59,14 @@ class TestPBKDF2:
             iterations=iterations,
         )
         resB = kdf.derive(pkey)
-        assert(bytes(resA) == resB)
+        assert(resA == resB)
         kdf = PBKDF2HMAC(
             algorithm=algo(),
             length=out_len,
             salt=salt,
             iterations=iterations,
         )
-        kdf.verify(pkey, bytes(resA))
+        kdf.verify(pkey, resA)
 
     def test_pbkdf2_fail(self, device, size, algo, out_len, iterations):
         pkey = os.urandom(size // 8)
@@ -83,4 +83,4 @@ class TestPBKDF2:
         )
         pkey = os.urandom(size // 8)
         with pytest.raises(exceptions.InvalidKey):
-            kdf.verify(pkey, bytes(resA))
+            kdf.verify(pkey, resA)

tests/pico-hsm/test_072_x963.py

@@ -54,13 +54,13 @@ class TestX963:
             sharedinfo=INFO,
         )
         resB = xkdf.derive(pkey)
-        assert(bytes(resA) == resB)
+        assert(resA == resB)
         xkdf = X963KDF(
             algorithm=algo(),
             length=out_len,
             sharedinfo=INFO,
         )
-        xkdf.verify(pkey, bytes(resA))
+        xkdf.verify(pkey, resA)
 
     def test_x963_fail(self, device, size, algo, out_len):
         pkey = os.urandom(size // 8)
@@ -74,4 +74,4 @@ class TestX963:
         )
         pkey = os.urandom(size // 8)
         with pytest.raises(exceptions.InvalidKey):
-            xkdf.verify(pkey, bytes(resA))
+            xkdf.verify(pkey, resA)

tests/pico-hsm/test_080_pka.py

@@ -39,10 +39,10 @@ def test_initialize(device):
 
 def test_register_puk(device):
     status = device.get_puk_status()
-    assert(status == [1,1,1,0])
+    assert(status == bytes([1,1,1,0]))
 
     status = device.register_puk(AUT_PUK, TERM_CERT, DICA_CERT)
-    assert(status == [1,0,1,0])
+    assert(status == bytes([1,0,1,0]))
     assert(device.check_puk_key(term_chr) == 0)
 
 def test_enumerate_puk_reg(device):
@@ -57,7 +57,7 @@ def test_authentication(device):
     signature = list(int_to_bytes(r) + int_to_bytes(s))
     device.authenticate_puk(term_chr, signature)
     status = device.get_puk_status()
-    assert(status == [1,0,1,1])
+    assert(status == bytes([1,0,1,1]))
 
 def test_enumerate_puk_ok(device):
     puks = device.enumerate_puk()
@@ -74,7 +74,7 @@ def test_check_key(device):
 def test_puk_reset(device):
     device.logout()
     status = device.get_puk_status()
-    assert(status == [1,0,1,0])
+    assert(status == bytes([1,0,1,0]))
     assert(device.check_puk_key(term_chr) == 0)
 
 def test_authentication_fail(device):
@@ -87,7 +87,7 @@ def test_authentication_fail(device):
     assert(e.value.sw == SWCodes.SW_CONDITIONS_NOT_SATISFIED)
 
     status = device.get_puk_status()
-    assert(status == [1,0,1,0])
+    assert(status == bytes([1,0,1,0]))
     assert(device.check_puk_key(term_chr) == 0)
 
 def test_enumerate_puk_1(device):
@@ -117,10 +117,10 @@ def test_enumerate_puk_2(device):
 def test_register_more_puks(device):
     device.initialize(puk_auts=2, puk_min_auts=1)
     status = device.get_puk_status()
-    assert(status == [2,2,1,0])
+    assert(status == bytes([2,2,1,0]))
 
     status = device.register_puk(AUT_PUK, TERM_CERT, DICA_CERT)
-    assert(status == [2,1,1,0])
+    assert(status == bytes([2,1,1,0]))
 
 def test_is_pku(device):
     device.initialize(puk_auts=1, puk_min_auts=1)

tests/pico-hsm/test_090_xkek.py

@@ -40,12 +40,12 @@ def test_create_xkek(device):
 
     device.login()
     kcv, did = device.create_xkek(KDM)
-    assert(bytes(kcv) == b'\x00'*8)
+    assert(kcv == b'\x00'*8)
 
     gskcert = ASN1().decode(KDM).find(0x30).find(0x63).data()
     gskQ = CVC().decode(gskcert).pubkey().find(0x86).data()
     pub = ec.EllipticCurvePublicKey.from_encoded_point(ec.BrainpoolP256R1(), bytes(gskQ))
-    assert(bytes(did) == int_to_bytes(pub.public_numbers().x)+int_to_bytes(pub.public_numbers().y))
+    assert(did == int_to_bytes(pub.public_numbers().x)+int_to_bytes(pub.public_numbers().y))
 
 keyid = -1
 def test_derive_xkek(device):
@@ -63,21 +63,21 @@ def test_derive_xkek(device):
                     'tag': 0x73,
                     'oid': b'\x2B\x06\x01\x04\x01\x81\xC3\x1F\x03\x02\x02',
                     'contexts': {
-                        0: bytes(xkek_dom)
+                        0: xkek_dom
                     }
                 }
             ]).encode()
     device.derive_xkek(keyid, cert)
 
     resp = device.get_key_domain()
-    assert(bytes(resp['kcv']) != b'\x00'*8)
+    assert(resp['kcv'] != b'\x00'*8)
 
 
 def test_delete_xkek(device):
     device.delete_xkek()
 
     resp = device.get_key_domain()
-    assert(bytes(resp['kcv']) == b'\x00'*8)
+    assert(resp['kcv'] == b'\x00'*8)
 
 def test_delete_domain_with_key(device):
     with pytest.raises(APDUResponse) as e: