Ejemplo n.º 1
0
 def test_cose_wg_examples_eddsa_02(self):
     cwt_str = "D8628440A054546869732069732074686520636F6E74656E742E818343A10127A1044565643434385872ABF04F4BC7DFACF70C20C34A3CFBD27719911DC8518B2D67BF6AF62895D0FA1E6A1CB8B47AD1297C0E9C34BEB34E50DFFEF14350EBD57842807D54914111150F698543B0A5E1DA1DB79632C6415CE18EF74EDAEA680B0C8881439D869171481D78E2F7D26340C293C2ECDED8DE1425851900"
     signer = Signer.from_jwk({
         "kty":
         "OKP",
         "kid":
         "ed448",
         "crv":
         "Ed448",
         "x":
         base64.urlsafe_b64encode(
             bytes.fromhex(
                 "5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
             )).replace(b"=", b"").decode("ascii"),
         "d":
         base64.urlsafe_b64encode(
             bytes.fromhex(
                 "6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
             )).replace(b"=", b"").decode("ascii"),
     })
     ctx = COSE.new()
     encoded = ctx.encode_and_sign(
         b"This is the content.",
         signers=[signer],
     )
     assert encoded == bytes.fromhex(cwt_str)
     assert ctx.decode(encoded, signer.cose_key) == b"This is the content."
Ejemplo n.º 2
0
 def test_cose_wg_examples_eddsa_01(self):
     cwt_str = "D8628443A10300A054546869732069732074686520636F6E74656E742E818343A10127A104423131584077F3EACD11852C4BF9CB1D72FABE6B26FBA1D76092B2B5B7EC83B83557652264E69690DBC1172DDC0BF88411C0D25A507FDB247A20C40D5E245FABD3FC9EC106"
     signer = Signer.from_jwk({
         "kty":
         "OKP",
         "kid":
         "11",
         "crv":
         "Ed25519",
         "x":
         base64.urlsafe_b64encode(
             bytes.fromhex(
                 "d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
             )).replace(b"=", b"").decode("ascii"),
         "d":
         base64.urlsafe_b64encode(
             bytes.fromhex(
                 "9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
             )).replace(b"=", b"").decode("ascii"),
     })
     ctx = COSE.new()
     encoded = ctx.encode_and_sign(
         b"This is the content.",
         signers=[signer],
         protected={3: 0},
     )
     assert encoded == bytes.fromhex(cwt_str)
     assert ctx.decode(encoded, signer.cose_key) == b"This is the content."
Ejemplo n.º 3
0
 def test_cose_wg_examples_ecdsa_01(self):
     cwt_str = "D8628443A10300A054546869732069732074686520636F6E74656E742E818343A10126A1044231315840D71C05DB52C9CE7F1BF5AAC01334BBEACAC1D86A2303E6EEAA89266F45C01ED602CA649EAF790D8BC99D2458457CA6A872061940E7AFBE48E289DFAC146AE258"
     signer = Signer.from_jwk({
         "kty":
         "EC",
         "kid":
         "11",
         "crv":
         "P-256",
         "x":
         "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
         "y":
         "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
         "d":
         "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM",
     })
     ctx = COSE.new()
     encoded = ctx.encode_and_sign(
         b"This is the content.",
         signers=[signer],
         protected={3: 0},
     )
     assert ctx.decode(encoded, signer.cose_key) == b"This is the content."
     assert ctx.decode(bytes.fromhex(cwt_str),
                       signer.cose_key) == b"This is the content."
Ejemplo n.º 4
0
 def test_cose_wg_examples_sign_pass_02(self):
     cwt_str = "D8628440A054546869732069732074686520636F6E74656E742E818343A10126A1044231315840CBB8DAD9BEAFB890E1A414124D8BFBC26BEDF2A94FCB5A882432BFF6D63E15F574EEB2AB51D83FA2CBF62672EBF4C7D993B0F4C2447647D831BA57CCA86B930A"
     signer = Signer.from_jwk({
         "kty":
         "EC",
         "kid":
         "11",
         "crv":
         "P-256",
         "x":
         "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
         "y":
         "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
         "d":
         "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM",
     })
     ctx = COSE.new()
     encoded = ctx.encode_and_sign(
         b"This is the content.",
         signers=[signer],
         external_aad=bytes.fromhex("11aa22bb33cc44dd55006699"),
     )
     assert (ctx.decode(
         encoded,
         signer.cose_key,
         external_aad=bytes.fromhex("11aa22bb33cc44dd55006699"),
     ) == b"This is the content.")
     assert (ctx.decode(
         bytes.fromhex(cwt_str),
         signer.cose_key,
         external_aad=bytes.fromhex("11aa22bb33cc44dd55006699"),
     ) == b"This is the content.")
Ejemplo n.º 5
0
 def test_cose_decode_signature_with_multiple_keys_without_kid(self, ctx):
     with open(key_path("public_key_es256.pem")) as key_file:
         key1 = COSEKey.from_pem(key_file.read())
     with open(key_path("public_key_ed25519.pem")) as key_file:
         key2 = COSEKey.from_pem(key_file.read())
     with open(key_path("private_key_ed25519.pem")) as key_file:
         signer = Signer.from_pem(key_file.read())
     encoded = ctx.encode_and_sign(b"Hello world!", signers=[signer])
     decoded = ctx.decode(encoded, [key1, key2])
     assert decoded == b"Hello world!"
Ejemplo n.º 6
0
 def test_cose_decode_signature_with_key_not_found(self):
     ctx = COSE.new(alg_auto_inclusion=True, kid_auto_inclusion=True)
     with open(key_path("public_key_es256.pem")) as key_file:
         key1 = COSEKey.from_pem(key_file.read(), kid="01")
     with open(key_path("public_key_ed25519.pem")) as key_file:
         key2 = COSEKey.from_pem(key_file.read(), kid="02")
     with open(key_path("private_key_ed25519.pem")) as key_file:
         signer = Signer.from_pem(key_file.read(), kid="03")
     encoded = ctx.encode_and_sign(b"Hello world!", signers=[signer])
     with pytest.raises(ValueError) as err:
         ctx.decode(encoded, [key1, key2])
         pytest.fail("decode should fail.")
     assert "key is not found." in str(err.value)
Ejemplo n.º 7
0
 def test_cose_decode_signature_with_multiple_kid(self):
     ctx = COSE.new(alg_auto_inclusion=True, kid_auto_inclusion=True)
     with open(key_path("public_key_es256.pem")) as key_file:
         key1 = COSEKey.from_pem(key_file.read(), kid="01")
     with open(key_path("public_key_ed25519.pem")) as key_file:
         key2 = COSEKey.from_pem(key_file.read(), kid="01")
     with open(key_path("public_key_ed448.pem")) as key_file:
         key3 = COSEKey.from_pem(key_file.read(), kid="02")
     with open(key_path("private_key_ed25519.pem")) as key_file:
         signer = Signer.from_pem(key_file.read(), kid="01")
     encoded = ctx.encode_and_sign(b"Hello world!", signers=[signer])
     decoded = ctx.decode(encoded, [key1, key2, key3])
     assert decoded == b"Hello world!"
Ejemplo n.º 8
0
 def test_cose_decode_signature_with_different_multiple_keys(self, ctx):
     with open(key_path("public_key_es256.pem")) as key_file:
         key1 = COSEKey.from_pem(key_file.read())
     # with open(key_path("public_key_ed25519.pem")) as key_file:
     #     key2 = COSEKey.from_pem(key_file.read())
     with open(key_path("public_key_ed448.pem")) as key_file:
         key3 = COSEKey.from_pem(key_file.read())
     with open(key_path("private_key_ed25519.pem")) as key_file:
         signer = Signer.from_pem(key_file.read())
     encoded = ctx.encode_and_sign(b"Hello world!", signers=[signer])
     with pytest.raises(VerifyError) as err:
         ctx.decode(encoded, [key1, key3])
         pytest.fail("decode() should fail.")
     assert "Failed to verify." in str(err.value)
Ejemplo n.º 9
0
 def test_cose_decode_signature_with_same_kid_bound_to_different_key(self):
     ctx = COSE.new(alg_auto_inclusion=True, kid_auto_inclusion=True)
     with open(key_path("public_key_es256.pem")) as key_file:
         key1 = COSEKey.from_pem(key_file.read(), kid="01")
     with open(key_path("public_key_ed25519.pem")) as key_file:
         key2 = COSEKey.from_pem(key_file.read(), kid="02")
     with open(key_path("public_key_ed448.pem")) as key_file:
         key3 = COSEKey.from_pem(key_file.read(), kid="03")
     with open(key_path("private_key_ed25519.pem")) as key_file:
         signer = Signer.from_pem(key_file.read(), kid="01")
     encoded = ctx.encode_and_sign(b"Hello world!", signers=[signer])
     with pytest.raises(VerifyError) as err:
         ctx.decode(encoded, [key1, key2, key3])
         pytest.fail("decode() should fail.")
     assert "Failed to verify." in str(err.value)
Ejemplo n.º 10
0
 def test_cose_wg_examples_sign_pass_01(self):
     # cwt_str = "D8628441A0A054546869732069732074686520636F6E74656E742E818343A10126A1044231315840E2AEAFD40D69D19DFE6E52077C5D7FF4E408282CBEFB5D06CBF414AF2E19D982AC45AC98B8544C908B4507DE1E90B717C3D34816FE926A2B98F53AFD2FA0F30A"
     signer = Signer.from_jwk({
         "kty":
         "EC",
         "kid":
         "11",
         "crv":
         "P-256",
         "x":
         "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
         "y":
         "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
         "d":
         "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM",
     })
     ctx = COSE.new()
     encoded = ctx.encode_and_sign(
         b"This is the content.",
         signers=[signer],
         protected=bytes.fromhex("a0"),
     )
     assert ctx.decode(encoded, signer.cose_key) == b"This is the content."