def test_generate_key(self): for dataSet in self.keyTestData: key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) publicKeyBits = key.derivePublicKey() publicKey = PublicKey(publicKeyBits) data = Blob([0x01, 0x02, 0x03, 0x04]) # Sign and verify. signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256) # TODO: Move verify into PublicKey? if dataSet.keyParams.getKeyType() == KeyType.ECDSA: cryptoPublicKey = load_der_public_key( publicKeyBits.toBytes(), backend = default_backend()) verifier = cryptoPublicKey.verifier( signature.toBytes(), ec.ECDSA(hashes.SHA256())) verifier.update(data.toBytes()) try: verifier.verify() result = True except InvalidSignature: result = False elif dataSet.keyParams.getKeyType() == KeyType.RSA: cryptoPublicKey = load_der_public_key( publicKeyBits.toBytes(), backend = default_backend()) verifier = cryptoPublicKey.verifier( signature.toBytes(), padding.PKCS1v15(), hashes.SHA256()) verifier.update(data.toBytes()) try: verifier.verify() result = True except InvalidSignature: result = False else: # We don't expect this. self.fail("Unrecognized key type") self.assertTrue(result) # Check that another generated private key is different. key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def test_generate_key(self): for dataSet in self.keyTestData: key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) publicKeyBits = key.derivePublicKey() publicKey = PublicKey(publicKeyBits) data = Blob([0x01, 0x02, 0x03, 0x04]) # Sign and verify. signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256) result = VerificationHelpers.verifySignature( data, signature, publicKey) self.assertTrue(result) # Check that another generated private key is different. key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def test_generate_key(self): for dataSet in self.keyTestData: key = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) publicKeyBits = key.derivePublicKey() publicKey = PublicKey(publicKeyBits) data = Blob([0x01, 0x02, 0x03, 0x04]) # Sign and verify. signature = key.sign(data.toBytes(), DigestAlgorithm.SHA256) result = VerificationHelpers.verifySignature( data, signature, publicKey) self.assertTrue(result) # Check that another generated private key is different. key2 = TpmPrivateKey.generatePrivateKey(dataSet.keyParams) self.assertTrue(not key.toPkcs8().equals(key2.toPkcs8()))
def test_rsa_signing(self): for tpm in self.backEndList: # Create an RSA key. identityName = Name("/Test/KeyName") key = tpm.createKey(identityName, RsaKeyParams()) keyName = key.getKeyName() content = Blob([0x01, 0x02, 0x03, 0x04]) signature = key.sign(DigestAlgorithm.SHA256, content.toBytes()) publicKey = key.derivePublicKey() result = VerificationHelpers.verifySignature( content, signature, publicKey) self.assertEquals(True, result) tpm.deleteKey(keyName) self.assertEquals(False, tpm.hasKey(keyName))
def test_rsa_signing(self): for tpm in self.backEndList: # Create an RSA key. identityName = Name("/Test/KeyName") key = tpm.createKey(identityName, RsaKeyParams()) keyName = key.getKeyName() content = Blob([0x01, 0x02, 0x03, 0x04]) signature = key.sign(DigestAlgorithm.SHA256, content.toBytes()) publicKey = key.derivePublicKey() result = VerificationHelpers.verifySignature( content, signature, publicKey) self.assertEqual(True, result) tpm.deleteKey(keyName) self.assertEqual(False, tpm.hasKey(keyName))
def test_rsa_signing(self): for tpm in self.backEndList: # Create an RSA key. identityName = Name("/Test/KeyName") key = tpm.createKey(identityName, RsaKeyParams()) keyName = key.getKeyName() content = Blob([0x01, 0x02, 0x03, 0x04]) signature = key.sign(DigestAlgorithm.SHA256, content.toBytes()) publicKey = key.derivePublicKey() # TODO: Move verify to PublicKey? result = PolicyManager._verifySha256WithRsaSignature( signature, SignedBlob(content, 0, content.size()), publicKey) self.assertEquals(True, result) tpm.deleteKey(keyName) self.assertEquals(False, tpm.hasKey(keyName))
def test_errors(self): fixture = self.fixture pibImpl = PibMemory() try: PibKeyImpl(fixture.id1Key1Name, pibImpl) self.fail("Did not throw the expected exception") except Pib.Error: pass else: self.fail("Did not throw the expected exception") key11 = PibKeyImpl(fixture.id1Key1Name, fixture.id1Key1.buf(), pibImpl) try: PibKeyImpl(Name("/wrong"), pibImpl) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: PibKeyImpl(Name("/wrong"), fixture.id1Key1.buf(), pibImpl) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") wrongKey = Blob("") try: PibKeyImpl(fixture.id1Key2Name, wrongKey.toBytes(), pibImpl) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") key11.addCertificate(fixture.id1Key1Cert1) try: key11.addCertificate(fixture.id1Key2Cert1) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.removeCertificate(fixture.id1Key2Cert1.getName()) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.getCertificate(fixture.id1Key2Cert1.getName()) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.setDefaultCertificate(fixture.id1Key2Cert1) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.setDefaultCertificate(fixture.id1Key2Cert1.getName()) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception")
def test_errors(self): fixture = self.fixture pibImpl = PibMemory() try: PibKeyImpl(fixture.id1Key1Name, pibImpl) self.fail("Did not throw the expected exception") except Pib.Error: pass else: self.fail("Did not throw the expected exception") key11 = PibKeyImpl(fixture.id1Key1Name, fixture.id1Key1.buf(), pibImpl) try: PibKeyImpl(Name("/wrong"), pibImpl) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: PibKeyImpl(Name("/wrong"), fixture.id1Key1.buf(), pibImpl) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") wrongKey = Blob("") try: PibKeyImpl(fixture.id1Key2Name, wrongKey.toBytes(), pibImpl) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") key11.addCertificate(fixture.id1Key1Cert1) try: key11.addCertificate(fixture.id1Key2Cert1) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.removeCertificate(fixture.id1Key2Cert1.getName()) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.getCertificate(fixture.id1Key2Cert1.getName()) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.setDefaultCertificate(fixture.id1Key2Cert1) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception") try: key11.setDefaultCertificate(fixture.id1Key2Cert1.getName()) self.fail("Did not throw the expected exception") except ValueError: pass else: self.fail("Did not throw the expected exception")
class ContentMetaInfo(object): """ Create a new ContentMetaInfo object, possibly copying values from another object. :param ContentMetaInfo value: (optional) If value is a ContentMetaInfo, copy its values. If value is omitted, set all the fields to their default unspecified values. """ def __init__(self, value=None): if value == None: self.clear() elif isinstance(value, ContentMetaInfo): # Copy its values. self._contentType = value._contentType self._timestamp = value._timestamp self._hasSegments = value._hasSegments self._other = value._other else: raise RuntimeError( "Unrecognized type for ContentMetaInfo constructor: " + str(type(value))) def getContentType(self): """ Get the content type. :return: The content type. If not specified, return an empty string. :rtype: str """ return self._contentType def getTimestamp(self): """ Get the time stamp. :return: The time stamp as milliseconds since Jan 1, 1970 UTC. If not specified, return None. :rtype: float """ return self._timestamp def getHasSegments(self): """ Get the hasSegments flag. :return: The hasSegments flag. :rtype: bool """ return self._hasSegments def getOther(self): """ Get the Blob containing the optional other info. :return: The other info. If not specified, return an isNull Blob. :rtype: Blob """ return self._other def setContentType(self, contentType): """ Set the content type. :param str contentType: The content type. :return: This ContentMetaInfo so that you can chain calls to update values. :rtype: ContentMetaInfo """ self._contentType = contentType return self def setTimestamp(self, timestamp): """ Set the time stamp. :param float timestamp: The time stamp. :return: This ContentMetaInfo so that you can chain calls to update values. :rtype: ContentMetaInfo """ self._timestamp = Common.nonNegativeFloatOrNone(timestamp) return self def setHasSegments(self, hasSegments): """ Set the hasSegments flag. :param bool hasSegments: The hasSegments flag. :return: This ContentMetaInfo so that you can chain calls to update values. :rtype: ContentMetaInfo """ self._hasSegments = hasSegments return self def setOther(self, other): """ Set the Blob containing the optional other info. :param Blob other: The other info, or a default null Blob() if not specified. :return: This ContentMetaInfo so that you can chain calls to update values. :rtype: ContentMetaInfo """ self._other = other if isinstance(other, Blob) else Blob(other) return self def clear(self): """ Set all the fields to their default unspecified values. """ self._contentType = "" self._timestamp = None self._hasSegments = False self._other = Blob() def wireEncode(self): """ Encode this ContentMetaInfo. :return: The encoding Blob. :rtype: Blob """ if self._timestamp == None: raise RuntimeError( "The ContentMetaInfo timestamp is not specified") meta = ContentMetaInfoMessage() meta.content_meta_info.content_type = self._contentType meta.content_meta_info.timestamp = int(round(self._timestamp)) meta.content_meta_info.has_segments = self._hasSegments if not self._other.isNull() and self._other.size() > 0: meta.content_meta_info.other = self._other.toBytes() return ProtobufTlv.encode(meta) def wireDecode(self, input): """ Decode the input and update this ContentMetaInfo. :param input: The array with the bytes to decode. :type input: An array type with int elements """ meta = ContentMetaInfoMessage() ProtobufTlv.decode(meta, input) self.clear() self._contentType = meta.content_meta_info.content_type self._timestamp = float(meta.content_meta_info.timestamp) self._hasSegments = meta.content_meta_info.has_segments if len(meta.content_meta_info.other) > 0: self._other = Blob(bytearray(meta.content_meta_info.other), False) # Create managed properties for read/write properties of the class for more pythonic syntax. contentType = property(getContentType, setContentType) timestamp = property(getTimestamp, setTimestamp) hasSegments = property(getHasSegments, setHasSegments) other = property(getOther, setOther)