def new_sign_key_pair(key_id, output_prefix_type):
fake_key = helper.fake_key(
key_id=key_id,
key_material_type=tink_pb2.KeyData.ASYMMETRIC_PRIVATE,
output_prefix_type=output_prefix_type)
fake_sign = helper.FakePublicKeySign('fakePublicKeySign {}'.format(key_id))
return fake_sign, fake_key
def test_verify_signature(self):
pair0 = new_primitive_key_pair(1234, tink_pb2.RAW)
pair1 = new_primitive_key_pair(5678, tink_pb2.TINK)
pair2 = new_primitive_key_pair(9012, tink_pb2.LEGACY)
pset = primitive_set.new_primitive_set(
public_key_verify.PublicKeyVerify)
pset.add_primitive(*pair0)
pset.add_primitive(*pair1)
pset.set_primary(pset.add_primitive(*pair2))
# Check all keys work
for unused_primitive, key in (pair0, pair1, pair2):
pset_sign = primitive_set.new_primitive_set(
public_key_sign.PublicKeySign)
pset_sign.set_primary(
pset_sign.add_primitive(
helper.FakePublicKeySign('fakePublicKeySign {}'.format(
key.key_id)), key))
wrapped_pk_verify = public_key_verify_wrapper.PublicKeyVerifyWrapper(
).wrap(pset)
wrapped_pk_sign = public_key_sign_wrapper.PublicKeySignWrapper(
).wrap(pset_sign)
wrapped_pk_verify.verify(wrapped_pk_sign.sign(b'data'), b'data')