def test_simple_sign1message(): msg = Sign1Message( phdr={Algorithm: EdDSA, KID: b'kid2'}, payload='signed message'.encode('utf-8') ) assert str(msg) == "<COSE_Sign1: [{'Algorithm': 'EdDSA', 'KID': b'kid2'}, {}, b'signe' ... (14 B), b'' ... (0 B)]>" cose_key = { KpKty: KtyOKP, OKPKpCurve: Ed25519, KpKeyOps: [SignOp, VerifyOp], OKPKpD: unhexlify(b'9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60'), OKPKpX: unhexlify(b'd75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a')} cose_key = CoseKey.from_dict(cose_key) assert str(cose_key) == "<COSE_Key(OKPKey): {'OKPKpD': \"b'\\\\x9da\\\\xb1\\\\x9d\\\\xef' ... (32 B)\"," \ " 'OKPKpX': \"b'\\\\xd7Z\\\\x98\\\\x01\\\\x82' ... (32 B)\"," \ " 'OKPKpCurve': 'Ed25519', 'KpKty': 'KtyOKP', 'KpKeyOps': ['SignOp', 'VerifyOp']}>" msg.key = cose_key encoded = msg.encode() assert hexlify(encoded) == b'd28449a2012704446b696432a04e7369676e6564206d6573736167655840cc87665ffd3' \ b'fa33d96f3b606fcedeaef839423221872d0bfa196e069a189a607c2284924c3abb80e94' \ b'2466cd300cc5d18fe4e5ea1f3ebdb62ef8419109447d03' decoded = CoseMessage.decode(encoded) assert str(decoded) == "<COSE_Sign1: [{'Algorithm': 'EdDSA', 'KID': b'kid2'}, {}, b'signe' ... (14 B), " \ "b'\\xcc\\x87f_\\xfd' ... (64 B)]>" decoded.key = cose_key assert decoded.verify_signature() assert decoded.payload == b'signed message'
def test_simple_mac0message(): msg = Mac0Message( phdr={Algorithm: HMAC256}, uhdr={KID: b'kid3'}, payload='authenticated message'.encode('utf-8')) assert str(msg) == "<COSE_Mac0: [{'Algorithm': 'HMAC256'}, {'KID': b'kid3'}, b'authe' ... (21 B), b'' ... (0 B)]>" cose_key = { KpKty: KtySymmetric, SymKpK: unhexlify(b'000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f'), KpKeyOps: [MacCreateOp, MacVerifyOp]} cose_key = CoseKey.from_dict(cose_key) assert str(cose_key) == "<COSE_Key(Symmetric): {'SymKpK': \"b'\\\\x00\\\\x01\\\\x02\\\\x03\\\\x04' ... (32 B)\", " \ "'KpKty': 'KtySymmetric', 'KpKeyOps': ['MacCreateOp', 'MacVerifyOp']}>" msg.key = cose_key # the encode() function automatically computes the authentication tag encoded = msg.encode() assert hexlify(encoded) == b'd18443a10105a104446b6964335561757468656e74696361746564206d657373616765582019f' \ b'6c7d8ddfeaceea6ba4f1cafb563cbf3be157653e29f3258b2957cf23f4e17' # decode and authenticate tag decoded = CoseMessage.decode(encoded) assert str(decoded) == "<COSE_Mac0: [{'Algorithm': 'HMAC256'}, {'KID': b'kid3'}, b'authe' ... (21 B), " \ "b'\\x19\\xf6\\xc7\\xd8\\xdd' ... (32 B)]>" decoded.key = cose_key assert hexlify(decoded.payload) == b'61757468656e74696361746564206d657373616765' assert hexlify(decoded.auth_tag) == b'19f6c7d8ddfeaceea6ba4f1cafb563cbf3be157653e29f3258b2957cf23f4e17' assert decoded.verify_tag()
def test_simple_enc0message(): msg = Enc0Message( phdr={Algorithm: A128GCM, IV: b'000102030405060708090a0b0c'}, uhdr={KID: b'kid1'}, payload='some secret message'.encode('utf-8')) assert str(msg) == "<COSE_Encrypt0: [{'Algorithm': 'A128GCM', 'IV': \"b'00010' ... (26 B)\"}, {'KID': b'kid1'}, " \ "b'some ' ... (19 B)]>" cose_key = { KpKty: KtySymmetric, SymKpK: unhexlify(b'000102030405060708090a0b0c0d0e0f'), KpKeyOps: [EncryptOp, DecryptOp]} cose_key = CoseKey.from_dict(cose_key) assert str(cose_key) == "<COSE_Key(Symmetric): {'SymKpK': \"b'\\\\x00\\\\x01\\\\x02\\\\x03\\\\x04' ... (16 B)\", " \ "'KpKty': 'KtySymmetric', 'KpKeyOps': ['EncryptOp', 'DecryptOp']}>" msg.key = cose_key # the encode() function performs the encryption automatically encoded = msg.encode() assert hexlify(encoded) == b'd0835820a2010105581a3030303130323033303430353036303730383039306130623063a104446b696' \ b'4315823cca3441a2464d240e09fe9ee0ea42a7852a4f41d9945325c1f8d3b1353b8eb83e6a62f' # decode and decrypt decoded = CoseMessage.decode(encoded) decoded.key = cose_key assert hexlify(decoded.payload) == b'cca3441a2464d240e09fe9ee0ea42a7852a4f41d9945325c1f8d3b1353b8eb83e6a62f' assert decoded.decrypt() == b'some secret message'
def certinfo(content): try: cose_document = decode_certificate(content) cose = CoseMessage.decode(cose_document) is_valid = signature_valid(cose) certificate = load_certificate(cose) return (certificate, is_valid) except: return (None, None)
def from_bytes(cls, signed_data: bytes, public_keys: List[CoseKey]): cose_msg = CoseMessage.decode(signed_data) if isinstance(cose_msg, Sign1Message): messages = [cose_msg] elif isinstance(cose_msg, SignMessage): messages = cose_msg.signers else: raise RuntimeError("Unsupported COSE message format") signers = [] for msg in messages: kid = msg.phdr.get(cose.headers.KID) if kid is None: kid = msg.uhdr.get(cose.headers.KID) signers.append((kid, msg)) verified_key = None for key in public_keys: for kid, msg in signers: if key.kid == kid: msg.key = key if msg.verify_signature(): verified_key = key break if verified_key: break else: raise RuntimeError("Bad signature") return cls( protected_header=cose_msg.phdr, unprotected_header=cose_msg.uhdr, claims=cbor2.loads(cose_msg.payload), key=verified_key, )
def test_unknown_header_attribute_encoding_decoding(): msg = Enc0Message(phdr={ Algorithm: AESCCM1664128, "Custom-Header-Attr1": 7879 }, uhdr={ KID: 8, IV: unhexlify(b'00000000000000000000000000'), "Custom-Header-Attr2": 879 }) msg.key = SymmetricKey.generate_key(key_len=16) assert "Custom-Header-Attr1" in msg.phdr assert "Custom-Header-Attr2" in msg.uhdr msg = msg.encode() msg_decoded = CoseMessage.decode(msg) assert "Custom-Header-Attr1" in msg_decoded.phdr assert "Custom-Header-Attr2" in msg_decoded.uhdr msg = EncMessage(phdr={ Algorithm: AESCCM1664128, "Custom-Header-Attr1": 7879 }, uhdr={ KID: 8, IV: unhexlify(b'00000000000000000000000000'), "Custom-Header-Attr2": 878 }, recipients=[ DirectEncryption(uhdr={ Algorithm: Direct, "Custom-Header-Attr3": 9999 }) ]) msg.key = SymmetricKey.generate_key(key_len=16) assert "Custom-Header-Attr1" in msg.phdr assert "Custom-Header-Attr2" in msg.uhdr assert "Custom-Header-Attr3" in msg.recipients[0].uhdr msg = msg.encode() msg_decoded = CoseMessage.decode(msg) assert "Custom-Header-Attr1" in msg_decoded.phdr assert "Custom-Header-Attr2" in msg_decoded.uhdr assert "Custom-Header-Attr3" in msg_decoded.recipients[0].uhdr msg = Mac0Message(phdr={ Algorithm: HMAC256, "Custom-Header-Attr1": 7879 }, uhdr={ KID: 8, IV: unhexlify(b'00000000000000000000000000'), "Custom-Header-Attr2": 878 }) msg.key = SymmetricKey.generate_key(key_len=16) assert "Custom-Header-Attr1" in msg.phdr assert "Custom-Header-Attr2" in msg.uhdr msg = msg.encode() msg_decoded = CoseMessage.decode(msg) assert "Custom-Header-Attr1" in msg_decoded.phdr assert "Custom-Header-Attr2" in msg_decoded.uhdr msg = MacMessage(phdr={ Algorithm: HMAC256, "Custom-Header-Attr1": 7879 }, uhdr={ KID: 8, IV: unhexlify(b'00000000000000000000000000'), "Custom-Header-Attr2": 878 }, recipients=[ DirectEncryption(uhdr={ Algorithm: Direct, "Custom-Header-Attr3": 9999 }) ]) msg.key = SymmetricKey.generate_key(key_len=16) assert "Custom-Header-Attr1" in msg.phdr assert "Custom-Header-Attr2" in msg.uhdr assert "Custom-Header-Attr3" in msg.recipients[0].uhdr msg = msg.encode() msg_decoded = CoseMessage.decode(msg) assert "Custom-Header-Attr1" in msg_decoded.phdr assert "Custom-Header-Attr2" in msg_decoded.uhdr assert "Custom-Header-Attr3" in msg_decoded.recipients[0].uhdr msg = SignMessage(phdr={"Custom-Header-Attr1": 7879}, uhdr={ KID: 8, IV: unhexlify(b'00000000000000000000000000'), "Custom-Header-Attr2": 878 }, signers=[ CoseSignature(phdr={ Algorithm: Es256, "Custom-Header-Attr3": 9999 }, key=EC2Key.generate_key(crv=P256)) ]) assert "Custom-Header-Attr1" in msg.phdr assert "Custom-Header-Attr2" in msg.uhdr msg = msg.encode() msg_decoded = CoseMessage.decode(msg) assert "Custom-Header-Attr1" in msg_decoded.phdr assert "Custom-Header-Attr2" in msg_decoded.uhdr assert "Custom-Header-Attr3" in msg_decoded.signers[0].phdr msg = Sign1Message(phdr={ Algorithm: Es256, "Custom-Header-Attr1": 7879 }, uhdr={ KID: 8, "Custom-Header-Attr2": 878 }) msg.key = EC2Key.generate_key(crv=P256) assert "Custom-Header-Attr1" in msg.phdr assert "Custom-Header-Attr2" in msg.uhdr msg = msg.encode() msg_decoded = CoseMessage.decode(msg) assert "Custom-Header-Attr1" in msg_decoded.phdr assert "Custom-Header-Attr2" in msg_decoded.uhdr
def eventFilter(self, obj, event): var = 2 today = datetime.today().date() # getting today's date def validity(j_whole, var, date_from, vall): # Forming the date to check by adding the days from the .ini file to the date from the cert if var == 1: Date = datetime.fromtimestamp(j_whole['4']).date() elif var != 1: Date = date_from + relativedelta(months=vall) # Comparing the date of expire against today if today < Date: # Valid cert os.system( '@echo off && chcp 65001>nul && start /b /wait MessageBox.exe "The certificate is valid!" ' '"Information">nul') else: # Invalid cert os.system( '@echo off && chcp 65001>nul && start /b /wait MessageBox.exe "The certificate is invalid!" ' '"Attention!" /i:E>nul') if event.type() == QEvent.KeyPress: if event.key() == Qt.Key_Escape: self.close() """ if event.key() == Qt.Key_Enter: # print("Enter is pressed!") payload = self.lineEdit.text() payload = payload[4:] try: decoded = base45.b45decode(payload) except: exception() reset() and sys.exit() # decompress using zlib decompressed = zlib.decompress(decoded) # decode COSE message (no signature verification done) cose = CoseMessage.decode(decompressed) # decode the CBOR encoded payload converting the information to readable json struct whole = ( json.dumps(cbor2.loads(cose.payload), ensure_ascii=False, indent=2, sort_keys=True, default=str)) j_whole = json.loads(whole) dick = j_whole['-260']['1'] # the dic with the needed information for the funcs date_from = datetime.fromtimestamp(j_whole['6']).date() # date issued/valid from self.placeholder_native_name.setText() """ if event.key() == Qt.Key_Return: print("Return is pressed!") payload = self.lineEdit.text() payload = payload[4:] try: decoded = base45.b45decode(payload) except: exception() reset() and sys.exit() # decompress using zlib decompressed = zlib.decompress(decoded) # decode COSE message (no signature verification done) cose = CoseMessage.decode(decompressed) # decode the CBOR encoded payload converting the information to readable json struct whole = (json.dumps(cbor2.loads(cose.payload), ensure_ascii=False, indent=2, sort_keys=True, default=str)) j_whole = json.loads(whole) dick = j_whole['-260'][ '1'] # the dic with the needed information for the funcs date_from = datetime.fromtimestamp( j_whole['6']).date() # date issued/valid from for k, v in dick.items(): if k == "r": # recovery if v is None: # if empty will continue to the next sub-dic continue if j_whole[ '1'] == "BG": # In BG this cert is 365 days, not 180. For now... val = open("val_rec_bg.ini", "r") # Opens it in read mode vall = list(val) # Converting data to list vall = int( vall[0] ) # Taking the first (and only) item and convert it to int val.close() # Closes the file elif j_whole['1'] != "BG": val = open("val_rec.ini", "r") # Opens it in read mode vall = list(val) # Converting data to list vall = int( vall[0] ) # Taking the first (and only) item and convert it to int val.close() # Closes the file self.placeholder_native_name.setText( str(j_whole['-260']['1']['nam']['gn']) + " " + str(j_whole['-260']['1']['nam']['fn'])) self.placeholder_en_name.setText( str(j_whole['-260']['1']['nam']['gnt']) + " " + str(j_whole['-260']['1']['nam']['fnt'])) self.placeholder_date_issued.setText( str(datetime.fromtimestamp(j_whole['6']).date())) self.placeholder_valid_until.setText( str(datetime.fromtimestamp(j_whole['4']).date())) self.placeholder_cert_id.setText( str(j_whole['-260']['1']['r'][0]['ci'])) for K, V in CO.items(): if j_whole['1'] == K: c = V elif len(j_whole['1']) > 2: c = j_whole['1'] self.placeholder_CO.setText(str(c)) self.cert_type.setText("Recovery certificate") break elif k == "v": # vaccine if v is None: continue val = open("val_vac.ini", "r") vall = list(val) vall = int(vall[0]) val.close() self.placeholder_native_name.setText( str(j_whole['-260']['1']['nam']['gn']) + " " + str(j_whole['-260']['1']['nam']['fn'])) self.placeholder_en_name.setText( str(j_whole['-260']['1']['nam']['gnt']) + " " + str(j_whole['-260']['1']['nam']['fnt'])) self.placeholder_date_issued.setText( str(datetime.fromtimestamp(j_whole['6']).date())) self.placeholder_valid_until.setText( str(datetime.fromtimestamp(j_whole['4']).date())) self.placeholder_cert_id.setText( str(j_whole['-260']['1']['v'][0]['ci'])) for K, V in CO.items(): if j_whole['1'] == K: c = V elif len(j_whole['1']) > 2: c = j_whole['1'] self.placeholder_CO.setText(str(c)) self.cert_type.setText("Vaccination certificate") break elif k == "t": # test cert if v is None: continue var = 1 vall = "pft" self.placeholder_native_name.setText( str(j_whole['-260']['1']['nam']['gn']) + " " + str(j_whole['-260']['1']['nam']['fn'])) self.placeholder_en_name.setText( str(j_whole['-260']['1']['nam']['gnt']) + " " + str(j_whole['-260']['1']['nam']['fnt'])) self.placeholder_date_issued.setText( str(datetime.fromtimestamp(j_whole['6']).date())) self.placeholder_valid_until.setText( str(datetime.fromtimestamp(j_whole['4']).date())) self.placeholder_cert_id.setText( str(j_whole['-260']['1']['t'][0]['ci'])) for K, V in CO.items(): if j_whole['1'] == K: c = V elif len(j_whole['1']) > 2: c = j_whole['1'] self.placeholder_CO.setText(str(c)) self.cert_type.setText("Test certificate") validity(j_whole, var, date_from, vall) return 1 #reset() return super(MyMainWindow, self).eventFilter(obj, event)