def get_asn_signed(json_signed):
signed = ECUVersionManifestSigned()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 0))
signed['ecuIdentifier'] = json_signed['ecu_serial']
signed['previousTime'] = \
metadata.iso8601_to_epoch(json_signed['previous_timeserver_time'])
signed['currentTime'] = \
metadata.iso8601_to_epoch(json_signed['timeserver_time'])
# Optional bit.
if 'attacks_detected' in json_signed:
attacks_detected = json_signed['attacks_detected']
assert len(attacks_detected) > 0,\
'attacks_detected cannot be an empty string!'
signed['securityAttack'] = attacks_detected
target = Target().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))
filename = json_signed['installed_image']['filepath']
filemeta = json_signed['installed_image']['fileinfo']
target['filename'] = filename
target['length'] = filemeta['length']
hashes = Hashes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))
numberOfHashes = 0
for hash_function, hash_value in filemeta['hashes'].items():
hash = Hash()
hash['function'] = int(HashFunction(hash_function.encode('ascii')))
digest = BinaryData()\
.subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1))
octetString = univ.OctetString(hexValue=hash_value)\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1))
digest['octetString'] = octetString
hash['digest'] = digest
hashes[numberOfHashes] = hash
numberOfHashes += 1
target['numberOfHashes'] = numberOfHashes
target['hashes'] = hashes
signed['installedImage'] = target
return signed
def get_asn_signed(json_signed):
rootMetadata = RootMetadata()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 0))
rootPublicKeyid = json_signed['roles']['root']['keyids'][0]
timestampPublicKeyid = json_signed['roles']['timestamp']['keyids'][0]
snapshotPublicKeyid = json_signed['roles']['snapshot']['keyids'][0]
targetsPublicKeyid = json_signed['roles']['targets']['keyids'][0]
keys = set_keys(json_signed, rootPublicKeyid, timestampPublicKeyid,
snapshotPublicKeyid, targetsPublicKeyid, rootMetadata)
roles = set_roles(json_signed, rootPublicKeyid, timestampPublicKeyid,
snapshotPublicKeyid, targetsPublicKeyid, rootMetadata)
signedBody = SignedBody()\
.subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 3))
signedBody['rootMetadata'] = rootMetadata
signed = Signed().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
signed['type'] = int(RoleType('root'))
signed['expires'] = metadata.iso8601_to_epoch(json_signed['expires'])
signed['version'] = json_signed['version']
signed['body'] = signedBody
return signed
def get_asn_signed(json_signed):
timestampMetadata = TimestampMetadata()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 3))
filename = 'snapshot.json'
meta = json_signed['meta'][filename]
timestampMetadata['filename'] = filename
timestampMetadata['version'] = meta['version']
timestampMetadata['length'] = meta['length']
timestampMetadata['numberOfHashes'] = 1
hashes = Hashes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
hash = Hash()
hash['function'] = int(HashFunction('sha256'))
digest = BinaryData().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))
digest['hexString'] = meta['hashes']['sha256']
hash['digest'] = digest
hashes[0] = hash
timestampMetadata['hashes'] = hashes
signedBody = SignedBody()\
.subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 3))
signedBody['timestampMetadata'] = timestampMetadata
signed = Signed().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
signed['type'] = int(RoleType('timestamp'))
signed['expires'] = metadata.iso8601_to_epoch(json_signed['expires'])
signed['version'] = json_signed['version']
signed['body'] = signedBody
return signed
def get_asn_signed(json_signed):
snapshotMetadataFiles = SnapshotMetadataFiles()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1))
meta = json_signed['meta']
numberOfSnapshotMetadataFiles = 0
for filename, filemeta in meta.items():
snapshotMetadataFile = SnapshotMetadataFile()
snapshotMetadataFile['filename'] = filename
snapshotMetadataFile['version'] = filemeta['version']
snapshotMetadataFiles[
numberOfSnapshotMetadataFiles] = snapshotMetadataFile
numberOfSnapshotMetadataFiles += 1
snapshotMetadata = SnapshotMetadata()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 2))
snapshotMetadata['numberOfSnapshotMetadataFiles'] = \
numberOfSnapshotMetadataFiles
snapshotMetadata['snapshotMetadataFiles'] = snapshotMetadataFiles
signedBody = SignedBody()\
.subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 3))
signedBody['snapshotMetadata'] = snapshotMetadata
signed = Signed().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
signed['type'] = int(RoleType('snapshot'))
signed['expires'] = metadata.iso8601_to_epoch(json_signed['expires'])
signed['version'] = json_signed['version']
signed['body'] = signedBody
return signed
def get_asn_signed(json_signed):
snapshotMetadataFiles = SnapshotMetadataFiles()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1))
meta = json_signed['meta']
numberOfSnapshotMetadataFiles = 0
for filename, filemeta in meta.items():
snapshotMetadataFile = SnapshotMetadataFile()
snapshotMetadataFile['filename'] = filename
snapshotMetadataFile['version'] = filemeta['version']
# Optional bits.
if filename == 'root.json':
snapshotMetadataFile['length'] = filemeta['length']
snapshotMetadataFile['numberOfHashes'] = 1
snapshotMetadataFileHashes = \
Hashes().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 4))
snapshotMetadataFileHash = Hash()
snapshotMetadataFileHash['function'] = int(HashFunction('sha256'))
snapshotMetadataFileDigest = \
BinaryData().subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1))
snapshotMetadataFileDigest['hexString'] = filemeta['hashes'][
'sha256']
snapshotMetadataFileHash['digest'] = snapshotMetadataFileDigest
snapshotMetadataFileHashes[0] = snapshotMetadataFileHash
snapshotMetadataFile['hashes'] = snapshotMetadataFileHashes
snapshotMetadataFiles[
numberOfSnapshotMetadataFiles] = snapshotMetadataFile
numberOfSnapshotMetadataFiles += 1
snapshotMetadata = SnapshotMetadata()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 2))
snapshotMetadata['numberOfSnapshotMetadataFiles'] = \
numberOfSnapshotMetadataFiles
snapshotMetadata['snapshotMetadataFiles'] = snapshotMetadataFiles
signedBody = SignedBody()\
.subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 3))
signedBody['snapshotMetadata'] = snapshotMetadata
signed = Signed().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
signed['type'] = int(RoleType('snapshot'))
signed['expires'] = metadata.iso8601_to_epoch(json_signed['expires'])
signed['version'] = json_signed['version']
signed['body'] = signedBody
return signed
def get_asn_signed(json_signed):
signed = TokensAndTimestamp()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 0))
numberOfTokens = 0
tokens = Tokens().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1))
for token in json_signed['tokens']:
# Some damned bug in pyasn1 I could not care less to fix right now.
tokens.setComponentByPosition(numberOfTokens, token, False)
numberOfTokens += 1
signed['numberOfTokens'] = numberOfTokens
signed['tokens'] = tokens
signed['timestamp'] = metadata.iso8601_to_epoch(json_signed['time'])
return signed
def get_asn_signed(json_signed):
targetsMetadata = TargetsMetadata()\
.subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1))
set_asn_targets(json_signed, targetsMetadata)
set_asn_delegations(json_signed, targetsMetadata)
signedBody = SignedBody()\
.subtype(explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 3))
signedBody['targetsMetadata'] = targetsMetadata
signed = Signed().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
signed['type'] = int(RoleType('snapshot'))
signed['expires'] = metadata.iso8601_to_epoch(json_signed['expires'])
signed['version'] = json_signed['version']
signed['body'] = signedBody
return signed