def test_debugcredential_ecc_compare_with_reference(data_dir): """Loads the yaml file, creates the debug credential, saves to a file and compares with reference.""" with use_working_directory(data_dir): with open("new_dck_secp256.yml", 'r') as f: yaml_config = yaml.safe_load(f) dc = DebugCredential.create_from_yaml_config( version='2.0', yaml_config=yaml_config) dc.sign() data = dc.export() pub_key = load_private_key(yaml_config['rotk']).public_key() data_without_singature = data[:-132] signature_bytes = data[-132:] with open('new_dck_secp256r1.cert', 'rb') as f: data_loaded = f.read() ref_data_without_signature = data_loaded[:-132] ref_signature_bytes = data_loaded[-132:] assert data_without_singature == ref_data_without_signature, \ "The generated dc binary and the referenced one are not the same." signature = utils.reconstruct_signature(signature_bytes) ref_signature = utils.reconstruct_signature(ref_signature_bytes) try: pub_key.verify(signature, data_without_singature, ec.ECDSA(hashes.SHA256())) pub_key.verify(ref_signature, data_without_singature, ec.ECDSA(hashes.SHA256())) assert True except InvalidSignature: assert False
def test_verify_ecc_signature(data_dir): """Verifies the signature for ECC protocol.""" with use_working_directory(data_dir): with open("new_dck_secp256.yml", 'r') as f: yaml_config = yaml.safe_load(f) dc = DebugCredentialECC.from_yaml_config(version='2.0', yaml_config=yaml_config) data = dc.export() priv_key = load_private_key(yaml_config['rotk']) data_without_signature = data[:-132] signature_bytes = data[-132:] signature = utils.reconstruct_signature(signature_bytes) pub_key = priv_key.public_key() try: pub_key.verify(signature, data_without_signature, ec.ECDSA(hashes.SHA256())) assert True except InvalidSignature: assert False
def test_verify_ecc_signature_lpc55s3x_384(data_dir): """Verifies the signature for ECC384 protocol for LPC55S3x.""" with use_working_directory(data_dir): with open("new_dck_secp384_lpc55s3x.yml", "r") as f: yaml_config = yaml.safe_load(f) dc = DebugCredential.create_from_yaml_config(version="2.1", yaml_config=yaml_config) dc.sign() data = dc.export() priv_key = load_private_key(yaml_config["rotk"]) data_without_signature = data[:-96] signature_bytes = data[-96:] signature = utils.reconstruct_signature(signature_bytes=signature_bytes, size=48) pub_key = priv_key.public_key() try: pub_key.verify(signature, data_without_signature, ec.ECDSA(hashes.SHA384())) assert True except InvalidSignature: assert False
def test_verify_ecc_signature_N4A_256(data_dir): """Verifies the signature for ECC protocol for Niobe4Analog 256.""" with use_working_directory(data_dir): with open("new_dck_secp256_N4A.yml", 'r') as f: yaml_config = yaml.safe_load(f) dc = DebugCredential.create_from_yaml_config(version='2.0', yaml_config=yaml_config) dc.sign() data = dc.export() priv_key = load_private_key(yaml_config['rotk']) data_without_signature = data[:-64] signature_bytes = data[-64:] assert len(signature_bytes) == 64 signature = utils.reconstruct_signature(signature_bytes=signature_bytes, size=32) pub_key = priv_key.public_key() try: pub_key.verify(signature, data_without_signature, ec.ECDSA(hashes.SHA256())) assert True except InvalidSignature: assert False