def test_get_signed_time_der(self):
basic_time_tests(timeserver.get_signed_time_der,
uptane.formats.DER_DATA_SCHEMA, self)
# TODO: Check encoding on time.
# TODO: Check signature on time.
# Now manually switch off PYASN1 support (for ASN.1/DER) and try again,
# expecting an uptane.Error. Switch the setting back when finished.
if timeserver.PYASN1_EXISTS:
timeserver.PYASN1_EXISTS = False
with self.assertRaises(uptane.Error):
timeserver.get_signed_time_der([5])
timeserver.PYASN1_EXISTS = True
def get_signed_time_der_wrapper(nonces):
"""
Encapsulates the binary data of the DER encoding of the timeserver attestation
in an XMLPRC Binary object, for delivery via XMLRPC within the demo.
This is only necessary when using DER format instead of the standard
Uptane Python dictionary format.
"""
der_attestation = timeserver.get_signed_time_der(nonces)
return xmlrpc_client.Binary(der_attestation)
def test_demo_timeserver():
"""
Test the demo timeserver.
# TODO: Consider moving these tests into a demo integration test module.
"""
I_TO_PRINT = TO_PRINT + uptane.YELLOW + '[test_demo_timeserver()]: ' + uptane.ENDCOLORS
#TODO: Print to be deleted
print(str('%s %s' % (I_TO_PRINT, 'Testing the Demo Timeserver')))
#TODO: Until here
# Prepare to validate signatures.
timeserver_key_pub = demo.import_public_key('timeserver')
tuf.formats.ANYKEY_SCHEMA.check_match(timeserver_key_pub)
# Fetch a normal signed time attestation, without ASN.1 format or DER
# encoding, and validate the signature.
signed_time = timeserver.get_signed_time([1, 2])
assert len(
signed_time['signatures']) == 1, 'Unexpected number of signatures.'
assert uptane.common.verify_signature_over_metadata(
timeserver_key_pub,
signed_time['signatures'][0],
signed_time['signed'],
DATATYPE_TIME_ATTESTATION,
metadata_format='json'
), 'Demo Timeserver self-test fail: unable to verify signature over JSON.'
# Fetch a DER-encoded converted-to-ASN.1 signed time attestation, with a
# signature over the DER encoding.
der_signed_time = timeserver.get_signed_time_der([2, 9, 151])
# Encapsulate that in a Binary object for XML-RPC.
xb_der_signed_time = xmlrpc_client.Binary(der_signed_time)
assert der_signed_time == xb_der_signed_time.data, \
'Demo Timeserver self-test fail: xmlrpc Binary encapsulation issue'
# Validate that signature.
for pydict_again in [
asn1_codec.convert_signed_der_to_dersigned_json(
der_signed_time, DATATYPE_TIME_ATTESTATION),
asn1_codec.convert_signed_der_to_dersigned_json(
xb_der_signed_time.data, DATATYPE_TIME_ATTESTATION)
]:
assert uptane.common.verify_signature_over_metadata(
timeserver_key_pub,
pydict_again['signatures'][0],
pydict_again['signed'],
DATATYPE_TIME_ATTESTATION,
metadata_format='der'
), 'Demo Timeserver self-test fail: unable to verify signature over DER'
def get_signed_time_der_wrapper(nonces):
"""
Encapsulates the binary data of the DER encoding of the timeserver attestation
in an XMLPRC Binary object, for delivery via XMLRPC within the demo.
This is only necessary when using DER format instead of the standard
Uptane Python dictionary format.
"""
I_TO_PRINT = TO_PRINT + uptane.YELLOW + '[get_signed_time_der_wrapper(nonces)]: ' + uptane.ENDCOLORS
#TODO: Print to be deleted
print(
str('%s %s' % (
I_TO_PRINT,
'Encapsulates the binary data of the DER encoding of the timeserver attestation in an XMLPRC Binary Object, for delivery via XMLRPC within the demo.'
)))
#TODO: Until here
der_attestation = timeserver.get_signed_time_der(nonces)
return xmlrpc_client.Binary(der_attestation)