def sign_eat(token, key=None):
signed_msg = Sign1Message()
signed_msg.payload = token
if key:
signed_msg.key = key
signed_msg.signature = signed_msg.compute_signature()
return signed_msg.encode()
def test_header_encoding(self):
for name_test, (a, b, c, d) in self.header_params.items():
with self.subTest(name=name_test):
sign1_msg = Sign1Message()
sign1_msg.add_to_headers(a, b, c)
if c == 'PROTECTED':
self.assertEqual(sign1_msg.encoded_protected_header, d, name_test)
if c == 'UNPROTECTED':
self.assertEqual(sign1_msg.unprotected_header, d, name_test)
def get_cose_payload(cose, key=None):
msg = Sign1Message.decode(cose)
if key:
msg.key = key
msg.signature = msg.signers
try:
msg.verify_signature(alg='ES256')
except Exception as e:
raise ValueError('Bad signature ({})'.format(e))
return msg.payload
def get_cose_payload(cose, sk=None):
msg = Sign1Message.decode(cose)
if sk:
msg.key = sk
msg.signature = msg.signers
try:
msg.verify_signature(alg='ES256')
except Exception:
raise ValueError('Bad signature')
return msg.payload
def test_cose_sign1_creation(self):
for name_test, (a, b, x, c, d, e) in self.test_cose_sign11_map.items():
with self.subTest(name=name_test):
sign1_msg = Sign1Message()
for k1 in a:
sign1_msg.add_to_headers(k1, a[k1], 'PROTECTED')
for k2 in b:
sign1_msg.add_to_headers(k2, b[k2], 'UNPROTECTED')
sign1_msg.external_aad = x
sign1_msg.payload = c
sign1_msg.key = d
alg = sign1_msg.find_in_headers('alg')
sign1_msg.signature = sign1_msg.compute_signature(alg)
self.assertEqual(sign1_msg.encode(), e)
def test_sign1_encoding(setup_sign1_tests: tuple) -> None:
_, test_input, test_output, test_intermediate, fail = setup_sign1_tests
sign1 = Sign1Message(phdr=test_input['sign0'].get('protected', {}),
uhdr=test_input['sign0'].get('unprotected', {}),
payload=test_input.get('plaintext',
'').encode('utf-8'),
external_aad=unhexlify(test_input['sign0'].get(
"external", b'')))
assert sign1._sig_structure == unhexlify(test_intermediate["ToBeSign_hex"])
private_key = create_cose_key(EC2,
test_input['sign0']['key'],
usage=KeyOps.SIGN,
alg=extract_alg(test_input["sign0"]))
if fail:
assert sign1.encode(private_key) != unhexlify(test_output)
else:
assert sign1.encode(private_key) == unhexlify(test_output)
def test_header_find(self):
for name_test, (a, b, c, d) in self.header_find_params.items():
with self.subTest(name=name_test):
sign1_msg = Sign1Message()
sign1_msg.add_to_headers(a, b, c)
self.assertEqual(sign1_msg.find_in_headers(a), d, name_test)
