示例#1
0
def test_debugcredential_ecc_compare_with_reference(data_dir):
    """Loads the yaml file, creates the debug credential, saves to a file and compares with reference."""
    with use_working_directory(data_dir):
        with open("new_dck_secp256.yml", 'r') as f:
            yaml_config = yaml.safe_load(f)
            dc = DebugCredential.create_from_yaml_config(
                version='2.0', yaml_config=yaml_config)
            dc.sign()
            data = dc.export()
            pub_key = load_private_key(yaml_config['rotk']).public_key()
        data_without_singature = data[:-132]
        signature_bytes = data[-132:]
        with open('new_dck_secp256r1.cert', 'rb') as f:
            data_loaded = f.read()
        ref_data_without_signature = data_loaded[:-132]
        ref_signature_bytes = data_loaded[-132:]
        assert data_without_singature == ref_data_without_signature, \
            "The generated dc binary and the referenced one are not the same."
        signature = utils.reconstruct_signature(signature_bytes)
        ref_signature = utils.reconstruct_signature(ref_signature_bytes)
        try:
            pub_key.verify(signature, data_without_singature,
                           ec.ECDSA(hashes.SHA256()))
            pub_key.verify(ref_signature, data_without_singature,
                           ec.ECDSA(hashes.SHA256()))
            assert True
        except InvalidSignature:
            assert False
示例#2
0
def test_verify_ecc_signature(data_dir):
    """Verifies the signature for ECC protocol."""
    with use_working_directory(data_dir):
        with open("new_dck_secp256.yml", 'r') as f:
            yaml_config = yaml.safe_load(f)
        dc = DebugCredentialECC.from_yaml_config(version='2.0', yaml_config=yaml_config)
        data = dc.export()
        priv_key = load_private_key(yaml_config['rotk'])
    data_without_signature = data[:-132]
    signature_bytes = data[-132:]
    signature = utils.reconstruct_signature(signature_bytes)
    pub_key = priv_key.public_key()
    try:
        pub_key.verify(signature, data_without_signature, ec.ECDSA(hashes.SHA256()))
        assert True
    except InvalidSignature:
        assert False
示例#3
0
def test_verify_ecc_signature_lpc55s3x_384(data_dir):
    """Verifies the signature for ECC384 protocol for LPC55S3x."""
    with use_working_directory(data_dir):
        with open("new_dck_secp384_lpc55s3x.yml", "r") as f:
            yaml_config = yaml.safe_load(f)
        dc = DebugCredential.create_from_yaml_config(version="2.1", yaml_config=yaml_config)
        dc.sign()
        data = dc.export()
        priv_key = load_private_key(yaml_config["rotk"])
    data_without_signature = data[:-96]
    signature_bytes = data[-96:]
    signature = utils.reconstruct_signature(signature_bytes=signature_bytes, size=48)
    pub_key = priv_key.public_key()
    try:
        pub_key.verify(signature, data_without_signature, ec.ECDSA(hashes.SHA384()))
        assert True
    except InvalidSignature:
        assert False
示例#4
0
def test_verify_ecc_signature_N4A_256(data_dir):
    """Verifies the signature for ECC protocol for Niobe4Analog 256."""
    with use_working_directory(data_dir):
        with open("new_dck_secp256_N4A.yml", 'r') as f:
            yaml_config = yaml.safe_load(f)
        dc = DebugCredential.create_from_yaml_config(version='2.0',
                                                     yaml_config=yaml_config)
        dc.sign()
        data = dc.export()
        priv_key = load_private_key(yaml_config['rotk'])
    data_without_signature = data[:-64]
    signature_bytes = data[-64:]
    assert len(signature_bytes) == 64
    signature = utils.reconstruct_signature(signature_bytes=signature_bytes,
                                            size=32)
    pub_key = priv_key.public_key()
    try:
        pub_key.verify(signature, data_without_signature,
                       ec.ECDSA(hashes.SHA256()))
        assert True
    except InvalidSignature:
        assert False
示例#5
0
def test_reconstruct_signature(data_dir):
    """Reconstructs the signature."""
    signature_bytes = load_binary(data_dir, 'signature_bytes.bin')
    signature = load_binary(data_dir, 'signature.bin')
    reconstructed_signature = utils.reconstruct_signature(signature_bytes)
    assert signature == reconstructed_signature