forked from scitt-community/scitt-api-emulator
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
key helpers: verification key to object: In progress
Asciinema: https://asciinema.org/a/627150 Asciinema: https://asciinema.org/a/627165 Signed-off-by: John Andersen <[email protected]>
- Loading branch information
Showing
9 changed files
with
131 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
import dataclasses | ||
|
||
|
||
@dataclasses.dataclass | ||
class VerificationKey: | ||
cwt: cwt.COSEKey | ||
cose: pycose.keys.ec2.EC2Key | ||
original: Any | ||
original_content_type: str | ||
original_bytes: bytes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
import itertools | ||
import importlib.metadata | ||
from typing import Optional, Callable, List, Tuple | ||
|
||
from scitt_emulator.key_helper_dataclasses import VerificationKey | ||
|
||
|
||
ENTRYPOINT_KEY_TRANSFORMS_TO_OBJECT = "scitt_emulator.key_helpers.verification_key_to_object" | ||
|
||
|
||
def verification_key_to_object( | ||
verification_key: VerificationKey, | ||
*, | ||
key_transforms: Optional[List[Callable[[VerificationKey], dict]]] = None, | ||
) -> bool: | ||
""" | ||
Resolve keys for statement issuer and verify signature on COSESign1 | ||
statement and embedded CWT | ||
""" | ||
if key_transforms is None: | ||
key_transforms = [] | ||
# There is some difference in the return value of entry_points across | ||
# Python versions/envs (conda vs. non-conda). Python 3.8 returns a dict. | ||
entrypoints = importlib.metadata.entry_points() | ||
if isinstance(entrypoints, dict): | ||
for entrypoint in entrypoints.get(ENTRYPOINT_KEY_TRANSFORMS_TO_OBJECT, []): | ||
key_transforms.append(entrypoint.load()) | ||
elif isinstance(entrypoints, getattr(importlib.metadata, "EntryPoints", list)): | ||
for entrypoint in entrypoints: | ||
if entrypoint.group == ENTRYPOINT_KEY_TRANSFORMS_TO_OBJECT: | ||
key_transforms.append(entrypoint.load()) | ||
else: | ||
raise TypeError(f"importlib.metadata.entry_points returned unknown type: {type(entrypoints)}: {entrypoints!r}") | ||
|
||
# Load keys from issuer and attempt verification. Return key used to verify | ||
for verification_key_as_object in itertools.chain( | ||
*[key_transform(unverified_issuer) for key_transform in key_transforms] | ||
): | ||
# Skip keys that we couldn't derive COSE keys for | ||
if verification_key_as_object: | ||
return verification_key_as_object | ||
|
||
return None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters