Add synthetic token for testing
Add synthetic token for testing features not used by current token type.
Change-Id: I09bcd886465dcc083e225f953693688db3a38a64
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
diff --git a/iat-verifier/tests/synthetic_data/p_header_off.cbor b/iat-verifier/tests/synthetic_data/p_header_off.cbor
new file mode 100644
index 0000000..423f5ec
--- /dev/null
+++ b/iat-verifier/tests/synthetic_data/p_header_off.cbor
Binary files differ
diff --git a/iat-verifier/tests/synthetic_data/p_header_on.cbor b/iat-verifier/tests/synthetic_data/p_header_on.cbor
new file mode 100644
index 0000000..3b628c0
--- /dev/null
+++ b/iat-verifier/tests/synthetic_data/p_header_on.cbor
Binary files differ
diff --git a/iat-verifier/tests/synthetic_data/synthetic_token.yaml b/iat-verifier/tests/synthetic_data/synthetic_token.yaml
new file mode 100644
index 0000000..ff56a99
--- /dev/null
+++ b/iat-verifier/tests/synthetic_data/synthetic_token.yaml
@@ -0,0 +1,18 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+syn_claim_int: 12
+syn_boxes:
+ - box_color: red
+ - box_width: 7
+ box_height: 7
+ box_depth: 7
+ box_color: blue
+ - box_width: 5
+ box_height: 5
+ box_depth: 5
+ box_color: green
diff --git a/iat-verifier/tests/synthetic_data/synthetic_token_another_token.yaml b/iat-verifier/tests/synthetic_data/synthetic_token_another_token.yaml
new file mode 100644
index 0000000..937a602
--- /dev/null
+++ b/iat-verifier/tests/synthetic_data/synthetic_token_another_token.yaml
@@ -0,0 +1,22 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+syn_claim_int: 12
+syn_boxes:
+ - box_color: red
+ - box_width: 7
+ box_height: 7
+ box_depth: 7
+ box_color: blue
+ - box_width: 5
+ box_height: 5
+ box_depth: 5
+ box_color: green
+ synthetic_internal_token:
+ syn_claim_int: 1000
+ syn_boxes:
+ - box_color: grey
diff --git a/iat-verifier/tests/synthetic_data/synthetic_token_another_token_missing_box_dim.yaml b/iat-verifier/tests/synthetic_data/synthetic_token_another_token_missing_box_dim.yaml
new file mode 100644
index 0000000..9ccb0a8
--- /dev/null
+++ b/iat-verifier/tests/synthetic_data/synthetic_token_another_token_missing_box_dim.yaml
@@ -0,0 +1,25 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+syn_claim_int: 12
+syn_boxes:
+ - box_color: red
+ - box_width: 7
+ box_height: 7
+ box_depth: 7
+ box_color: blue
+ - box_width: 5
+ box_height: 5
+ box_depth: 5
+ box_color: green
+ synthetic_internal_token:
+ syn_claim_int: 1000
+ syn_boxes:
+ - box_color: grey
+ - box_width: 5
+ box_depth: 5
+ box_color: pink
diff --git a/iat-verifier/tests/synthetic_data/synthetic_token_missing_box_dim.yaml b/iat-verifier/tests/synthetic_data/synthetic_token_missing_box_dim.yaml
new file mode 100644
index 0000000..77dfa8a
--- /dev/null
+++ b/iat-verifier/tests/synthetic_data/synthetic_token_missing_box_dim.yaml
@@ -0,0 +1,17 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+syn_claim_int: 12
+syn_boxes:
+ - box_color: red
+ - box_width: 7
+ box_height: 7
+ box_depth: 7
+ box_color: blue
+ - box_width: 5
+ box_height: 5
+ box_color: green
diff --git a/iat-verifier/tests/synthetic_token_claims.py b/iat-verifier/tests/synthetic_token_claims.py
new file mode 100644
index 0000000..992c9ba
--- /dev/null
+++ b/iat-verifier/tests/synthetic_token_claims.py
@@ -0,0 +1,110 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+"""
+This module contains a set of claims that are used for testing features not used by current
+token types.
+"""
+
+from iatverifier.attest_token_verifier import AttestationClaim
+from iatverifier.attest_token_verifier import CompositeAttestClaim
+
+_SYNTHETIC_CLAIM_KEY_BASE = 0x754A0000 # Some made up number
+
+class SynClaimInt(AttestationClaim):
+ """A claim that should have an int as value."""
+ def get_claim_key(self=None):
+ return _SYNTHETIC_CLAIM_KEY_BASE + 0
+
+ def get_claim_name(self=None):
+ return 'SYN_CLAIM_INT'
+
+ def verify(self, value):
+ self._check_type(self.get_claim_name(), value, int)
+ self.verify_count += 1
+
+class SynBoxesClaim(CompositeAttestClaim):
+ """A composite claim with a cross claim checker."""
+ def __init__(self, verifier, *, claims, is_list, necessity=AttestationClaim.MANDATORY):
+ super().__init__(
+ verifier=verifier,
+ claims=claims,
+ cross_claim_requirement_checker=type(self).check_cross_claim_requirements,
+ is_list=is_list,
+ necessity=necessity)
+
+ def get_claim_key(self=None):
+ return _SYNTHETIC_CLAIM_KEY_BASE + 1
+
+ def get_claim_name(self=None):
+ return 'SYN_BOXES'
+
+ @staticmethod
+ def check_cross_claim_requirements(verifier, claims):
+ """Checking the claims for a box.
+
+ A box must have either all its dimensions defined, or none of them
+ """
+ box_size_prop_count = 0
+ for c in [BoxWidthClaim, BoxHeightClaim, BoxDepthClaim]:
+ if claims[c.get_claim_key()].claim_found():
+ box_size_prop_count += 1
+
+ if box_size_prop_count not in (0, 3):
+ verifier.error('Invalid IAT: Box size must have all 3 dimensions')
+
+class BoxWidthClaim(AttestationClaim):
+ """A simple claim that has an int value."""
+ def get_claim_key(self=None):
+ return _SYNTHETIC_CLAIM_KEY_BASE + 2
+
+ def get_claim_name(self=None):
+ return 'BOX_WIDTH'
+
+ def verify(self, value):
+ self._check_type(self.get_claim_name(), value, int)
+ self.verify_count += 1
+
+class BoxHeightClaim(AttestationClaim):
+ """A simple claim that has an int value."""
+ def get_claim_key(self=None):
+ return _SYNTHETIC_CLAIM_KEY_BASE + 3
+
+ def get_claim_name(self=None):
+ return 'BOX_HEIGHT'
+
+ def verify(self, value):
+ self._check_type(self.get_claim_name(), value, int)
+ self.verify_count += 1
+
+class BoxDepthClaim(AttestationClaim):
+ """A simple claim that has an int value."""
+ def get_claim_key(self=None):
+ return _SYNTHETIC_CLAIM_KEY_BASE + 4
+
+ def get_claim_name(self=None):
+ return 'BOX_DEPTH'
+
+ def verify(self, value):
+ self._check_type(self.get_claim_name(), value, int)
+ self.verify_count += 1
+
+class BoxColorClaim(AttestationClaim):
+ """A simple claim that has a string value."""
+ def get_claim_key(self=None):
+ return _SYNTHETIC_CLAIM_KEY_BASE + 5
+
+ def get_claim_name(self=None):
+ return 'BOX_COLOR'
+
+ def verify(self, value):
+ self._check_type(self.get_claim_name(), value, str)
+ self.verify_count += 1
+
+ @classmethod
+ def is_utf_8(cls):
+ return True
diff --git a/iat-verifier/tests/synthetic_token_verifier.py b/iat-verifier/tests/synthetic_token_verifier.py
new file mode 100644
index 0000000..404bda7
--- /dev/null
+++ b/iat-verifier/tests/synthetic_token_verifier.py
@@ -0,0 +1,137 @@
+# -----------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# -----------------------------------------------------------------------------
+
+"""
+This module contains a set of tokens that are used for testing features not used by current
+token types.
+"""
+
+from iatverifier.attest_token_verifier import AttestationTokenVerifier as Verifier
+from iatverifier.attest_token_verifier import AttestationClaim as Claim
+from tests.synthetic_token_claims import SynClaimInt, SynBoxesClaim, BoxWidthClaim
+from tests.synthetic_token_claims import BoxHeightClaim, BoxDepthClaim, BoxColorClaim
+
+class SyntheticTokenVerifier(Verifier):
+ """A test token that may contain other tokens"""
+ def get_claim_key(self=None):
+ return 0x54a14e11 #TODO: some made up claim. Change claim indexing to use name
+ # and this should return None
+
+ def get_claim_name(self=None):
+ return 'SYNTHETIC_TOKEN'
+
+ def _get_p_header(self):
+ return None
+
+ def _get_wrapping_tag(self):
+ return None
+
+ def _parse_p_header(self, msg):
+ pass
+
+ def __init__(self, *, method, cose_alg, signing_key, configuration, internal_signing_key):
+ # First prepare the claim hierarchy for this token
+
+ # Claims for the internal token:
+ internal_box_claims = [
+ (BoxWidthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}),
+ (BoxHeightClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}),
+ (BoxDepthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}),
+ (BoxColorClaim, {'verifier': self, 'necessity': Claim.MANDATORY}),
+ ]
+
+ internal_verifier_claims = [
+ (SynClaimInt, {'verifier': self, 'necessity':Claim.MANDATORY}),
+ (SynBoxesClaim, {
+ 'verifier': self,
+ 'claims': internal_box_claims,
+ 'is_list': True,
+ 'necessity':Claim.MANDATORY}),
+ ]
+
+ # Claims for the 'external' token
+ box_claims = [
+ (BoxWidthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}),
+ (BoxHeightClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}),
+ (BoxDepthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}),
+ (BoxColorClaim, {'verifier': self, 'necessity': Claim.MANDATORY}),
+ (SyntheticInternalTokenVerifier, {'necessity': Claim.OPTIONAL,
+ 'method': Verifier.SIGN_METHOD_SIGN1,
+ 'cose_alg': Verifier.COSE_ALG_ES256,
+ 'claims': internal_verifier_claims,
+ 'configuration': configuration,
+ 'signing_key': internal_signing_key}),
+ ]
+
+ verifier_claims = [
+ (SynClaimInt, {'verifier': self, 'necessity':Claim.MANDATORY}),
+ (SynBoxesClaim, {
+ 'verifier': self,
+ 'claims': box_claims,
+ 'is_list': True,
+ 'necessity':Claim.MANDATORY}),
+ ]
+
+ # initialise the base part of the token
+ super().__init__(
+ method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ claims=verifier_claims,
+ configuration=configuration,
+ necessity=Claim.MANDATORY)
+
+ @staticmethod
+ def check_cross_claim_requirements(verifier, claims):
+ pass
+
+class SyntheticInternalTokenVerifier(Verifier):
+ """A Test token that is intended to use inside another token"""
+
+ def get_claim_key(self=None):
+ return 0x54a14e12 #TODO: some made up claim. Change claim indexing to use name
+ # and this should return None
+
+ def get_claim_name(self=None):
+ return 'SYNTHETIC_INTERNAL_TOKEN'
+
+ def _get_p_header(self):
+ return {'alg': self.cose_alg}
+
+ def _parse_p_header(self, msg):
+ alg = self._get_cose_alg()
+ try:
+ msg_alg = msg.protected_header['alg']
+ except KeyError as exc:
+ raise ValueError(f'Missing alg from protected header (expected {alg})') from exc
+ if alg != msg_alg:
+ raise ValueError('Unexpected alg in protected header ' +
+ f'(expected {alg} instead of {msg_alg})')
+
+
+ def _get_wrapping_tag(self):
+ return None
+
+ def __init__(
+ self,
+ *, method,
+ cose_alg,
+ signing_key,
+ claims,
+ configuration=None,
+ necessity=Claim.MANDATORY):
+ super().__init__(
+ method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ claims=claims,
+ configuration=configuration,
+ necessity=necessity)
+
+ @staticmethod
+ def check_cross_claim_requirements(verifier, claims):
+ pass
diff --git a/iat-verifier/tests/test_synthetic.py b/iat-verifier/tests/test_synthetic.py
new file mode 100644
index 0000000..9f6eaa7
--- /dev/null
+++ b/iat-verifier/tests/test_synthetic.py
@@ -0,0 +1,107 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+"""
+This test is used to test features that are not used by the PSA IoT profile1
+tokens
+"""
+
+import os
+import unittest
+
+from iatverifier.util import read_token_map, read_keyfile
+from iatverifier.attest_token_verifier import VerifierConfiguration, AttestationTokenVerifier
+from tests.synthetic_token_verifier import SyntheticTokenVerifier
+from test_utils import create_and_read_iat, convert_map_to_token_bytes, bytes_equal_to_file
+
+
+THIS_DIR = os.path.dirname(__file__)
+
+DATA_DIR = os.path.join(THIS_DIR, 'synthetic_data')
+KEY_DIR = os.path.join(THIS_DIR, 'data')
+KEYFILE = os.path.join(KEY_DIR, 'key.pem')
+KEYFILE_ALT = os.path.join(KEY_DIR, 'key-alt.pem')
+
+class TestSynthetic(unittest.TestCase):
+ """Test iat-verifier's nested IAT feature"""
+ def setUp(self):
+ self.config = VerifierConfiguration()
+
+ def test_composite(self):
+ """Test cross claim checking in composite claim"""
+ method=AttestationTokenVerifier.SIGN_METHOD_SIGN1
+ cose_alg=AttestationTokenVerifier.COSE_ALG_ES256
+ signing_key = read_keyfile(KEYFILE, method)
+
+ create_and_read_iat(
+ DATA_DIR,
+ 'synthetic_token.yaml',
+ SyntheticTokenVerifier(
+ method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ configuration=self.config,
+ internal_signing_key=signing_key))
+
+ with self.assertRaises(ValueError) as test_ctx:
+ create_and_read_iat(
+ DATA_DIR,
+ 'synthetic_token_missing_box_dim.yaml',
+ SyntheticTokenVerifier(
+ method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ configuration=self.config,
+ internal_signing_key=signing_key))
+ self.assertIn(
+ 'Invalid IAT: Box size must have all 3 dimensions', test_ctx.exception.args[0])
+
+ create_and_read_iat(
+ DATA_DIR,
+ 'synthetic_token_another_token.yaml',
+ SyntheticTokenVerifier(
+ method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ configuration=self.config,
+ internal_signing_key=signing_key))
+
+ with self.assertRaises(ValueError) as test_ctx:
+ create_and_read_iat(
+ DATA_DIR,
+ 'synthetic_token_another_token_missing_box_dim.yaml',
+ SyntheticTokenVerifier(method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ configuration=self.config,
+ internal_signing_key=signing_key))
+ self.assertIn(
+ 'Invalid IAT: Box size must have all 3 dimensions', test_ctx.exception.args[0])
+
+ def test_protected_header(self):
+ """Test protected header detection"""
+ source_path = os.path.join(DATA_DIR, 'synthetic_token_another_token.yaml')
+ token_map = read_token_map(source_path)
+
+ method=AttestationTokenVerifier.SIGN_METHOD_SIGN1
+ cose_alg=AttestationTokenVerifier.COSE_ALG_ES256
+ signing_key = read_keyfile(KEYFILE, method)
+
+ verifier = SyntheticTokenVerifier(
+ method=method,
+ cose_alg=cose_alg,
+ signing_key=signing_key,
+ configuration=self.config,
+ internal_signing_key=signing_key)
+
+ token_p_header = convert_map_to_token_bytes(token_map, verifier, add_p_header=True)
+ token_no_p_header = convert_map_to_token_bytes(token_map, verifier, add_p_header=False)
+
+ self.assertTrue(
+ bytes_equal_to_file(token_p_header, os.path.join(DATA_DIR, 'p_header_on.cbor')))
+ self.assertTrue(
+ bytes_equal_to_file(token_no_p_header, os.path.join(DATA_DIR, 'p_header_off.cbor')))
diff --git a/iat-verifier/tests/test_utils.py b/iat-verifier/tests/test_utils.py
new file mode 100644
index 0000000..329354d
--- /dev/null
+++ b/iat-verifier/tests/test_utils.py
@@ -0,0 +1,79 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+"""This module contains utility functions for tests."""
+
+import os
+import tempfile
+from io import BytesIO
+from cbor2 import CBOREncoder
+from iatverifier.util import read_token_map
+
+def bytes_equal_to_file(data, filepath):
+ """
+ return compare a bytestring and the content of a file and return whether they are the same
+ """
+ with open(filepath, 'rb') as file:
+ file_data = file.read()
+ if len(file_data) != len(data):
+ return False
+ for bytes1, bytes2 in zip(data, file_data):
+ if bytes1 != bytes2:
+ return False
+ return True
+
+def convert_map_to_token_bytes(token_map, verifier, add_p_header):
+ """Converts a map to cbor token"""
+ with BytesIO() as bytes_io:
+ encoder = CBOREncoder(bytes_io)
+ verifier.convert_map_to_token(
+ encoder,
+ token_map,
+ add_p_header=add_p_header,
+ name_as_key=True,
+ parse_raw_value=True,
+ root=True)
+ return bytes_io.getvalue()
+
+def create_token(data_dir, source_name, verifier, add_p_header):
+ """Creats a cbor token from a yaml file."""
+ source_path = os.path.join(data_dir, source_name)
+ token_map = read_token_map(source_path)
+ return convert_map_to_token_bytes(token_map, verifier, add_p_header)
+
+def create_token_tmp_file(data_dir, source_name, verifier):
+ """Create a cbor token from a yaml file and write it to a temp file. Return the name of the temp
+ file
+ """
+ temp_file, dest_path = tempfile.mkstemp()
+ os.close(temp_file)
+
+ token = create_token(
+ data_dir=data_dir,
+ source_name=source_name,
+ verifier=verifier,
+ add_p_header=False)
+
+ with open(dest_path, 'wb') as wfh:
+ wfh.write(token)
+ return dest_path
+
+
+def read_iat(data_dir, filename, verifier):
+ """Read a cbor file and returns the parsed dictionary"""
+ filepath = os.path.join(data_dir, filename)
+ with open(filepath, 'rb') as file:
+ return verifier.parse_token(
+ token=file.read(),
+ verify=True,
+ check_p_header=False,
+ lower_case_key=False)
+
+def create_and_read_iat(data_dir, source_name, verifier):
+ """Read a yaml file, compile it into a cbor token, and read it back"""
+ token_file = create_token_tmp_file(data_dir, source_name, verifier)
+ return read_iat(data_dir, token_file, verifier)
diff --git a/iat-verifier/tests/test_verifier.py b/iat-verifier/tests/test_verifier.py
index 63b41a9..417e220 100644
--- a/iat-verifier/tests/test_verifier.py
+++ b/iat-verifier/tests/test_verifier.py
@@ -8,12 +8,12 @@
"""Unittests for iat-verifier using PSAIoTProfile1TokenVerifier"""
import os
-import tempfile
import unittest
from iatverifier.psa_iot_profile1_token_verifier import PSAIoTProfile1TokenVerifier
-from iatverifier.util import read_token_map, convert_map_to_token, read_keyfile
+from iatverifier.util import read_keyfile
from iatverifier.attest_token_verifier import VerifierConfiguration, AttestationTokenVerifier
+from test_utils import create_and_read_iat, read_iat, create_token_tmp_file
THIS_DIR = os.path.dirname(__file__)
@@ -22,40 +22,6 @@
KEYFILE = os.path.join(DATA_DIR, 'key.pem')
KEYFILE_ALT = os.path.join(DATA_DIR, 'key-alt.pem')
-def create_token(source_name, verifier):
- """Create a CBOR encoded token and save it to a temp file
-
- Return the name of the temp file."""
- source_path = os.path.join(DATA_DIR, source_name)
- temp_file, dest_path = tempfile.mkstemp()
- os.close(temp_file)
-
- token_map = read_token_map(source_path)
- with open(dest_path, 'wb') as wfh:
- convert_map_to_token(
- token_map,
- verifier,
- wfh,
- add_p_header=False,
- name_as_key=True,
- parse_raw_value=True)
- return dest_path
-
-def read_iat(filename, verifier):
- """Parse a token file"""
- filepath = os.path.join(DATA_DIR, filename)
- with open(filepath, 'rb') as token_file:
- return verifier.parse_token(
- token=token_file.read(),
- verify=True,
- check_p_header=False,
- lower_case_key=False)
-
-def create_and_read_iat(source_name, verifier):
- """Create a cbor encoded token in a temp file and parse it back"""
- token_file = create_token(source_name, verifier)
- return read_iat(token_file, verifier)
-
class TestIatVerifier(unittest.TestCase):
"""A class used for testing iat-verifier.
@@ -75,7 +41,7 @@
cose_alg=cose_alg,
signing_key=signing_key,
configuration=self.config)
- good_sig = create_token('valid-iat.yaml', verifier_good_sig)
+ good_sig = create_token_tmp_file(DATA_DIR, 'valid-iat.yaml', verifier_good_sig)
signing_key = read_keyfile(KEYFILE_ALT, method)
verifier_bad_sig = PSAIoTProfile1TokenVerifier(
@@ -83,7 +49,7 @@
cose_alg=cose_alg,
signing_key=signing_key,
configuration=self.config)
- bad_sig = create_token('valid-iat.yaml', verifier_bad_sig)
+ bad_sig = create_token_tmp_file(DATA_DIR, 'valid-iat.yaml', verifier_bad_sig)
#dump_file_binary(good_sig)
@@ -113,6 +79,7 @@
signing_key = read_keyfile(KEYFILE, method)
create_and_read_iat(
+ DATA_DIR,
'valid-iat.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -121,6 +88,7 @@
with self.assertRaises(ValueError) as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'invalid-profile-id.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -130,6 +98,7 @@
with self.assertRaises(ValueError) as test_ctx:
read_iat(
+ DATA_DIR,
'malformed.cbor',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -139,6 +108,7 @@
with self.assertRaises(ValueError) as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'missing-claim.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -148,6 +118,7 @@
with self.assertRaises(ValueError) as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'submod-missing-claim.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -157,6 +128,7 @@
with self.assertRaises(ValueError) as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'missing-sw-comps.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -167,6 +139,7 @@
with self.assertLogs() as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'missing-signer-id.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -177,6 +150,7 @@
with self.assertLogs() as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'invalid-type-length.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -193,6 +167,7 @@
with self.assertLogs() as test_ctx:
create_and_read_iat(
+ DATA_DIR,
'invalid-hw-version.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -213,6 +188,7 @@
cose_alg=AttestationTokenVerifier.COSE_ALG_ES256
signing_key = read_keyfile(KEYFILE, method)
iat = create_and_read_iat(
+ DATA_DIR,
'valid-iat.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,
@@ -226,6 +202,7 @@
cose_alg=AttestationTokenVerifier.COSE_ALG_ES256
signing_key = read_keyfile(KEYFILE, method)
iat = create_and_read_iat(
+ DATA_DIR,
'valid-iat.yaml',
PSAIoTProfile1TokenVerifier(method=method,
cose_alg=cose_alg,