commit f4e1ca341cf7fdb45b79fa4ce975766f80672e67
author Thomas Fossati <thomas.fossati@linaro.org> Fri Aug 16 16:01:31 2024 +0000
committer Thomas Fossati <thomas.fossati@linaro.org> Thu Aug 22 16:07:42 2024 +0000
tree 6f17f8cf02f259eac489cdabe6b1c942f21536dd
parent 872830317b7277476a3a88af68da17c9d3384230

chore(iatverifier): update pycose (0.0.1->1.1.0)

This change is in preparation for updating the CCA realm token to encode
the RAK as COSE_Key.

Change-Id: I745207a8d2d1d20e36503cbbc4ad38b6379e3a28
Co-authored-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Co-authored-by: Thomas Fossati <thomas.fossati@linaro.org>
Signed-off-by: Thomas Fossati <thomas.fossati@linaro.org>

iat-verifier/scripts/check_iat

diff --git a/iat-verifier/scripts/check_iat b/iat-verifier/scripts/check_iat
index ca47e91..5cd1e81 100755
--- a/iat-verifier/scripts/check_iat
+++ b/iat-verifier/scripts/check_iat
@@ -13,6 +13,8 @@
 import logging
 import sys
 
+from pycose.algorithms import Es256, Es384, HMAC256
+
 from iatverifier.util import recursive_bytes_to_strings, read_keyfile, get_cose_alg_from_key
 from iatverifier.psa_iot_profile1_token_verifier import PSAIoTProfile1TokenVerifier
 from iatverifier.psa_2_0_0_token_verifier import PSA_2_0_0_TokenVerifier
@@ -91,9 +93,9 @@
         key_checked = args.key
         key = read_keyfile(keyfile=args.key, method=method)
         if method == AttestationTokenVerifier.SIGN_METHOD_SIGN1:
-            cose_alg = get_cose_alg_from_key(key, AttestationTokenVerifier.COSE_ALG_ES256)
+            cose_alg = get_cose_alg_from_key(key, Es256)
         else:
-            cose_alg = AttestationTokenVerifier.COSE_ALG_HS256
+            cose_alg = HMAC256
         verifier = PSAIoTProfile1TokenVerifier(
             method=method,
             cose_alg=cose_alg,
@@ -107,12 +109,8 @@
         platform_token_key = read_keyfile(args.key, method)
         realm_token_method = AttestationTokenVerifier.SIGN_METHOD_SIGN1
         platform_token_method = AttestationTokenVerifier.SIGN_METHOD_SIGN1
-        realm_token_cose_alg = get_cose_alg_from_key(
-            None,
-            AttestationTokenVerifier.COSE_ALG_ES384)
-        platform_token_cose_alg = get_cose_alg_from_key(
-            platform_token_key,
-            AttestationTokenVerifier.COSE_ALG_ES384)
+        realm_token_cose_alg = get_cose_alg_from_key(None, Es384)
+        platform_token_cose_alg = get_cose_alg_from_key(platform_token_key, Es384)
         verifier = CCATokenVerifier(
             realm_token_method=realm_token_method,
             realm_token_cose_alg=realm_token_cose_alg,
@@ -123,7 +121,7 @@
     elif verifier_class == CCAPlatformTokenVerifier:
         key_checked = args.key
         key = read_keyfile(args.key, method)
-        cose_alg = get_cose_alg_from_key(key, AttestationTokenVerifier.COSE_ALG_ES384)
+        cose_alg = get_cose_alg_from_key(key, Es384)
         verifier = CCAPlatformTokenVerifier(
             method=AttestationTokenVerifier.SIGN_METHOD_SIGN1,
             cose_alg=cose_alg,
@@ -134,9 +132,9 @@
         key_checked = args.key
         key = read_keyfile(keyfile=args.key, method=method)
         if method == AttestationTokenVerifier.SIGN_METHOD_SIGN1:
-            cose_alg = get_cose_alg_from_key(key, AttestationTokenVerifier.COSE_ALG_ES256)
+            cose_alg = get_cose_alg_from_key(key, Es256)
         else:
-            cose_alg = AttestationTokenVerifier.COSE_ALG_HS256
+            cose_alg = HMAC256
         verifier = PSA_2_0_0_TokenVerifier(method=method, cose_alg=cose_alg, signing_key=key, configuration=config)
     else:
         logger.error(f'Invalid token type:{verifier_class}\n\t')