| Mate Toth-Pal | b2508d5 | 2022-04-30 14:10:06 +0200 | [diff] [blame^] | 1 | # ----------------------------------------------------------------------------- |
| 2 | # Copyright (c) 2022, Arm Limited. All rights reserved. |
| 3 | # |
| 4 | # SPDX-License-Identifier: BSD-3-Clause |
| 5 | # |
| 6 | # ----------------------------------------------------------------------------- |
| 7 | |
| 8 | """ |
| 9 | This module contains a set of tokens that are used for testing features not used by current |
| 10 | token types. |
| 11 | """ |
| 12 | |
| 13 | from iatverifier.attest_token_verifier import AttestationTokenVerifier as Verifier |
| 14 | from iatverifier.attest_token_verifier import AttestationClaim as Claim |
| 15 | from tests.synthetic_token_claims import SynClaimInt, SynBoxesClaim, BoxWidthClaim |
| 16 | from tests.synthetic_token_claims import BoxHeightClaim, BoxDepthClaim, BoxColorClaim |
| 17 | |
| 18 | class SyntheticTokenVerifier(Verifier): |
| 19 | """A test token that may contain other tokens""" |
| 20 | def get_claim_key(self=None): |
| 21 | return 0x54a14e11 #TODO: some made up claim. Change claim indexing to use name |
| 22 | # and this should return None |
| 23 | |
| 24 | def get_claim_name(self=None): |
| 25 | return 'SYNTHETIC_TOKEN' |
| 26 | |
| 27 | def _get_p_header(self): |
| 28 | return None |
| 29 | |
| 30 | def _get_wrapping_tag(self): |
| 31 | return None |
| 32 | |
| 33 | def _parse_p_header(self, msg): |
| 34 | pass |
| 35 | |
| 36 | def __init__(self, *, method, cose_alg, signing_key, configuration, internal_signing_key): |
| 37 | # First prepare the claim hierarchy for this token |
| 38 | |
| 39 | # Claims for the internal token: |
| 40 | internal_box_claims = [ |
| 41 | (BoxWidthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}), |
| 42 | (BoxHeightClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}), |
| 43 | (BoxDepthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}), |
| 44 | (BoxColorClaim, {'verifier': self, 'necessity': Claim.MANDATORY}), |
| 45 | ] |
| 46 | |
| 47 | internal_verifier_claims = [ |
| 48 | (SynClaimInt, {'verifier': self, 'necessity':Claim.MANDATORY}), |
| 49 | (SynBoxesClaim, { |
| 50 | 'verifier': self, |
| 51 | 'claims': internal_box_claims, |
| 52 | 'is_list': True, |
| 53 | 'necessity':Claim.MANDATORY}), |
| 54 | ] |
| 55 | |
| 56 | # Claims for the 'external' token |
| 57 | box_claims = [ |
| 58 | (BoxWidthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}), |
| 59 | (BoxHeightClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}), |
| 60 | (BoxDepthClaim, {'verifier': self, 'necessity': Claim.OPTIONAL}), |
| 61 | (BoxColorClaim, {'verifier': self, 'necessity': Claim.MANDATORY}), |
| 62 | (SyntheticInternalTokenVerifier, {'necessity': Claim.OPTIONAL, |
| 63 | 'method': Verifier.SIGN_METHOD_SIGN1, |
| 64 | 'cose_alg': Verifier.COSE_ALG_ES256, |
| 65 | 'claims': internal_verifier_claims, |
| 66 | 'configuration': configuration, |
| 67 | 'signing_key': internal_signing_key}), |
| 68 | ] |
| 69 | |
| 70 | verifier_claims = [ |
| 71 | (SynClaimInt, {'verifier': self, 'necessity':Claim.MANDATORY}), |
| 72 | (SynBoxesClaim, { |
| 73 | 'verifier': self, |
| 74 | 'claims': box_claims, |
| 75 | 'is_list': True, |
| 76 | 'necessity':Claim.MANDATORY}), |
| 77 | ] |
| 78 | |
| 79 | # initialise the base part of the token |
| 80 | super().__init__( |
| 81 | method=method, |
| 82 | cose_alg=cose_alg, |
| 83 | signing_key=signing_key, |
| 84 | claims=verifier_claims, |
| 85 | configuration=configuration, |
| 86 | necessity=Claim.MANDATORY) |
| 87 | |
| 88 | @staticmethod |
| 89 | def check_cross_claim_requirements(verifier, claims): |
| 90 | pass |
| 91 | |
| 92 | class SyntheticInternalTokenVerifier(Verifier): |
| 93 | """A Test token that is intended to use inside another token""" |
| 94 | |
| 95 | def get_claim_key(self=None): |
| 96 | return 0x54a14e12 #TODO: some made up claim. Change claim indexing to use name |
| 97 | # and this should return None |
| 98 | |
| 99 | def get_claim_name(self=None): |
| 100 | return 'SYNTHETIC_INTERNAL_TOKEN' |
| 101 | |
| 102 | def _get_p_header(self): |
| 103 | return {'alg': self.cose_alg} |
| 104 | |
| 105 | def _parse_p_header(self, msg): |
| 106 | alg = self._get_cose_alg() |
| 107 | try: |
| 108 | msg_alg = msg.protected_header['alg'] |
| 109 | except KeyError as exc: |
| 110 | raise ValueError(f'Missing alg from protected header (expected {alg})') from exc |
| 111 | if alg != msg_alg: |
| 112 | raise ValueError('Unexpected alg in protected header ' + |
| 113 | f'(expected {alg} instead of {msg_alg})') |
| 114 | |
| 115 | |
| 116 | def _get_wrapping_tag(self): |
| 117 | return None |
| 118 | |
| 119 | def __init__( |
| 120 | self, |
| 121 | *, method, |
| 122 | cose_alg, |
| 123 | signing_key, |
| 124 | claims, |
| 125 | configuration=None, |
| 126 | necessity=Claim.MANDATORY): |
| 127 | super().__init__( |
| 128 | method=method, |
| 129 | cose_alg=cose_alg, |
| 130 | signing_key=signing_key, |
| 131 | claims=claims, |
| 132 | configuration=configuration, |
| 133 | necessity=necessity) |
| 134 | |
| 135 | @staticmethod |
| 136 | def check_cross_claim_requirements(verifier, claims): |
| 137 | pass |