Skip to content

Commit

Permalink
Update project
Browse files Browse the repository at this point in the history
  • Loading branch information
@DarkaMaul
DarkaMaul committed Oct 4, 2024
1 parent 254229c commit 28710c9
Show file tree
Hide file tree
Showing 5 changed files with 91 additions and 28 deletions.
25 changes: 24 additions & 1 deletion rust/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,18 @@ impl TimeStampResp {
};
Ok(py_signed_data)
}

// Timestamp Token (as_bytes)
fn time_stamp_token<'p>(
&self,
py: pyo3::Python<'p>,
) -> PyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
let result = asn1::write_single(&self.raw.borrow_dependent().time_stamp_token);
match result {
Ok(request_bytes) => Ok(pyo3::types::PyBytes::new_bound(py, &request_bytes)),
Err(e) => Err(pyo3::exceptions::PyValueError::new_err(format!("{e}"))),
}
}
}

self_cell::self_cell!(
Expand Down Expand Up @@ -465,6 +477,17 @@ impl PyTSTInfo {
}
}
// TODO(dm) extensions: Extensions

fn as_bytes<'p>(
&self,
py: pyo3::Python<'p>,
) -> PyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
let result = asn1::write_single(&self.raw.borrow_dependent());
match result {
Ok(request_bytes) => Ok(pyo3::types::PyBytes::new_bound(py, &request_bytes)),
Err(e) => Err(pyo3::exceptions::PyValueError::new_err(format!("{e}"))),
}
}
}

#[pyo3::pyfunction]
Expand Down Expand Up @@ -523,7 +546,7 @@ pub(crate) fn create_timestamp_request(
message_imprint: message_imprint,
nonce: nonce_biguint,
req_policy: None,
cert_req: false,
cert_req: true,
extensions: None,
};

Expand Down
4 changes: 4 additions & 0 deletions src/sigstore_tsp/tsp.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,10 @@ def tst_info(self) -> TimeStampTokenInfo:
def signed_data(self) -> SignedData:
"""Returns the Signed Data."""

@abc.abstractmethod
def time_stamp_token(self) -> bytes:
"""Return the bytes of the TimestampToken field."""


TimeStampResponse.register(_rust.TimeStampResp)

Expand Down
Binary file modified test/fixtures/response.tsr
View file
Binary file not shown.
52 changes: 26 additions & 26 deletions test/fixtures/ts_chain.pem
View file
Original file line number Diff line number Diff line change
@@ -1,35 +1,35 @@
-----BEGIN CERTIFICATE-----
MIIBzTCCAXKgAwIBAgIUB1fm1kzgFYdI15DCbcR2znmNvX4wCgYIKoZIzj0EAwIw
MIIByzCCAXKgAwIBAgIUMS2TAxes74kk0cOuNoIpeqBx3kcwCgYIKoZIzj0EAwIw
MDEOMAwGA1UEChMFbG9jYWwxHjAcBgNVBAMTFVRlc3QgVFNBIEludGVybWVkaWF0
ZTAeFw0yNDA5MjYxNTA0MzFaFw0zMzA5MjYxNTA3MzFaMDAxDjAMBgNVBAoTBWxv
ZTAeFw0yNDEwMDQwODQyNDdaFw0zMzEwMDQwODQ1NDdaMDAxDjAMBgNVBAoTBWxv
Y2FsMR4wHAYDVQQDExVUZXN0IFRTQSBUaW1lc3RhbXBpbmcwWTATBgcqhkjOPQIB
BggqhkjOPQMBBwNCAAQJLOx1er3OYoh8ye10R33JuC36SdbPUeX/0OrzIfPLIzNt
318lOG4/M88AcQUUP8/cfvUYDfYvz13Y/BKqyJqgo2owaDAOBgNVHQ8BAf8EBAMC
B4AwHQYDVR0OBBYEFDR3RW7sspK5nJCgMYmaLjLzQgsGMB8GA1UdIwQYMBaAFALx
2SsaTew5WmKDNUC5W7rBxmnbMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMAoGCCqG
SM49BAMCA0kAMEYCIQCf9psWVtVrxe4x9EhAqHB1p6HAbOO1T7eFAxkzUedOpgIh
APpWUuquAsYBmwKOYSf/X4WconKtNy0tm44N3WhiH5rz
BggqhkjOPQMBBwNCAAQcbaKadm8RlNsp+7t+wb54KTqzWfj2ypkE8nWXKSRPE2ij
HMNW+BjvnTL8CQklsKgcbJQkR4qaptUaWnad8+CVo2owaDAOBgNVHQ8BAf8EBAMC
B4AwHQYDVR0OBBYEFCtep7A1YtKZE7NX42MzMvlfdoiwMB8GA1UdIwQYMBaAFIlQ
vCF7fQ1EgLYRWWUgnTZ2meLLMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMAoGCCqG
SM49BAMCA0cAMEQCIGjD4AsOeVNBlT/TYwLqnXBs21KyiHecZBbubqoOtT3/AiA5
CF3aUiClr3r5UajsRutdoHvNRBJWSEiEPOEw62MfZA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB0jCCAXigAwIBAgIUHol7Z0HtRLCFwDD2ymKu/VcyZ9UwCgYIKoZIzj0EAwIw
KDEOMAwGA1UEChMFbG9jYWwxFjAUBgNVBAMTDVRlc3QgVFNBIFJvb3QwHhcNMjQw
OTI2MTUwMjMxWhcNMzQwOTI2MTUwNzMxWjAwMQ4wDAYDVQQKEwVsb2NhbDEeMBwG
MIIB0zCCAXigAwIBAgIURPlZJgmgKetsasQHzxlhoxKnPSEwCgYIKoZIzj0EAwIw
KDEOMAwGA1UEChMFbG9jYWwxFjAUBgNVBAMTDVRlc3QgVFNBIFJvb3QwHhcNMjQx
MDA0MDg0MDQ3WhcNMzQxMDA0MDg0NTQ3WjAwMQ4wDAYDVQQKEwVsb2NhbDEeMBwG
A1UEAxMVVGVzdCBUU0EgSW50ZXJtZWRpYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEGzVCgkzDQkMqxRlXPXADxFS7/e8u3/j/PI4xkOZtdN6/9PPPdy5IimK/
OoQq8sNmMfb0CriyIYnKoNwJ1dUdHKN4MHYwDgYDVR0PAQH/BAQDAgEGMBMGA1Ud
JQQMMAoGCCsGAQUFBwMIMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFALx2Ssa
Tew5WmKDNUC5W7rBxmnbMB8GA1UdIwQYMBaAFCnKpTwP0pqRflw/vUbiZHjEZc5M
MAoGCCqGSM49BAMCA0gAMEUCIQC9S7bLB8bi4cjMEaX4ZAooXT7vNbAvfseaWUW8
dv8RQwIgZgQF1amkhMU1H8aXprou7vYH5rbmzuElAyS6TA//kzs=
AQcDQgAEhICJDAc+t3BRTqo1P2MgyNUAw5LbbVfq75GdqPsJV0jdv8pP8PaAOyVt
mF42XjMtpkdlYhgbkOk00pA54ARzqqN4MHYwDgYDVR0PAQH/BAQDAgEGMBMGA1Ud
JQQMMAoGCCsGAQUFBwMIMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIlQvCF7
fQ1EgLYRWWUgnTZ2meLLMB8GA1UdIwQYMBaAFBUiXyIGznYVfHpIUeuFzEdRfM0Q
MAoGCCqGSM49BAMCA0kAMEYCIQCXUxmgmfDwyEOkgeT7wvgCf2KMh9Xj/M8ZOc7I
HxK2tgIhAMUp6gEY8IYy53X0XVtcxEH0O9rZZSmN7WfY1/ZLQHor
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIBkzCCATqgAwIBAgIUGpdpdZ+1u5mA3jRd/m7vmPQWyWMwCgYIKoZIzj0EAwIw
KDEOMAwGA1UEChMFbG9jYWwxFjAUBgNVBAMTDVRlc3QgVFNBIFJvb3QwHhcNMjQw
OTI2MTUwMjMxWhcNMzQwOTI2MTUwNzMxWjAoMQ4wDAYDVQQKEwVsb2NhbDEWMBQG
A1UEAxMNVGVzdCBUU0EgUm9vdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIA1
o2pTsSxfoQRya3E+GAM7a9cOrvhG5mkpEsQaO+7CL3VyIpszValjuqYwDpEaXei9
Ko9P5iEoru0uYEmoT7mjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD
AQH/MB0GA1UdDgQWBBQpyqU8D9KakX5cP71G4mR4xGXOTDAKBggqhkjOPQQDAgNH
ADBEAiAggb/CCtUjIxxuoffQ85ugdylmO9xYgzhjJqcjiYodQwIgT8h6J4Ace2on
JkTMML0sqzXiqoUfwMzWJlBhKC7y12Y=
MIIBlDCCATqgAwIBAgIUMaWQn8FrA4uDme8qVxvAuFfWNx0wCgYIKoZIzj0EAwIw
KDEOMAwGA1UEChMFbG9jYWwxFjAUBgNVBAMTDVRlc3QgVFNBIFJvb3QwHhcNMjQx
MDA0MDg0MDQ3WhcNMzQxMDA0MDg0NTQ3WjAoMQ4wDAYDVQQKEwVsb2NhbDEWMBQG
A1UEAxMNVGVzdCBUU0EgUm9vdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPSJ
OrMT88B9PCaD9XHV65971FAVJzwLlyFBKryLmSB9nsnR4hc8DJ6F6sL7Vtqd6mgC
R6zkfDlTCD1bFiY4ubijQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD
AQH/MB0GA1UdDgQWBBQVIl8iBs52FXx6SFHrhcxHUXzNEDAKBggqhkjOPQQDAgNI
ADBFAiEA8b2BcPP7h9/CqdIbMsJKYtYb8RsrGc2J3vxxVFXoqYcCIH/jjxt8SJw7
V55tO2EBPc0SGlFvvvhM10jj2RQfw9Zg
-----END CERTIFICATE-----
38 changes: 37 additions & 1 deletion test/test_verify.py
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
import pytest
from pathlib import Path
import cryptography.hazmat
import cryptography.x509

from sigstore_tsp.base import TimestampRequestBuilder, decode_timestamp_response
from sigstore_tsp.verify import verify_timestamp_response, VerifyOpts, create_verify_opts
from sigstore_tsp.verify import verify_timestamp_response, create_verify_opts



Expand All @@ -29,6 +31,14 @@ def test_create_verify_opts():
assert verify_opts.tsa_certificate == certificates[0]


def test_create_request():

request = TimestampRequestBuilder().data(b"hello").build()

assert request.version == 1
assert request.cert_req is True


def test_verify():

request = TimestampRequestBuilder().data(b"hello").build()
Expand All @@ -49,3 +59,29 @@ def test_verify():
hashed_message=request.message_imprint.message,
verify_opts=verify_opts,
)


@pytest.mark.skip(reason="certificate verification fails - to be tested")
def test_pkcs7():
from cryptography.hazmat.bindings._rust import test_support
from cryptography.hazmat.primitives.serialization import Encoding, pkcs7


response = (_FIXTURE / "response.tsr").read_bytes()

tsr = decode_timestamp_response(response)
time_stamp_token = tsr.time_stamp_token()

certificates = cryptography.x509.load_pem_x509_certificates(
(_FIXTURE / "ts_chain.pem").read_bytes()
)

options = []

test_support.pkcs7_verify(
encoding=Encoding.DER,
sig =time_stamp_token,
msg=b"hello",
certs=certificates,
options=options,
)

0 comments on commit 28710c9

Please sign in to comment.