Skip to content

Commit

Permalink
Added conformance tests.
Browse files Browse the repository at this point in the history
  • Loading branch information
@balena
balena committed Sep 18, 2023
1 parent 3de090d commit ac7310b
Show file tree
Hide file tree
Showing 2 changed files with 160 additions and 27 deletions.
10 changes: 9 additions & 1 deletion countersign.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,15 @@ func countersignToBeSigned(abbreviated bool, target any, signProtected cbor.RawM
return nil, ErrMissingPayload
}
payload = t.Payload
otherFields = []cbor.RawMessage{t.Signature}
signature, err := encMode.Marshal(t.Signature)
if err != nil {
return nil, err
}
signature, err = deterministicBinaryString(signature)
if err != nil {
return nil, err
}
otherFields = []cbor.RawMessage{signature}
case Signature:
bodyProtected, err = t.Headers.MarshalProtected()
if err != nil {
Expand Down
177 changes: 151 additions & 26 deletions countersign_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1842,7 +1842,9 @@ func TestCountersignature_Sign_Internal(t *testing.T) {
}{
{
// adapted from https://github.com/cose-wg/Examples/blob/master/countersign/signed1-01.json
name: "conformance test #1",
// by modifying the context to "CounterSignatureV2" (to adjust to RFC 9338), including the
// signature as other_fields and altering the countersignature algorithm.
name: "COSE_Sign1 countersignature conformance test",
sig: &Countersignature{
Headers: Headers{
Protected: ProtectedHeader{
Expand All @@ -1856,41 +1858,164 @@ func TestCountersignature_Sign_Internal(t *testing.T) {
parent: Sign1Message{
Headers: Headers{
Protected: ProtectedHeader{
HeaderLabelAlgorithm: AlgorithmEdDSA,
HeaderLabelAlgorithm: AlgorithmEdDSA,
HeaderLabelContentType: 0,
},
Unprotected: UnprotectedHeader{
HeaderLabelKeyID: []byte("11"),
},
},
Payload: []byte("This is the content."),
Signature: []byte{
0x77, 0xf3, 0xea, 0xcd, 0x11, 0x85, 0x2c, 0x4b,
0xf9, 0xcb, 0x1d, 0x72, 0xfa, 0xbe, 0x6b, 0x26,
0xfb, 0xa1, 0xd7, 0x60, 0x92, 0xb2, 0xb5, 0xb7,
0xec, 0x83, 0xb8, 0x35, 0x57, 0x65, 0x22, 0x64,
0xe6, 0x96, 0x90, 0xdb, 0xc1, 0x17, 0x2d, 0xdc,
0x0b, 0xf8, 0x84, 0x11, 0xc0, 0xd2, 0x5a, 0x50,
0x7f, 0xdb, 0x24, 0x7a, 0x20, 0xc4, 0x0d, 0x5e,
0x24, 0x5f, 0xab, 0xd3, 0xfc, 0x9e, 0xc1, 0x06,
0x71, 0x42, 0xfd, 0x2f, 0xf9, 0x6d, 0x56, 0xdb,
0x85, 0xbe, 0xe9, 0x05, 0xa7, 0x6b, 0xa1, 0xd0,
0xb7, 0x32, 0x1a, 0x95, 0xc8, 0xc4, 0xd3, 0x60,
0x7c, 0x57, 0x81, 0x93, 0x2b, 0x7a, 0xfb, 0x87,
0x11, 0x49, 0x7d, 0xfa, 0x75, 0x1b, 0xf4, 0x0b,
0x58, 0xb3, 0xbc, 0xc3, 0x23, 0x00, 0xb1, 0x48,
0x7f, 0x3d, 0xb3, 0x40, 0x85, 0xee, 0xf0, 0x13,
0xbf, 0x08, 0xf4, 0xa4, 0x4d, 0x6f, 0xef, 0x0d,
},
},
toBeSigned: []byte{
0x85, 0x70, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x53, 0x69, 0x67,
0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x45, 0xa2, 0x01, 0x27, 0x03, 0x00,
0x43, 0xa1, 0x01, 0x27, 0x40, 0x54, 0x54, 0x68, 0x69, 0x73, 0x20, 0x69,
0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e,
0x74, 0x2e,

0x86, 0x72, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x53, 0x69, 0x67,
0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x56, 0x32, 0x43, 0xa1, 0x01, 0x27,
0x47, 0xa1, 0x01, 0x3a, 0x6d, 0x6f, 0x63, 0x6a, 0x40, 0x54, 0x54, 0x68,
0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6f,
0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2e, 0x81, 0x77, 0xf3, 0xea, 0xcd, 0x11,
0x85, 0x2c, 0x4b, 0xf9, 0xcb, 0x1d, 0x72, 0xfa, 0xbe, 0x6b, 0x26, 0xfb,
0xa1, 0xd7, 0x60, 0x92, 0xb2, 0xb5, 0xb7, 0xec, 0x83, 0xb8, 0x35, 0x57,
0x65, 0x22, 0x64, 0xe6, 0x96, 0x90, 0xdb, 0xc1, 0x17, 0x2d, 0xdc, 0x0b,
0xf8, 0x84, 0x11, 0xc0, 0xd2, 0x5a, 0x50, 0x7f, 0xdb, 0x24, 0x7a, 0x20,
0xc4, 0x0d, 0x5e, 0x24, 0x5f, 0xab, 0xd3, 0xfc, 0x9e, 0xc1, 0x06,
0x86, // array(6)
0x72, // text(18) "CounterSignatureV2"
0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x53,
0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65,
0x56, 0x32,
0x45, // bytes(5)
0xa2, 0x01, 0x27, 0x03, 0x00,
0x47, // bytes(7)
0xa1, 0x01, 0x3a, 0x6d, 0x6f, 0x63, 0x6a,
0x40, // bytes(0)
0x54, // bytes(20) "This is the content."
0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
0x74, 0x68, 0x65, 0x20, 0x63, 0x6f, 0x6e, 0x74,
0x65, 0x6e, 0x74, 0x2e,
0x81, // array(1)
0x58, 0x40, // bytes(64) signature:
0x71, 0x42, 0xfd, 0x2f, 0xf9, 0x6d, 0x56, 0xdb,
0x85, 0xbe, 0xe9, 0x05, 0xa7, 0x6b, 0xa1, 0xd0,
0xb7, 0x32, 0x1a, 0x95, 0xc8, 0xc4, 0xd3, 0x60,
0x7c, 0x57, 0x81, 0x93, 0x2b, 0x7a, 0xfb, 0x87,
0x11, 0x49, 0x7d, 0xfa, 0x75, 0x1b, 0xf4, 0x0b,
0x58, 0xb3, 0xbc, 0xc3, 0x23, 0x00, 0xb1, 0x48,
0x7f, 0x3d, 0xb3, 0x40, 0x85, 0xee, 0xf0, 0x13,
0xbf, 0x08, 0xf4, 0xa4, 0x4d, 0x6f, 0xef, 0x0d,
},
},
{
// adapted from https://github.com/cose-wg/Examples/blob/master/countersign/signed-01.json
name: "COSE_Signature countersignature conformance test",
sig: &Countersignature{
Headers: Headers{
Protected: ProtectedHeader{
HeaderLabelAlgorithm: algorithmMock,
},
Unprotected: UnprotectedHeader{
HeaderLabelKeyID: []byte("11"),
},
},
},
parent: Signature{
Headers: Headers{
Protected: ProtectedHeader{
HeaderLabelAlgorithm: AlgorithmEdDSA,
},
Unprotected: UnprotectedHeader{
HeaderLabelKeyID: []byte("11"),
},
},
Signature: []byte{
0x8e, 0x1b, 0xe2, 0xf9, 0x45, 0x3d, 0x26, 0x48,
0x12, 0xe5, 0x90, 0x49, 0x91, 0x32, 0xbe, 0xf3,
0xfb, 0xf9, 0xee, 0x9d, 0xb2, 0x7c, 0x2c, 0x16,
0x87, 0x88, 0xe3, 0xb7, 0xeb, 0xe5, 0x06, 0xc0,
0x4f, 0xd3, 0xd1, 0x9f, 0xaa, 0x9f, 0x51, 0x23,
0x2a, 0xf5, 0xc9, 0x59, 0xe4, 0xef, 0x47, 0x92,
0x88, 0x34, 0x64, 0x7f, 0x56, 0xdf, 0xbe, 0x93,
0x91, 0x12, 0x88, 0x4d, 0x08, 0xef, 0x25, 0x05,
},
},
toBeSigned: []byte{
0x85, // array(5)
0x70, // text(16) "CounterSignature"
0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x53,
0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65,
0x43, // bytes(3)
0xa1, 0x01, 0x27,
0x47, // bytes(7)
0xa1, 0x01, 0x3a, 0x6d, 0x6f, 0x63, 0x6a,
0x40, // bytes(0)
0x58, 0x40, // bytes(64) signature:
0x8e, 0x1b, 0xe2, 0xf9, 0x45, 0x3d, 0x26, 0x48,
0x12, 0xe5, 0x90, 0x49, 0x91, 0x32, 0xbe, 0xf3,
0xfb, 0xf9, 0xee, 0x9d, 0xb2, 0x7c, 0x2c, 0x16,
0x87, 0x88, 0xe3, 0xb7, 0xeb, 0xe5, 0x06, 0xc0,
0x4f, 0xd3, 0xd1, 0x9f, 0xaa, 0x9f, 0x51, 0x23,
0x2a, 0xf5, 0xc9, 0x59, 0xe4, 0xef, 0x47, 0x92,
0x88, 0x34, 0x64, 0x7f, 0x56, 0xdf, 0xbe, 0x93,
0x91, 0x12, 0x88, 0x4d, 0x08, 0xef, 0x25, 0x05,
},
},
{
// adapted from https://github.com/cose-wg/Examples/blob/master/countersign/signed-03.json
name: "COSE_Sign countersignature conformance test",
sig: &Countersignature{
Headers: Headers{
Protected: ProtectedHeader{
HeaderLabelAlgorithm: algorithmMock,
},
Unprotected: UnprotectedHeader{
HeaderLabelKeyID: []byte("11"),
},
},
},
parent: SignMessage{
Headers: Headers{
Protected: ProtectedHeader{
HeaderLabelContentType: 0,
},
Unprotected: UnprotectedHeader{},
},
Payload: []byte("This is the content."),
Signatures: []*Signature{
{
Headers: Headers{
Protected: ProtectedHeader{
HeaderLabelAlgorithm: AlgorithmEdDSA,
},
Unprotected: UnprotectedHeader{
HeaderLabelKeyID: []byte("11"),
},
},
Signature: []byte{
0x77, 0xf3, 0xea, 0xcd, 0x11, 0x85, 0x2c, 0x4b,
0xf9, 0xcb, 0x1d, 0x72, 0xfa, 0xbe, 0x6b, 0x26,
0xfb, 0xa1, 0xd7, 0x60, 0x92, 0xb2, 0xb5, 0xb7,
0xec, 0x83, 0xb8, 0x35, 0x57, 0x65, 0x22, 0x64,
0xe6, 0x96, 0x90, 0xdb, 0xc1, 0x17, 0x2d, 0xdc,
0x0b, 0xf8, 0x84, 0x11, 0xc0, 0xd2, 0x5a, 0x50,
0x7f, 0xdb, 0x24, 0x7a, 0x20, 0xc4, 0x0d, 0x5e,
0x24, 0x5f, 0xab, 0xd3, 0xfc, 0x9e, 0xc1, 0x06,
},
},
},
},
toBeSigned: []byte{
0x85, // array(5)
0x70, // text(16) "CounterSignature"
0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x53,
0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65,
0x43, // bytes(3)
0xa1, 0x03, 0x00,
0x47, // bytes(7)
0xa1, 0x01, 0x3a, 0x6d, 0x6f, 0x63, 0x6a,
0x40, // bytes(0)
0x54, // bytes(20) "This is the content."
0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
0x74, 0x68, 0x65, 0x20, 0x63, 0x6f, 0x6e, 0x74,
0x65, 0x6e, 0x74, 0x2e,
},
},
}
Expand Down

0 comments on commit ac7310b

Please sign in to comment.