Ensure we pass in and out cbor instead of base64 (#6)

* Ensure we pass in and out cbor instead of base64 AB#8867 --------- Co-authored-by: jgough <[email protected]>
datatrails · Dec 14, 2023 · 396d8bc · 396d8bc
1 parent cfc1fcd
commit 396d8bc
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 31 deletions.
diff --git a/scitt/create_signed_statement.py b/scitt/create_signed_statement.py
@@ -4,7 +4,6 @@
 import json
 import argparse
 
-from base64 import b64encode
 from typing import Optional
 
 from pycose.messages import Sign1Message
@@ -52,6 +51,7 @@ def open_payload(payload_file: str) -> str:
     """
     opens the payload from the payload file.
     NOTE: the payload is expected to be in json format.
+          however, any payload of type bytes is allowed.
     """
     with open(payload_file, encoding="UTF-8") as file:
         payload = json.loads(file.read())
@@ -124,10 +124,7 @@ def create_signed_statement(
     # NOTE: the encode() function performs the signing automatically
     signed_statement = statement.encode([None])
 
-    # base64 encode the signed statement
-    signed_statement_b64 = b64encode(signed_statement)
-
-    return signed_statement_b64
+    return signed_statement
 
 
 def main():
@@ -179,7 +176,7 @@ def main():
         "--output-file",
         type=str,
         help="name of the output file to store the signed statement.",
-        default="signed-statement.txt",
+        default="signed-statement.cbor",
     )
 
     args = parser.parse_args()
@@ -195,8 +192,8 @@ def main():
         args.content_type,
     )
 
-    with open(args.output_file, "w", encoding="UTF-8") as output_file:
-        output_file.write(signed_statement.decode("utf-8"))
+    with open(args.output_file, "wb") as output_file:
+        output_file.write(signed_statement)
 
 
 if __name__ == "__main__":

diff --git a/scitt/verify_receipt_signature.py b/scitt/verify_receipt_signature.py
@@ -1,7 +1,6 @@
 """ Module for verifying the counter signed receipt signature """
 
 import re
-from base64 import b64decode
 import argparse
 
 import requests
@@ -19,12 +18,12 @@
 HEADER_LABEL_DID = 391
 
 
-def open_receipt(receipt_file: str) -> str:
+def open_receipt(receipt_file: str) -> bytes:
     """
     opens the receipt from the receipt file.
-    NOTE: the receipt is expected to be in base64 encoding.
+    NOTE: the receipt is expected to be in cbor encoding.
     """
-    with open(receipt_file, encoding="UTF-8") as file:
+    with open(receipt_file, "rb") as file:
         receipt = file.read()
         return receipt
 
@@ -92,16 +91,13 @@ def get_didweb_pubkey(didurl: str, kid: bytes) -> dict:
     raise ValueError(f"no key with kid: {kid} in verification methods of did document")
 
 
-def verify_receipt(receipt: str) -> bool:
+def verify_receipt(receipt: bytes) -> bool:
     """
     verifies the counter signed receipt signature
     """
 
-    # base64 decode the receipt into a cose sign1 message
-    b64decoded_message = b64decode(receipt)
-
     # decode the cbor encoded cose sign1 message
-    message = Sign1Message.decode(b64decoded_message)
+    message = Sign1Message.decode(receipt)
 
     # get the verification key from didweb
     kid: bytes = message.phdr[KID]
@@ -121,14 +117,16 @@ def verify_receipt(receipt: str) -> bool:
 def main():
     """Verifies a counter signed receipt signature"""
 
-    parser = argparse.ArgumentParser(description="Create a signed statement.")
+    parser = argparse.ArgumentParser(
+        description="Verify a counter signed receipt signature."
+    )
 
     # signing key file
     parser.add_argument(
         "--receipt-file",
         type=str,
-        help="filepath to the stored receipt, in base64 format.",
-        default="scitt-receipt.txt",
+        help="filepath to the stored receipt, in cbor format.",
+        default="scitt-receipt.cbor",
     )
 
     args = parser.parse_args()

diff --git a/unittests/constants.py b/unittests/constants.py
diff --git a/unittests/resources/scitt-receipt.cbor b/unittests/resources/scitt-receipt.cbor
diff --git a/unittests/test_create_signed_statement.py b/unittests/test_create_signed_statement.py
@@ -5,8 +5,6 @@
 import unittest
 import json
 
-from base64 import b64decode
-
 from ecdsa import SigningKey, NIST256p
 
 from pycose.messages import Sign1Message
@@ -52,11 +50,8 @@ def test_sign_and_verifiy_statement(self):
 
         # verify the signed statement
 
-        # base64 decode the signed statement into a cose sign1 message
-        b64decoded_message = b64decode(signed_statement)
-
         # decode the cbor encoded cose sign1 message
-        message = Sign1Message.decode(b64decoded_message)
+        message = Sign1Message.decode(signed_statement)
 
         # get the verification key from cwt cnf
         cwt = message.phdr[HEADER_LABEL_CWT]

diff --git a/unittests/test_verify_receipt_signature.py b/unittests/test_verify_receipt_signature.py
@@ -4,9 +4,9 @@
 
 import unittest
 
-from scitt.verify_receipt_signature import verify_receipt
+from scitt.verify_receipt_signature import verify_receipt, open_receipt
 
-from .constants import KNOWN_RECEIPT
+from .constants import KNOWN_RECEIPT_FILE
 
 
 class TestVerifyRecieptSignature(unittest.TestCase):
@@ -18,7 +18,8 @@ def test_verify_kat_receipt(self):
         """
         tests we can verify the signature of a known receipt.
         """
+        receipt = open_receipt(KNOWN_RECEIPT_FILE)
 
-        verified = verify_receipt(KNOWN_RECEIPT)
+        verified = verify_receipt(receipt)
 
         self.assertTrue(verified)