Add meta-map, supporting Event Attributes in SCITT Statements

scitt/create_hashed_signed_statement.py

@@ -1,7 +1,9 @@
 """ Module for creating a SCITT signed statement with a detached payload"""
 
-import hashlib
 import argparse
+import hashlib
+import json
+import dump_cbor
 
 from typing import Optional
 
@@ -42,6 +44,8 @@
 HEADER_LABEL_PAYLOAD_LOCATION = -6801
 HEADER_LABEL_PAYLOAD_PRE_CONTENT_TYPE = -6802
 
+# key/value pairs of tstr:tstr supporting metadata
+HEADER_LABEL_META_MAP = -6803
 
 def open_signing_key(key_file: str) -> SigningKey:
     """
@@ -55,7 +59,7 @@ def open_signing_key(key_file: str) -> SigningKey:
         return signing_key
 
 
-def open_payload(payload_file: str) -> str:
+def read_file(payload_file: str) -> str:
     """
     opens the payload from the payload file.
     """
@@ -70,6 +74,7 @@ def create_hashed_signed_statement(
     issuer: str,
     content_type: str,
     payload_location: str,
+    meta_map: dict,
 ) -> bytes:
     """
     creates a hashed signed statement, given the signing_key, payload, subject and issuer
@@ -88,7 +93,7 @@ def create_hashed_signed_statement(
     y_part = xy_parts[32:64]
 
     # create a protected header where
-    #  the verification key is attached to the cwt claims
+    # the verification key is attached to the cwt claims
     protected_header = {
         Algorithm: Es256,
         KID: b"testkey",
@@ -107,6 +112,7 @@ def create_hashed_signed_statement(
         },
         HEADER_LABEL_PAYLOAD_HASH_ALGORITHM: -16,  # for sha256
         HEADER_LABEL_PAYLOAD_LOCATION: payload_location,
+        HEADER_LABEL_META_MAP: meta_map,
     }
 
     # now create a sha256 hash of the payload
@@ -157,6 +163,13 @@ def main():
         help="issuer who owns the signing key.",
     )
 
+    # meta-map
+    parser.add_argument(
+        "--meta-map-file",
+        type=str,
+        help="Filepath containing a dictionary of key:value pairs (str:str) for indexed meta-data.",
+    )
+
     # output file
     parser.add_argument(
         "--output-file",
@@ -197,8 +210,12 @@ def main():
 
     args = parser.parse_args()
 
+    meta_map_dict = json.loads(read_file(args.meta_map_file))
+
+    print("meta_map:", meta_map_dict)
+
     signing_key = open_signing_key(args.signing_key_file)
-    payload_contents = open_payload(args.payload_file)
+    payload_contents = read_file(args.payload_file)
 
     signed_statement = create_hashed_signed_statement(
         content_type=args.content_type,
@@ -207,11 +224,14 @@ def main():
         payload_location=args.payload_location,
         signing_key=signing_key,
         subject=args.subject,
+        meta_map=meta_map_dict,
     )
-
+    
     with open(args.output_file, "wb") as output_file:
         output_file.write(signed_statement)
 
+    dump_cbor.print_cbor(args.output_file)
+
 
 if __name__ == "__main__":
     main()

scitt/dump_cbor.py

@@ -4,6 +4,19 @@
 from pprint import pprint
 from pycose.messages import Sign1Message
 
+def print_cbor(payload_file: str) -> str:
+
+    with open(payload_file, "rb") as data_file:
+        data = data_file.read()
+        message = Sign1Message.decode(data)
+        print("\ncbor decoded cose sign1 statement:\n")
+        print("protected headers:")
+        pprint(message.phdr)
+        print("\nunprotected headers: ")
+        pprint(message.uhdr)
+        print("\npayload: ", message.payload)
+        print("payload hex: ", message.payload.hex())
+
 
 def main():
     """Dumps content of a supposed CBOR file"""
@@ -22,16 +35,7 @@ def main():
 
     args = parser.parse_args()
 
-    with open(args.input, "rb") as data_file:
-        data = data_file.read()
-        message = Sign1Message.decode(data)
-        print("\ncbor decoded cose sign1 statement:\n")
-        print("protected headers:")
-        pprint(message.phdr)
-        print("\nunprotected headers: ")
-        pprint(message.uhdr)
-        print("\npayload: ", message.payload)
-        print("payload hex: ", message.payload.hex())
+    print_cbor(args.input)
 
 
 if __name__ == "__main__":