Skip to content

Commit

Permalink
https://github.com/abhishek-ram/pyas2-lib/issues/60
Browse files Browse the repository at this point in the history
Extending Partner with Signature Algo and pass the setting to signing function.
  • Loading branch information
chadgates committed Apr 17, 2024
1 parent 0d88e38 commit adbd933
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 2 deletions.
21 changes: 19 additions & 2 deletions pyas2lib/as2.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
MDN_CONFIRM_TEXT,
MDN_FAILED_TEXT,
MDN_MODES,
SIGNATUR_ALGORITHMS,
SYNCHRONOUS_MDN,
)
from pyas2lib.exceptions import (
Expand Down Expand Up @@ -179,6 +180,9 @@ class Partner:
:param canonicalize_as_binary: force binary canonicalization for this partner
:param sign_alg: The signing algorithm to be used for generating the
signature. (default `rsassa_pkcs1v15`)
"""

as2_name: str
Expand All @@ -197,6 +201,7 @@ class Partner:
mdn_confirm_text: str = MDN_CONFIRM_TEXT
ignore_self_signed: bool = True
canonicalize_as_binary: bool = False
sign_alg: str = "rsassa_pkcs1v15"

def __post_init__(self):
"""Run the post initialisation checks for this class."""
Expand Down Expand Up @@ -225,6 +230,12 @@ def __post_init__(self):
f"must be one of {DIGEST_ALGORITHMS}"
)

if self.sign_alg and self.sign_alg not in SIGNATUR_ALGORITHMS:
raise ImproperlyConfigured(
f"Unsupported Signature Algorithm {self.sign_alg}, "
f"must be one of {SIGNATUR_ALGORITHMS}"
)

def load_verify_cert(self):
"""Load the verification certificate of the partner and returned the parsed cert."""
if self.validate_certs:
Expand Down Expand Up @@ -466,7 +477,10 @@ def build(
)
del signature["MIME-Version"]
signature_data = sign_message(
mic_content, self.digest_alg, self.sender.sign_key
mic_content,
self.digest_alg,
self.sender.sign_key,
self.receiver.sign_alg,
)
signature.set_payload(signature_data)
encoders.encode_base64(signature)
Expand Down Expand Up @@ -865,7 +879,10 @@ def build(
del signature["MIME-Version"]

signed_data = sign_message(
canonicalize(self.payload), self.digest_alg, message.receiver.sign_key
canonicalize(self.payload),
self.digest_alg,
message.receiver.sign_key,
message.sender.sign_alg,
)
signature.set_payload(signed_data)
encoders.encode_base64(signature)
Expand Down
4 changes: 4 additions & 0 deletions pyas2lib/constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,3 +28,7 @@
"aes_192_cbc",
"aes_256_cbc",
)
SIGNATUR_ALGORITHMS = (
"rsassa_pkcs1v15",
"rsassa_pss",
)
3 changes: 3 additions & 0 deletions pyas2lib/tests/test_advanced.py
Original file line number Diff line number Diff line change
Expand Up @@ -334,6 +334,9 @@ def test_partner_checks(self):
with self.assertRaises(ImproperlyConfigured):
as2.Partner("a partner", mdn_digest_alg="xyz")

with self.assertRaises(ImproperlyConfigured):
as2.Partner("a partner", sign_alg="xyz")

def test_message_checks(self):
"""Test the checks and other features of Message."""
msg = as2.Message()
Expand Down

0 comments on commit adbd933

Please sign in to comment.