Skip to content

Status claim support #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Apr 24, 2025
Merged

Status claim support #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ef2eb24
feat: added status descriptor dict
PascalDR Apr 23, 2025
c0e394b
feat: added status field
PascalDR Apr 23, 2025
310c4d8
tests: added tests for status descriptor
PascalDR Apr 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions pymdoccbor/mdoc/exceptions.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,6 @@ class NoSignedDocumentProvided(Exception):

class MissingIssuerAuth(Exception):
pass

class InvalidStatusDescriptor(Exception):
pass
16 changes: 15 additions & 1 deletion pymdoccbor/mdoc/issuer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
from pymdoccbor.mso.issuer import MsoIssuer

from cbor_diag import cbor2diag
from pymdoccbor.mdoc.exceptions import InvalidStatusDescriptor


logger = logging.getLogger("pymdoccbor")
Expand Down Expand Up @@ -74,7 +75,8 @@ def new(
validity: dict = None,
devicekeyinfo: Union[dict, CoseKey, str] = None,
cert_path: str = None,
revocation: dict = None
revocation: dict = None,
status: dict = None
) -> dict:
"""
create a new mdoc with signed mso
Expand All @@ -85,6 +87,7 @@ def new(
:param devicekeyinfo: Union[dict, CoseKey, str]: device key info
:param cert_path: str: path to the certificate
:param revocation: dict: revocation status dict it may include status_list and identifier_list keys
:param status: dict: status dict that includes the status list's uri and the idx following the "https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list" specification

:return: dict: signed mdoc
"""
Expand Down Expand Up @@ -188,6 +191,17 @@ def new(
"status": self.status,
}

if status:
if not "status_list" in status:
raise InvalidStatusDescriptor("status_list is required")

if not "uri" in status["status_list"]:
raise InvalidStatusDescriptor("uri is required")
if not "idx" in status["status_list"]:
raise InvalidStatusDescriptor("idx is required")

res["status"] = status

logger.debug(f"MSO diagnostic notation: {cbor2diag(mso_cbor)}")

self.signed = res
Expand Down
2 changes: 2 additions & 0 deletions pymdoccbor/mdoc/verifier.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -200,6 +200,8 @@ def verify(self) -> bool:

doc_cnt += 1

self.status = cdict.get('status', None)

return False if self.documents_invalid else True

def __repr__(self) -> str:
Expand Down
77 changes: 76 additions & 1 deletion pymdoccbor/tests/test_08_mdoc_cbor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@ def test_mdoc_cbor_creation():
"issuance_date": "2024-12-31",
"expiry_date": "2050-12-31"
},
status={
"status_list": {
"idx": 412,
"uri": "https://example.com/statuslists/1"
}
}
)

data = cbor2.dumps(mdoc)
Expand All @@ -28,4 +34,73 @@ def test_mdoc_cbor_creation():

assert mdoc
assert 'org.micov.medical.1' in mdocp.disclosure_map
assert mdocp.disclosure_map == MICOV_DATA
assert mdocp.disclosure_map == MICOV_DATA
assert mdocp.status == {
"status_list": {
"idx": 412,
"uri": "https://example.com/statuslists/1"
}
}

def test_mdoc_cbor_invalid_status():
mdoci = MdocCborIssuer(
private_key=PKEY,
alg="ES256",
)

try:
mdoci.new(
data=MICOV_DATA,
#devicekeyinfo=PKEY, # TODO
doctype="org.micov.medical.1",
validity={
"issuance_date": "2024-12-31",
"expiry_date": "2050-12-31"
},
status={
"status_list": {
"idx": 412,
# "uri": "https://example.com/statuslists/1" # Missing URI
}
}
)
except Exception as e:
assert str(e) == "uri is required"

try:
mdoci.new(
data=MICOV_DATA,
#devicekeyinfo=PKEY, # TODO
doctype="org.micov.medical.1",
validity={
"issuance_date": "2024-12-31",
"expiry_date": "2050-12-31"
},
status={
"status_list": {
#"idx": 412,
"uri": "https://example.com/statuslists/1" # Missing URI
}
}
)
except Exception as e:
assert str(e) == "idx is required"

try:
mdoci.new(
data=MICOV_DATA,
#devicekeyinfo=PKEY, # TODO
doctype="org.micov.medical.1",
validity={
"issuance_date": "2024-12-31",
"expiry_date": "2050-12-31"
},
status={
"not_status_list": {
"idx": 412,
"uri": "https://example.com/statuslists/1" # Missing URI
}
}
)
except Exception as e:
assert str(e) == "status_list is required"