@@ -293,6 +293,7 @@ def setUp(self):
293293 }
294294
295295 # Define an example ES256 callback signer
296+ self .callback_signer_alg = "Es256"
296297 def callback_signer_es256 (data : bytes ) -> bytes :
297298 private_key = serialization .load_pem_private_key (
298299 self .key ,
@@ -806,12 +807,19 @@ def test_sign_file_callback_signer(self):
806807 self .assertGreater (len (manifest_bytes ), 0 )
807808
808809 # Read the signed file and verify the manifest
809- with open (output_path , "rb" ) as file :
810- reader = Reader ("image/jpeg" , file )
810+ with open (output_path , "rb" ) as file , Reader ("image/jpeg" , file ) as reader :
811811 json_data = reader .json ()
812- self .assertIn ("Python Test" , json_data )
813812 self .assertNotIn ("validation_status" , json_data )
814813
814+ # Parse the JSON and verify the signature algorithm
815+ manifest_data = json .loads (json_data )
816+ active_manifest_id = manifest_data ["active_manifest" ]
817+ active_manifest = manifest_data ["manifests" ][active_manifest_id ]
818+
819+ self .assertIn ("signature_info" , active_manifest )
820+ signature_info = active_manifest ["signature_info" ]
821+ self .assertEqual (signature_info ["alg" ], self .callback_signer_alg )
822+
815823 finally :
816824 shutil .rmtree (temp_dir )
817825
@@ -850,6 +858,16 @@ def test_sign_file_callback_signer_managed(self):
850858 self .assertIn ("Python Test" , json_data )
851859 self .assertNotIn ("validation_status" , json_data )
852860
861+ # Parse the JSON and verify the signature algorithm
862+ manifest_data = json .loads (json_data )
863+ active_manifest_id = manifest_data ["active_manifest" ]
864+ active_manifest = manifest_data ["manifests" ][active_manifest_id ]
865+
866+ # Verify the signature_info contains the correct algorithm
867+ self .assertIn ("signature_info" , active_manifest )
868+ signature_info = active_manifest ["signature_info" ]
869+ self .assertEqual (signature_info ["alg" ], self .callback_signer_alg )
870+
853871 finally :
854872 shutil .rmtree (temp_dir )
855873
@@ -887,12 +905,21 @@ def test_builder_sign_file_callback_signer_from_callback(self):
887905 self .assertGreater (len (manifest_bytes ), 0 )
888906
889907 # Read the signed file and verify the manifest
890- with open (output_path , "rb" ) as file :
891- reader = Reader ("image/jpeg" , file )
908+ with open (output_path , "rb" ) as file , Reader ("image/jpeg" , file ) as reader :
892909 json_data = reader .json ()
893910 self .assertIn ("Python Test" , json_data )
894911 self .assertNotIn ("validation_status" , json_data )
895912
913+ # Parse the JSON and verify the signature algorithm
914+ manifest_data = json .loads (json_data )
915+ active_manifest_id = manifest_data ["active_manifest" ]
916+ active_manifest = manifest_data ["manifests" ][active_manifest_id ]
917+
918+ # Verify the signature_info contains the correct algorithm
919+ self .assertIn ("signature_info" , active_manifest )
920+ signature_info = active_manifest ["signature_info" ]
921+ self .assertEqual (signature_info ["alg" ], self .callback_signer_alg )
922+
896923 finally :
897924 shutil .rmtree (temp_dir )
898925
@@ -1066,10 +1093,9 @@ def test_sign_file_callback_signer_reports_error(self):
10661093 # Use the sign_file method
10671094 builder = Builder (self .manifestDefinition )
10681095
1069- # Define a callback that always returns -1 to simulate an error
1096+ # Define a callback that always returns None to simulate an error
10701097 def error_callback_signer (data : bytes ) -> bytes :
1071- # Return -1 to indicate an error condition
1072- return - 1
1098+ return None
10731099
10741100 # Create signer with error callback using create_signer function
10751101 signer = create_signer (
0 commit comments