Skip to content
This repository was archived by the owner on Nov 22, 2024. It is now read-only.

verify-receipt fails with cryptography.exceptions.InvalidSignature #42

Open
Open
verify-receipt fails with cryptography.exceptions.InvalidSignature#42
@SteveLasker

Description

@SteveLasker
SteveLasker
opened on Jan 12, 2024

Running the verify-receipt command generates the following errors:

./scitt-emulator.sh client verify-receipt \
    --claim claim.cose \
    --receipt claim.receipt.cbor \
    --service-parameters workspace/service_parameters.json
Leaf hash: a4a11c989bfece0221c77998c62c2f823da27829be61f9ecfa1a207dd1efd6f7
Root: e5500265c6dabe10b3af1da8ed638d3b7bca81d0fe6759c9049a44f7b9b30f55
Traceback (most recent call last):
  File "/home/steve/go/src/github/user/scitt-api-emulator/venv/bin/scitt-emulator", line 33, in <module>
    sys.exit(load_entry_point('scitt-emulator', 'console_scripts', 'scitt-emulator')())
  File "/home/steve/go/src/github/user/scitt-api-emulator/scitt_emulator/cli.py", line 22, in main
    args.func(args)
  File "/home/steve/go/src/github/user/scitt-api-emulator/scitt_emulator/client.py", line 240, in <lambda>
    func=lambda args: verify_receipt(
  File "/home/steve/go/src/github/user/scitt-api-emulator/scitt_emulator/client.py", line 165, in verify_receipt
    service.verify_receipt(cose_path, receipt_path)
  File "/home/steve/go/src/github/user/scitt-api-emulator/scitt_emulator/scitt.py", line 304, in verify_receipt
    self.verify_receipt_contents(receipt_contents, countersign_tbi)
  File "/home/steve/go/src/github/user/scitt-api-emulator/scitt_emulator/ccf.py", line 171, in verify_receipt_contents
    verify_certificate_is_issued_by(node_cert, service_cert)
  File "/home/steve/go/src/github/user/scitt-api-emulator/scitt_emulator/ccf.py", line 229, in verify_certificate_is_issued_by
    public_key.verify(
  File "/home/steve/go/src/github/user/scitt-api-emulator/venv/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ec.py", line 328, in verify
    _ecdsa_sig_verify(self._backend, self, signature, data)
  File "/home/steve/go/src/github/user/scitt-api-emulator/venv/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ec.py", line 124, in _ecdsa_sig_verify
    raise InvalidSignature
cryptography.exceptions.InvalidSignature

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions