From 54a502e838383ca72e7763ad637ce3f39caf58f4 Mon Sep 17 00:00:00 2001 From: HarshvMahawar Date: Wed, 26 Feb 2025 15:13:06 +0530 Subject: [PATCH 1/7] Initialize project python-ear Signed-off-by: HarshvMahawar --- README.md | 23 +++++++++++++++++++++++ requirements.txt | 0 src/ear/__init__.py | 0 tests/__init__.py | 0 4 files changed, 23 insertions(+) create mode 100644 requirements.txt create mode 100644 src/ear/__init__.py create mode 100644 tests/__init__.py diff --git a/README.md b/README.md index 312578f..537468d 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,26 @@ # python-ear A python implementation of [draft-fv-rats-ear](https://datatracker.ietf.org/doc/draft-fv-rats-ear/). + +# Proposal + +Following are the tools that will be used in the development of this library + +## CWT and JWT creation + +1. [python-cwt](https://python-cwt.readthedocs.io/en/stable/) +2. [python-jwt](https://pypi.org/project/python-jose/) + +## Code formatting and styling + +1. [black](https://pypi.org/project/black/) +2. [isort](https://pypi.org/project/isort/) + +## Linting and static analysis + +1. [flake8](https://pypi.org/project/flake8/) +2. [mypy](https://pypi.org/project/mypy/) + +## Testing + +1. [pytest](https://pypi.org/project/pytest/) \ No newline at end of file diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..e69de29 diff --git a/src/ear/__init__.py b/src/ear/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/tests/__init__.py b/tests/__init__.py new file mode 100644 index 0000000..e69de29 From cde8437d2d132501ae80e94b8a5687a95f745ef6 Mon Sep 17 00:00:00 2001 From: HarshvMahawar Date: Sat, 1 Mar 2025 01:07:45 +0530 Subject: [PATCH 2/7] Define initial class for EAR claimset along with its unit test, setup tox for testing Signed-off-by: HarshvMahawar --- .gitignore | 174 ++++++++++++++++++ .pylintrc | 8 + requirements.txt | 10 + src/{ear => }/__init__.py | 0 src/__pycache__/__init__.cpython-39.pyc | Bin 0 -> 157 bytes src/__pycache__/claims.cpython-39.pyc | Bin 0 -> 1434 bytes src/claims.py | 40 ++++ tests/__pycache__/__init__.cpython-39.pyc | Bin 0 -> 155 bytes .../test_claims.cpython-39-pytest-7.4.2.pyc | Bin 0 -> 1215 bytes tests/test_claims.py | 13 ++ tox.ini | 23 +++ 11 files changed, 268 insertions(+) create mode 100644 .gitignore create mode 100644 .pylintrc rename src/{ear => }/__init__.py (100%) create mode 100644 src/__pycache__/__init__.cpython-39.pyc create mode 100644 src/__pycache__/claims.cpython-39.pyc create mode 100644 src/claims.py create mode 100644 tests/__pycache__/__init__.cpython-39.pyc create mode 100644 tests/__pycache__/test_claims.cpython-39-pytest-7.4.2.pyc create mode 100644 tests/test_claims.py create mode 100644 tox.ini diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1800114 --- /dev/null +++ b/.gitignore @@ -0,0 +1,174 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ +cover/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py +db.sqlite3 +db.sqlite3-journal + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +.pybuilder/ +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# IPython +profile_default/ +ipython_config.py + +# pyenv +# For a library or package, you might want to ignore these files since the code is +# intended to run in multiple environments; otherwise, check them in: +# .python-version + +# pipenv +# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. +# However, in case of collaboration, if having platform-specific dependencies or dependencies +# having no cross-platform support, pipenv may install dependencies that don't work, or not +# install all needed dependencies. +#Pipfile.lock + +# UV +# Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control. +# This is especially recommended for binary packages to ensure reproducibility, and is more +# commonly ignored for libraries. +#uv.lock + +# poetry +# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. +# This is especially recommended for binary packages to ensure reproducibility, and is more +# commonly ignored for libraries. +# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control +#poetry.lock + +# pdm +# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. +#pdm.lock +# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it +# in version control. +# https://pdm.fming.dev/latest/usage/project/#working-with-version-control +.pdm.toml +.pdm-python +.pdm-build/ + +# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm +__pypackages__/ + +# Celery stuff +celerybeat-schedule +celerybeat.pid + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ +.dmypy.json +dmypy.json + +# Pyre type checker +.pyre/ + +# pytype static type analyzer +.pytype/ + +# Cython debug symbols +cython_debug/ + +# PyCharm +# JetBrains specific template is maintained in a separate JetBrains.gitignore that can +# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore +# and can be added to the global gitignore or merged into this file. For a more nuclear +# option (not recommended) you can uncomment the following to ignore the entire idea folder. +#.idea/ + +# Ruff stuff: +.ruff_cache/ + +# PyPI configuration file +.pypirc \ No newline at end of file diff --git a/.pylintrc b/.pylintrc new file mode 100644 index 0000000..ee29c99 --- /dev/null +++ b/.pylintrc @@ -0,0 +1,8 @@ +[MESSAGES CONTROL] +disable = C0114, C0115, C0116 ; Disable missing module/class/function docstring warnings + +[FORMAT] +max-line-length = 88 ; Match Black's default line length + +[MASTER] +ignore = venv ; Ignore virtual environment folder diff --git a/requirements.txt b/requirements.txt index e69de29..29b02d2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -0,0 +1,10 @@ +python-jose==3.4.0 +cwt==2.8.0 +black==24.8.0 +isort==5.12.0 +flake8==6.0.0 +mypy==1.5.1 +pytest==7.4.2 +tox==4.24.1 +pyright==1.1.325 +pylint==2.17.5 diff --git a/src/ear/__init__.py b/src/__init__.py similarity index 100% rename from src/ear/__init__.py rename to src/__init__.py diff --git a/src/__pycache__/__init__.cpython-39.pyc b/src/__pycache__/__init__.cpython-39.pyc new file mode 100644 index 0000000000000000000000000000000000000000..4e2c780829802229279b49b4f1c26b1d3b46fd41 GIT binary patch literal 157 zcmYe~<>g`k0;^s7(n0iN5P=LBfgA@QE@lA|DGb33nv8xc8Hzx{2;!HMvsFxJacWU< zjHRK4sZor7UaCt`W?5>COKNd;Nq#|$k6T1cL1jrsex7b>Vo^+SQF083j*rjG%PfhH Y*DI*J#bJ}1pHiBWY6mj=GY~TX05Z2F{{R30 literal 0 HcmV?d00001 diff --git a/src/__pycache__/claims.cpython-39.pyc b/src/__pycache__/claims.cpython-39.pyc new file mode 100644 index 0000000000000000000000000000000000000000..6ba78fc1dcff1215b6ae4fb7495428f1ceb78696 GIT binary patch literal 1434 zcmZuw-D(p-6rR6LHh=xq(u(4RAgs`$f}m2QwN-BaX%h0xym z2E9lx^BO+J+zNuPP9TXP7f*=A7O6zHiP%wOW}#`#t}2@1-E*7cOQShs72Q z^8kz_k|v~qGfQZfHCUH7I3;h0U-XF*(^?+HvogP@R8@I9+Zq2p= zEVf{n?_d;ZP)Qn0aV3-ombcj&ab5vENl%1ik{^pkab{PXQ0d76?E0!SvtNXLUzU!= z5p9$ez=L&JRv@ned0bXuU6XSzUX}9zdBK)mZNJ}1qPT0u!WR3w*NziqOR+HnCBrDQ zm3^h-cC2(5OItL9&)uFhEf3I78~O~!4h(Y}%#aRANQMk79dfX2D8O<_K9Di3Yy2Sa ztS~BRYZOEm(fDXeV8%pOVLIE~dEWeJls3(0kDfkx+qEyrb}e_;JEjMF#^Lp;IY&q=XBu^%p7klvUk1=JR_$_6@ZQB0jQ z^bxM(wgS$ObZ`K}4)E)6ydn^i)dOKGD$2sCgglP2vw48EF%@t0@zjH)$ zQ-h@~X1!2C-7LYvxH4sex_*ARc!_$F1)znDvZ#gfPaFEk)DetGVu!N$>I+r0&Yde^iu1|LAP)84cODm zXs)0^T`}<<#EesmUeObyK+DHDG?~7p=|vf!Hh_a}T!18&RXG}9c< zL!KIybGq0HybWWz3f_y%f#PG;chOuza~{^BM)8rf!MgW3qwe Dict[str, Any]: + return { + "eat_profile": self.profile, + "iat": self.issued_at, + "ear.verifier-id": self.verifier_id, + "submods": self.submods, + } + + @classmethod + def from_dict(cls, data: Dict[str, Any]): + return cls( + profile=data.get("eat_profile", ""), + issued_at=data.get("iat", 0), + verifier_id=data.get("ear.verifier-id", {}), + submods=data.get("submods", {}), + ) + + def to_json(self) -> str: + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str): + return cls.from_dict(json.loads(json_str)) diff --git a/tests/__pycache__/__init__.cpython-39.pyc b/tests/__pycache__/__init__.cpython-39.pyc new file mode 100644 index 0000000000000000000000000000000000000000..de3fe680c26541d9107cecb5b24e30fcb645d4a6 GIT binary patch literal 155 zcmYe~<>g`kg4$jC(n0iN5P=LBfgA@QE@lA|DGb33nv8xc8Hzx{2;!H6vsFxJacWU< zjHRK4sZor7UaCt`W?5>COKNd;Nq#|$k6T1cL1jrsex7b>Vo^*+%OniK1US>&r Yyk0@&Ee@O9{FKt1R6CH#pMjVG01LJymjD0& literal 0 HcmV?d00001 diff --git a/tests/__pycache__/test_claims.cpython-39-pytest-7.4.2.pyc b/tests/__pycache__/test_claims.cpython-39-pytest-7.4.2.pyc new file mode 100644 index 0000000000000000000000000000000000000000..8aedaca62a7e8b803bc8ed6b399e43e33d637c88 GIT binary patch literal 1215 zcmZ8h&2H2%5VoEFw52Ub2yVTA$bnU}{I!Upq5={U0ttkKqLrd_ooxg8lkF{RNiMX{ zz==cmh{Tx(;1M|b$_X9;abWCh(Slbq{^lFccs%wdSz7WDjFpwId%GB+@5-1T1dMGE z-Umey#W{+wo=IU4gi&Ee7FHgT+l3Q3fDLLMqsXQBISQ;F5Qm-wSb7icJ=@8Xtl&dM zoes6V2eJdg36vmU6G~K)3{#8R)X8v$kIWV|=mbwuiv>C%4W8nbG~|`h8jW#;TC+ib zt;PauH)dnMCau#r{HHKaEb2DS2vbk-BQiCqFYFU%iVhGz1i#ymDQ3rjJcUXEeua%G z*0VXqbm4ErXB~kc;*0hIf`|o;tyzQ(5sM$~^Qd*{5ruYcIhc=q1 zH9$-d2gGV^ilAxBPohPUauL_88fAH!eIp+pNo#kU2=Kl%gQk^iK(s-z^T-x0n*pX3B)|KijbzP~ON^L}DJqgzjmlMuY zCUm7CRH*5Gu*lR)j2x))6|c(38?mbBpyE{J(%-Hpx@`%QtMM?&^O&VI8&(C>lFCJJ z$Et@SE4j4u3RZA=A?EwlIH!7Pyq8zINgkI;kxDP-$tYDB%cwZOvud7fjJy8#y5mAmdMtgzG6B8( sOG#(OF&APYpR-}FdmH+Ob!vU8Ikl>?yLaHlkMr~{d?VmX0qU~x2Y-cJNB{r; literal 0 HcmV?d00001 diff --git a/tests/test_claims.py b/tests/test_claims.py new file mode 100644 index 0000000..06fac4b --- /dev/null +++ b/tests/test_claims.py @@ -0,0 +1,13 @@ +from src.claims import EARClaims + + +def test_ear_claims(): + claims = EARClaims( + "test_profile", + 1234567890, + {"build": "v1"}, + {"submods1": {"status": "affirming"}}, + ) + json_str = claims.to_json() + parsed_claims = EARClaims.from_json(json_str) + assert parsed_claims.to_dict() == claims.to_dict() diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..2a75fe9 --- /dev/null +++ b/tox.ini @@ -0,0 +1,23 @@ +[tox] +envlist = lint, test + +[testenv:lint] +deps = + isort==5.12.0 + black==24.8.0 + flake8==6.0.0 + mypy==1.5.1 + pylint==2.17.5 + pyright==1.1.325 +commands = + isort . --check --diff + black . --check --diff + flake8 . + mypy . + pylint src tests + pyright + +[testenv:test] +deps = + pytest==7.4.2 +commands = pytest From 1c571895417dde48d148038cd31314091545e322 Mon Sep 17 00:00:00 2001 From: HarshvMahawar Date: Sun, 2 Mar 2025 00:44:42 +0530 Subject: [PATCH 3/7] Use dataclasses for definition of EARClaims class Signed-off-by: HarshvMahawar --- src/__pycache__/__init__.cpython-39.pyc | Bin 157 -> 0 bytes src/__pycache__/claims.cpython-39.pyc | Bin 1434 -> 0 bytes src/claims.py | 17 ++++++----------- 3 files changed, 6 insertions(+), 11 deletions(-) delete mode 100644 src/__pycache__/__init__.cpython-39.pyc delete mode 100644 src/__pycache__/claims.cpython-39.pyc diff --git a/src/__pycache__/__init__.cpython-39.pyc b/src/__pycache__/__init__.cpython-39.pyc deleted file mode 100644 index 4e2c780829802229279b49b4f1c26b1d3b46fd41..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 157 zcmYe~<>g`k0;^s7(n0iN5P=LBfgA@QE@lA|DGb33nv8xc8Hzx{2;!HMvsFxJacWU< zjHRK4sZor7UaCt`W?5>COKNd;Nq#|$k6T1cL1jrsex7b>Vo^+SQF083j*rjG%PfhH Y*DI*J#bJ}1pHiBWY6mj=GY~TX05Z2F{{R30 diff --git a/src/__pycache__/claims.cpython-39.pyc b/src/__pycache__/claims.cpython-39.pyc deleted file mode 100644 index 6ba78fc1dcff1215b6ae4fb7495428f1ceb78696..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1434 zcmZuw-D(p-6rR6LHh=xq(u(4RAgs`$f}m2QwN-BaX%h0xym z2E9lx^BO+J+zNuPP9TXP7f*=A7O6zHiP%wOW}#`#t}2@1-E*7cOQShs72Q z^8kz_k|v~qGfQZfHCUH7I3;h0U-XF*(^?+HvogP@R8@I9+Zq2p= zEVf{n?_d;ZP)Qn0aV3-ombcj&ab5vENl%1ik{^pkab{PXQ0d76?E0!SvtNXLUzU!= z5p9$ez=L&JRv@ned0bXuU6XSzUX}9zdBK)mZNJ}1qPT0u!WR3w*NziqOR+HnCBrDQ zm3^h-cC2(5OItL9&)uFhEf3I78~O~!4h(Y}%#aRANQMk79dfX2D8O<_K9Di3Yy2Sa ztS~BRYZOEm(fDXeV8%pOVLIE~dEWeJls3(0kDfkx+qEyrb}e_;JEjMF#^Lp;IY&q=XBu^%p7klvUk1=JR_$_6@ZQB0jQ z^bxM(wgS$ObZ`K}4)E)6ydn^i)dOKGD$2sCgglP2vw48EF%@t0@zjH)$ zQ-h@~X1!2C-7LYvxH4sex_*ARc!_$F1)znDvZ#gfPaFEk)DetGVu!N$>I+r0&Yde^iu1|LAP)84cODm zXs)0^T`}<<#EesmUeObyK+DHDG?~7p=|vf!Hh_a}T!18&RXG}9c< zL!KIybGq0HybWWz3f_y%f#PG;chOuza~{^BM)8rf!MgW3qwe Dict[str, Any]: return { From 853711bc854c940df9bb0fa591f7122d56993716 Mon Sep 17 00:00:00 2001 From: HarshvMahawar Date: Mon, 3 Mar 2025 13:11:14 +0530 Subject: [PATCH 4/7] Remove cache files Signed-off-by: HarshvMahawar --- tests/__pycache__/__init__.cpython-39.pyc | Bin 155 -> 0 bytes .../test_claims.cpython-39-pytest-7.4.2.pyc | Bin 1215 -> 0 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 tests/__pycache__/__init__.cpython-39.pyc delete mode 100644 tests/__pycache__/test_claims.cpython-39-pytest-7.4.2.pyc diff --git a/tests/__pycache__/__init__.cpython-39.pyc b/tests/__pycache__/__init__.cpython-39.pyc deleted file mode 100644 index de3fe680c26541d9107cecb5b24e30fcb645d4a6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 155 zcmYe~<>g`kg4$jC(n0iN5P=LBfgA@QE@lA|DGb33nv8xc8Hzx{2;!H6vsFxJacWU< zjHRK4sZor7UaCt`W?5>COKNd;Nq#|$k6T1cL1jrsex7b>Vo^*+%OniK1US>&r Yyk0@&Ee@O9{FKt1R6CH#pMjVG01LJymjD0& diff --git a/tests/__pycache__/test_claims.cpython-39-pytest-7.4.2.pyc b/tests/__pycache__/test_claims.cpython-39-pytest-7.4.2.pyc deleted file mode 100644 index 8aedaca62a7e8b803bc8ed6b399e43e33d637c88..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1215 zcmZ8h&2H2%5VoEFw52Ub2yVTA$bnU}{I!Upq5={U0ttkKqLrd_ooxg8lkF{RNiMX{ zz==cmh{Tx(;1M|b$_X9;abWCh(Slbq{^lFccs%wdSz7WDjFpwId%GB+@5-1T1dMGE z-Umey#W{+wo=IU4gi&Ee7FHgT+l3Q3fDLLMqsXQBISQ;F5Qm-wSb7icJ=@8Xtl&dM zoes6V2eJdg36vmU6G~K)3{#8R)X8v$kIWV|=mbwuiv>C%4W8nbG~|`h8jW#;TC+ib zt;PauH)dnMCau#r{HHKaEb2DS2vbk-BQiCqFYFU%iVhGz1i#ymDQ3rjJcUXEeua%G z*0VXqbm4ErXB~kc;*0hIf`|o;tyzQ(5sM$~^Qd*{5ruYcIhc=q1 zH9$-d2gGV^ilAxBPohPUauL_88fAH!eIp+pNo#kU2=Kl%gQk^iK(s-z^T-x0n*pX3B)|KijbzP~ON^L}DJqgzjmlMuY zCUm7CRH*5Gu*lR)j2x))6|c(38?mbBpyE{J(%-Hpx@`%QtMM?&^O&VI8&(C>lFCJJ z$Et@SE4j4u3RZA=A?EwlIH!7Pyq8zINgkI;kxDP-$tYDB%cwZOvud7fjJy8#y5mAmdMtgzG6B8( sOG#(OF&APYpR-}FdmH+Ob!vU8Ikl>?yLaHlkMr~{d?VmX0qU~x2Y-cJNB{r; From 67ba50a7999c5afffb2ff541b1dcbf9eba9dd46c Mon Sep 17 00:00:00 2001 From: HarshvMahawar Date: Mon, 3 Mar 2025 15:01:15 +0530 Subject: [PATCH 5/7] Enhance README.md with detailed technical overview of the project Signed-off-by: HarshvMahawar --- README.md | 72 +++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 57 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 537468d..891b3d2 100644 --- a/README.md +++ b/README.md @@ -1,26 +1,68 @@ -# python-ear +# **python-ear** -A python implementation of [draft-fv-rats-ear](https://datatracker.ietf.org/doc/draft-fv-rats-ear/). +A Python library that implements the [draft-fv-rats-ear](https://datatracker.ietf.org/doc/draft-fv-rats-ear/) specification, focusing on Evidence and Attestation Results (EAR) in Remote Attestation Procedures (RATS). This library enables secure handling of attestation claims using Concise Binary Object Representation (CBOR) Web Tokens (CWT) and JSON Web Tokens (JWT). -# Proposal +--- -Following are the tools that will be used in the development of this library +## **Overview** -## CWT and JWT creation +The goal of this project is to align open-source verifiers with the RATS architecture by defining standardized evidence formats and attestation results, facilitating seamless integration with other projects such as **Keylime**. -1. [python-cwt](https://python-cwt.readthedocs.io/en/stable/) -2. [python-jwt](https://pypi.org/project/python-jose/) +This implementation was initiated as part of the **Veraison Mentorship** under the Linux Foundation Mentorship Program (**LFX Mentorship**), focusing on the following capabilities: -## Code formatting and styling +- **Populating EAR Claims-Sets:** Define and populate claims that represent evidence and attestation results. +- **Signing EAR Claims-Sets:** Support signing using private keys, ensuring data integrity and authenticity. +- **Encoding and Decoding:** + - Encode signed EAR claims as **CWT** (Concise Binary Object Representation Web Tokens) or **JWT** (JSON Web Tokens). + - Decode signed EARs from CWT or JWT formats, enabling interoperability between different systems. +- **Signature Verification:** Verify signatures using public keys to ensure the authenticity of claims. +- **Accessing Claims:** Provide interfaces to access and manage EAR claims efficiently. -1. [black](https://pypi.org/project/black/) -2. [isort](https://pypi.org/project/isort/) +This library is developed in Python and makes use of existing packages for CWT and JWT management, static code analysis, and testing. -## Linting and static analysis +--- -1. [flake8](https://pypi.org/project/flake8/) -2. [mypy](https://pypi.org/project/mypy/) +## **Key Features** -## Testing +1. **Standards Compliance:** + Implements draft-fv-rats-ear as per IETF specifications to ensure compatibility with the RATS architecture. -1. [pytest](https://pypi.org/project/pytest/) \ No newline at end of file +2. **Token Management:** + - **CWT Support:** Utilizes [python-cwt](https://python-cwt.readthedocs.io/en/stable/) for handling CBOR Web Tokens. + - **JWT Support:** Uses [python-jose](https://pypi.org/project/python-jose/) for JSON Web Tokens management. + +3. **Security:** + - Supports signing of EAR claims with private keys and verification with public keys. + - Adopts secure cryptographic practices for token creation and verification. + +4. **Static Analysis and Code Quality:** + - Ensures code quality using linters and static analysis tools. + - Maintains type safety and code consistency. + +5. **Testing:** + - Comprehensive unit tests using `pytest` to validate all functionalities. + +--- + +## **Technical Stack** + +### **Token Creation and Management** + +- **CWT:** [python-cwt](https://python-cwt.readthedocs.io/en/stable/) +- **JWT:** [python-jose](https://pypi.org/project/python-jose/) + +### **Code Formatting and Styling** + +- **black:** Ensures consistent code formatting. +- **isort:** Manages import statements. + +### **Linting and Static Analysis** + +- **flake8:** For PEP 8 compliance and linting. +- **mypy:** Static type checking. +- **pyright:** Advanced type checking for Python. +- **pylint:** Code analysis for error detection and enforcing coding standards. + +### **Testing** + +- **pytest:** Framework for writing and executing tests. \ No newline at end of file From 2ab94db147908bb77e777e91c9a037f41714c835 Mon Sep 17 00:00:00 2001 From: Harsh Vardhan Mahawar <114311884+HarshvMahawar@users.noreply.github.com> Date: Thu, 6 Mar 2025 17:02:40 +0530 Subject: [PATCH 6/7] Update tox.yml --- .github/workflows/tox.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml index 9b89e79..d841d6c 100644 --- a/.github/workflows/tox.yml +++ b/.github/workflows/tox.yml @@ -12,7 +12,7 @@ jobs: strategy: matrix: - python-version: [3.11] # Test against multiple Python versions + python-version: [3.9, 3.11] # Test against multiple Python versions steps: # Checkout the code From 0a1118ed423ef1d842179310f970ac88c3eaad1b Mon Sep 17 00:00:00 2001 From: Harsh Vardhan Mahawar <114311884+HarshvMahawar@users.noreply.github.com> Date: Thu, 6 Mar 2025 17:09:59 +0530 Subject: [PATCH 7/7] Update claims.py --- src/claims.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/claims.py b/src/claims.py index 8e69c4d..cf1a5dc 100644 --- a/src/claims.py +++ b/src/claims.py @@ -1,6 +1,9 @@ +from typing import Any, Dict + import json from dataclasses import dataclass, field -from typing import Any, Dict + + @dataclass