Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add main function to attestation verification script #3705

Merged
merged 5 commits into from
May 15, 2020
Merged

Add main function to attestation verification script #3705

Changes from 3 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
cd67174
Add main function to attestation verification script.
May 7, 2020
464d267
Add newline to end of file
May 13, 2020
ac6fedf
Merge branch 'master' into master
May 15, 2020
f4e4c3a
remove a blank line at the end
May 15, 2020
3f0456f
Merge branch 'master' into master
May 15, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 18 additions & 2 deletions kms/attestations/verify_attestation.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,14 @@
# See the License for the specific language governing permissions and
# limitations under the License.

"""This sample demonstrates how to verify HSM attestations using certificate
bundles obtained from Cloud HSM.
"""This application verifies HSM attestations using certificate bundles
obtained from Cloud HSM.

For more information, visit https://cloud.google.com/kms/docs/attest-key.
"""

# [START verify_attestations]
import argparse
import gzip

from cryptography import exceptions
Expand Down Expand Up @@ -69,3 +70,18 @@ def verify(attestation_file, bundle_file):
continue
return False
# [END verify_attestations]


if __name__ == '__main__':
busunkim96 marked this conversation as resolved.
Show resolved Hide resolved
parser = argparse.ArgumentParser(
description=__doc__)
parser.add_argument('attestation_file', help="Name of attestation file.")
parser.add_argument('bundle_file', help="Name of certificate bundle file.")

args = parser.parse_args()

if verify(args.attestation_file, args.bundle_file):
print('Signature verified.')
else:
print('Signature verification failed.')

tmatsuo marked this conversation as resolved.
Show resolved Hide resolved