def main():
p12 = load_pkcs12(open('demo2_user1.p12', 'rb').read(), '1234')
datau = open('smime-unsigned.txt', 'rb').read()
datau1 = datau.replace(b'\n', b'\r\n')
hashalgo = 'sha256'
signed_value = getattr(hashlib, hashalgo)(datau1).digest()
attrs = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('1.2.840.113549.1.9.16.2.47'),
'values': (algos.DigestAlgorithm({'algorithm': hashalgo}), ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
]
datas = email.sign(datau,
p12.get_privatekey().to_cryptography_key(),
p12.get_certificate().to_cryptography(), [],
'sha256',
attrs=attrs)
open('smime-signed-attr-custom.txt', 'wb').write(datas)
def _generate_signed_attrs(self, eta_invoice, signing_time):
cert = x509.Certificate.load(base64.b64decode(self.certificate))
data = hashlib.sha256(self._serialize_for_signing(eta_invoice).encode()).digest()
return cms.CMSAttributes([
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('digested_data',),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (data,),
}),
cms.CMSAttribute({
'type': tsp.CMSAttributeType('signing_certificate_v2'),
'values': ({
'certs': (tsp.ESSCertIDv2({
'hash_algorithm': algos.DigestAlgorithm({'algorithm': 'sha256'}),
'cert_hash': hashlib.sha256(cert.dump()).digest()
}),)
},),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('signing_time'),
'values': (
cms.Time({'utc_time': core.UTCTime(signing_time.replace(tzinfo=pytz.UTC))}),)
}),
])
def sign_authpack_native(data, privkey, certificate, wrap_signed=False):
"""
Creating PKCS7 blob which contains the following things:
1. 'data' blob which is an ASN1 encoded "AuthPack" structure
2. the certificate used to sign the data blob
3. the singed 'signed_attrs' structure (ASN1) which points to the "data" structure (in point 1)
"""
da = {'algorithm': algos.DigestAlgorithmId('1.3.14.3.2.26')}
si = {}
si['version'] = 'v1'
si['sid'] = cms.IssuerAndSerialNumber({
'issuer':
certificate.issuer,
'serial_number':
certificate.serial_number,
})
si['digest_algorithm'] = algos.DigestAlgorithm(da)
si['signed_attrs'] = [
cms.CMSAttribute({
'type': 'content_type',
'values': ['1.3.6.1.5.2.3.1']
}),
# indicates that the encap_content_info's authdata struct (marked with OID '1.3.6.1.5.2.3.1' is signed )
cms.CMSAttribute({
'type': 'message_digest',
'values': [hashlib.sha1(data).digest()]
}),
### hash of the data, the data itself will not be signed, but this block of data will be.
]
si['signature_algorithm'] = algos.SignedDigestAlgorithm(
{'algorithm': '1.2.840.113549.1.1.1'})
si['signature'] = rsa_pkcs1v15_sign(
privkey,
cms.CMSAttributes(si['signed_attrs']).dump(), "sha1")
ec = {}
ec['content_type'] = '1.3.6.1.5.2.3.1'
ec['content'] = data
sd = {}
sd['version'] = 'v3'
sd['digest_algorithms'] = [algos.DigestAlgorithm(da)] # must have only one
sd['encap_content_info'] = cms.EncapsulatedContentInfo(ec)
sd['certificates'] = [certificate]
sd['signer_infos'] = cms.SignerInfos([cms.SignerInfo(si)])
if wrap_signed is True:
ci = {}
ci['content_type'] = '1.2.840.113549.1.7.2' # signed data OID
ci['content'] = cms.SignedData(sd)
return cms.ContentInfo(ci).dump()
return cms.SignedData(sd).dump()
def test_email_signed_attr_custom(self):
with open(fixture('demo2_user1.p12'), 'rb') as fh:
p12 = crypto.load_pkcs12(fh.read(), b'1234')
with open(fixture('smime-unsigned.txt'), 'rb') as fh:
datau = fh.read()
datau1 = datau.replace(b'\n', b'\r\n')
hashalgo = 'sha256'
signed_value = getattr(hashlib, hashalgo)(datau1).digest()
attrs = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
]
datas = email.sign(datau,
p12.get_privatekey().to_cryptography_key(),
p12.get_certificate().to_cryptography(), [],
'sha256',
attrs=attrs)
fname = fixture('smime-signed-attr-custom.txt')
with open(fname, 'wb') as fh:
fh.write(datas)
cmd = [
'openssl',
'smime',
'-verify',
'-CAfile',
fixture('demo2_ca.crt.pem'),
'-in',
fname,
'-inform',
'SMIME',
]
process = Popen(cmd, stdout=PIPE, stderr=PIPE)
stdout, stderr = process.communicate()
assert stderr == b'Verification successful\n'
assert datau.replace(b'\n', b'\r\n') == stdout
def attrs(signed_value):
result = [
cms.CMSAttribute({
"type": cms.CMSAttributeType("content_type"),
"values": ("data", )
}),
cms.CMSAttribute({
"type": cms.CMSAttributeType("message_digest"),
"values": (signed_value, ),
}),
cms.CMSAttribute({
"type":
cms.CMSAttributeType("signing_time"),
"values": (cms.Time({"utc_time":
core.UTCTime(signed_time)}), ),
}),
]
return result
def main():
with open('demo2_user1.p12', 'rb') as fp:
p12 = pkcs12.load_key_and_certificates(fp.read(), b'1234',
backends.default_backend())
datau = open('smime-unsigned.txt', 'rb').read()
datau1 = datau.replace(b'\n', b'\r\n')
hashalgo = 'sha256'
signed_value = getattr(hashlib, hashalgo)(datau1).digest()
attrs = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
]
datas = email.sign(datau, p12[0], p12[1], p12[2], 'sha256', attrs=attrs)
open('smime-signed-attr-custom.txt', 'wb').write(datas)
def simple_cms_attribute(attr_type, value):
"""
Convenience method to quickly construct a CMS attribute object with
one value.
:param attr_type:
The attribute type, as a string or OID.
:param value:
The value.
:return:
A :class:`.cms.CMSAttribute` object.
"""
return cms.CMSAttribute({
'type': cms.CMSAttributeType(attr_type),
'values': (value, )
})
def on_get(self, req, resp):
operation = req.get_param("operation", required=True)
if operation.lower() == "getcacert":
resp.body = keys.parse_certificate(
self.authority.certificate_buf).dump()
resp.append_header("Content-Type", "application/x-x509-ca-cert")
return
# If we bump into exceptions later
encrypted_container = b""
attr_list = [
cms.CMSAttribute({
'type': "message_type",
'values': ["3"]
}),
cms.CMSAttribute({
'type': "pki_status",
'values': ["2"] # rejected
})
]
try:
info = cms.ContentInfo.load(
b64decode(req.get_param("message", required=True)))
###############################################
### Verify signature of the outer container ###
###############################################
signed_envelope = info['content']
encap_content_info = signed_envelope['encap_content_info']
encap_content = encap_content_info['content']
# TODO: try except
current_certificate, = signed_envelope["certificates"]
signer, = signed_envelope["signer_infos"]
# TODO: compare cert to current one if we are renewing
assert signer["digest_algorithm"]["algorithm"].native == "md5"
assert signer["signature_algorithm"][
"algorithm"].native == "rsassa_pkcs1v15"
message_digest = None
transaction_id = None
sender_nonce = None
for attr in signer["signed_attrs"]:
if attr["type"].native == "sender_nonce":
sender_nonce, = attr["values"]
elif attr["type"].native == "trans_id":
transaction_id, = attr["values"]
elif attr["type"].native == "message_digest":
message_digest, = attr["values"]
if hashlib.md5(encap_content.native).digest(
) != message_digest.native:
raise SCEPBadMessageCheck()
assert message_digest
msg = signer["signed_attrs"].dump(force=True)
assert msg[0] == 160
# Verify signature
try:
asymmetric.rsa_pkcs1v15_verify(
asymmetric.load_certificate(current_certificate.dump()),
signer["signature"].native,
b"\x31" + msg[1:], # wtf?!
"md5")
except SignatureError:
raise SCEPBadMessageCheck()
###############################
### Decrypt inner container ###
###############################
info = cms.ContentInfo.load(encap_content.native)
encrypted_envelope = info['content']
encrypted_content_info = encrypted_envelope[
'encrypted_content_info']
iv = encrypted_content_info['content_encryption_algorithm'][
'parameters'].native
if encrypted_content_info['content_encryption_algorithm'][
"algorithm"].native != "des":
raise SCEPBadAlgo()
encrypted_content = encrypted_content_info[
'encrypted_content'].native
recipient, = encrypted_envelope['recipient_infos']
if recipient.native["rid"][
"serial_number"] != self.authority.certificate.serial_number:
raise SCEPBadCertId()
# Since CA private key is not directly readable here, we'll redirect it to signer socket
key = asymmetric.rsa_pkcs1v15_decrypt(
self.authority.private_key, recipient.native["encrypted_key"])
if len(key) == 8: key = key * 3 # Convert DES to 3DES
buf = symmetric.tripledes_cbc_pkcs5_decrypt(
key, encrypted_content, iv)
_, _, common_name = self.authority.store_request(buf,
overwrite=True)
cert, buf = self.authority.sign(common_name, overwrite=True)
signed_certificate = asymmetric.load_certificate(buf)
content = signed_certificate.asn1.dump()
except SCEPError as e:
attr_list.append(
cms.CMSAttribute({
'type': "fail_info",
'values': ["%d" % e.code]
}))
else:
##################################
### Degenerate inner container ###
##################################
degenerate = cms.ContentInfo({
'content_type':
"signed_data",
'content':
cms.SignedData({
'version':
"v1",
'certificates': [signed_certificate.asn1],
'digest_algorithms':
[cms.DigestAlgorithm({'algorithm': "md5"})],
'encap_content_info': {
'content_type':
"data",
'content':
cms.ContentInfo({
'content_type': "signed_data",
'content': None
}).dump()
},
'signer_infos': []
})
})
################################
### Encrypt middle container ###
################################
key = os.urandom(8)
iv, encrypted_content = symmetric.des_cbc_pkcs5_encrypt(
key, degenerate.dump(), os.urandom(8))
assert degenerate.dump() == symmetric.tripledes_cbc_pkcs5_decrypt(
key * 3, encrypted_content, iv)
ri = cms.RecipientInfo({
'ktri':
cms.KeyTransRecipientInfo({
'version':
"v0",
'rid':
cms.RecipientIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer':
current_certificate.chosen["tbs_certificate"]
["issuer"],
'serial_number':
current_certificate.chosen["tbs_certificate"]
["serial_number"],
}),
}),
'key_encryption_algorithm': {
'algorithm': "rsa"
},
'encrypted_key':
asymmetric.rsa_pkcs1v15_encrypt(
asymmetric.load_certificate(
current_certificate.chosen.dump()), key)
})
})
encrypted_container = cms.ContentInfo({
'content_type':
"enveloped_data",
'content':
cms.EnvelopedData({
'version': "v1",
'recipient_infos': [ri],
'encrypted_content_info': {
'content_type': "data",
'content_encryption_algorithm': {
'algorithm': "des",
'parameters': iv
},
'encrypted_content': encrypted_content
}
})
}).dump()
attr_list = [
cms.CMSAttribute({
'type':
"message_digest",
'values': [hashlib.sha1(encrypted_container).digest()]
}),
cms.CMSAttribute({
'type': "message_type",
'values': ["3"]
}),
cms.CMSAttribute({
'type': "pki_status",
'values': ["0"] # ok
})
]
finally:
##############################
### Signed outer container ###
##############################
attrs = cms.CMSAttributes(attr_list + [
cms.CMSAttribute({
'type': "recipient_nonce",
'values': [sender_nonce]
}),
cms.CMSAttribute({
'type': "trans_id",
'values': [transaction_id]
})
])
signer = cms.SignerInfo({
"signed_attrs":
attrs,
'version':
"v1",
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer':
self.authority.certificate.issuer,
'serial_number':
self.authority.certificate.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': "sha1"}),
'signature_algorithm':
algos.SignedDigestAlgorithm({'algorithm': "rsassa_pkcs1v15"}),
'signature':
asymmetric.rsa_pkcs1v15_sign(self.authority.private_key,
b"\x31" + attrs.dump()[1:],
"sha1")
})
resp.append_header("Content-Type", "application/x-pki-message")
resp.body = cms.ContentInfo({
'content_type':
"signed_data",
'content':
cms.SignedData({
'version':
"v1",
'certificates': [self.authority.certificate],
'digest_algorithms':
[cms.DigestAlgorithm({'algorithm': "sha1"})],
'encap_content_info': {
'content_type': "data",
'content': encrypted_container
},
'signer_infos': [signer]
})
}).dump()
def sign(datau,
session,
cert,
cert_value,
hashalgo,
attrs=True,
signed_value=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.now()
x509 = Certificate.load(cert_value)
certificates = []
certificates.append(x509)
cert_value_digest = bytes(
session.digest(cert_value, Mechanism(LowLevel.CKM_SHA256)))
MyLogger().my_logger().info('building signed attributes...')
signer = {
'version':
'v1',
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer': x509.issuer,
'serial_number': x509.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature_algorithm':
algos.SignedDigestAlgorithm({'algorithm': 'rsassa_pkcs1v15'}),
'signature':
signed_value,
}
if attrs:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_time'),
'values': (cms.Time({'utc_time': core.UTCTime(signed_time)}), )
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('1.2.840.113549.1.9.16.2.47'),
'values': (tsp.SigningCertificateV2({
'certs': (tsp.ESSCertIDv2({
'hash_algorithm':
algos.DigestAlgorithm({
'algorithm': hashalgo,
'parameters': None
}),
'cert_hash':
cert_value_digest,
}), ),
}), )
}),
]
config = {
'version':
'v1',
'digest_algorithms':
cms.DigestAlgorithms((algos.DigestAlgorithm({'algorithm':
hashalgo}), )),
'encap_content_info': {
'content_type': 'data',
},
'certificates':
certificates,
# 'crls': [],
'signer_infos': [
signer,
],
}
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
MyLogger().my_logger().info('signed attributes ready')
# fetching private key from smart card
priv_key = SignatureUtils.fetch_private_key(session, cert)
mechanism = Mechanism(LowLevel.CKM_SHA256_RSA_PKCS, None)
MyLogger().my_logger().info('signing...')
# signing bytes to be signed
signature = session.sign(priv_key, tosign, mechanism)
datas['content']['signer_infos'][0]['signature'] = bytes(signature)
return datas.dump()
def sign(datau,
key,
cert,
othercerts,
hashalgo,
attrs=True,
signed_value=None,
hsm=None,
pss=False,
timestampurl=None,
timestampcredentials=None,
timestamp_req_options=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.now(tz=util.timezone.utc)
if hsm is not None:
keyid, cert = hsm.certificate()
cert = cert2asn(cert, False)
else:
cert = cert2asn(cert)
certificates = []
certificates.append(cert)
for i in range(len(othercerts)):
certificates.append(cert2asn(othercerts[i]))
hashalgo = unicode(hashalgo) if sys.version[0] < '3' else hashalgo
signer = {
'version':
'v1',
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer': cert.issuer,
'serial_number': cert.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature':
signed_value,
}
if not pss:
signer['signature_algorithm'] = algos.SignedDigestAlgorithm(
{'algorithm': 'rsassa_pkcs1v15'})
else:
if isinstance(key, keys.PrivateKeyInfo):
salt_length = key.byte_size - hashes.SHA512.digest_size - 2
salt_length = hashes.SHA512.digest_size
else:
salt_length = padding.calculate_max_pss_salt_length(
key, hashes.SHA512)
signer['signature_algorithm'] = algos.SignedDigestAlgorithm({
'algorithm':
'rsassa_pss',
'parameters':
algos.RSASSAPSSParams({
'hash_algorithm':
algos.DigestAlgorithm({'algorithm': 'sha512'}),
'mask_gen_algorithm':
algos.MaskGenAlgorithm({
'algorithm':
algos.MaskGenAlgorithmId('mgf1'),
'parameters': {
'algorithm': algos.DigestAlgorithmId('sha512'),
}
}),
'salt_length':
algos.Integer(salt_length),
'trailer_field':
algos.TrailerField(1)
})
})
if attrs:
if attrs is True:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_time'),
'values':
(cms.Time({'utc_time': core.UTCTime(signed_time)}), )
}),
]
else:
signer['signed_attrs'] = attrs
config = {
'version':
'v1',
'digest_algorithms':
cms.DigestAlgorithms((algos.DigestAlgorithm({'algorithm':
hashalgo}), )),
'encap_content_info': {
'content_type': 'data',
},
'certificates':
certificates,
# 'crls': [],
'signer_infos': [
signer,
],
}
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
if hsm is not None:
signed_value_signature = hsm.sign(keyid, tosign, hashalgo)
elif isinstance(key, keys.PrivateKeyInfo):
key = asymmetric.load_private_key(key)
if pss:
signed_value_signature = asymmetric.rsa_pss_sign(
key, tosign, 'sha512')
else:
signed_value_signature = asymmetric.rsa_pkcs1v15_sign(
key, tosign, hashalgo.lower())
else:
if pss:
hasher = hashes.Hash(hashes.SHA512(),
backend=backends.default_backend())
hasher.update(tosign)
digest = hasher.finalize()
signed_value_signature = key.sign(
digest,
padding.PSS(mgf=padding.MGF1(hashes.SHA512()),
salt_length=salt_length),
utils.Prehashed(hashes.SHA512()))
else:
signed_value_signature = key.sign(
tosign, padding.PKCS1v15(),
getattr(hashes, hashalgo.upper())())
if timestampurl is not None:
datas['content']['signer_infos'][0]['unsigned_attrs'] = timestamp(
signed_value_signature,
hashalgo,
timestampurl,
timestampcredentials,
timestamp_req_options,
)
# signed_value_signature = core.OctetString(signed_value_signature)
datas['content']['signer_infos'][0]['signature'] = signed_value_signature
#open('signed-content-info', 'wb').write(datas.dump())
return datas.dump()
def timestamp(unhashed,
hashalgo,
url,
credentials,
req_options,
prehashed=None):
if prehashed:
hashed_value = prehashed
else:
hashed_value = getattr(hashlib, hashalgo)(unhashed).digest()
tspreq = tsp.TimeStampReq({
"version":
1,
"message_imprint":
tsp.MessageImprint({
"hash_algorithm":
algos.DigestAlgorithm({'algorithm': hashalgo}),
"hashed_message":
hashed_value,
}),
#'req_policy', ObjectIdentifier, {'optional': True}),
"nonce":
int(time.time() * 1000),
"cert_req":
True,
#'extensions': tsp.Extensions()
})
tspreq = tspreq.dump()
tspheaders = {"Content-Type": "application/timestamp-query"}
if credentials is not None:
username = credentials.get("username", None)
password = credentials.get("password", None)
if username and password:
auth_header_value = b64encode(
bytes(username + ':' + password, "utf-8")).decode("ascii")
tspheaders["Authorization"] = f"Basic {auth_header_value}"
if req_options is None:
req_options = {}
tspresp = requests.post(url,
data=tspreq,
headers=tspheaders,
**req_options)
if tspresp.headers.get('Content-Type',
None) == 'application/timestamp-reply':
tspresp = tsp.TimeStampResp.load(tspresp.content)
if tspresp['status']['status'].native == 'granted':
attrs = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signature_time_stamp_token'),
'values':
cms.SetOfContentInfo([
cms.ContentInfo({
'content_type':
cms.ContentType('signed_data'),
'content':
tspresp["time_stamp_token"]["content"],
})
])
})
]
return attrs
else:
raise ValueError("TimeStampResponse status is not granted")
else:
raise ValueError("TimeStampResponse has invalid content type")
def sign(datau,
key,
cert,
othercerts,
hashalgo,
attrs=True,
signed_value=None,
hsm=None,
pss=False,
timestampurl=None,
timestampcredentials=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.now(tz=util.timezone.utc)
if hsm is not None:
keyid, cert = hsm.certificate()
cert = cert2asn(cert, False)
else:
cert = cert2asn(cert)
certificates = []
certificates.append(cert)
for i in range(len(othercerts)):
certificates.append(cert2asn(othercerts[i]))
hashalgo = unicode(hashalgo) if sys.version[0] < '3' else hashalgo
signer = {
'version':
'v1',
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer': cert.issuer,
'serial_number': cert.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature':
signed_value,
}
if not pss:
signer['signature_algorithm'] = algos.SignedDigestAlgorithm(
{'algorithm': 'rsassa_pkcs1v15'})
else:
if isinstance(key, keys.PrivateKeyInfo):
salt_length = key.byte_size - hashes.SHA512.digest_size - 2
salt_length = hashes.SHA512.digest_size
else:
salt_length = padding.calculate_max_pss_salt_length(
key, hashes.SHA512)
signer['signature_algorithm'] = algos.SignedDigestAlgorithm({
'algorithm':
'rsassa_pss',
'parameters':
algos.RSASSAPSSParams({
'hash_algorithm':
algos.DigestAlgorithm({'algorithm': 'sha512'}),
'mask_gen_algorithm':
algos.MaskGenAlgorithm({
'algorithm':
algos.MaskGenAlgorithmId('mgf1'),
'parameters': {
'algorithm': algos.DigestAlgorithmId('sha512'),
}
}),
'salt_length':
algos.Integer(salt_length),
'trailer_field':
algos.TrailerField(1)
})
})
if attrs:
if attrs is True:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_time'),
'values':
(cms.Time({'utc_time': core.UTCTime(signed_time)}), )
}),
]
else:
signer['signed_attrs'] = attrs
config = {
'version':
'v1',
'digest_algorithms':
cms.DigestAlgorithms((algos.DigestAlgorithm({'algorithm':
hashalgo}), )),
'encap_content_info': {
'content_type': 'data',
},
'certificates':
certificates,
# 'crls': [],
'signer_infos': [
signer,
],
}
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
if hsm is not None:
signed_value_signature = hsm.sign(keyid, tosign, hashalgo)
elif isinstance(key, keys.PrivateKeyInfo):
key = asymmetric.load_private_key(key)
if pss:
signed_value_signature = asymmetric.rsa_pss_sign(
key, tosign, 'sha512')
else:
signed_value_signature = asymmetric.rsa_pkcs1v15_sign(
key, tosign, hashalgo.lower())
else:
if pss:
hasher = hashes.Hash(hashes.SHA512(),
backend=backends.default_backend())
hasher.update(tosign)
digest = hasher.finalize()
signed_value_signature = key.sign(
digest,
padding.PSS(mgf=padding.MGF1(hashes.SHA512()),
salt_length=salt_length),
utils.Prehashed(hashes.SHA512()))
else:
signed_value_signature = key.sign(
tosign, padding.PKCS1v15(),
getattr(hashes, hashalgo.upper())())
if timestampurl is not None:
signed_value = getattr(hashlib,
hashalgo)(signed_value_signature).digest()
tspreq = tsp.TimeStampReq({
"version":
1,
"message_imprint":
tsp.MessageImprint({
"hash_algorithm":
algos.DigestAlgorithm({'algorithm': hashalgo}),
"hashed_message":
signed_value,
}),
#'req_policy', ObjectIdentifier, {'optional': True}),
"nonce":
int(time.time() * 1000),
"cert_req":
True,
#'extensions': tsp.Extensions()
})
tspreq = tspreq.dump()
tspheaders = {"Content-Type": "application/timestamp-query"}
if timestampcredentials is not None:
username = timestampcredentials.get("username", None)
password = timestampcredentials.get("password", None)
if username and password:
auth_header_value = b64encode(
bytes(username + ':' + password, "utf-8")).decode("ascii")
tspheaders["Authorization"] = f"Basic {auth_header_value}"
tspresp = requests.post(timestampurl, data=tspreq, headers=tspheaders)
if tspresp.headers.get('Content-Type',
None) == 'application/timestamp-reply':
tspresp = tsp.TimeStampResp.load(tspresp.content)
if tspresp['status']['status'].native == 'granted':
attrs = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signature_time_stamp_token'),
'values':
cms.SetOfContentInfo([
cms.ContentInfo({
'content_type':
cms.ContentType('signed_data'),
'content':
tspresp["time_stamp_token"]["content"],
})
])
})
]
datas['content']['signer_infos'][0]['unsigned_attrs'] = attrs
else:
raise ValueError("TimeStampResponse status is not granted")
else:
raise ValueError("TimeStampResponse has invalid content type")
# signed_value_signature = core.OctetString(signed_value_signature)
datas['content']['signer_infos'][0]['signature'] = signed_value_signature
#open('signed-content-info', 'wb').write(datas.dump())
return datas.dump()
def _sign(self,
datau,
key,
signing_cert,
trustchain,
hashalgo,
attrs=True,
signed_value=None,
hsm=None,
pss=False,
timestampurl=None,
identity=None,
s=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.datetime.now(tz=util.timezone.utc)
esscert = signing_cert.public_bytes(serialization.Encoding.DER)
esscert = getattr(hashlib, hashalgo)(esscert).digest()
if hsm is not None:
keyid, cert = hsm.certificate()
cert = cert2asn(cert, False)
trustchain = []
else:
signing_cert = cert2asn(signing_cert)
certificates = []
for c in trustchain:
certificates.append(cert2asn(c))
certificates.append(signing_cert)
signer = {
'version':
'v1',
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer':
signing_cert.issuer,
'serial_number':
signing_cert.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature':
signed_value,
}
signer['signature_algorithm'] = algos.SignedDigestAlgorithm(
{'algorithm': 'rsassa_pkcs1v15'})
if attrs:
if attrs is True:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_certificate_v2'),
'values': (tsp.SigningCertificateV2({
'certs': [
tsp.ESSCertIDv2({'cert_hash': esscert}),
]
}), )
})
#cms.CMSAttribute({
#'type': cms.CMSAttributeType('signing_time'),
#'values': (cms.Time({'utc_time': core.UTCTime(signed_time)}),)
#}),
]
else:
signer['signed_attrs'] = attrs
# TODO: Keep it all in one loop
ocsp_revocation = []
ocsp_revocation.append(
cms.RevocationInfoChoice({
'other':
cms.OtherRevocationInfoFormat({
'other_rev_info_format':
cms.OtherRevInfoFormatId('ocsp_response'),
'other_rev_info':
self._ocsp_response
})
}))
# TODO: Don't need this because I have a DSS now
#for rev in self._revocation_info:
#rev = base64.b64decode(rev)
#rev = ocsp.OCSPResponse.load(rev)
#ocsp_revocation.append(
#cms.RevocationInfoChoice({
#'other': cms.OtherRevocationInfoFormat({
#'other_rev_info_format': cms.OtherRevInfoFormatId('ocsp_response'),
#'other_rev_info': rev
#})
#})
#)
config = {
'version':
'v1',
'digest_algorithms':
cms.DigestAlgorithms(
(algos.DigestAlgorithm({'algorithm': hashalgo}), )),
'encap_content_info': {
'content_type': 'data',
},
'certificates':
certificates,
'crls':
ocsp_revocation,
'signer_infos': [
signer,
],
}
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
tosign = getattr(hashlib, hashalgo)(tosign).digest()
# Fetch the actual signature
r = s.get(
self._signature_url.format(id=identity,
digest=tosign.hex().upper()))
if r.status_code != 200:
raise APIError('Cannot retrieve the signature: {}\n{}'.format(
r.status_code, r.json()))
signed_value_signature = r.json()['signature']
signed_value_signature = bytes.fromhex(signed_value_signature)
signed_value = getattr(hashlib,
hashalgo)(signed_value_signature).digest()
datas['content']['signer_infos'][0][
'signature'] = signed_value_signature
# Use globalsigns timestamp
# TODO: uncomment next 17 lines to have timestamped signature
r = s.get(
self._timestamp_url.format(digest=signed_value.hex().upper()))
if r.status_code != 200:
raise APIError('Cannot retrieve the timestamp: {}\n{}'.format(
r.status_code, r.json()))
timestamp_token = r.json()['token']
timestamp_token = timestamp_token.encode('ascii')
timestamp_token = base64.b64decode(timestamp_token)
tsp_dict = cms.ContentInfo.load(timestamp_token)
tsp_attrs = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signature_time_stamp_token'),
'values':
cms.SetOfContentInfo([
cms.ContentInfo({
'content_type':
cms.ContentType('signed_data'),
'content':
tsp_dict['content'],
})
])
})
]
datas['content']['signer_infos'][0]['unsigned_attrs'] = tsp_attrs
# TODO: OCSP stuff - probably not necessary since we have a DSS
#ocsp_seq = pdf.SequenceOfOCSPResponse((self._ocsp_response,))
#ocsp_arc = pdf.RevocationInfoArchival({'ocsp': ocsp_seq})
#revocation_info = pdf.SetOfRevocationInfoArchival()
#revocation_info.append(ocsp_arc)
#self._ocsp_response
#ocsp_attribute = cms.CMSAttribute({ # basic_ocsp_response
#'type': cms.CMSAttributeType('adobe_revocation_info_archival'),
#'values': pdf.SetOfRevocationInfoArchival([
#pdf.RevocationInfoArchival({
#'ocsp': pdf.SequenceOfOCSPResponse(self._ocsp_response)
#})#cert2asn(ocsp_resp.public_bytes(serialization.Encoding.DER), False)
#])
#}),
#datas['content']['signer_infos'][0]['unsigned_attrs'].append(ocsp_attribute)
return datas.dump()
def sign_message(
data_to_sign,
digest_alg,
sign_key,
sign_alg="rsassa_pkcs1v15",
use_signed_attributes=True,
):
"""Function signs the data and returns the generated ASN.1
:param data_to_sign: A byte string of the data to be signed.
:param digest_alg: The digest algorithm to be used for generating the signature.
:param sign_key: The key to be used for generating the signature.
:param sign_alg: The algorithm to be used for signing the message.
:param use_signed_attributes: Optional attribute to indicate weather the
CMS signature attributes should be included in the signature or not.
:return: A CMS ASN.1 byte string of the signed data.
"""
if use_signed_attributes:
digest_func = hashlib.new(digest_alg)
digest_func.update(data_to_sign)
message_digest = digest_func.digest()
class SmimeCapability(core.Sequence):
_fields = [
("0", core.Any, {
"optional": True
}),
("1", core.Any, {
"optional": True
}),
("2", core.Any, {
"optional": True
}),
("3", core.Any, {
"optional": True
}),
("4", core.Any, {
"optional": True
}),
]
class SmimeCapabilities(core.Sequence):
_fields = [
("0", SmimeCapability),
("1", SmimeCapability, {
"optional": True
}),
("2", SmimeCapability, {
"optional": True
}),
("3", SmimeCapability, {
"optional": True
}),
("4", SmimeCapability, {
"optional": True
}),
("5", SmimeCapability, {
"optional": True
}),
]
smime_cap = OrderedDict([
(
"0",
OrderedDict([
("0", core.ObjectIdentifier("2.16.840.1.101.3.4.1.42"))
]),
),
(
"1",
OrderedDict([
("0", core.ObjectIdentifier("2.16.840.1.101.3.4.1.2"))
]),
),
(
"2",
OrderedDict([("0", core.ObjectIdentifier("1.2.840.113549.3.7"))
]),
),
(
"3",
OrderedDict([
("0", core.ObjectIdentifier("1.2.840.113549.3.2")),
("1", core.Integer(128)),
]),
),
(
"4",
OrderedDict([
("0", core.ObjectIdentifier("1.2.840.113549.3.4")),
("1", core.Integer(128)),
]),
),
])
signed_attributes = cms.CMSAttributes([
cms.CMSAttribute({
"type":
cms.CMSAttributeType("content_type"),
"values":
cms.SetOfContentType([cms.ContentType("data")]),
}),
cms.CMSAttribute({
"type":
cms.CMSAttributeType("signing_time"),
"values":
cms.SetOfTime([
cms.Time({
"utc_time":
core.UTCTime(
datetime.utcnow().replace(tzinfo=timezone.utc))
})
]),
}),
cms.CMSAttribute({
"type":
cms.CMSAttributeType("message_digest"),
"values":
cms.SetOfOctetString([core.OctetString(message_digest)]),
}),
cms.CMSAttribute({
"type":
cms.CMSAttributeType("1.2.840.113549.1.9.15"),
"values":
cms.SetOfAny([core.Any(SmimeCapabilities(smime_cap))]),
}),
])
else:
signed_attributes = None
# Generate the signature
data_to_sign = signed_attributes.dump(
) if signed_attributes else data_to_sign
if sign_alg == "rsassa_pkcs1v15":
signature = asymmetric.rsa_pkcs1v15_sign(sign_key[0], data_to_sign,
digest_alg)
elif sign_alg == "rsassa_pss":
signature = asymmetric.rsa_pss_sign(sign_key[0], data_to_sign,
digest_alg)
else:
raise AS2Exception("Unsupported Signature Algorithm")
return cms.ContentInfo({
"content_type":
cms.ContentType("signed_data"),
"content":
cms.SignedData({
"version":
cms.CMSVersion("v1"),
"digest_algorithms":
cms.DigestAlgorithms([
algos.DigestAlgorithm(
{"algorithm": algos.DigestAlgorithmId(digest_alg)})
]),
"encap_content_info":
cms.ContentInfo({"content_type": cms.ContentType("data")}),
"certificates":
cms.CertificateSet(
[cms.CertificateChoices({"certificate": sign_key[1].asn1})]),
"signer_infos":
cms.SignerInfos([
cms.SignerInfo({
"version":
cms.CMSVersion("v1"),
"sid":
cms.SignerIdentifier({
"issuer_and_serial_number":
cms.IssuerAndSerialNumber({
"issuer":
sign_key[1].asn1["tbs_certificate"]["issuer"],
"serial_number":
sign_key[1].asn1["tbs_certificate"]
["serial_number"],
})
}),
"digest_algorithm":
algos.DigestAlgorithm(
{"algorithm": algos.DigestAlgorithmId(digest_alg)}),
"signed_attrs":
signed_attributes,
"signature_algorithm":
algos.SignedDigestAlgorithm(
{"algorithm":
algos.SignedDigestAlgorithmId(sign_alg)}),
"signature":
core.OctetString(signature),
})
]),
}),
}).dump()
def sign_message(data_to_sign,
digest_alg,
sign_key,
use_signed_attributes=True):
"""Function signs the data and returns the generated ASN.1
:param data_to_sign: A byte string of the data to be signed.
:param digest_alg:
The digest algorithm to be used for generating the signature.
:param sign_key: The key to be used for generating the signature.
:param use_signed_attributes: Optional attribute to indicate weather the
CMS signature attributes should be included in the signature or not.
:return: A CMS ASN.1 byte string of the signed data.
"""
if use_signed_attributes:
digest_func = hashlib.new(digest_alg)
digest_func.update(data_to_sign)
message_digest = digest_func.digest()
class SmimeCapability(core.Sequence):
_fields = [('0', core.Any, {
'optional': True
}), ('1', core.Any, {
'optional': True
}), ('2', core.Any, {
'optional': True
}), ('3', core.Any, {
'optional': True
}), ('4', core.Any, {
'optional': True
})]
class SmimeCapabilities(core.Sequence):
_fields = [
('0', SmimeCapability),
('1', SmimeCapability, {
'optional': True
}),
('2', SmimeCapability, {
'optional': True
}),
('3', SmimeCapability, {
'optional': True
}),
('4', SmimeCapability, {
'optional': True
}),
('5', SmimeCapability, {
'optional': True
}),
]
smime_cap = OrderedDict([
('0',
OrderedDict([('0', core.ObjectIdentifier('1.2.840.113549.3.7'))
])),
('1',
OrderedDict([('0', core.ObjectIdentifier('1.2.840.113549.3.2')),
('1', core.Integer(128))])),
('2',
OrderedDict([('0', core.ObjectIdentifier('1.2.840.113549.3.4')),
('1', core.Integer(128))])),
])
signed_attributes = cms.CMSAttributes([
cms.CMSAttribute({
'type':
cms.CMSAttributeType('content_type'),
'values':
cms.SetOfContentType([cms.ContentType('data')])
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_time'),
'values':
cms.SetOfTime(
[cms.Time({'utc_time': core.UTCTime(datetime.now())})])
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('message_digest'),
'values':
cms.SetOfOctetString([core.OctetString(message_digest)])
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('1.2.840.113549.1.9.15'),
'values':
cms.SetOfAny([core.Any(SmimeCapabilities(smime_cap))])
}),
])
signature = asymmetric.rsa_pkcs1v15_sign(sign_key[0],
signed_attributes.dump(),
digest_alg)
else:
signed_attributes = None
signature = asymmetric.rsa_pkcs1v15_sign(sign_key[0], data_to_sign,
digest_alg)
return cms.ContentInfo({
'content_type':
cms.ContentType('signed_data'),
'content':
cms.SignedData({
'version':
cms.CMSVersion('v1'),
'digest_algorithms':
cms.DigestAlgorithms([
algos.DigestAlgorithm(
{'algorithm': algos.DigestAlgorithmId(digest_alg)})
]),
'encap_content_info':
cms.ContentInfo({'content_type': cms.ContentType('data')}),
'certificates':
cms.CertificateSet(
[cms.CertificateChoices({'certificate': sign_key[1].asn1})]),
'signer_infos':
cms.SignerInfos([
cms.SignerInfo({
'version':
cms.CMSVersion('v1'),
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer':
sign_key[1].asn1['tbs_certificate']['issuer'],
'serial_number':
sign_key[1].asn1['tbs_certificate']
['serial_number']
})
}),
'digest_algorithm':
algos.DigestAlgorithm(
{'algorithm': algos.DigestAlgorithmId(digest_alg)}),
'signed_attrs':
signed_attributes,
'signature_algorithm':
algos.SignedDigestAlgorithm({
'algorithm':
algos.SignedDigestAlgorithmId('rsassa_pkcs1v15')
}),
'signature':
core.OctetString(signature)
})
])
})
}).dump()
def _cms_signature(self, zulu: datetime, data: bytes) -> bytes:
"""Sign provided data and return CMS signature.
:param zulu: current UTC time+date
:param data: to be signed
:return: CMS signature (binary)
"""
assert self.certificate is not None
assert self.private_key_pem_data is not None
# signed data (main section)
signed_data = cms.SignedData()
signed_data['version'] = 'v1'
signed_data['encap_content_info'] = util.OrderedDict([
('content_type', 'data')
])
signed_data['digest_algorithms'] = [util.OrderedDict([
('algorithm', 'sha256'),
('parameters', None)])]
# signer info sub-section
signer_info = cms.SignerInfo()
signer_info['version'] = 'v1'
signer_info['digest_algorithm'] = util.OrderedDict([
('algorithm', 'sha256'),
('parameters', None)])
signer_info['signature_algorithm'] = util.OrderedDict([
('algorithm', 'rsassa_pkcs1v15'),
('parameters', b'')])
# signed identifier: issuer amd serial number
asn1cert = x509.Certificate.load(self.certificate.public_bytes(Encoding.DER))
signer_info['sid'] = cms.SignerIdentifier({
'issuer_and_serial_number': cms.IssuerAndSerialNumber({
'issuer': asn1cert.issuer,
'serial_number': asn1cert.serial_number
})
})
# signed attributes
signed_attrs = cms.CMSAttributes()
signed_attrs.append(cms.CMSAttribute({
'type': 'content_type',
'values': [cms.ContentType('data')],
}))
# check time-zone is assigned (expected UTC+0)
assert zulu.tzinfo
signed_attrs.append(cms.CMSAttribute({
'type': 'signing_time',
'values': [cms.Time(name='utc_time', value=zulu.strftime('%y%m%d%H%M%SZ'))],
}))
signed_attrs.append(cms.CMSAttribute({
'type': 'message_digest',
'values': [cms.OctetString(crypto_backend().hash(data))], # digest
}))
signer_info['signed_attrs'] = signed_attrs
# create signature
signer_info['signature'] = crypto_backend().rsa_sign(self.private_key_pem_data, signed_attrs.dump())
# Adding SignerInfo object to SignedData object
signed_data['signer_infos'] = [signer_info]
# content info
content_info = cms.ContentInfo()
content_info['content_type'] = 'signed_data'
content_info['content'] = signed_data
return content_info.dump()
def _sign(self,
datau,
key,
cert,
othercerts,
hashalgo,
attrs=True,
signed_value=None,
hsm=None,
pss=False,
timestampurl=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.now(tz=util.timezone.utc)
if hsm is not None:
keyid, cert = hsm.certificate()
cert = cert2asn(cert, False)
othercerts = []
else:
cert = cert2asn(cert)
certificates = []
certificates.append(cert)
for i in range(len(othercerts)):
certificates.append(cert2asn(othercerts[i]))
signer = {
'version':
'v1',
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer': cert.issuer,
'serial_number': cert.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature':
signed_value,
}
if not pss:
signer['signature_algorithm'] = algos.SignedDigestAlgorithm(
{'algorithm': 'rsassa_pkcs1v15'})
else:
salt_length = padding.calculate_max_pss_salt_length(
key, hashes.SHA512)
signer['signature_algorithm'] = algos.SignedDigestAlgorithm({
'algorithm':
'rsassa_pss',
'parameters':
algos.RSASSAPSSParams({
'hash_algorithm':
algos.DigestAlgorithm({'algorithm': 'sha512'}),
'mask_gen_algorithm':
algos.MaskGenAlgorithm({
'algorithm':
algos.MaskGenAlgorithmId('mgf1'),
'parameters': {
'algorithm': algos.DigestAlgorithmId('sha512'),
}
}),
'salt_length':
algos.Integer(salt_length),
'trailer_field':
algos.TrailerField(1)
})
})
if attrs:
if attrs is True:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_time'),
'values':
(cms.Time({'utc_time': core.UTCTime(signed_time)}), )
}),
]
else:
signer['signed_attrs'] = attrs
config = {
'version':
'v1',
'digest_algorithms':
cms.DigestAlgorithms(
(algos.DigestAlgorithm({'algorithm': hashalgo}), )),
'encap_content_info': {
'content_type': 'data',
},
'certificates':
certificates,
# 'crls': [],
'signer_infos': [
signer,
],
}
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
if hsm is not None:
signed_value_signature = hsm.sign(keyid, tosign, hashalgo)
else:
if pss:
hasher = hashes.Hash(hashes.SHA512(),
backend=backends.default_backend())
hasher.update(tosign)
digest = hasher.finalize()
signed_value_signature = key.sign(
digest,
padding.PSS(mgf=padding.MGF1(hashes.SHA512()),
salt_length=salt_length),
utils.Prehashed(hashes.SHA512()))
else:
signed_value_signature = key.sign(
tosign, padding.PKCS1v15(),
getattr(hashes, hashalgo.upper())())
if timestampurl is not None:
signed_value = getattr(hashlib,
hashalgo)(signed_value_signature).digest()
tspreq = tsp.TimeStampReq({
"version":
1,
"message_imprint":
tsp.MessageImprint({
"hash_algorithm":
algos.DigestAlgorithm({'algorithm': hashalgo}),
"hashed_message":
signed_value,
}),
"nonce":
int(time.time() * 1000),
"cert_req":
True,
})
tspreq = tspreq.dump()
tspheaders = {"Content-Type": "application/timestamp-query"}
tspresp = requests.post(timestampurl,
data=tspreq,
headers=tspheaders)
if tspresp.headers.get('Content-Type',
None) == 'application/timestamp-reply':
tspresp = tsp.TimeStampResp.load(tspresp.content)
if tspresp['status']['status'].native == 'granted':
attrs = [
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signature_time_stamp_token'),
'values':
cms.SetOfContentInfo([
cms.ContentInfo({
'content_type':
cms.ContentType('signed_data'),
'content':
tspresp["time_stamp_token"]["content"],
})
])
})
]
datas['content']['signer_infos'][0][
'unsigned_attrs'] = attrs
# signed_value_signature = core.OctetString(signed_value_signature)
datas['content']['signer_infos'][0][
'signature'] = signed_value_signature
return datas.dump()
def sign(datau, key, cert, othercerts, hashalgo, attrs=True, signed_value=None, hsm=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.now(tz=pytz.utc)
if hsm is not None:
keyid, cert = hsm.certificate()
cert = cert2asn(cert, False)
othercerts = []
else:
cert = cert2asn(cert)
certificates = []
certificates.append(cert)
for i in range(len(othercerts)):
certificates.append(cert2asn(othercerts[i]))
hashalgo = unicode(hashalgo) if sys.version[0] < '3' else hashalgo
signer = {
'version': 'v1',
'sid': cms.SignerIdentifier({
'issuer_and_serial_number': cms.IssuerAndSerialNumber({
'issuer': cert.issuer,
'serial_number': cert.serial_number,
}),
}),
'digest_algorithm': algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature_algorithm': algos.SignedDigestAlgorithm({'algorithm': 'rsassa_pkcs1v15'}),
'signature': signed_value,
}
if attrs:
if attrs is True:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data',),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value,),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('signing_time'),
'values': (cms.Time({'utc_time': core.UTCTime(signed_time)}),)
}),
]
else:
signer['signed_attrs'] = attrs
config = {
'version': 'v1',
'digest_algorithms': cms.DigestAlgorithms((
algos.DigestAlgorithm({'algorithm': hashalgo}),
)),
'encap_content_info': {
'content_type': 'data',
},
'certificates': certificates,
# 'crls': [],
'signer_infos': [
signer,
],
}
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
if hsm is not None:
signed_value_signature = hsm.sign(keyid, tosign, hashalgo)
else:
signed_value_signature = key.sign(
tosign,
padding.PKCS1v15(),
getattr(hashes, hashalgo.upper())()
)
# signed_value_signature = core.OctetString(signed_value_signature)
datas['content']['signer_infos'][0]['signature'] = signed_value_signature
return datas.dump()
def on_get(self, req, resp):
operation = req.get_param("operation", required=True)
if operation == "GetCACert":
resp.body = keys.parse_certificate(
self.authority.certificate_buf).dump()
resp.append_header("Content-Type", "application/x-x509-ca-cert")
return
elif operation == "GetCACaps":
# TODO: return renewal flag based on renewal subnets config option
resp.body = "Renewal\nMD5\nSHA-1\nSHA-256\nSHA-512\nDES3\n"
return
elif operation == "PKIOperation":
pass
else:
raise falcon.HTTPBadRequest("Bad request",
"Unknown operation %s" % operation)
# If we bump into exceptions later
encrypted_container = b""
attr_list = [
cms.CMSAttribute({
'type': "message_type",
'values': ["3"]
}),
cms.CMSAttribute({
'type': "pki_status",
'values': ["2"] # rejected
})
]
try:
info = cms.ContentInfo.load(
b64decode(req.get_param("message", required=True)))
###############################################
### Verify signature of the outer container ###
###############################################
signed_envelope = info['content']
encap_content_info = signed_envelope['encap_content_info']
encap_content = encap_content_info['content']
# TODO: try except
current_certificate, = signed_envelope["certificates"]
signer, = signed_envelope["signer_infos"]
# TODO: compare cert to current one if we are renewing
digest_algorithm = signer["digest_algorithm"]["algorithm"].native
signature_algorithm = signer["signature_algorithm"][
"algorithm"].native
if digest_algorithm not in ("md5", "sha1", "sha256", "sha512"):
raise SCEPBadAlgo()
if signature_algorithm != "rsassa_pkcs1v15":
raise SCEPBadAlgo()
message_digest = None
transaction_id = None
sender_nonce = None
for attr in signer["signed_attrs"]:
if attr["type"].native == "sender_nonce":
sender_nonce, = attr["values"]
elif attr["type"].native == "trans_id":
transaction_id, = attr["values"]
elif attr["type"].native == "message_digest":
message_digest, = attr["values"]
if getattr(hashlib,
digest_algorithm)(encap_content.native).digest(
) != message_digest.native:
raise SCEPDigestMismatch()
if not sender_nonce:
raise SCEPBadRequest()
if not transaction_id:
raise SCEPBadRequest()
assert message_digest
msg = signer["signed_attrs"].dump(force=True)
assert msg[0] == 160
# Verify signature
try:
asymmetric.rsa_pkcs1v15_verify(
asymmetric.load_certificate(current_certificate.dump()),
signer["signature"].native,
b"\x31" + msg[1:], # wtf?!
"md5")
except SignatureError:
raise SCEPSignatureMismatch()
###############################
### Decrypt inner container ###
###############################
info = cms.ContentInfo.load(encap_content.native)
encrypted_envelope = info['content']
encrypted_content_info = encrypted_envelope[
'encrypted_content_info']
iv = encrypted_content_info['content_encryption_algorithm'][
'parameters'].native
if encrypted_content_info['content_encryption_algorithm'][
"algorithm"].native != "des":
raise SCEPBadAlgo()
encrypted_content = encrypted_content_info[
'encrypted_content'].native
recipient, = encrypted_envelope['recipient_infos']
if recipient.native["rid"][
"serial_number"] != self.authority.certificate.serial_number:
raise SCEPBadCertId()
key = asymmetric.rsa_pkcs1v15_decrypt(
self.authority.private_key, recipient.native["encrypted_key"])
if len(key) == 8: key = key * 3 # Convert DES to 3DES
buf = symmetric.tripledes_cbc_pkcs5_decrypt(
key, encrypted_content, iv)
_, _, common_name = self.authority.store_request(buf,
overwrite=True)
logger.info(
"SCEP client from %s requested with %s digest algorithm, %s signature",
req.context["remote_addr"], digest_algorithm,
signature_algorithm)
cert, buf = self.authority.sign(common_name,
profile=config.PROFILES["gw"],
overwrite=True)
signed_certificate = asymmetric.load_certificate(buf)
content = signed_certificate.asn1.dump()
except SCEPError as e:
attr_list.append(
cms.CMSAttribute({
'type': "fail_info",
'values': ["%d" % e.code]
}))
logger.info("Failed to sign SCEP request due to: %s" %
e.explaination)
else:
##################################
### Degenerate inner container ###
##################################
degenerate = cms.ContentInfo({
'content_type':
"signed_data",
'content':
cms.SignedData({
'version':
"v1",
'certificates': [signed_certificate.asn1],
'digest_algorithms':
[cms.DigestAlgorithm({'algorithm': digest_algorithm})],
'encap_content_info': {
'content_type':
"data",
'content':
cms.ContentInfo({
'content_type': "signed_data",
'content': None
}).dump()
},
'signer_infos': []
})
})
################################
### Encrypt middle container ###
################################
key = os.urandom(8)
iv, encrypted_content = symmetric.des_cbc_pkcs5_encrypt(
key, degenerate.dump(), os.urandom(8))
assert degenerate.dump() == symmetric.tripledes_cbc_pkcs5_decrypt(
key * 3, encrypted_content, iv)
ri = cms.RecipientInfo({
'ktri':
cms.KeyTransRecipientInfo({
'version':
"v0",
'rid':
cms.RecipientIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer':
current_certificate.chosen["tbs_certificate"]
["issuer"],
'serial_number':
current_certificate.chosen["tbs_certificate"]
["serial_number"],
}),
}),
'key_encryption_algorithm': {
'algorithm': "rsa"
},
'encrypted_key':
asymmetric.rsa_pkcs1v15_encrypt(
asymmetric.load_certificate(
current_certificate.chosen.dump()), key)
})
})
encrypted_container = cms.ContentInfo({
'content_type':
"enveloped_data",
'content':
cms.EnvelopedData({
'version': "v1",
'recipient_infos': [ri],
'encrypted_content_info': {
'content_type': "data",
'content_encryption_algorithm': {
'algorithm': "des",
'parameters': iv
},
'encrypted_content': encrypted_content
}
})
}).dump()
attr_list = [
cms.CMSAttribute({
'type':
"message_digest",
'values': [
getattr(
hashlib,
digest_algorithm)(encrypted_container).digest()
]
}),
cms.CMSAttribute({
'type': "message_type",
'values': ["3"]
}),
cms.CMSAttribute({
'type': "pki_status",
'values': ["0"] # ok
})
]
finally:
##############################
### Signed outer container ###
##############################
attrs = cms.CMSAttributes(attr_list + [
cms.CMSAttribute({
'type': "recipient_nonce",
'values': [sender_nonce]
}),
cms.CMSAttribute({
'type': "trans_id",
'values': [transaction_id]
})
])
signer = cms.SignerInfo({
"signed_attrs":
attrs,
'version':
"v1",
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer':
self.authority.certificate.issuer,
'serial_number':
self.authority.certificate.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': digest_algorithm}),
'signature_algorithm':
algos.SignedDigestAlgorithm({'algorithm': "rsassa_pkcs1v15"}),
'signature':
asymmetric.rsa_pkcs1v15_sign(self.authority.private_key,
b"\x31" + attrs.dump()[1:],
digest_algorithm)
})
resp.append_header("Content-Type", "application/x-pki-message")
resp.body = cms.ContentInfo({
'content_type':
"signed_data",
'content':
cms.SignedData({
'version':
"v1",
'certificates': [self.authority.certificate],
'digest_algorithms':
[cms.DigestAlgorithm({'algorithm': digest_algorithm})],
'encap_content_info': {
'content_type': "data",
'content': encrypted_container
},
'signer_infos': [signer]
})
}).dump()
def sign(datau,
key,
cert,
othercerts,
hashalgo,
attrs=True,
signed_value=None,
hsm=None,
pss=False,
timestampurl=None,
timestampcredentials=None,
timestamp_req_options=None,
ocspurl=None,
ocspissuer=None):
if signed_value is None:
signed_value = getattr(hashlib, hashalgo)(datau).digest()
signed_time = datetime.now(tz=util.timezone.utc)
if hsm is not None:
keyid, cert = hsm.certificate()
cert = cert2asn(cert, False)
else:
cert = cert2asn(cert)
certificates = []
certificates.append(cert)
for i in range(len(othercerts)):
certificates.append(cert2asn(othercerts[i]))
hashalgo = unicode(hashalgo) if sys.version[0] < '3' else hashalgo
signer = {
'version':
'v1',
'sid':
cms.SignerIdentifier({
'issuer_and_serial_number':
cms.IssuerAndSerialNumber({
'issuer': cert.issuer,
'serial_number': cert.serial_number,
}),
}),
'digest_algorithm':
algos.DigestAlgorithm({'algorithm': hashalgo}),
'signature':
signed_value,
}
if not pss:
signer['signature_algorithm'] = algos.SignedDigestAlgorithm(
{'algorithm': 'rsassa_pkcs1v15'})
else:
if isinstance(key, keys.PrivateKeyInfo):
salt_length = key.byte_size - hashes.SHA512.digest_size - 2
salt_length = hashes.SHA512.digest_size
else:
salt_length = padding.calculate_max_pss_salt_length(
key, hashes.SHA512)
signer['signature_algorithm'] = algos.SignedDigestAlgorithm({
'algorithm':
'rsassa_pss',
'parameters':
algos.RSASSAPSSParams({
'hash_algorithm':
algos.DigestAlgorithm({'algorithm': 'sha512'}),
'mask_gen_algorithm':
algos.MaskGenAlgorithm({
'algorithm':
algos.MaskGenAlgorithmId('mgf1'),
'parameters': {
'algorithm': algos.DigestAlgorithmId('sha512'),
}
}),
'salt_length':
algos.Integer(salt_length),
'trailer_field':
algos.TrailerField(1)
})
})
if attrs:
if attrs is True:
signer['signed_attrs'] = [
cms.CMSAttribute({
'type': cms.CMSAttributeType('content_type'),
'values': ('data', ),
}),
cms.CMSAttribute({
'type': cms.CMSAttributeType('message_digest'),
'values': (signed_value, ),
}),
cms.CMSAttribute({
'type':
cms.CMSAttributeType('signing_time'),
'values':
(cms.Time({'utc_time': core.UTCTime(signed_time)}), )
}),
]
else:
if isinstance(attrs, types.FunctionType):
attrs = attrs(signed_value)
signer['signed_attrs'] = attrs
config = {
'version':
'v1',
'digest_algorithms':
cms.DigestAlgorithms((algos.DigestAlgorithm({'algorithm':
hashalgo}), )),
'encap_content_info': {
'content_type': 'data',
},
'certificates':
certificates,
'signer_infos': [
signer,
],
}
if ocspurl and ocspissuer:
from cryptography.hazmat.backends.openssl.backend import backend
from cryptography.x509 import ocsp as cocsp
from cryptography import x509 as cx509
ocspuser = cert.dump()
ocspuser = cx509.load_der_x509_certificate(ocspuser, backend=backend)
builder = cocsp.OCSPRequestBuilder()
builder = builder.add_certificate(ocspuser, ocspissuer, hashes.SHA1())
req = builder.build()
data = req.public_bytes(serialization.Encoding.DER)
response = requests.post(
ocspurl,
headers={'Content-Type': 'application/ocsp-request'},
data=data,
)
data = ocsp.OCSPResponse.load(response.content)
other = cms.RevocationInfoChoice({
'other':
cms.OtherRevocationInfoFormat({
'other_rev_info_format': 'ocsp_response',
'other_rev_info': data
})
})
config['crls'] = cms.RevocationInfoChoices([other])
datas = cms.ContentInfo({
'content_type': cms.ContentType('signed_data'),
'content': cms.SignedData(config),
})
if attrs:
tosign = datas['content']['signer_infos'][0]['signed_attrs'].dump()
tosign = b'\x31' + tosign[1:]
else:
tosign = datau
if hsm is not None:
signed_value_signature = hsm.sign(keyid, tosign, hashalgo)
elif isinstance(key, keys.PrivateKeyInfo):
key = asymmetric.load_private_key(key)
if pss:
signed_value_signature = asymmetric.rsa_pss_sign(
key, tosign, 'sha512')
else:
signed_value_signature = asymmetric.rsa_pkcs1v15_sign(
key, tosign, hashalgo.lower())
else:
if pss:
hasher = hashes.Hash(hashes.SHA512(),
backend=backends.default_backend())
hasher.update(tosign)
digest = hasher.finalize()
signed_value_signature = key.sign(
digest,
padding.PSS(mgf=padding.MGF1(hashes.SHA512()),
salt_length=salt_length),
utils.Prehashed(hashes.SHA512()))
else:
signed_value_signature = key.sign(
tosign, padding.PKCS1v15(),
getattr(hashes, hashalgo.upper())())
if timestampurl is not None:
datas['content']['signer_infos'][0]['unsigned_attrs'] = timestamp(
signed_value_signature,
hashalgo,
timestampurl,
timestampcredentials,
timestamp_req_options,
)
# signed_value_signature = core.OctetString(signed_value_signature)
datas['content']['signer_infos'][0]['signature'] = signed_value_signature
#open('signed-content-info', 'wb').write(datas.dump())
return datas.dump()
