def testOpenTypes(self):
openTypesMap = {
univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""),
}
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc2986.CertificationRequest(),
openTypes=openTypesMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
for rdn in asn1Object['certificationRequestInfo']['subject'][
'rdnSequence']:
for atv in rdn:
if atv['type'] == rfc5280.id_at_countryName:
self.assertEqual(char.PrintableString('US'), atv['value'])
else:
self.assertGreater(len(atv['value']['utf8String']), 2)
spki_alg = asn1Object['certificationRequestInfo']['subjectPKInfo'][
'algorithm']
self.assertEqual(univ.Null(""), spki_alg['parameters'])
sig_alg = asn1Object['signatureAlgorithm']
self.assertEqual(univ.Null(""), sig_alg['parameters'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
count = 0
for crm in asn1Object:
rdnSeq = crm['certReq']['certTemplate']['subject']['rdnSequence']
for rdn in rdnSeq:
self.assertEqual(rfc5280.id_at_commonName, rdn[0]['type'])
self.assertEqual('user', rdn[0]['value']['printableString'])
count += 1
algid = crm['popo']['signature']['algorithmIdentifier']
self.assertEqual(rfc3279.sha1WithRSAEncryption, algid['algorithm'])
self.assertEqual(univ.Null(""), algid['parameters'])
count += 1
self.assertEqual(2, count)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.oaep_default_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertTrue(rfc4055.id_RSAES_OAEP, asn1Object[0])
self.assertEqual(substrate, der_encoder(asn1Object))
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.cert_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
spki = asn1Object['tbsCertificate']['subjectPublicKeyInfo']
self.assertEqual(rfc4055.id_RSAES_OAEP, spki['algorithm']['algorithm'])
oaep_p = spki['algorithm']['parameters']
self.assertEqual(rfc4055.id_pSpecified,
oaep_p['pSourceFunc']['algorithm'])
psf_p = oaep_p['pSourceFunc']['parameters']
self.assertEqual(psf_p, univ.OctetString(value='TCPA'))
sig = asn1Object['tbsCertificate']['signature']
self.assertEqual(rfc4055.id_RSASSA_PSS, sig['algorithm'])
self.assertEqual(222, sig['parameters']['saltLength'])
mgf = sig['parameters']['maskGenAlgorithm']
self.assertEqual(rfc4055.id_mgf1, mgf['algorithm'])
self.assertEqual(rfc4055.id_sha256, mgf['parameters']['algorithm'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
layers = {}
layers.update(rfc5652.cmsContentTypesMap)
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData:
lambda x: x['encapContentInfo']['eContentType'],
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
}
next_layer = rfc5652.id_ct_contentInfo
while next_layer in layers:
asn1Object, rest = der_decoder(substrate,
asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
self.assertEqual(rfc8769.id_ct_cborSequence, next_layer)
def testDerCodec(self):
openTypesMap = opentypemap.get('smimeCapabilityMap')
substrate = pem.readBase64fromText(self.smime_capabilities_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
count = 0
for cap in asn1Object:
self.assertEqual(der_encoder(univ.Null("")), cap['parameters'])
self.assertIn(cap['capabilityID'], openTypesMap)
count += 1
self.assertEqual(count, 2)
def generate_ecdsa_pem(pk):
ecPrivateKey = ECPrivateKey()
ecPrivateKey['version'] = 1
ecPrivateKey['privateKey'] = ints2octs(i2osp(pk, 32))
ecParam = ECParameters().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple,
0)) # 1.3.132.0.10 ansip256k1(10)
ecParam.setComponentByName("namedCurve", _buildOid(1, 3, 132, 0, 10))
print ecParam.prettyPrint()
ecPrivateKey.setComponentByName('parameters', ecParam)
pub = ecdsa.expand_pub(ecdsa.point_mult(ecdsa.G, pk))
# pb = univ.BitString(long(pub, 16))
ecPrivateKey.setComponentByName('publicKey', long(pub, 16))
print ecPrivateKey.prettyPrint()
res = "-----BEGIN EC PRIVATE KEY-----\n"
b = base64.b64encode(der_encoder(ecPrivateKey))
n = 64
r = [b[i:i + n] for i in range(0, len(b), n)]
for l in r:
res += l + "\n"
res += "-----END EC PRIVATE KEY-----\n"
return res
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.env_data_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(asn1Object['contentType'], cmsContentTypesMap)
kari_kea = asn1Object['content']['recipientInfos'][0]['kari'][
'keyEncryptionAlgorithm']
self.assertEqual(rfc2876.id_kEAKeyEncryptionAlgorithm,
kari_kea['algorithm'])
self.assertEqual(rfc2876.id_fortezzaWrap80,
kari_kea['parameters']['algorithm'])
cea = asn1Object['content']['encryptedContentInfo'][
'contentEncryptionAlgorithm']
self.assertEqual(rfc2876.id_fortezzaConfidentialityAlgorithm,
cea['algorithm'])
iv = univ.OctetString(hexValue='424f4755535f4956')
self.assertEqual(iv, cea['parameters']['initialization-vector'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc4073.id_ct_contentCollection,
asn1Object['contentType'])
for ci in asn1Object['content']:
self.assertIn(ci['contentType'], rfc5652.cmsContentTypesMap)
self.assertEqual(rfc4073.id_ct_contentWithAttrs, ci['contentType'])
next_ci = ci['content']['content']
self.assertIn(next_ci['contentType'], rfc5652.cmsContentTypesMap)
self.assertEqual(rfc5652.id_data, next_ci['contentType'])
self.assertIn(str2octs('Content-Type: text'), next_ci['content'])
for attr in ci['content']['attrs']:
self.assertIn(attr['attrType'], rfc5652.cmsAttributesMap)
if attr['attrType'] == rfc2634.id_aa_contentHint:
self.assertIn('RFC 4073',
attr['attrValues'][0]['contentDescription'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.signed_message_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertIn(asn1Object['contentType'], rfc5652.cmsContentTypesMap)
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
sd = asn1Object['content']
self.assertEqual(rfc5652.CMSVersion().subtype(value='v1'),
sd['version'])
ect = sd['encapContentInfo']['eContentType']
self.assertIn(ect, rfc5652.cmsContentTypesMap)
self.assertEqual(rfc5652.id_data, ect)
for sa in sd['signerInfos'][0]['signedAttrs']:
if sa['attrType'] == rfc6211.id_aa_cmsAlgorithmProtect:
self.assertIn(sa['attrType'], rfc5652.cmsAttributesMap)
sav0 = sa['attrValues'][0]
digest_oid = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.2')
sig_oid = univ.ObjectIdentifier('1.2.840.10045.4.3.3')
self.assertEqual(digest_oid,
sav0['digestAlgorithm']['algorithm'])
self.assertEqual(sig_oid,
sav0['signatureAlgorithm']['algorithm'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.key_pkg_pem_text)
asn1Object, rest = der_decoder(
substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertIn(asn1Object['contentType'], rfc5652.cmsContentTypesMap)
self.assertTrue(asn1Object['content'].hasValue())
keypkg = asn1Object['content']
self.assertEqual(
rfc6031.KeyPkgVersion().subtype(value='v1'), keypkg['version'])
for attr in keypkg['sKeyPkgAttrs']:
self.assertIn(attr['attrType'], rfc6031.sKeyPkgAttributesMap)
self.assertNotEqual('0x', attr['attrValues'][0].prettyPrint()[:2])
# decodeOpenTypes=True did not decode if the value is shown in hex ...
if attr['attrType'] == rfc6031.id_pskc_manufacturer:
attr['attrValues'][0] == 'Vigil Security LLC'
for osk in keypkg['sKeys']:
for attr in osk['sKeyAttrs']:
self.assertIn(attr['attrType'], rfc6031.sKeyAttributesMap)
self.assertNotEqual(
'0x', attr['attrValues'][0].prettyPrint()[:2])
# decodeOpenTypes=True did not decode if the value is shown in hex ...
if attr['attrType'] == rfc6031.id_pskc_issuer:
attr['attrValues'][0] == 'kta.example.com'
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
layers = { }
layers.update(rfc5652.cmsContentTypesMap)
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'],
rfc5636.id_kisa_tac_token: lambda x: None
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
rfc5636.id_kisa_tac_token: lambda x: None
}
next_layer = rfc5652.id_ct_contentInfo
while next_layer:
asn1Object, rest = der_decoder(
substrate, asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
self.assertEqual('2019', asn1Object['timeout'][:4])
self.assertEqual('5dcdf44e', asn1Object['userKey'].prettyPrint()[-8:])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
inner, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData())
self.assertEqual(
rfc4108.id_ct_firmwarePackage, inner['encapContentInfo']['eContentType'])
self.assertTrue(inner['encapContentInfo']['eContent'])
attribute_list = []
for attr in inner['signerInfos'][0]['signedAttrs']:
attribute_list.append(attr['attrType'])
if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs:
av, rest = der_decoder(attr['attrValues'][0],
asn1Spec=rfc4108.TargetHardwareIdentifiers())
self.assertEqual(2, len(av))
for oid in av:
self.assertIn('1.3.6.1.4.1.221121.1.1.', oid.prettyPrint())
self.assertIn( rfc5652.id_contentType, attribute_list)
self.assertIn( rfc5652.id_messageDigest, attribute_list)
self.assertIn(rfc4108.id_aa_targetHardwareIDs, attribute_list)
self.assertIn(rfc4108.id_aa_fwPkgMessageDigest, attribute_list)
def testDerCodec(self):
access_methods = [
rfc6487.id_ad_rpkiManifest,
rfc6487.id_ad_signedObject,
]
substrate = pem.readBase64fromText(self.rpki_cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
count = 0
for extn in asn1Object['tbsCertificate']['extensions']:
if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess:
extnValue, rest = der_decoder(
extn['extnValue'],
asn1Spec=rfc5280.SubjectInfoAccessSyntax())
for ad in extnValue:
if ad['accessMethod'] in access_methods:
uri = ad['accessLocation']['uniformResourceIdentifier']
self.assertIn('rpki.apnic.net', uri)
count += 1
self.assertEqual(1, count)
def testDerCodec(self):
layers = { }
layers.update(opentypemap.get('cmsContentTypesMap'))
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'],
rfc6402.id_cct_PKIData: lambda x: None
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
rfc6402.id_cct_PKIData: lambda x: None
}
substrate = pem.readBase64fromText(self.pem_text)
next_layer = rfc5652.id_ct_contentInfo
while next_layer:
asn1Object, rest = der_decoder(substrate, asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
def testOpenTypes(self):
openTypesMap = rfc5652.cmsAttributesMap.copy()
for at in self.the_attrTypes:
openTypesMap.update({at: univ.ObjectIdentifier()})
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
openTypes=openTypesMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
for attr_or_oid in asn1Object:
if attr_or_oid.getName() == 'attribute':
val = attr_or_oid['attribute']['attrValues'][0]
valString = val.prettyPrint()
aoo = attr_or_oid['attribute']['attrType']
if aoo == self.the_attrTypes[0]:
self.assertEqual(self.the_attrVals[0], valString)
if aoo == self.the_attrTypes[1]:
self.assertEqual(self.the_attrVals[1], valString)
def testOpenTypes(self):
openTypeMap = {
rfc4357.id_GostR3410_2001:
rfc4357.GostR3410_2001_PublicKeyParameters(),
rfc4357.id_Gost28147_89: rfc4357.Gost28147_89_Parameters(),
}
substrate = pem.readBase64fromText(self.keytrans_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
openTypes=openTypeMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
ri = asn1Object['content']['recipientInfos'][0]
alg1 = ri['ktri']['keyEncryptionAlgorithm']
self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
param1 = alg1['parameters']
self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet,
param1['publicKeyParamSet'])
self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet,
param1['digestParamSet'])
alg2 = asn1Object['content']['encryptedContentInfo'][
'contentEncryptionAlgorithm']
self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm'])
param2 = alg2['parameters']
self.assertEqual(8, len(param2['iv']))
self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet,
param2['encryptionParamSet'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(
substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
assert asn1Object['contentType'] == rfc5652.id_envelopedData
ed = asn1Object['content']
ukm_found = False
self.assertEqual(ed['version'], rfc5652.CMSVersion(value=2))
for ri in ed['recipientInfos']:
self.assertEqual(ri['kari']['version'], rfc5652.CMSVersion(value=3))
opk_alg = ri['kari']['originator']['originatorKey']['algorithm']
self.assertEqual(opk_alg['algorithm'], rfc5753.id_ecPublicKey)
self.assertEqual(opk_alg['parameters']['namedCurve'], rfc5480.secp384r1)
kek_alg = ri['kari']['keyEncryptionAlgorithm']
self.assertEqual(kek_alg['algorithm'], rfc5753.dhSinglePass_stdDH_sha384kdf_scheme)
self.assertEqual(kek_alg['parameters']['algorithm'], rfc3565.id_aes256_wrap)
ukm = ri['kari']['ukm']
self.assertEqual(ukm, rfc5652.UserKeyingMaterial(hexValue='52464335373533'))
ukm_found = True
self.assertTrue(ukm_found)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.cert_bundle_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
cert_count = 0
crl_count = 0
unk_count = 0
for item in asn1Object:
if item.getName() == 'cert':
cert_count += 1
elif item.getName() == 'crl':
crl_count += 1
else:
unk_count += 1
self.assertEqual(3, cert_count)
self.assertEqual(2, crl_count)
self.assertEqual(0, unk_count)
def testOpenTypes(self):
openTypesMap = {
rfc4491.id_GostR3410_94:
rfc4491.GostR3410_94_PublicKeyParameters(),
}
substrate = pem.readBase64fromText(self.gostR3410_94_cert_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
openTypes=openTypesMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
sa1 = asn1Object['signatureAlgorithm']['algorithm']
self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_94, sa1)
sa2 = asn1Object['tbsCertificate']['signature']['algorithm']
self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_94, sa2)
spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][
'algorithm']
self.assertEqual(rfc4491.id_GostR3410_94, spki_a['algorithm'])
self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet,
spki_a['parameters']['digestParamSet'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.roa_pem_text)
layers = {}
layers.update(rfc5652.cmsContentTypesMap)
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData:
lambda x: x['encapContentInfo']['eContentType'],
rfc6482.id_ct_routeOriginAuthz: lambda x: None
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
rfc6482.id_ct_routeOriginAuthz: lambda x: None
}
next_layer = rfc5652.id_ct_contentInfo
while next_layer:
asn1Object, rest = der_decoder(substrate,
asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
self.assertEqual(0, asn1Object['version'])
self.assertEqual(58363, asn1Object['asID'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
sd_eci = asn1Object['content']['encapContentInfo']
self.assertEqual(rfc5652.id_data, sd_eci['eContentType'])
self.assertTrue(sd_eci['eContent'].hasValue())
for ri in asn1Object['content']['crls']:
if ri.getName() == 'crl':
v2 = rfc5280.Version(value='v2')
self.assertEqual(v2, ri['crl']['tbsCertList']['version'])
if ri.getName() == 'other':
ori = ri['other']
ocspr_oid = rfc5940.id_ri_ocsp_response
self.assertEqual(ocspr_oid, ori['otherRevInfoFormat'])
ocspr_status = ori['otherRevInfo']['responseStatus']
success = rfc2560.OCSPResponseStatus(value='successful')
self.assertEqual(success, ocspr_status)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
attr_type_list = []
spid_oid = rfc5126.SigPolicyId('1.3.6.1.4.1.22112.48.20')
for attr in asn1Object:
if attr['attrType'] == rfc5126.id_aa_ets_sigPolicyId:
spid = attr['attrValues'][0]['signaturePolicyId']
self.assertEqual(spid_oid, spid['sigPolicyId'])
attr_type_list.append(rfc5126.id_aa_ets_sigPolicyId)
if attr['attrType'] == rfc5126.id_aa_ets_signerLocation:
cn = attr['attrValues'][0]['countryName']
self.assertEqual('US', cn['printableString'])
attr_type_list.append(rfc5126.id_aa_ets_signerLocation)
if attr['attrType'] == rfc5126.id_aa_signingCertificateV2:
ha = attr['attrValues'][0]['certs'][0]['hashAlgorithm']
self.assertEqual(rfc4055.id_sha256, ha['algorithm'])
attr_type_list.append(rfc5126.id_aa_signingCertificateV2)
self.assertIn(rfc5126.id_aa_ets_sigPolicyId, attr_type_list)
self.assertIn(rfc5126.id_aa_ets_signerLocation, attr_type_list)
self.assertIn(rfc5126.id_aa_signingCertificateV2, attr_type_list)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.tau_pem_text)
layers = {
rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(),
rfc5652.id_signedData: rfc5652.SignedData(),
rfc5934.id_ct_TAMP_update: rfc5934.TAMPUpdate()
}
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData:
lambda x: x['encapContentInfo']['eContentType'],
rfc5934.id_ct_TAMP_update: lambda x: None
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
rfc5934.id_ct_TAMP_update: lambda x: None
}
next_layer = rfc5652.id_ct_contentInfo
while next_layer:
asn1Object, rest = der_decoder(substrate,
asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
certificateAttributesMap = opentypemap.get('certificateAttributesMap')
certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
securityCategoryMap = opentypemap.get('securityCategoryMap')
clearance_found = False
for extn in asn1Object['tbsCertificate']['extensions']:
if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes:
self.assertIn(extn['extnID'], certificateExtensionsMap)
ev, rest = der_decoder(
extn['extnValue'],
asn1Spec=certificateExtensionsMap[extn['extnID']])
self.assertFalse(rest)
self.assertTrue(ev.prettyPrint())
self.assertEqual(extn['extnValue'], der_encoder(ev))
for attr in ev:
if attr['type'] == rfc5755.id_at_clearance:
self.assertIn(attr['type'], certificateAttributesMap)
av, rest = der_decoder(
attr['values'][0],
asn1Spec=certificateAttributesMap[attr['type']])
self.assertFalse(rest)
self.assertTrue(av.prettyPrint())
self.assertEqual(attr['values'][0], der_encoder(av))
self.assertEqual(rfc3114.id_tsp_TEST_Whirlpool,
av['policyId'])
for cat in av['securityCategories']:
self.assertEqual(
rfc3114.id_tsp_TEST_Whirlpool_Categories,
cat['type'])
self.assertIn(cat['type'], securityCategoryMap)
catv, rest = der_decoder(
cat['value'],
asn1Spec=securityCategoryMap[cat['type']])
self.assertIn('USE ONLY', catv[0])
clearance_found = True
self.assertTrue(clearance_found)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.extn_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc8649.id_ce_hashOfRootKey, asn1Object['extnID'])
hashed_root_key, rest = der_decoder(
asn1Object['extnValue'], rfc8649.HashedRootKey())
self.assertFalse(rest)
self.assertTrue(hashed_root_key.prettyPrint())
self.assertEqual(asn1Object['extnValue'], der_encoder(hashed_root_key))
self.assertEqual(
rfc4055.id_sha512, hashed_root_key['hashAlg']['algorithm'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(
asn1Object['thisMech'], univ.ObjectIdentifier('1.3.6.1.5.5.2'))
def testDerCodec(self):
substrate = pem.readBase64fromText(self.othername_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc9174.id_on_bundleEID,
asn1Object['otherName']['type-id'])
othername, rest = der_decoder(asn1Object['otherName']['value'],
rfc9174.BundleEID())
self.assertFalse(rest)
self.assertTrue(othername.prettyPrint())
self.assertEqual(asn1Object['otherName']['value'],
der_encoder(othername))
self.assertIn('example', othername)
