class EncryptionAlgorithmIdentifier(AlgorithmIdentifier):
schema = (
("algorithm", ObjectIdentifier(defines=(
(("parameters",), {id_pbes2: PBES2Params()}),
))),
("parameters", Any(optional=True)),
)
class PBES2Encs(AlgorithmIdentifier):
schema = (
("algorithm", ObjectIdentifier(defines=(
(("parameters",), {id_Gost28147_89: Gost2814789Parameters()}),
))),
("parameters", Any(optional=True)),
)
class PBES2KDFs(AlgorithmIdentifier):
schema = (
("algorithm", ObjectIdentifier(defines=(
(("parameters",), {id_pbkdf2: PBKDF2Params()}),
))),
("parameters", Any(optional=True)),
)
class AuthSafe(Sequence):
schema = (
("contentType", ContentType(defines=(
(("content",), {id_data: OctetStringSafeContents()}),
))),
("content", Any(expl=tag_ctxc(0))),
)
def test__get_curve_raise(self):
cert = self.crypto._parse_asn_tbs_cert(valid_cert)
cert["subjectPublicKeyInfo"]["algorithm"]["parameters"] = Any(
GostR34102012PublicKeyParameters(
(("publicKeyParamSet",
ObjectIdentifier("1.2.643.7.1.2.1.2.9999")), )))
with self.assertRaises(CertNotValid):
self.crypto._get_curve(cert)
class OtherName(Sequence):
# OtherName ::= SEQUENCE {
# type-id OBJECT IDENTIFIER,
# value [0] EXPLICIT ANY DEFINED BY type-id }
schema = (
("type-id", ObjectIdentifier()),
("value", Any(expl=tag_ctxc(0))),
)
class ContentInfo(Sequence):
schema = (
("contentType",
ContentType(defines=((("content", ), {
id_digestedData: DigestedData(),
id_envelopedData: EnvelopedData(),
id_signedData: SignedData(),
}), ))),
("content", Any(expl=tag_ctxc(0))),
)
class PrivateKeyAlgorithmIdentifier(Sequence):
schema = (
("algorithm",
ObjectIdentifier(defines=((
("parameters", ), {
id_tc26_gost3410_2012_256: GostR34102012PublicKeyParameters(),
id_tc26_gost3410_2012_512: GostR34102012PublicKeyParameters(),
}), ))),
("parameters", Any(optional=True)),
)
class AlgorithmIdentifier(Sequence):
# AlgorithmIdentifier ::= SEQUENCE {
# algorithm OBJECT IDENTIFIER,
# parameters ANY DEFINED BY algorithm OPTIONAL }
# -- contains a value of the type
# -- registered for use with the
# -- algorithm object identifier value
schema = (
("algorithm", ObjectIdentifier()),
("parameters", Any(optional=True)),
)
def test_512_test_paramset(self):
self._test_vector(
"id-tc26-gost-3410-2012-512-paramSetTest",
2012,
GOST34112012512,
AlgorithmIdentifier((
("algorithm", id_tc26_gost3410_2012_512),
("parameters",
Any(
GostR34102012PublicKeyParameters(
(("publicKeyParamSet",
id_tc26_gost3410_2012_512_paramSetTest), )))),
)),
AlgorithmIdentifier(
(("algorithm", id_tc26_signwithdigest_gost3410_2012_512), )),
11,
"0BA6048AADAE241BA40936D47756D7C93091A0E8514669700EE7508E508B102072E8123B2200A0563322DAD2827E2714A2636B7BFD18AADFC62967821FA18DD4",
"433B1D6CE40A51F1E5737EB16AA2C683829A405B9D9127E21260FC9D6AC05D87BF24E26C45278A5C2192A75BA94993ABD6074E7FF1BF03FD2F5397AFA1D945582F86FA60A081091A23DD795E1E3C689EE512A3C82EE0DCC2643C78EEA8FCACD35492558486B20F1C9EC197C90699850260C93BCBCD9C5C3317E19344E173AE36",
"""
MIIBTzCBvAIBADASMRAwDgYDVQQDEwdFeGFtcGxlMIGgMBcGCCqFAwcBAQECMAsG
CSqFAwcBAgECAAOBhAAEgYDh7zDVLGEz3dmdHVxBRVz3302LTJJbvGmvFDPRVlhR
Wt0hRoUMMlxbgcEzvmVaqMTUQOe5io1ZSHsMdpa8xV0R7L53NqnsNX/y/TmTH04R
TLjNo1knCsfw5/9D2UGUGeph/Sq3f12fY1I9O1CgT2PioM9Rt8E63CFWDwvUDMnH
N6AAMAoGCCqFAwcBAQMDA4GBAEM7HWzkClHx5XN+sWqixoOCmkBbnZEn4hJg/J1q
wF2HvyTibEUnilwhkqdbqUmTq9YHTn/xvwP9L1OXr6HZRVgvhvpgoIEJGiPdeV4e
PGie5RKjyC7g3MJkPHjuqPys01SSVYSGsg8cnsGXyQaZhQJgyTvLzZxcMxfhk0Th
c642
""",
"415703D892F1A5F3F68C4353189A7EE207B80B5631EF9D49529A4D6B542C2CFA15AA2EACF11F470FDE7D954856903C35FD8F955EF300D95C77534A724A0EEE702F86FA60A081091A23DD795E1E3C689EE512A3C82EE0DCC2643C78EEA8FCACD35492558486B20F1C9EC197C90699850260C93BCBCD9C5C3317E19344E173AE36",
"""
MIIBqjCCARagAwIBAgIBCzAKBggqhQMHAQEDAzASMRAwDgYDVQQDEwdFeGFtcGxl
MCAXDTAxMDEwMTAwMDAwMFoYDzIwNTAxMjMxMDAwMDAwWjASMRAwDgYDVQQDEwdF
eGFtcGxlMIGgMBcGCCqFAwcBAQECMAsGCSqFAwcBAgECAAOBhAAEgYDh7zDVLGEz
3dmdHVxBRVz3302LTJJbvGmvFDPRVlhRWt0hRoUMMlxbgcEzvmVaqMTUQOe5io1Z
SHsMdpa8xV0R7L53NqnsNX/y/TmTH04RTLjNo1knCsfw5/9D2UGUGeph/Sq3f12f
Y1I9O1CgT2PioM9Rt8E63CFWDwvUDMnHN6MTMBEwDwYDVR0TAQH/BAUwAwEB/zAK
BggqhQMHAQEDAwOBgQBBVwPYkvGl8/aMQ1MYmn7iB7gLVjHvnUlSmk1rVCws+hWq
LqzxH0cP3n2VSFaQPDX9j5Ve8wDZXHdTSnJKDu5wL4b6YKCBCRoj3XleHjxonuUS
o8gu4NzCZDx47qj8rNNUklWEhrIPHJ7Bl8kGmYUCYMk7y82cXDMX4ZNE4XOuNg==
""",
"3A13FB7AECDB5560EEF6137CFC5DD64691732EBFB3690A1FC0C7E8A4EEEA08307D648D4DC0986C46A87B3FBE4C7AF42EA34359C795954CA39FF3ABBED9051F4D2F86FA60A081091A23DD795E1E3C689EE512A3C82EE0DCC2643C78EEA8FCACD35492558486B20F1C9EC197C90699850260C93BCBCD9C5C3317E19344E173AE36",
"""
MIHTMEECAQEwCgYIKoUDBwEBAwMwEjEQMA4GA1UEAxMHRXhhbXBsZRcNMTQwMTAx
MDAwMDAwWhcNMTQwMTAyMDAwMDAwWjAKBggqhQMHAQEDAwOBgQA6E/t67NtVYO72
E3z8XdZGkXMuv7NpCh/Ax+ik7uoIMH1kjU3AmGxGqHs/vkx69C6jQ1nHlZVMo5/z
q77ZBR9NL4b6YKCBCRoj3XleHjxonuUSo8gu4NzCZDx47qj8rNNUklWEhrIPHJ7B
l8kGmYUCYMk7y82cXDMX4ZNE4XOuNg==
""",
)
class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
schema = (
("algorithm",
ObjectIdentifier(defines=(
(("..", "encryptedKey"), {
id_tc26_gost3410_2012_256: GostR3410KeyTransport(),
id_tc26_gost3410_2012_512: GostR3410KeyTransport(),
}),
(("..", "recipientEncryptedKeys", any, "encryptedKey"), {
id_tc26_gost3410_2012_256: Gost2814789EncryptedKey(),
id_tc26_gost3410_2012_512: Gost2814789EncryptedKey(),
}),
))),
("parameters", Any(optional=True)),
)
def test__parse_public_key_hash_raise(self):
pem_cert = self.crypto._parse_pem(valid_cert)
asn_cert = self.crypto._parse_asn_cert(pem_cert)
asn_cert["tbsCertificate"]["subjectPublicKeyInfo"]["algorithm"][
"parameters"] = Any(
GostR34102012PublicKeyParameters((
("publicKeyParamSet",
ObjectIdentifier("1.2.643.7.1.2.1.2.9999")),
("digestParamSet",
ObjectIdentifier("1.2.643.7.1.2.1.2.9999")),
)))
cert_new = b64encode(asn_cert.encode()).decode()
with self.assertRaises(CertNotValid):
self.crypto._parse_public_key_hash(
"-----BEGIN CERTIFICATE-----\n" + cert_new +
"\n-----END CERTIFICATE-----")
class SignerInfo(Sequence):
# SignerInfo ::= SEQUENCE {
# version CMSVersion,
# sid SignerIdentifier,
# digestAlgorithm DigestAlgorithmIdentifier,
# signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
# signatureAlgorithm SignatureAlgorithmIdentifier,
# signature SignatureValue,
# unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
schema = (
("version", CMSVersion()),
("sid", Any()),
("digestAlgorithm", DigestAlgorithmIdentifier()),
("signedAttrs", SignedAttributes(impl=tag_ctxc(0), optional=True)),
("signatureAlgorithm", SignatureAlgorithmIdentifier()),
("signature", SignatureValue()),
("unsignedAttrs", UnsignedAttributes(impl=tag_ctxc(1), optional=True)),
)
def test_256_test_paramset(self):
self._test_vector(
"id-GostR3410-2001-TestParamSet",
2001,
GOST34112012256,
AlgorithmIdentifier((
("algorithm", id_tc26_gost3410_2012_256),
("parameters",
Any(
GostR34102012PublicKeyParameters((
("publicKeyParamSet", id_GostR3410_2001_TestParamSet),
("digestParamSet", id_tc26_gost3411_2012_256),
)))),
)),
AlgorithmIdentifier(
(("algorithm", id_tc26_signwithdigest_gost3410_2012_256), )),
10,
"7A929ADE789BB9BE10ED359DD39A72C11B60961F49397EEE1D19CE9891EC3B28",
"6AAAB38E35D4AAA517940301799122D855484F579F4CBB96D63CDFDF3ACC432A41AA28D2F1AB148280CD9ED56FEDA41974053554A42767B83AD043FD39DC0493",
"""
MIHTMIGBAgEAMBIxEDAOBgNVBAMTB0V4YW1wbGUwZjAfBggqhQMHAQEBATATBgcq
hQMCAiMABggqhQMHAQECAgNDAARAC9hv5djbiWaPeJtOHbqFhcVQi0XsW1nYkG3b
cOJJK3/ad/+HGhD73ydm0pPF0WSvuzx7lzpByIXRHXDWibTxJqAAMAoGCCqFAwcB
AQMCA0EAaqqzjjXUqqUXlAMBeZEi2FVIT1efTLuW1jzf3zrMQypBqijS8asUgoDN
ntVv7aQZdAU1VKQnZ7g60EP9OdwEkw==
""",
"4D53F012FE081776507D4D9BB81F00EFDB4EEFD4AB83BAC4BACF735173CFA81C41AA28D2F1AB148280CD9ED56FEDA41974053554A42767B83AD043FD39DC0493",
"""
MIIBLTCB26ADAgECAgEKMAoGCCqFAwcBAQMCMBIxEDAOBgNVBAMTB0V4YW1wbGUw
IBcNMDEwMTAxMDAwMDAwWhgPMjA1MDEyMzEwMDAwMDBaMBIxEDAOBgNVBAMTB0V4
YW1wbGUwZjAfBggqhQMHAQEBATATBgcqhQMCAiMABggqhQMHAQECAgNDAARAC9hv
5djbiWaPeJtOHbqFhcVQi0XsW1nYkG3bcOJJK3/ad/+HGhD73ydm0pPF0WSvuzx7
lzpByIXRHXDWibTxJqMTMBEwDwYDVR0TAQH/BAUwAwEB/zAKBggqhQMHAQEDAgNB
AE1T8BL+CBd2UH1Nm7gfAO/bTu/Uq4O6xLrPc1Fzz6gcQaoo0vGrFIKAzZ7Vb+2k
GXQFNVSkJ2e4OtBD/TncBJM=
""",
"42BF392A14D3EBE957AF3E46CB50BF5F4221A003AD3D172753C94A9C37A31D2041AA28D2F1AB148280CD9ED56FEDA41974053554A42767B83AD043FD39DC0493",
"""
MIGSMEECAQEwCgYIKoUDBwEBAwIwEjEQMA4GA1UEAxMHRXhhbXBsZRcNMTQwMTAx
MDAwMDAwWhcNMTQwMTAyMDAwMDAwWjAKBggqhQMHAQEDAgNBAEK/OSoU0+vpV68+
RstQv19CIaADrT0XJ1PJSpw3ox0gQaoo0vGrFIKAzZ7Vb+2kGXQFNVSkJ2e4OtBD
/TncBJM=
""",
)
def test_256a_paramset(self):
self._test_vector(
"id-tc26-gost-3410-2012-256-paramSetA",
2001,
GOST34112012256,
AlgorithmIdentifier((
("algorithm", id_tc26_gost3410_2012_256),
("parameters",
Any(
GostR34102012PublicKeyParameters(
(("publicKeyParamSet",
id_tc26_gost3410_2012_256_paramSetA), )))),
)),
AlgorithmIdentifier(
(("algorithm", id_tc26_signwithdigest_gost3410_2012_256), )),
10,
"7A929ADE789BB9BE10ED359DD39A72C11B60961F49397EEE1D19CE9891EC3B28",
"1BDC2A1317679B66232F63EA16FF7C64CCAAB9AD855FC6E18091661DB79D48121D0E1DA5BE347C6F1B5256C7AEAC200AD64AC77A6F5B3A0E097318E7AE6EE769",
"""
MIHKMHkCAQAwEjEQMA4GA1UEAxMHRXhhbXBsZTBeMBcGCCqFAwcBAQEBMAsGCSqF
AwcBAgEBAQNDAARAdCeV1L7ohN3yhQ/sA+o/rxhE4B2dpgtkUJOlXibfw5l49ZbP
TU0MbPHRiUPZRJPRa57AoW1RLS4SfMRpGmMY4qAAMAoGCCqFAwcBAQMCA0EAG9wq
Exdnm2YjL2PqFv98ZMyqua2FX8bhgJFmHbedSBIdDh2lvjR8bxtSVseurCAK1krH
em9bOg4Jcxjnrm7naQ==
""",
"140B4DA9124B09CB0D5CE928EE874273A310129492EC0E29369E3B791248578C1D0E1DA5BE347C6F1B5256C7AEAC200AD64AC77A6F5B3A0E097318E7AE6EE769",
"""
MIIBJTCB06ADAgECAgEKMAoGCCqFAwcBAQMCMBIxEDAOBgNVBAMTB0V4YW1wbGUw
IBcNMDEwMTAxMDAwMDAwWhgPMjA1MDEyMzEwMDAwMDBaMBIxEDAOBgNVBAMTB0V4
YW1wbGUwXjAXBggqhQMHAQEBATALBgkqhQMHAQIBAQEDQwAEQHQnldS+6ITd8oUP
7APqP68YROAdnaYLZFCTpV4m38OZePWWz01NDGzx0YlD2UST0WuewKFtUS0uEnzE
aRpjGOKjEzARMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoUDBwEBAwIDQQAUC02pEksJ
yw1c6Sjuh0JzoxASlJLsDik2njt5EkhXjB0OHaW+NHxvG1JWx66sIArWSsd6b1s6
DglzGOeubudp
""",
"14BD68087C3B903C7AA28B07FEB2E7BD6FE0963F563267359F5CD8EAB45059AD1D0E1DA5BE347C6F1B5256C7AEAC200AD64AC77A6F5B3A0E097318E7AE6EE769",
"""
MIGSMEECAQEwCgYIKoUDBwEBAwIwEjEQMA4GA1UEAxMHRXhhbXBsZRcNMTQwMTAx
MDAwMDAwWhcNMTQwMTAyMDAwMDAwWjAKBggqhQMHAQEDAgNBABS9aAh8O5A8eqKL
B/6y571v4JY/VjJnNZ9c2Oq0UFmtHQ4dpb40fG8bUlbHrqwgCtZKx3pvWzoOCXMY
565u52k=
""",
)
class RecipientIdentifier(Choice):
schema = (
("issuerAndSerialNumber", Any()),
# ("subjectKeyIdentifier", SubjectKeyIdentifier(impl=tag_ctxp(0))),
)
class ContentInfo(Sequence):
schema = (
("contentType", ContentType()),
("content", Any(expl=tag_ctxc(0))),
)
class AuthSafe(Sequence):
schema = (
("contentType", ContentType()),
("content", Any(expl=tag_ctxc(0))),
)
class PBKDF2PRFs(AlgorithmIdentifier):
schema = (
("algorithm", ObjectIdentifier(default=id_hmacWithSHA1)),
("parameters", Any(optional=True)),
)
class KeyAgreeRecipientIdentifier(Choice):
schema = (("issuerAndSerialNumber", Any()),
# ("rKeyId", RecipientKeyIdentifier(impl=tag_ctxc(0))),
)
class AttrValue(SetOf):
schema = Any()
class PBES2Encs(AlgorithmIdentifier):
schema = (
("algorithm", ObjectIdentifier()),
("parameters", Any(optional=True)),
)
class AlgorithmIdentifier(Sequence):
schema = (
("algorithm", ObjectIdentifier()),
("parameters", Any(optional=True)),
)
key_params = GostR34102012PublicKeyParameters((
("publicKeyParamSet", id_tc26_gost3410_2012_512_paramSetA),
("digestParamSet", id_tc26_gost3411_2012_512),
))
prv_raw = urandom(64)
print("-----BEGIN PRIVATE KEY-----")
print(
pem(
PrivateKeyInfo((
("version", Integer(0)),
("privateKeyAlgorithm",
PrivateKeyAlgorithmIdentifier((
("algorithm", id_tc26_gost3410_2012_512),
("parameters", Any(key_params)),
))),
("privateKey", PrivateKey(prv_raw)),
))))
print("-----END PRIVATE KEY-----")
prv = prv_unmarshal(prv_raw)
curve = CURVES["id-tc26-gost-3410-12-512-paramSetA"]
pub_raw = pub_marshal(public_key(curve, prv), mode=2012)
subj = Name(("rdnSequence",
RDNSequence([
RelativeDistinguishedName((AttributeTypeAndValue((
("type", AttributeType(id_at_commonName)),
("value", AttributeValue(PrintableString(argv[1]))),
)), ))
])))