def scan(self, data, file, options, expire_at):
tmp_directory = options.get('tmp_directory', '/tmp/')
self.event['total'] = {'certificates': 0, 'extracted': 0}
with tempfile.NamedTemporaryFile(dir=tmp_directory) as tmp_data:
tmp_data.write(data)
tmp_data.flush()
if data[:1] == b'0':
pkcs7 = SMIME.load_pkcs7_der(tmp_data.name)
else:
pkcs7 = SMIME.load_pkcs7(tmp_data.name)
certs = pkcs7.get0_signers(X509.X509_Stack())
if certs:
self.event['total']['certificates'] = len(certs)
for cert in certs:
extract_file = strelka.File(
name=f'sn_{cert.get_serial_number()}',
source=self.name,
)
for c in strelka.chunk_string(cert.as_der()):
self.upload_to_coordinator(
extract_file.pointer,
c,
expire_at,
)
self.files.append(extract_file)
self.event['total']['extracted'] += 1
def test_load_bad(self):
s = SMIME.SMIME()
with self.assertRaises(EVP.EVPError):
s.load_key('tests/signer.pem', 'tests/signer.pem')
with self.assertRaises(BIO.BIOError):
SMIME.load_pkcs7('nosuchfile-dfg456')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7('tests/signer.pem')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7_bio(BIO.MemoryBuffer(b'no pkcs7'))
with self.assertRaises(BIO.BIOError):
SMIME.load_pkcs7_der('nosuchfile-dfg456')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7_der('tests/signer.pem')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7_bio_der(BIO.MemoryBuffer(b'no pkcs7'))
with self.assertRaises(SMIME.SMIME_Error):
SMIME.smime_load_pkcs7('tests/signer.pem')
with self.assertRaises(SMIME.SMIME_Error):
SMIME.smime_load_pkcs7_bio(BIO.MemoryBuffer(b'no pkcs7'))
def test_load_bad(self):
s = SMIME.SMIME()
with self.assertRaises(EVP.EVPError):
s.load_key('tests/signer.pem',
'tests/signer.pem')
with self.assertRaises(BIO.BIOError):
SMIME.load_pkcs7('nosuchfile-dfg456')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7('tests/signer.pem')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7_bio(BIO.MemoryBuffer(b'no pkcs7'))
with self.assertRaises(BIO.BIOError):
SMIME.load_pkcs7_der('nosuchfile-dfg456')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7_der('tests/signer.pem')
with self.assertRaises(SMIME.PKCS7_Error):
SMIME.load_pkcs7_bio_der(BIO.MemoryBuffer(b'no pkcs7'))
with self.assertRaises(SMIME.SMIME_Error):
SMIME.smime_load_pkcs7('tests/signer.pem')
with self.assertRaises(SMIME.SMIME_Error):
SMIME.smime_load_pkcs7_bio(BIO.MemoryBuffer(b'no pkcs7'))
def extract(self):
smime = SMIME.SMIME()
smime.set_x509_store(X509.X509_Store())
smime.set_x509_stack(X509.X509_Stack())
try:
original_file_content = smime.verify(SMIME.load_pkcs7_der(
self.temppath),
flags=SMIME.PKCS7_NOVERIFY)
except SMIME.PKCS7_Error as e:
logger.debug("{} importer: not a PKCS7 file.".format(
self.processor))
raise e
temp = NamedTemporaryFile()
temp.write(original_file_content)
temp.flush()
return temp
def test_load_pkcs7_der(self):
self.assertEqual(
SMIME.load_pkcs7_der(self.filename_der).type(), SMIME.PKCS7_SIGNED)
def test_load_pkcs7_der(self):
self.assertEqual(SMIME.load_pkcs7_der(self.filename_der).type(), SMIME.PKCS7_SIGNED)