def main():
    attributes = AuthenticatedAttributes()
    attributes.setComponentByName("target", "test")
    attributes.setComponentByName("length", 1024)
    data = der_encoder.encode(attributes)
    print "attributes " + binascii.hexlify(data)

    ident = x509.AlgorithmIdentifier()
    ident.setComponentByName("algorithm", sha256WithRSAEncryptionOID)
    data = der_encoder.encode(ident)
    print "ident " + binascii.hexlify(data)

    sig = AndroidVerifiedBootSignature()
    sig.setComponentByName('formatVersion', 1)
    sig.setComponentByName('algorithmId', ident)
    sig.setComponentByName('attributes', attributes)
    sig.setComponentByName('signature', univ.OctetString('abcdef0123456789'))
    data = der_encoder.encode(sig)
    print "sig " + binascii.hexlify(data)

    material = pkcs1.RSAPublicKey()
    material.setComponentByName('modulus', 'abc123')
    material.setComponentByName('publicExponent', (1 << 16) + 1)

    keyinfo = KeyInfo()
    keyinfo.setComponentByName('algorithm', ident)
    keyinfo.setComponentByName('keyMaterial', material)

    bag = KeyBag()
    bag.setComponentByPosition(0, keyinfo)

    keystore = AndroidVerifiedBootKeystore()
    keystore.setComponentByName('formatVersion', 1)
    keystore.setComponentByName('bag', bag)
    keystore.setComponentByName('signature', sig)
Exemple #2
0
def parse_cert(raw_bytes):
    result = CertInfo()

    certType = rfc2459.Certificate()
    cert, rest = decoder.decode(raw_bytes, asn1Spec=certType)
    subj_pub_key_bytes = frombits(
        cert.getComponentByName('tbsCertificate').getComponentByName(
            'subjectPublicKeyInfo').getComponentByName('subjectPublicKey'))
    SUBJECT = cert.getComponentByName('tbsCertificate').getComponentByName(
        'subject')
    for rdn in SUBJECT[0]:
        for nv in rdn:
            name = nv.getComponentByName('type')
            value = nv.getComponentByName('value')
            # could pick up regular OUs too
            if name == rfc2459.id_at_organizationalUnitName:
                #print 'name: %s' % name
                #print 'value: [%s] (%s)' % (str(value).strip(), type(value))
                result.control_fields.append(str(value).strip())

    rsaType = rfc2437.RSAPublicKey()
    rsadata, rsadata_rest = decoder.decode(subj_pub_key_bytes,
                                           asn1Spec=rsaType)
    mod = rsadata.getComponentByName("modulus")
    pub_exp = rsadata.getComponentByName("publicExponent")
    result.pub_key = rsa.PublicKey(long(mod), long(pub_exp))

    return result
Exemple #3
0
    def from_subject_pubkey_info(cls, pk_alg, params_asn1, pubkey_data):
        pubkey = ASN1Tools.safe_decode(pubkey_data,
                                       asn1_spec=rfc2437.RSAPublicKey())

        if pubkey.asn1 is not None:
            accessible_parameters = {
                "n": int(pubkey.asn1["modulus"]),
                "e": int(pubkey.asn1["publicExponent"]),
                "params": params_asn1 if params_asn1.hasValue() else None,
            }
        else:
            accessible_parameters = None
        return cls(accessible_parameters=accessible_parameters,
                   decoding_details=pubkey)
Exemple #4
0
    def create(cls, parameters):
        asn1 = rfc2459.SubjectPublicKeyInfo()
        asn1["algorithm"] = rfc2459.AlgorithmIdentifier()
        asn1["algorithm"][
            "algorithm"] = OIDDB.KeySpecificationAlgorithms.inverse(
                "rsaEncryption").to_asn1()
        asn1["algorithm"]["parameters"] = pyasn1.type.univ.Any(
            value=pyasn1.codec.der.encoder.encode(pyasn1.type.univ.Null()))

        inner_key = rfc2437.RSAPublicKey()
        inner_key["modulus"] = pyasn1.type.univ.Integer(parameters["n"])
        inner_key["publicExponent"] = pyasn1.type.univ.Integer(parameters["e"])
        inner_key = pyasn1.codec.der.encoder.encode(inner_key)
        asn1["subjectPublicKey"] = ASN1Tools.bytes2bitstring(inner_key)
        return asn1
class KeyInfo(univ.Sequence):
    componentType = namedtype.NamedTypes(
        namedtype.NamedType('algorithm', x509.AlgorithmIdentifier()),
        namedtype.NamedType('keyMaterial', pkcs1.RSAPublicKey())
    )