def testDerCodec(self): substrate = pem.readBase64fromText(self.message1_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd, rest = der_decoder( asn1Object['content'], asn1Spec=rfc5652.SignedData()) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq: sav, rest = der_decoder( sav0, asn1Spec=rfc7191.KeyPkgIdentifierAndReceiptReq()) self.assertFalse(rest) self.assertTrue(sav.prettyPrint()) self.assertEqual(sav0, der_encoder(sav)) package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) self.assertEqual(package_id, sav['pkgID'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.message3_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertTrue(sd.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(sd)) oid = sd['encapContentInfo']['eContentType'] self.assertEqual(rfc7191.id_ct_KP_keyPackageError, oid) kpe, rest = der_decoder(sd['encapContentInfo']['eContent'], asn1Spec=rfc7191.KeyPackageError()) self.assertFalse(rest) self.assertTrue(kpe.prettyPrint()) self.assertEqual(sd['encapContentInfo']['eContent'], der_encoder(kpe)) package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) self.assertEqual(package_id, kpe['errorOf']['pkgID']) self.assertEqual( rfc7191.EnumeratedErrorCode(value=10), kpe['errorCode'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.env_data_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType']) ed, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.EnvelopedData()) self.assertFalse(rest) self.assertTrue(ed.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(ed)) kwa = ed['recipientInfos'][0]['kekri']['keyEncryptionAlgorithm'] self.assertEqual(rfc3058.id_alg_CMSIDEAwrap, kwa['algorithm']) self.assertEqual(kwa['parameters'], der_encoder(univ.Null(""))) cea = ed['encryptedContentInfo']['contentEncryptionAlgorithm'] self.assertEqual(rfc3058.id_IDEA_CBC, cea['algorithm']) param, rest = der_decoder(cea['parameters'], asn1Spec=rfc3058.IDEA_CBCPar()) self.assertFalse(rest) self.assertTrue(param.prettyPrint()) self.assertEqual(cea['parameters'], der_encoder(param)) iv = univ.OctetString(hexValue='424f4755535f4956') self.assertEqual(iv, param['iv'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) expectedCaps = [ rfc6664.rsaEncryption, rfc6664.id_RSAES_OAEP, rfc6664.id_RSASSA_PSS, rfc6664.id_dsa, rfc6664.dhpublicnumber, rfc6664.id_ecPublicKey, rfc6664.id_ecMQV, ] count = 0 smimeCapabilityMap = opentypemap.get('smimeCapabilityMap') for cap in asn1Object: if cap['capabilityID'] in expectedCaps: self.assertIn(cap['capabilityID'], smimeCapabilityMap) cap_p, rest = der_decoder( cap['parameters'], asn1Spec=rfc5751.smimeCapabilityMap[cap['capabilityID']]) self.assertFalse(rest) self.assertTrue(cap_p.prettyPrint()) self.assertEqual(cap['parameters'], der_encoder(cap_p)) count += 1 self.assertEqual(len(expectedCaps), count)
def testDerCodec(self): substrate = pem.readBase64fromText(self.rsa_cert_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][ 'algorithm'] self.assertEqual(rfc3279.rsaEncryption, spki_a['algorithm']) spki_pk = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][ 'subjectPublicKey'].asOctets() pk, rest = der_decoder(spki_pk, asn1Spec=rfc3279.RSAPublicKey()) self.assertFalse(rest) self.assertTrue(pk.prettyPrint()) self.assertEqual(spki_pk, der_encoder(pk)) self.assertEqual(65537, pk['publicExponent']) self.assertEqual( rfc3279.sha1WithRSAEncryption, asn1Object['tbsCertificate']['signature']['algorithm']) self.assertEqual(rfc3279.sha1WithRSAEncryption, asn1Object['signatureAlgorithm']['algorithm'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.dsa_cert_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][ 'algorithm'] self.assertEqual(rfc3279.id_dsa, spki_a['algorithm']) spki_a_p, rest = der_decoder(spki_a['parameters'], asn1Spec=rfc3279.Dss_Parms()) self.assertFalse(rest) self.assertTrue(spki_a_p.prettyPrint()) self.assertEqual(spki_a['parameters'], der_encoder(spki_a_p)) q_value = 1260916123897116834511257683105158021801897369967 self.assertEqual(q_value, spki_a_p['q']) sig_value, rest = der_decoder(asn1Object['signature'].asOctets(), asn1Spec=rfc3279.Dss_Sig_Value()) self.assertFalse(rest) self.assertTrue(sig_value.prettyPrint()) self.assertEqual(asn1Object['signature'].asOctets(), der_encoder(sig_value)) self.assertTrue(sig_value['r'].hasValue()) self.assertTrue(sig_value['s'].hasValue())
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) certificateExtensionsMap = opentypemap.get('certificateExtensionsMap') self.assertIn(rfc3820.id_pe_proxyCertInfo, certificateExtensionsMap) found_ppl = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc3820.id_pe_proxyCertInfo: pci, rest = der_decoder(extn['extnValue'], asn1Spec=certificateExtensionsMap[ rfc3820.id_pe_proxyCertInfo]) self.assertFalse(rest) self.assertTrue(pci.prettyPrint()) self.assertEqual(extn['extnValue'], der_encoder(pci)) self.assertEqual(rfc3820.id_ppl_inheritAll, pci['proxyPolicy']['policyLanguage']) found_ppl = True self.assertTrue(found_ppl)
def testOpenTypes(self): asn1Spec = rfc5652.ContentInfo() substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=asn1Spec, decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) substrate = asn1Object['content']['encapContentInfo']['eContent'] oid = asn1Object['content']['encapContentInfo']['eContentType'] cmsContentTypesMap = opentypemap.get('cmsContentTypesMap') self.assertIn(oid, cmsContentTypesMap) tac_token, rest = der_decoder(substrate, asn1Spec=cmsContentTypesMap[oid], decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(tac_token.prettyPrint()) self.assertEqual(substrate, der_encoder(tac_token)) self.assertEqual('2019', tac_token['timeout'][:4]) self.assertEqual('5dcdf44e', tac_token['userKey'].prettyPrint()[-8:])
def testDerCodec(self): # The id_ce_criticalPoison is not automatically added to the map. # Normally certificates that contiain it are rejected. certificateExtensionsMap = opentypemap.get('certificateExtensionsMap') self.assertNotIn(rfc6962.id_ce_criticalPoison, certificateExtensionsMap) extn_map = { rfc6962.id_ce_criticalPoison: univ.Null(""), } extn_map.update(certificateExtensionsMap) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) extn_list = [] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) ev, rest = der_decoder(extn['extnValue'], asn1Spec=extn_map[extn['extnID']]) self.assertFalse(rest) if not ev == univ.Null(""): self.assertTrue(ev.prettyPrint()) self.assertEqual(extn['extnValue'], der_encoder(ev)) self.assertIn(rfc6962.id_ce_criticalPoison, extn_list)
def testDerCodec(self): blake_oids = [ rfc7693.id_blake2b160, rfc7693.id_blake2b256, rfc7693.id_blake2b384, rfc7693.id_blake2b512, rfc7693.id_blake2s128, rfc7693.id_blake2s160, rfc7693.id_blake2s224, rfc7693.id_blake2s256, ] substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) count = 0 algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap') for cap in asn1Object: if cap['capabilityID'] in blake_oids: count += 1 self.assertIn(cap['capabilityID'], algorithmIdentifierMap) self.assertEqual(len(blake_oids), count)
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertTrue(sd.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(sd)) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc6211.id_aa_cmsAlgorithmProtect: sav, rest = der_decoder( sav0, asn1Spec=rfc6211.CMSAlgorithmProtection()) self.assertFalse(rest) self.assertTrue(sav.prettyPrint()) self.assertEqual(sav0, der_encoder(sav))
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) extn_list = [] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc3709.id_pe_logotype: s = extn['extnValue'] logotype, rest = der_decoder(s, rfc3709.LogotypeExtn()) self.assertFalse(rest) self.assertTrue(logotype.prettyPrint()) self.assertEqual(s, der_encoder(logotype)) ids = logotype['subjectLogo']['direct']['image'][0][ 'imageDetails'] self.assertEqual("image/png", ids['mediaType']) expected = "http://www.vigilsec.com/vigilsec_logo.png" self.assertEqual(expected, ids['logotypeURI'][0]) self.assertIn(rfc3709.id_pe_logotype, extn_list)
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object))
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) layers = {} layers.update(rfc5652.cmsContentTypesMap) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], } layer = rfc5652.id_ct_contentInfo while layer in getNextLayer: asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) substrate = getNextSubstrate[layer](asn1Object) layer = getNextLayer[layer](asn1Object) self.assertEqual(rfc6493.id_ct_rpkiGhostbusters, layer) self.assertEqual(str2octs('BEGIN:VCARD'), substrate[0:11])
def testDerCodec(self): layers = {} layers.update(opentypemap.get('cmsContentTypesMap')) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], } substrate = pem.readBase64fromText(self.cvrequest_pem_text) layer = rfc5652.id_ct_contentInfo while layer in getNextLayer: asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) substrate = getNextSubstrate[layer](asn1Object) layer = getNextLayer[layer](asn1Object) asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertIn(rfc5276.id_swb_ers_all, asn1Object['query']['wantBack'])
def testDerCodec(self): access_methods = [ rfc6487.id_ad_rpkiManifest, rfc6487.id_ad_signedObject, ] substrate = pem.readBase64fromText(self.rpki_cert_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess: extnValue, rest = der_decoder( extn['extnValue'], asn1Spec=rfc5280.SubjectInfoAccessSyntax()) for ad in extnValue: if ad['accessMethod'] in access_methods: uri = ad['accessLocation']['uniformResourceIdentifier'] self.assertIn('rpki.apnic.net', uri) count += 1 self.assertEqual(1, count)
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) layers = {} layers.update(opentypemap.get('cmsContentTypesMap')) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc5636.id_kisa_tac_token: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc5636.id_kisa_tac_token: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decoder(substrate, asn1Spec=layers[next_layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) self.assertEqual('2019', asn1Object['timeout'][:4]) self.assertEqual('5dcdf44e', asn1Object['userKey'].prettyPrint()[-8:])
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_ct_authData, asn1Object['contentType']) ad, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.AuthenticatedData()) self.assertFalse(rest) self.assertTrue(ad.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(ad)) self.assertEqual(0, ad['version']) self.assertEqual(rfc6210.id_alg_MD5_XOR_EXPERIMENT, ad['digestAlgorithm']['algorithm']) algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap') mac_alg_p, rest = der_decoder(ad['digestAlgorithm']['parameters'], asn1Spec=algorithmIdentifierMap[ ad['digestAlgorithm']['algorithm']]) self.assertFalse(rest) self.assertTrue(mac_alg_p.prettyPrint()) self.assertEqual(ad['digestAlgorithm']['parameters'], der_encoder(mac_alg_p)) self.assertEqual("0x01020304", mac_alg_p.prettyPrint()[:10])
def testDerCodec(self): substrate = pem.readBase64fromText(self.constrained_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc6010.id_pe_cmsContentConstraints, asn1Object['extnID']) evalue, rest = der_decoder(asn1Object['extnValue'], asn1Spec=rfc6010.CMSContentConstraints()) self.assertFalse(rest) self.assertTrue(evalue.prettyPrint()) self.assertEqual(asn1Object['extnValue'], der_encoder(evalue)) constraint_count = 0 attribute_count = 0 cannot_count = 0 for ccc in evalue: constraint_count += 1 if ccc['canSource'] == 1: cannot_count += 1 if ccc['attrConstraints'].hasValue(): for attr in ccc['attrConstraints']: attribute_count += 1 self.assertEqual(4, constraint_count) self.assertEqual(3, attribute_count) self.assertEqual(1, cannot_count)
def testDerCodec(self): layers = {} layers.update(opentypemap.get('cmsContentTypesMap')) self.assertIn(rfc5544.id_ct_timestampedData, layers) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], } substrate = pem.readBase64fromText(self.pem_text) layer = rfc5652.id_ct_contentInfo while layer in getNextLayer: asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) substrate = getNextSubstrate[layer](asn1Object) layer = getNextLayer[layer](asn1Object) asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertIn(b'come here', asn1Object['content'])
def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd_eci = asn1Object['content']['encapContentInfo'] self.assertEqual(rfc5652.id_data, sd_eci['eContentType']) self.assertTrue(sd_eci['eContent'].hasValue()) for ri in asn1Object['content']['crls']: if ri.getName() == 'crl': v2 = rfc5280.Version(value='v2') self.assertEqual(v2, ri['crl']['tbsCertList']['version']) if ri.getName() == 'other': ori = ri['other'] ocspr_oid = rfc5940.id_ri_ocsp_response self.assertEqual(ocspr_oid, ori['otherRevInfoFormat']) ocspr_status = ori['otherRevInfo']['responseStatus'] success = rfc2560.OCSPResponseStatus(value='successful') self.assertEqual(success, ocspr_status)
def testDerCodec(self): substrate = pem.readBase64fromText(self.keytrans_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType']) ed, rest = der_decoder( asn1Object['content'], asn1Spec=rfc5652.EnvelopedData()) self.assertFalse(rest) self.assertTrue(ed.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(ed)) ri = ed['recipientInfos'][0] alg1 = ri['ktri']['keyEncryptionAlgorithm'] self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm']) param1, rest = der_decoder( alg1['parameters'], asn1Spec=rfc4357.GostR3410_2001_PublicKeyParameters()) self.assertFalse(rest) self.assertTrue(param1.prettyPrint()) self.assertEqual(alg1['parameters'], der_encoder(param1)) self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet']) self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet']) alg2 = ed['encryptedContentInfo']['contentEncryptionAlgorithm'] self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm']) param2, rest = der_decoder( alg2['parameters'], asn1Spec=rfc4357.Gost28147_89_Parameters()) self.assertFalse(rest) self.assertTrue(param2.prettyPrint()) self.assertEqual(alg2['parameters'], der_encoder(param2)) self.assertEqual(8, len(param2['iv'])) self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param2['encryptionParamSet'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.kea_cert_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][ 'algorithm'] self.assertEqual(rfc3279.id_keyExchangeAlgorithm, spki_a['algorithm']) spki_a_p, rest = der_decoder(spki_a['parameters'], asn1Spec=rfc3279.KEA_Parms_Id()) self.assertFalse(rest) self.assertTrue(spki_a_p.prettyPrint()) self.assertEqual(spki_a['parameters'], der_encoder(spki_a_p)) self.assertEqual(univ.OctetString(hexValue='5cf8f127e6569d6d88b3'), spki_a_p) self.assertEqual( rfc3279.id_dsa_with_sha1, asn1Object['tbsCertificate']['signature']['algorithm']) self.assertEqual(rfc3279.id_dsa_with_sha1, asn1Object['signatureAlgorithm']['algorithm']) sig_value, rest = der_decoder(asn1Object['signature'].asOctets(), asn1Spec=rfc3279.Dss_Sig_Value()) self.assertFalse(rest) self.assertTrue(sig_value.prettyPrint()) self.assertEqual(asn1Object['signature'].asOctets(), der_encoder(sig_value)) self.assertTrue(sig_value['r'].hasValue()) self.assertTrue(sig_value['s'].hasValue())
def testOpenTypes(self): openTypeMap = { rfc4357.id_GostR3410_2001: rfc4357.GostR3410_2001_PublicKeyParameters(), rfc4357.id_Gost28147_89: rfc4357.Gost28147_89_Parameters(), } substrate = pem.readBase64fromText(self.keytrans_pem_text) asn1Object, rest = der_decoder( substrate, asn1Spec=self.asn1Spec, openTypes=openTypeMap, decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) ri = asn1Object['content']['recipientInfos'][0] alg1 = ri['ktri']['keyEncryptionAlgorithm'] self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm']) param1 = alg1['parameters'] self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet']) self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet']) alg2 = asn1Object['content']['encryptedContentInfo']['contentEncryptionAlgorithm'] self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm']) param2 = alg2['parameters'] self.assertEqual(8, len(param2['iv'])) self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param2['encryptionParamSet'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.kw_alg_id_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(rfc3565.id_aes256_wrap, asn1Object[0]) self.assertEqual(substrate, der_encoder(asn1Object))
def testDerCodec(self): kw_oid_list = ( rfc4490.id_Gost28147_89_None_KeyWrap, rfc4490.id_Gost28147_89_CryptoPro_KeyWrap, ) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) count = 0 for algid in asn1Object: if algid['capabilityID'] in kw_oid_list: kw_param, rest = der_decoder( algid['parameters'], asn1Spec=rfc4357.Gost28147_89_Parameters()) self.assertFalse(rest) self.assertTrue(kw_param.prettyPrint()) self.assertEqual(algid['parameters'], der_encoder(kw_param)) self.assertEqual(rfc7836.id_tc26_gost_28147_param_Z, kw_param['encryptionParamSet']) count += 1 self.assertEqual(4, count)
def testOpenTypes(self): openTypesMap = opentypemap.get('cmsAttributesMap').copy() for at in self.the_attrTypes: openTypesMap.update({at: univ.ObjectIdentifier()}) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec, openTypes=openTypesMap, decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) for attr_or_oid in asn1Object: if attr_or_oid.getName() == 'attribute': valString = attr_or_oid['attribute']['attrValues'][ 0].prettyPrint() if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[ 0]: self.assertEqual(self.the_attrVals[0], valString) if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[ 1]: self.assertEqual(self.the_attrVals[1], valString)
def testDerCodec(self): ocspResponseMap = opentypemap.get('ocspResponseMap') certificateExtensionsMap = opentypemap.get('certificateExtensionsMap') substrate = pem.readBase64fromText(self.ocsp_resp_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(0, asn1Object['responseStatus']) rb = asn1Object['responseBytes'] self.assertIn(rb['responseType'], ocspResponseMap) resp, rest = der_decoder(rb['response'], asn1Spec=ocspResponseMap[rb['responseType']]) self.assertFalse(rest) self.assertTrue(resp.prettyPrint()) self.assertEqual(rb['response'], der_encoder(resp)) self.assertEqual(0, resp['tbsResponseData']['version']) count = 0 for extn in resp['tbsResponseData']['responseExtensions']: self.assertIn(extn['extnID'], certificateExtensionsMap) ev, rest = der_decoder( extn['extnValue'], asn1Spec=certificateExtensionsMap[extn['extnID']]) self.assertFalse(rest) self.assertTrue(ev.prettyPrint()) self.assertEqual(extn['extnValue'], der_encoder(ev)) count += 1 self.assertEqual(1, count)
def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) perm_id_oid = rfc4043.id_on_permanentIdentifier assigner_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48') permanent_identifier_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decoder( extn['extnValue'], asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(extnValue.prettyPrint()) self.assertEqual(extn['extnValue'], der_encoder(extnValue)) for gn in extnValue: if gn['otherName'].hasValue(): on = gn['otherName'] self.assertEqual(perm_id_oid, on['type-id']) self.assertEqual(assigner_oid, on['value']['assigner']) permanent_identifier_found = True self.assertTrue(permanent_identifier_found)
def testOpenTypes(self): ocspResponseMap = opentypemap.get('ocspResponseMap') substrate = pem.readBase64fromText(self.ocsp_resp_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(0, asn1Object['responseStatus']) rb = asn1Object['responseBytes'] self.assertIn(rb['responseType'], ocspResponseMap) resp, rest = der_decoder(rb['response'], asn1Spec=ocspResponseMap[rb['responseType']], decodeOpenTypes=True) self.assertFalse(rest) self.assertTrue(resp.prettyPrint()) self.assertEqual(rb['response'], der_encoder(resp)) self.assertEqual(0, resp['tbsResponseData']['version']) for rdn in resp['tbsResponseData']['responderID']['byName'][ 'rdnSequence']: for attr in rdn: if attr['type'] == rfc5280.id_emailAddress: self.assertEqual('*****@*****.**', attr['value']) for r in resp['tbsResponseData']['responses']: ha = r['certID']['hashAlgorithm'] self.assertEqual(rfc4055.id_sha1, ha['algorithm']) self.assertEqual(univ.Null(""), ha['parameters'])