def testDerCodec(self):
substrate = pem.readBase64fromText(self.tau_pem_text)
layers = {
rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(),
rfc5652.id_signedData: rfc5652.SignedData(),
rfc5934.id_ct_TAMP_update: rfc5934.TAMPUpdate()
}
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData:
lambda x: x['encapContentInfo']['eContentType'],
rfc5934.id_ct_TAMP_update: lambda x: None
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
rfc5934.id_ct_TAMP_update: lambda x: None
}
next_layer = rfc5652.id_ct_contentInfo
while next_layer:
asn1Object, rest = der_decoder(substrate,
asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
def testOpenTypes(self):
asn1Spec = rfc5652.ContentInfo()
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = asn1Object['content']['encapContentInfo']['eContent']
oid = asn1Object['content']['encapContentInfo']['eContentType']
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(oid, cmsContentTypesMap)
tac_token, rest = der_decoder(substrate,
asn1Spec=cmsContentTypesMap[oid],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(tac_token.prettyPrint())
self.assertEqual(substrate, der_encoder(tac_token))
self.assertEqual('2019', tac_token['timeout'][:4])
self.assertEqual('5dcdf44e', tac_token['userKey'].prettyPrint()[-8:])
def testOpenTypes(self):
cmsAttributesMap = opentypemap.get('cmsAttributesMap')
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc4073.id_ct_contentCollection, asn1Object['contentType'])
for ci in asn1Object['content']:
self.assertIn(ci['contentType'], cmsContentTypesMap)
self.assertEqual(rfc4073.id_ct_contentWithAttrs, ci['contentType'])
next_ci = ci['content']['content']
self.assertIn(next_ci['contentType'], cmsContentTypesMap)
self.assertEqual(rfc5652.id_data, next_ci['contentType'])
self.assertIn(str2octs('Content-Type: text'), next_ci['content'])
for attr in ci['content']['attrs']:
self.assertIn(attr['attrType'], cmsAttributesMap)
if attr['attrType'] == rfc2634.id_aa_contentHint:
self.assertIn('RFC 4073', attr['attrValues'][0]['contentDescription'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.tau_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
eci = asn1Object['content']['encapContentInfo']
self.assertIn(eci['eContentType'], rfc5652.cmsContentTypesMap)
self.assertEqual(rfc5934.id_ct_TAMP_update, eci['eContentType'])
tau, rest = der_decoder(
eci['eContent'],
asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(tau.prettyPrint())
self.assertEqual(eci['eContent'], der_encoder(tau))
self.assertEqual(2, tau['version'])
self.assertEqual(univ.Null(""), tau['msgRef']['target'])
self.assertEqual(1568307088, tau['msgRef']['seqNum'])
self.assertEqual(1, len(tau['updates']))
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.manifest_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
oid = asn1Object['content']['encapContentInfo']['eContentType']
substrate = asn1Object['content']['encapContentInfo']['eContent']
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(oid, cmsContentTypesMap)
asn1Object, rest = der_decoder(substrate,
asn1Spec=cmsContentTypesMap[oid],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(0, asn1Object['version'])
counter = 0
for f in asn1Object['fileList']:
self.assertEqual('ZXSGBDBkL82TFGHuE4VOYtJP-E4.crl', f['file'])
counter += 1
self.assertEqual(1, counter)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.tsr_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
eci = asn1Object['content']['encapContentInfo']
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(eci['eContentType'], cmsContentTypesMap)
self.assertEqual(rfc5934.id_ct_TAMP_statusResponse,
eci['eContentType'])
tsr, rest = der_decoder(
eci['eContent'],
asn1Spec=cmsContentTypesMap[eci['eContentType']],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(tsr.prettyPrint())
self.assertEqual(eci['eContent'], der_encoder(tsr))
self.assertEqual(2, tsr['version'])
self.assertEqual(univ.Null(""), tsr['query']['target'])
self.assertEqual(1568307071, tsr['query']['seqNum'])
self.assertFalse(tsr['usesApex'])
count = 0
for tai in tsr['response']['verboseResponse']['taInfo']:
count += 1
self.assertEqual(1, tai['taInfo']['version'])
self.assertEqual(3, count)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
alg = asn1Object['content']['signerInfos'][0]['signatureAlgorithm']
self.assertEqual(rfc4056.id_RSASSA_PSS, alg['algorithm'])
self.assertEqual(222, alg['parameters']['saltLength'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
ect = asn1Object['content']['encapContentInfo']['eContentType']
self.assertEqual(rfc6492.id_ct_xml, ect)
oid = None
for attr in asn1Object['content']['signerInfos'][0]['signedAttrs']:
if attr['attrType'] == rfc5652.id_contentType:
oid = attr['attrValues'][0]
self.assertEqual(rfc6492.id_ct_xml, oid)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
found_mult_sig1 = False
for attr in asn1Object['content']['signerInfos'][0]['signedAttrs']:
if attr['attrType'] == rfc5752.id_aa_multipleSignatures:
av = attr['attrValues'][0]
self.assertEqual(av['bodyHashAlg']['algorithm'],
rfc4055.id_sha384)
self.assertEqual(
'dfaf6c0a',
av['signAttrsHash']['hash'].prettyPrint()[2:10])
found_mult_sig1 = True
found_mult_sig2 = False
for attr in asn1Object['content']['signerInfos'][1]['signedAttrs']:
if attr['attrType'] == rfc5752.id_aa_multipleSignatures:
av = attr['attrValues'][0]
self.assertEqual(av['bodyHashAlg']['algorithm'],
rfc4055.id_sha256)
self.assertEqual(
'7329527d',
av['signAttrsHash']['hash'].prettyPrint()[2:10])
found_mult_sig2 = True
self.assertTrue(found_mult_sig1)
self.assertTrue(found_mult_sig2)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
sd = asn1Object['content']
self.assertEqual(rfc6402.id_cct_PKIData,
sd['encapContentInfo']['eContentType'])
pkid, rest = der_decoder(sd['encapContentInfo']['eContent'],
asn1Spec=rfc6402.PKIData(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(pkid.prettyPrint())
self.assertEqual(sd['encapContentInfo']['eContent'], der_encoder(pkid))
found_gl_use_kek = False
for ctrl in pkid['controlSequence']:
if ctrl['attrType'] == rfc5275.id_skd_glUseKEK:
cv = ctrl['attrValues'][0]
self.assertIn('example.com',
cv['glInfo']['glAddress']['rfc822Name'])
self.assertIn(
'example.com',
cv['glOwnerInfo'][0]['glOwnerAddress']['rfc822Name'])
self.assertEqual(31, cv['glKeyAttributes']['duration'])
found_gl_use_kek = True
self.assertTrue(found_gl_use_kek)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.roa_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
oid = asn1Object['content']['encapContentInfo']['eContentType']
substrate = asn1Object['content']['encapContentInfo']['eContent']
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(oid, cmsContentTypesMap)
asn1Object, rest = der_decoder(substrate,
asn1Spec=cmsContentTypesMap[oid],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(0, asn1Object['version'])
self.assertEqual(58363, asn1Object['asID'])
def setUp(self):
self.asn1Spec = rfc5652.ContentInfo()
def testOpenTypes(self):
class ClientInformation(univ.Sequence):
pass
ClientInformation.componentType = namedtype.NamedTypes(
namedtype.NamedType('clientId', univ.Integer()),
namedtype.NamedType('MachineName', char.UTF8String()),
namedtype.NamedType('UserName', char.UTF8String()),
namedtype.NamedType('ProcessName', char.UTF8String()))
class EnrollmentCSP(univ.Sequence):
pass
EnrollmentCSP.componentType = namedtype.NamedTypes(
namedtype.NamedType('KeySpec', univ.Integer()),
namedtype.NamedType('Name', char.BMPString()),
namedtype.NamedType('Signature', univ.BitString()))
openTypeMap = {
# attributes
univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'):
char.IA5String(),
univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.2'):
EnrollmentCSP(),
univ.ObjectIdentifier('1.3.6.1.4.1.311.21.20'):
ClientInformation(),
# algorithm identifier parameters
univ.ObjectIdentifier('1.2.840.113549.1.1.1'):
univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.5'):
univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.11'):
univ.Null(""),
}
openTypeMap.update(opentypemap.get('cmsAttributesMap'))
openTypeMap.update(opentypemap.get('cmcControlAttributesMap'))
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc5652.ContentInfo(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
eci = asn1Object['content']['encapContentInfo']
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(eci['eContentType'], cmsContentTypesMap)
self.assertEqual(rfc6402.id_cct_PKIData, eci['eContentType'])
pkid, rest = der_decoder(
eci['eContent'],
asn1Spec=cmsContentTypesMap[eci['eContentType']],
openTypes=openTypeMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(pkid.prettyPrint())
self.assertEqual(eci['eContent'], der_encoder(pkid))
for req in pkid['reqSequence']:
cr = req['tcr']['certificationRequest']
sig_alg = cr['signatureAlgorithm']
self.assertIn(sig_alg['algorithm'], openTypeMap)
self.assertEqual(univ.Null(""), sig_alg['parameters'])
cri = cr['certificationRequestInfo']
spki_alg = cri['subjectPublicKeyInfo']['algorithm']
self.assertIn(spki_alg['algorithm'], openTypeMap)
self.assertEqual(univ.Null(""), spki_alg['parameters'])
attrs = cr['certificationRequestInfo']['attributes']
for attr in attrs:
self.assertIn(attr['attrType'], openTypeMap)
if attr['attrType'] == univ.ObjectIdentifier(
'1.3.6.1.4.1.311.13.2.3'):
self.assertEqual("6.2.9200.2", attr['attrValues'][0])
else:
self.assertTrue(attr['attrValues'][0].hasValue())
namedtype.OptionalNamedType('passphrase', univ.OctetString()),
namedtype.OptionalNamedType('comment', char.UTF8String())
)
id_cmc_senderNonce = _buildOid(id_cmc, 6)
id_cmc_authData = _buildOid(id_cmc, 27)
class TaggedContentInfo(univ.Sequence):
pass
TaggedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('contentInfo', rfc5652.ContentInfo())
)
class IdentifyProofV2(univ.Sequence):
pass
IdentifyProofV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
class CMCPublicationInfo(univ.Sequence):
from pyasn1_alt_modules import opentypemap
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
MAX = float('inf')
# Content Collection Content Type and Object Identifier
id_ct_contentCollection = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.19')
class ContentCollection(univ.SequenceOf):
pass
ContentCollection.componentType = rfc5652.ContentInfo()
ContentCollection.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
# Content With Attributes Content Type and Object Identifier
id_ct_contentWithAttrs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.20')
class ContentWithAttributes(univ.Sequence):
pass
ContentWithAttributes.componentType = namedtype.NamedTypes(
namedtype.NamedType('content', rfc5652.ContentInfo()),
namedtype.NamedType(
'attrs',
class TAMPStatusQuery(univ.Sequence):
pass
TAMPStatusQuery.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType(
'version',
TAMPVersion().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.DefaultedNamedType(
'terse',
TerseOrVerbose().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(
value='verbose')), namedtype.NamedType('query', TAMPMsgRef()))
tamp_status_query = rfc5652.ContentInfo()
tamp_status_query['contentType'] = id_ct_TAMP_statusQuery
tamp_status_query['content'] = TAMPStatusQuery()
# TAMP Status Response Message
id_ct_TAMP_statusResponse = id_tamp + (2, )
class KeyIdentifiers(univ.SequenceOf):
pass
KeyIdentifiers.componentType = KeyIdentifier()
KeyIdentifiers.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
