def testDerCodec(self):
substrate = pem.readBase64fromText(self.message1_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
sd, rest = der_decoder(
asn1Object['content'], asn1Spec=rfc5652.SignedData())
for sa in sd['signerInfos'][0]['signedAttrs']:
sat = sa['attrType']
sav0 = sa['attrValues'][0]
if sat == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq:
sav, rest = der_decoder(
sav0, asn1Spec=rfc7191.KeyPkgIdentifierAndReceiptReq())
self.assertFalse(rest)
self.assertTrue(sav.prettyPrint())
self.assertEqual(sav0, der_encoder(sav))
package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0="
package_id = pem.readBase64fromText(package_id_pem_text)
self.assertEqual(package_id, sav['pkgID'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.message3_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
sd, rest = der_decoder(asn1Object['content'],
asn1Spec=rfc5652.SignedData())
self.assertFalse(rest)
self.assertTrue(sd.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(sd))
oid = sd['encapContentInfo']['eContentType']
self.assertEqual(rfc7191.id_ct_KP_keyPackageError, oid)
kpe, rest = der_decoder(sd['encapContentInfo']['eContent'],
asn1Spec=rfc7191.KeyPackageError())
self.assertFalse(rest)
self.assertTrue(kpe.prettyPrint())
self.assertEqual(sd['encapContentInfo']['eContent'], der_encoder(kpe))
package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0="
package_id = pem.readBase64fromText(package_id_pem_text)
self.assertEqual(package_id, kpe['errorOf']['pkgID'])
self.assertEqual(
rfc7191.EnumeratedErrorCode(value=10), kpe['errorCode'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.env_data_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType'])
ed, rest = der_decoder(asn1Object['content'],
asn1Spec=rfc5652.EnvelopedData())
self.assertFalse(rest)
self.assertTrue(ed.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(ed))
kwa = ed['recipientInfos'][0]['kekri']['keyEncryptionAlgorithm']
self.assertEqual(rfc3058.id_alg_CMSIDEAwrap, kwa['algorithm'])
self.assertEqual(kwa['parameters'], der_encoder(univ.Null("")))
cea = ed['encryptedContentInfo']['contentEncryptionAlgorithm']
self.assertEqual(rfc3058.id_IDEA_CBC, cea['algorithm'])
param, rest = der_decoder(cea['parameters'],
asn1Spec=rfc3058.IDEA_CBCPar())
self.assertFalse(rest)
self.assertTrue(param.prettyPrint())
self.assertEqual(cea['parameters'], der_encoder(param))
iv = univ.OctetString(hexValue='424f4755535f4956')
self.assertEqual(iv, param['iv'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.smime_capabilities_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
expectedCaps = [
rfc6664.rsaEncryption,
rfc6664.id_RSAES_OAEP,
rfc6664.id_RSASSA_PSS,
rfc6664.id_dsa,
rfc6664.dhpublicnumber,
rfc6664.id_ecPublicKey,
rfc6664.id_ecMQV,
]
count = 0
smimeCapabilityMap = opentypemap.get('smimeCapabilityMap')
for cap in asn1Object:
if cap['capabilityID'] in expectedCaps:
self.assertIn(cap['capabilityID'], smimeCapabilityMap)
cap_p, rest = der_decoder(
cap['parameters'],
asn1Spec=rfc5751.smimeCapabilityMap[cap['capabilityID']])
self.assertFalse(rest)
self.assertTrue(cap_p.prettyPrint())
self.assertEqual(cap['parameters'], der_encoder(cap_p))
count += 1
self.assertEqual(len(expectedCaps), count)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.rsa_cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][
'algorithm']
self.assertEqual(rfc3279.rsaEncryption, spki_a['algorithm'])
spki_pk = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][
'subjectPublicKey'].asOctets()
pk, rest = der_decoder(spki_pk, asn1Spec=rfc3279.RSAPublicKey())
self.assertFalse(rest)
self.assertTrue(pk.prettyPrint())
self.assertEqual(spki_pk, der_encoder(pk))
self.assertEqual(65537, pk['publicExponent'])
self.assertEqual(
rfc3279.sha1WithRSAEncryption,
asn1Object['tbsCertificate']['signature']['algorithm'])
self.assertEqual(rfc3279.sha1WithRSAEncryption,
asn1Object['signatureAlgorithm']['algorithm'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.dsa_cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][
'algorithm']
self.assertEqual(rfc3279.id_dsa, spki_a['algorithm'])
spki_a_p, rest = der_decoder(spki_a['parameters'],
asn1Spec=rfc3279.Dss_Parms())
self.assertFalse(rest)
self.assertTrue(spki_a_p.prettyPrint())
self.assertEqual(spki_a['parameters'], der_encoder(spki_a_p))
q_value = 1260916123897116834511257683105158021801897369967
self.assertEqual(q_value, spki_a_p['q'])
sig_value, rest = der_decoder(asn1Object['signature'].asOctets(),
asn1Spec=rfc3279.Dss_Sig_Value())
self.assertFalse(rest)
self.assertTrue(sig_value.prettyPrint())
self.assertEqual(asn1Object['signature'].asOctets(),
der_encoder(sig_value))
self.assertTrue(sig_value['r'].hasValue())
self.assertTrue(sig_value['s'].hasValue())
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
self.assertIn(rfc3820.id_pe_proxyCertInfo, certificateExtensionsMap)
found_ppl = False
for extn in asn1Object['tbsCertificate']['extensions']:
if extn['extnID'] == rfc3820.id_pe_proxyCertInfo:
pci, rest = der_decoder(extn['extnValue'],
asn1Spec=certificateExtensionsMap[
rfc3820.id_pe_proxyCertInfo])
self.assertFalse(rest)
self.assertTrue(pci.prettyPrint())
self.assertEqual(extn['extnValue'], der_encoder(pci))
self.assertEqual(rfc3820.id_ppl_inheritAll,
pci['proxyPolicy']['policyLanguage'])
found_ppl = True
self.assertTrue(found_ppl)
def testOpenTypes(self):
asn1Spec = rfc5652.ContentInfo()
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = asn1Object['content']['encapContentInfo']['eContent']
oid = asn1Object['content']['encapContentInfo']['eContentType']
cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
self.assertIn(oid, cmsContentTypesMap)
tac_token, rest = der_decoder(substrate,
asn1Spec=cmsContentTypesMap[oid],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(tac_token.prettyPrint())
self.assertEqual(substrate, der_encoder(tac_token))
self.assertEqual('2019', tac_token['timeout'][:4])
self.assertEqual('5dcdf44e', tac_token['userKey'].prettyPrint()[-8:])
def testDerCodec(self):
# The id_ce_criticalPoison is not automatically added to the map.
# Normally certificates that contiain it are rejected.
certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
self.assertNotIn(rfc6962.id_ce_criticalPoison, certificateExtensionsMap)
extn_map = { rfc6962.id_ce_criticalPoison: univ.Null(""), }
extn_map.update(certificateExtensionsMap)
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
extn_list = []
for extn in asn1Object['tbsCertificate']['extensions']:
extn_list.append(extn['extnID'])
ev, rest = der_decoder(extn['extnValue'],
asn1Spec=extn_map[extn['extnID']])
self.assertFalse(rest)
if not ev == univ.Null(""):
self.assertTrue(ev.prettyPrint())
self.assertEqual(extn['extnValue'], der_encoder(ev))
self.assertIn(rfc6962.id_ce_criticalPoison, extn_list)
def testDerCodec(self):
blake_oids = [
rfc7693.id_blake2b160,
rfc7693.id_blake2b256,
rfc7693.id_blake2b384,
rfc7693.id_blake2b512,
rfc7693.id_blake2s128,
rfc7693.id_blake2s160,
rfc7693.id_blake2s224,
rfc7693.id_blake2s256,
]
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
count = 0
algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap')
for cap in asn1Object:
if cap['capabilityID'] in blake_oids:
count += 1
self.assertIn(cap['capabilityID'], algorithmIdentifierMap)
self.assertEqual(len(blake_oids), count)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.signed_message_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
sd, rest = der_decoder(asn1Object['content'],
asn1Spec=rfc5652.SignedData())
self.assertFalse(rest)
self.assertTrue(sd.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(sd))
for sa in sd['signerInfos'][0]['signedAttrs']:
sat = sa['attrType']
sav0 = sa['attrValues'][0]
if sat in rfc6211.id_aa_cmsAlgorithmProtect:
sav, rest = der_decoder(
sav0, asn1Spec=rfc6211.CMSAlgorithmProtection())
self.assertFalse(rest)
self.assertTrue(sav.prettyPrint())
self.assertEqual(sav0, der_encoder(sav))
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
extn_list = []
for extn in asn1Object['tbsCertificate']['extensions']:
extn_list.append(extn['extnID'])
if extn['extnID'] == rfc3709.id_pe_logotype:
s = extn['extnValue']
logotype, rest = der_decoder(s, rfc3709.LogotypeExtn())
self.assertFalse(rest)
self.assertTrue(logotype.prettyPrint())
self.assertEqual(s, der_encoder(logotype))
ids = logotype['subjectLogo']['direct']['image'][0][
'imageDetails']
self.assertEqual("image/png", ids['mediaType'])
expected = "http://www.vigilsec.com/vigilsec_logo.png"
self.assertEqual(expected, ids['logotypeURI'][0])
self.assertIn(rfc3709.id_pe_logotype, extn_list)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
layers = {}
layers.update(rfc5652.cmsContentTypesMap)
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData:
lambda x: x['encapContentInfo']['eContentType'],
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
}
layer = rfc5652.id_ct_contentInfo
while layer in getNextLayer:
asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[layer](asn1Object)
layer = getNextLayer[layer](asn1Object)
self.assertEqual(rfc6493.id_ct_rpkiGhostbusters, layer)
self.assertEqual(str2octs('BEGIN:VCARD'), substrate[0:11])
def testDerCodec(self):
layers = {}
layers.update(opentypemap.get('cmsContentTypesMap'))
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
}
substrate = pem.readBase64fromText(self.cvrequest_pem_text)
layer = rfc5652.id_ct_contentInfo
while layer in getNextLayer:
asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[layer](asn1Object)
layer = getNextLayer[layer](asn1Object)
asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertIn(rfc5276.id_swb_ers_all, asn1Object['query']['wantBack'])
def testDerCodec(self):
access_methods = [
rfc6487.id_ad_rpkiManifest,
rfc6487.id_ad_signedObject,
]
substrate = pem.readBase64fromText(self.rpki_cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
count = 0
for extn in asn1Object['tbsCertificate']['extensions']:
if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess:
extnValue, rest = der_decoder(
extn['extnValue'],
asn1Spec=rfc5280.SubjectInfoAccessSyntax())
for ad in extnValue:
if ad['accessMethod'] in access_methods:
uri = ad['accessLocation']['uniformResourceIdentifier']
self.assertIn('rpki.apnic.net', uri)
count += 1
self.assertEqual(1, count)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
layers = {}
layers.update(opentypemap.get('cmsContentTypesMap'))
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
rfc5652.id_signedData:
lambda x: x['encapContentInfo']['eContentType'],
rfc5636.id_kisa_tac_token: lambda x: None
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'],
rfc5636.id_kisa_tac_token: lambda x: None
}
next_layer = rfc5652.id_ct_contentInfo
while next_layer:
asn1Object, rest = der_decoder(substrate,
asn1Spec=layers[next_layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[next_layer](asn1Object)
next_layer = getNextLayer[next_layer](asn1Object)
self.assertEqual('2019', asn1Object['timeout'][:4])
self.assertEqual('5dcdf44e', asn1Object['userKey'].prettyPrint()[-8:])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_ct_authData, asn1Object['contentType'])
ad, rest = der_decoder(asn1Object['content'],
asn1Spec=rfc5652.AuthenticatedData())
self.assertFalse(rest)
self.assertTrue(ad.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(ad))
self.assertEqual(0, ad['version'])
self.assertEqual(rfc6210.id_alg_MD5_XOR_EXPERIMENT,
ad['digestAlgorithm']['algorithm'])
algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap')
mac_alg_p, rest = der_decoder(ad['digestAlgorithm']['parameters'],
asn1Spec=algorithmIdentifierMap[
ad['digestAlgorithm']['algorithm']])
self.assertFalse(rest)
self.assertTrue(mac_alg_p.prettyPrint())
self.assertEqual(ad['digestAlgorithm']['parameters'],
der_encoder(mac_alg_p))
self.assertEqual("0x01020304", mac_alg_p.prettyPrint()[:10])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.constrained_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc6010.id_pe_cmsContentConstraints,
asn1Object['extnID'])
evalue, rest = der_decoder(asn1Object['extnValue'],
asn1Spec=rfc6010.CMSContentConstraints())
self.assertFalse(rest)
self.assertTrue(evalue.prettyPrint())
self.assertEqual(asn1Object['extnValue'], der_encoder(evalue))
constraint_count = 0
attribute_count = 0
cannot_count = 0
for ccc in evalue:
constraint_count += 1
if ccc['canSource'] == 1:
cannot_count += 1
if ccc['attrConstraints'].hasValue():
for attr in ccc['attrConstraints']:
attribute_count += 1
self.assertEqual(4, constraint_count)
self.assertEqual(3, attribute_count)
self.assertEqual(1, cannot_count)
def testDerCodec(self):
layers = {}
layers.update(opentypemap.get('cmsContentTypesMap'))
self.assertIn(rfc5544.id_ct_timestampedData, layers)
getNextLayer = {
rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
}
getNextSubstrate = {
rfc5652.id_ct_contentInfo: lambda x: x['content'],
}
substrate = pem.readBase64fromText(self.pem_text)
layer = rfc5652.id_ct_contentInfo
while layer in getNextLayer:
asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
substrate = getNextSubstrate[layer](asn1Object)
layer = getNextLayer[layer](asn1Object)
asn1Object, rest = der_decoder(substrate, asn1Spec=layers[layer])
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertIn(b'come here', asn1Object['content'])
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
sd_eci = asn1Object['content']['encapContentInfo']
self.assertEqual(rfc5652.id_data, sd_eci['eContentType'])
self.assertTrue(sd_eci['eContent'].hasValue())
for ri in asn1Object['content']['crls']:
if ri.getName() == 'crl':
v2 = rfc5280.Version(value='v2')
self.assertEqual(v2, ri['crl']['tbsCertList']['version'])
if ri.getName() == 'other':
ori = ri['other']
ocspr_oid = rfc5940.id_ri_ocsp_response
self.assertEqual(ocspr_oid, ori['otherRevInfoFormat'])
ocspr_status = ori['otherRevInfo']['responseStatus']
success = rfc2560.OCSPResponseStatus(value='successful')
self.assertEqual(success, ocspr_status)
def testDerCodec(self):
substrate = pem.readBase64fromText(self.keytrans_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType'])
ed, rest = der_decoder(
asn1Object['content'], asn1Spec=rfc5652.EnvelopedData())
self.assertFalse(rest)
self.assertTrue(ed.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(ed))
ri = ed['recipientInfos'][0]
alg1 = ri['ktri']['keyEncryptionAlgorithm']
self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
param1, rest = der_decoder(
alg1['parameters'], asn1Spec=rfc4357.GostR3410_2001_PublicKeyParameters())
self.assertFalse(rest)
self.assertTrue(param1.prettyPrint())
self.assertEqual(alg1['parameters'], der_encoder(param1))
self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet'])
self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet'])
alg2 = ed['encryptedContentInfo']['contentEncryptionAlgorithm']
self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm'])
param2, rest = der_decoder(
alg2['parameters'], asn1Spec=rfc4357.Gost28147_89_Parameters())
self.assertFalse(rest)
self.assertTrue(param2.prettyPrint())
self.assertEqual(alg2['parameters'], der_encoder(param2))
self.assertEqual(8, len(param2['iv']))
self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param2['encryptionParamSet'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.kea_cert_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo'][
'algorithm']
self.assertEqual(rfc3279.id_keyExchangeAlgorithm, spki_a['algorithm'])
spki_a_p, rest = der_decoder(spki_a['parameters'],
asn1Spec=rfc3279.KEA_Parms_Id())
self.assertFalse(rest)
self.assertTrue(spki_a_p.prettyPrint())
self.assertEqual(spki_a['parameters'], der_encoder(spki_a_p))
self.assertEqual(univ.OctetString(hexValue='5cf8f127e6569d6d88b3'),
spki_a_p)
self.assertEqual(
rfc3279.id_dsa_with_sha1,
asn1Object['tbsCertificate']['signature']['algorithm'])
self.assertEqual(rfc3279.id_dsa_with_sha1,
asn1Object['signatureAlgorithm']['algorithm'])
sig_value, rest = der_decoder(asn1Object['signature'].asOctets(),
asn1Spec=rfc3279.Dss_Sig_Value())
self.assertFalse(rest)
self.assertTrue(sig_value.prettyPrint())
self.assertEqual(asn1Object['signature'].asOctets(),
der_encoder(sig_value))
self.assertTrue(sig_value['r'].hasValue())
self.assertTrue(sig_value['s'].hasValue())
def testOpenTypes(self):
openTypeMap = {
rfc4357.id_GostR3410_2001: rfc4357.GostR3410_2001_PublicKeyParameters(),
rfc4357.id_Gost28147_89: rfc4357.Gost28147_89_Parameters(),
}
substrate = pem.readBase64fromText(self.keytrans_pem_text)
asn1Object, rest = der_decoder(
substrate, asn1Spec=self.asn1Spec,
openTypes=openTypeMap, decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
ri = asn1Object['content']['recipientInfos'][0]
alg1 = ri['ktri']['keyEncryptionAlgorithm']
self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
param1 = alg1['parameters']
self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet'])
self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet'])
alg2 = asn1Object['content']['encryptedContentInfo']['contentEncryptionAlgorithm']
self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm'])
param2 = alg2['parameters']
self.assertEqual(8, len(param2['iv']))
self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param2['encryptionParamSet'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.kw_alg_id_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(rfc3565.id_aes256_wrap, asn1Object[0])
self.assertEqual(substrate, der_encoder(asn1Object))
def testDerCodec(self):
kw_oid_list = (
rfc4490.id_Gost28147_89_None_KeyWrap,
rfc4490.id_Gost28147_89_CryptoPro_KeyWrap,
)
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
count = 0
for algid in asn1Object:
if algid['capabilityID'] in kw_oid_list:
kw_param, rest = der_decoder(
algid['parameters'],
asn1Spec=rfc4357.Gost28147_89_Parameters())
self.assertFalse(rest)
self.assertTrue(kw_param.prettyPrint())
self.assertEqual(algid['parameters'], der_encoder(kw_param))
self.assertEqual(rfc7836.id_tc26_gost_28147_param_Z,
kw_param['encryptionParamSet'])
count += 1
self.assertEqual(4, count)
def testOpenTypes(self):
openTypesMap = opentypemap.get('cmsAttributesMap').copy()
for at in self.the_attrTypes:
openTypesMap.update({at: univ.ObjectIdentifier()})
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
openTypes=openTypesMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
for attr_or_oid in asn1Object:
if attr_or_oid.getName() == 'attribute':
valString = attr_or_oid['attribute']['attrValues'][
0].prettyPrint()
if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[
0]:
self.assertEqual(self.the_attrVals[0], valString)
if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[
1]:
self.assertEqual(self.the_attrVals[1], valString)
def testDerCodec(self):
ocspResponseMap = opentypemap.get('ocspResponseMap')
certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
substrate = pem.readBase64fromText(self.ocsp_resp_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(0, asn1Object['responseStatus'])
rb = asn1Object['responseBytes']
self.assertIn(rb['responseType'], ocspResponseMap)
resp, rest = der_decoder(rb['response'],
asn1Spec=ocspResponseMap[rb['responseType']])
self.assertFalse(rest)
self.assertTrue(resp.prettyPrint())
self.assertEqual(rb['response'], der_encoder(resp))
self.assertEqual(0, resp['tbsResponseData']['version'])
count = 0
for extn in resp['tbsResponseData']['responseExtensions']:
self.assertIn(extn['extnID'], certificateExtensionsMap)
ev, rest = der_decoder(
extn['extnValue'],
asn1Spec=certificateExtensionsMap[extn['extnID']])
self.assertFalse(rest)
self.assertTrue(ev.prettyPrint())
self.assertEqual(extn['extnValue'], der_encoder(ev))
count += 1
self.assertEqual(1, count)
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.cert_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
perm_id_oid = rfc4043.id_on_permanentIdentifier
assigner_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48')
permanent_identifier_found = False
for extn in asn1Object['tbsCertificate']['extensions']:
if extn['extnID'] == rfc5280.id_ce_subjectAltName:
extnValue, rest = der_decoder(
extn['extnValue'],
asn1Spec=rfc5280.SubjectAltName(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(extnValue.prettyPrint())
self.assertEqual(extn['extnValue'], der_encoder(extnValue))
for gn in extnValue:
if gn['otherName'].hasValue():
on = gn['otherName']
self.assertEqual(perm_id_oid, on['type-id'])
self.assertEqual(assigner_oid, on['value']['assigner'])
permanent_identifier_found = True
self.assertTrue(permanent_identifier_found)
def testOpenTypes(self):
ocspResponseMap = opentypemap.get('ocspResponseMap')
substrate = pem.readBase64fromText(self.ocsp_resp_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(0, asn1Object['responseStatus'])
rb = asn1Object['responseBytes']
self.assertIn(rb['responseType'], ocspResponseMap)
resp, rest = der_decoder(rb['response'],
asn1Spec=ocspResponseMap[rb['responseType']],
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(resp.prettyPrint())
self.assertEqual(rb['response'], der_encoder(resp))
self.assertEqual(0, resp['tbsResponseData']['version'])
for rdn in resp['tbsResponseData']['responderID']['byName'][
'rdnSequence']:
for attr in rdn:
if attr['type'] == rfc5280.id_emailAddress:
self.assertEqual('*****@*****.**', attr['value'])
for r in resp['tbsResponseData']['responses']:
ha = r['certID']['hashAlgorithm']
self.assertEqual(rfc4055.id_sha1, ha['algorithm'])
self.assertEqual(univ.Null(""), ha['parameters'])
