def testOpenTypes(self):
openTypesMap = {
univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""),
}
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=rfc2986.CertificationRequest(),
openTypes=openTypesMap,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
for rdn in asn1Object['certificationRequestInfo']['subject'][
'rdnSequence']:
for atv in rdn:
if atv['type'] == rfc5280.id_at_countryName:
self.assertEqual(char.PrintableString('US'), atv['value'])
else:
self.assertGreater(len(atv['value']['utf8String']), 2)
spki_alg = asn1Object['certificationRequestInfo']['subjectPKInfo'][
'algorithm']
self.assertEqual(univ.Null(""), spki_alg['parameters'])
sig_alg = asn1Object['signatureAlgorithm']
self.assertEqual(univ.Null(""), sig_alg['parameters'])
def testOpenTypes(self):
algorithmIdentifierMapUpdate = {
univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""),
univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""),
}
rfc5280.algorithmIdentifierMap.update(algorithmIdentifierMapUpdate)
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder.decode(
substrate,
asn1Spec=rfc2986.CertificationRequest(),
decodeOpenTypes=True)
assert not rest
assert asn1Object.prettyPrint()
assert der_encoder.encode(asn1Object) == substrate
for rdn in asn1Object['certificationRequestInfo']['subject'][
'rdnSequence']:
for atv in rdn:
if atv['type'] == rfc5280.id_at_countryName:
assert atv['value'] == char.PrintableString('US')
else:
assert len(atv['value']['utf8String']) > 2
spki_alg = asn1Object['certificationRequestInfo']['subjectPKInfo'][
'algorithm']
assert spki_alg['parameters'] == univ.Null("")
sig_alg = asn1Object['signatureAlgorithm']
assert sig_alg['parameters'] == univ.Null("")
class PKIBody(univ.Choice):
"""
PKIBody ::= CHOICE { -- message-specific body elements
ir [0] CertReqMessages, --Initialization Request
ip [1] CertRepMessage, --Initialization Response
cr [2] CertReqMessages, --Certification Request
cp [3] CertRepMessage, --Certification Response
p10cr [4] CertificationRequest, --imported from [PKCS10]
popdecc [5] POPODecKeyChallContent, --pop Challenge
popdecr [6] POPODecKeyRespContent, --pop Response
kur [7] CertReqMessages, --Key Update Request
kup [8] CertRepMessage, --Key Update Response
krr [9] CertReqMessages, --Key Recovery Request
krp [10] KeyRecRepContent, --Key Recovery Response
rr [11] RevReqContent, --Revocation Request
rp [12] RevRepContent, --Revocation Response
ccr [13] CertReqMessages, --Cross-Cert. Request
ccp [14] CertRepMessage, --Cross-Cert. Response
ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann.
cann [16] CertAnnContent, --Certificate Ann.
rann [17] RevAnnContent, --Revocation Ann.
crlann [18] CRLAnnContent, --CRL Announcement
pkiconf [19] PKIConfirmContent, --Confirmation
nested [20] NestedMessageContent, --Nested Message
genm [21] GenMsgContent, --General Message
genp [22] GenRepContent, --General Response
error [23] ErrorMsgContent, --Error Message
certConf [24] CertConfirmContent, --Certificate confirm
pollReq [25] PollReqContent, --Polling request
pollRep [26] PollRepContent --Polling response
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'ir',
rfc4211.CertReqMessages().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType(
'ip',
CertRepMessage().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType(
'cr',
rfc4211.CertReqMessages().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType(
'cp',
CertRepMessage().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType(
'p10cr',
rfc2986.CertificationRequest().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType(
'popdecc',
POPODecKeyChallContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType(
'popdecr',
POPODecKeyRespContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType(
'kur',
rfc4211.CertReqMessages().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 7))),
namedtype.NamedType(
'kup',
CertRepMessage().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType(
'krr',
rfc4211.CertReqMessages().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 9))),
namedtype.NamedType(
'krp',
KeyRecRepContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 10))),
namedtype.NamedType(
'rr',
RevReqContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 11))),
namedtype.NamedType(
'rp',
RevRepContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 12))),
namedtype.NamedType(
'ccr',
rfc4211.CertReqMessages().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 13))),
namedtype.NamedType(
'ccp',
CertRepMessage().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 14))),
namedtype.NamedType(
'ckuann',
CAKeyUpdAnnContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 15))),
namedtype.NamedType(
'cann',
CertAnnContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 16))),
namedtype.NamedType(
'rann',
RevAnnContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 17))),
namedtype.NamedType(
'crlann',
CRLAnnContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 18))),
namedtype.NamedType(
'pkiconf',
PKIConfirmContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 19))),
namedtype.NamedType('nested', nestedMessageContent),
# namedtype.NamedType('nested', NestedMessageContent().subtype(
# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)
# )
# ),
namedtype.NamedType(
'genm',
GenMsgContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 21))),
namedtype.NamedType(
# this should really be 'genp' not 'gen'
# not changed to preserve compatibility
'gen',
GenRepContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 22))),
namedtype.NamedType(
'error',
ErrorMsgContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 23))),
namedtype.NamedType(
'certConf',
CertConfirmContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 24))),
namedtype.NamedType(
'pollReq',
PollReqContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 25))),
namedtype.NamedType(
'pollRep',
PollRepContent().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 26))))
def setUp(self):
self.asn1Spec = rfc2986.CertificationRequest()
