def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pfx_pem_text)
asn1Object, rest = der_decode(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
assert not rest
assert asn1Object.prettyPrint()
assert der_encode(asn1Object) == substrate
digest_alg = asn1Object['macData']['mac']['digestAlgorithm']
assert not digest_alg['parameters'].hasValue()
authsafe, rest = der_decode(asn1Object['authSafe']['content'],
asn1Spec=rfc7292.AuthenticatedSafe(),
decodeOpenTypes=True)
assert not rest
assert authsafe.prettyPrint()
assert der_encode(authsafe) == asn1Object['authSafe']['content']
for ci in authsafe:
assert ci['contentType'] == rfc5652.id_data
sc, rest = der_decode(ci['content'],
asn1Spec=rfc7292.SafeContents(),
decodeOpenTypes=True)
assert not rest
assert sc.prettyPrint()
assert der_encode(sc) == ci['content']
for sb in sc:
if sb['bagId'] == rfc7292.id_pkcs8ShroudedKeyBag:
bv = sb['bagValue']
enc_alg = bv['encryptionAlgorithm']['algorithm']
assert enc_alg == rfc7292.pbeWithSHAAnd3_KeyTripleDES_CBC
enc_alg_param = bv['encryptionAlgorithm']['parameters']
assert enc_alg_param['iterations'] == 2000
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pfx_pem_text)
asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec)
assert not rest
assert asn1Object.prettyPrint()
assert der_encode(asn1Object) == substrate
assert asn1Object['version'] == univ.Integer(3)
oid = asn1Object['macData']['mac']['digestAlgorithm']['algorithm']
assert oid == univ.ObjectIdentifier('1.3.14.3.2.26')
md_hex = asn1Object['macData']['mac']['digest'].prettyPrint()
assert md_hex == '0xa5608ffdf651d132b90701aeaaf4ddd3e76e88a7'
assert asn1Object['authSafe']['contentType'] == rfc5652.id_data
data, rest = der_decode(asn1Object['authSafe']['content'],
asn1Spec=univ.OctetString())
assert not rest
authsafe, rest = der_decode(data, asn1Spec=rfc7292.AuthenticatedSafe())
assert not rest
assert authsafe.prettyPrint()
assert der_encode(authsafe) == data
for ci in authsafe:
assert ci['contentType'] == rfc5652.id_data
data, rest = der_decode(ci['content'], asn1Spec=univ.OctetString())
assert not rest
sc, rest = der_decode(data, asn1Spec=rfc7292.SafeContents())
assert not rest
assert sc.prettyPrint()
assert der_encode(sc) == data
for sb in sc:
if sb['bagId'] in rfc7292.pkcs12BagTypeMap:
bv, rest = der_decode(
sb['bagValue'],
asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']])
assert not rest
assert bv.prettyPrint()
assert der_encode(bv) == sb['bagValue']
for attr in sb['bagAttributes']:
if attr['attrType'] in rfc5652.cmsAttributesMap:
av, rest = der_decode(
attr['attrValues'][0],
asn1Spec=rfc5652.cmsAttributesMap[
attr['attrType']])
assert not rest
assert av.prettyPrint()
assert der_encode(av) == attr['attrValues'][0]
def testOpenTypes(self):
substrate = pem.readBase64fromText(self.pfx_pem_text)
asn1Object, rest = der_decoder(substrate,
asn1Spec=self.asn1Spec,
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
digest_alg = asn1Object['macData']['mac']['digestAlgorithm']
self.assertFalse(digest_alg['parameters'].hasValue())
authsafe, rest = der_decoder(asn1Object['authSafe']['content'],
asn1Spec=rfc7292.AuthenticatedSafe(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(authsafe.prettyPrint())
self.assertEqual(asn1Object['authSafe']['content'],
der_encoder(authsafe))
for ci in authsafe:
self.assertEqual(rfc5652.id_data, ci['contentType'])
sc, rest = der_decoder(ci['content'],
asn1Spec=rfc7292.SafeContents(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(sc.prettyPrint())
self.assertEqual(ci['content'], der_encoder(sc))
for sb in sc:
if sb['bagId'] == rfc7292.id_pkcs8ShroudedKeyBag:
bv = sb['bagValue']
enc_alg = bv['encryptionAlgorithm']['algorithm']
self.assertEqual(rfc7292.pbeWithSHAAnd3_KeyTripleDES_CBC,
enc_alg)
enc_alg_param = bv['encryptionAlgorithm']['parameters']
self.assertEqual(2000, enc_alg_param['iterations'])
def testOpenTypes(self):
openTypesMap = {
rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(),
}
openTypesMap.update(rfc5280.certificateAttributesMap)
openTypesMap.update(rfc5652.cmsAttributesMap)
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decode(substrate,
asn1Spec=self.asn1Spec,
openTypes=openTypesMap,
decodeOpenTypes=True)
assert not rest
assert asn1Object.prettyPrint()
assert der_encode(asn1Object) == substrate
for attr in asn1Object:
assert attr['type'] in openTypesMap.keys()
if attr['type'] == rfc2985.pkcs_9_at_userPKCS12:
assert attr['values'][0]['version'] == univ.Integer(3)
assert attr['values'][0]['authSafe'][
'contentType'] == rfc5652.id_data
authsafe, rest = der_decode(
attr['values'][0]['authSafe']['content'],
asn1Spec=rfc7292.AuthenticatedSafe())
assert not rest
for ci in authsafe:
assert ci['contentType'] == rfc5652.id_data
indata, rest = der_decode(ci['content'],
asn1Spec=univ.OctetString())
assert not rest
sc, rest = der_decode(indata,
asn1Spec=rfc7292.SafeContents(),
decodeOpenTypes=True)
assert not rest
for sb in sc:
if sb['bagId'] in rfc7292.pkcs12BagTypeMap:
for bagattr in sb['bagAttributes']:
if bagattr['attrType'] in openTypesMap:
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_friendlyName:
assert bagattr['attrValues'][
0] == "3f71af65-1687-444a-9f46-c8be194c3e8e"
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_localKeyId:
assert bagattr['attrValues'][
0] == univ.OctetString(
hexValue='01000000')
if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU:
assert attr['values'][0][
'contentType'] == rfc5652.id_signedData
assert attr['values'][0]['content']['version'] == 1
for si in attr['values'][0]['content']['signerInfos']:
assert si['version'] == 1
for siattr in si['signedAttrs']:
if siattr['attrType'] in openTypesMap:
if siattr[
'attrType'] == rfc2985.pkcs_9_at_contentType:
assert siattr['attrValues'][
0] == rfc5652.id_data
if siattr[
'attrType'] == rfc2985.pkcs_9_at_messageDigest:
assert siattr['attrValues'][0].prettyPrint(
)[2:10] == 'b6e422a4'
if siattr[
'attrType'] == rfc2985.pkcs_9_at_signingTime:
assert siattr['attrValues'][0][
'utcTime'] == '190529182319Z'
for choices in attr['values'][0]['content']['certificates']:
for rdn in choices[0]['tbsCertificate']['subject'][
'rdnSequence']:
if rdn[0]['type'] in openTypesMap:
if rdn[0][
'type'] == rfc2985.pkcs_9_at_emailAddress:
assert rdn[0]['value'] == '*****@*****.**'
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pfx_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(3, asn1Object['version'])
oid = asn1Object['macData']['mac']['digestAlgorithm']['algorithm']
self.assertEqual(univ.ObjectIdentifier('1.3.14.3.2.26'), oid)
md_hex = asn1Object['macData']['mac']['digest'].prettyPrint()
self.assertEqual('0xa5608ffdf651d132b90701aeaaf4ddd3e76e88a7', md_hex)
self.assertEqual(rfc5652.id_data,
asn1Object['authSafe']['contentType'])
data, rest = der_decoder(asn1Object['authSafe']['content'],
asn1Spec=univ.OctetString())
self.assertFalse(rest)
authsafe, rest = der_decoder(data,
asn1Spec=rfc7292.AuthenticatedSafe())
self.assertFalse(rest)
self.assertTrue(authsafe.prettyPrint())
self.assertEqual(data, der_encoder(authsafe))
for ci in authsafe:
self.assertEqual(rfc5652.id_data, ci['contentType'])
data, rest = der_decoder(ci['content'],
asn1Spec=univ.OctetString())
self.assertFalse(rest)
sc, rest = der_decoder(data, asn1Spec=rfc7292.SafeContents())
self.assertFalse(rest)
self.assertTrue(sc.prettyPrint())
self.assertEqual(data, der_encoder(sc))
for sb in sc:
if sb['bagId'] in rfc7292.pkcs12BagTypeMap:
bv, rest = der_decoder(
sb['bagValue'],
asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']])
self.assertFalse(rest)
self.assertTrue(bv.prettyPrint())
self.assertEqual(sb['bagValue'], der_encoder(bv))
for attr in sb['bagAttributes']:
if attr['attrType'] in rfc5652.cmsAttributesMap:
av, rest = der_decoder(
attr['attrValues'][0],
asn1Spec=rfc5652.cmsAttributesMap[
attr['attrType']])
self.assertFalse(rest)
self.assertTrue(av.prettyPrint())
self.assertEqual(attr['attrValues'][0],
der_encoder(av))
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(der_encoder(asn1Object), substrate)
openTypesMap = {
rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(),
}
openTypesMap.update(rfc5280.certificateAttributesMap)
openTypesMap.update(rfc5652.cmsAttributesMap)
for attr in asn1Object:
self.assertIn(attr['type'], openTypesMap)
av, rest = der_decoder(attr['values'][0],
asn1Spec=openTypesMap[attr['type']])
self.assertFalse(rest)
self.assertTrue(av.prettyPrint())
self.assertEqual(attr['values'][0], der_encoder(av))
if attr['type'] == rfc2985.pkcs_9_at_userPKCS12:
self.assertEqual(univ.Integer(3), av['version'])
self.assertEqual(rfc5652.id_data,
av['authSafe']['contentType'])
outdata, rest = der_decoder(av['authSafe']['content'],
asn1Spec=univ.OctetString())
self.assertFalse(rest)
authsafe, rest = der_decoder(
outdata, asn1Spec=rfc7292.AuthenticatedSafe())
self.assertFalse(rest)
for ci in authsafe:
self.assertEqual(rfc5652.id_data, ci['contentType'])
indata, rest = der_decoder(ci['content'],
asn1Spec=univ.OctetString())
self.assertFalse(rest)
sc, rest = der_decoder(indata,
asn1Spec=rfc7292.SafeContents())
self.assertFalse(rest)
for sb in sc:
if sb['bagId'] in rfc7292.pkcs12BagTypeMap:
bv, rest = der_decoder(
sb['bagValue'],
asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']])
self.assertFalse(rest)
for bagattr in sb['bagAttributes']:
if bagattr['attrType'] in openTypesMap:
inav, rest = der_decoder(
bagattr['attrValues'][0],
asn1Spec=openTypesMap[
bagattr['attrType']])
self.assertFalse(rest)
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_friendlyName:
self.assertEqual(
"3f71af65-1687-444a-9f46-c8be194c3e8e",
inav)
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_localKeyId:
self.assertEqual(
univ.OctetString(
hexValue='01000000'), inav)
if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU:
ci, rest = der_decoder(attr['values'][0],
asn1Spec=rfc5652.ContentInfo())
self.assertFalse(rest)
self.assertEqual(rfc5652.id_signedData, ci['contentType'])
sd, rest = der_decoder(ci['content'],
asn1Spec=rfc5652.SignedData())
self.assertFalse(rest)
self.assertEqual(1, sd['version'])
for si in sd['signerInfos']:
self.assertEqual(1, si['version'])
for siattr in si['signedAttrs']:
if siattr['attrType'] in openTypesMap:
siav, rest = der_decoder(
siattr['attrValues'][0],
asn1Spec=openTypesMap[siattr['attrType']])
self.assertFalse(rest)
if siattr[
'attrType'] == rfc2985.pkcs_9_at_contentType:
self.assertEqual(rfc5652.id_data, siav)
if siattr[
'attrType'] == rfc2985.pkcs_9_at_messageDigest:
self.assertEqual('b6e422a4',
siav.prettyPrint()[2:10])
if siattr[
'attrType'] == rfc2985.pkcs_9_at_signingTime:
self.assertEqual('190529182319Z',
siav['utcTime'])
for choices in sd['certificates']:
for rdn in choices[0]['tbsCertificate']['subject'][
'rdnSequence']:
if rdn[0]['type'] in openTypesMap:
nv, rest = der_decoder(
rdn[0]['value'],
asn1Spec=openTypesMap[rdn[0]['type']])
self.assertFalse(rest)
if rdn[0][
'type'] == rfc2985.pkcs_9_at_emailAddress:
self.assertEqual('*****@*****.**', nv)