def setUp(self):
self.asn1Spec = rfc2985.SMIMECapabilities()
def testOpenTypes(self):
openTypesMap = {
rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(),
}
openTypesMap.update(rfc5280.certificateAttributesMap)
openTypesMap.update(rfc5652.cmsAttributesMap)
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decode(substrate,
asn1Spec=self.asn1Spec,
openTypes=openTypesMap,
decodeOpenTypes=True)
assert not rest
assert asn1Object.prettyPrint()
assert der_encode(asn1Object) == substrate
for attr in asn1Object:
assert attr['type'] in openTypesMap.keys()
if attr['type'] == rfc2985.pkcs_9_at_userPKCS12:
assert attr['values'][0]['version'] == univ.Integer(3)
assert attr['values'][0]['authSafe'][
'contentType'] == rfc5652.id_data
authsafe, rest = der_decode(
attr['values'][0]['authSafe']['content'],
asn1Spec=rfc7292.AuthenticatedSafe())
assert not rest
for ci in authsafe:
assert ci['contentType'] == rfc5652.id_data
indata, rest = der_decode(ci['content'],
asn1Spec=univ.OctetString())
assert not rest
sc, rest = der_decode(indata,
asn1Spec=rfc7292.SafeContents(),
decodeOpenTypes=True)
assert not rest
for sb in sc:
if sb['bagId'] in rfc7292.pkcs12BagTypeMap:
for bagattr in sb['bagAttributes']:
if bagattr['attrType'] in openTypesMap:
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_friendlyName:
assert bagattr['attrValues'][
0] == "3f71af65-1687-444a-9f46-c8be194c3e8e"
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_localKeyId:
assert bagattr['attrValues'][
0] == univ.OctetString(
hexValue='01000000')
if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU:
assert attr['values'][0][
'contentType'] == rfc5652.id_signedData
assert attr['values'][0]['content']['version'] == 1
for si in attr['values'][0]['content']['signerInfos']:
assert si['version'] == 1
for siattr in si['signedAttrs']:
if siattr['attrType'] in openTypesMap:
if siattr[
'attrType'] == rfc2985.pkcs_9_at_contentType:
assert siattr['attrValues'][
0] == rfc5652.id_data
if siattr[
'attrType'] == rfc2985.pkcs_9_at_messageDigest:
assert siattr['attrValues'][0].prettyPrint(
)[2:10] == 'b6e422a4'
if siattr[
'attrType'] == rfc2985.pkcs_9_at_signingTime:
assert siattr['attrValues'][0][
'utcTime'] == '190529182319Z'
for choices in attr['values'][0]['content']['certificates']:
for rdn in choices[0]['tbsCertificate']['subject'][
'rdnSequence']:
if rdn[0]['type'] in openTypesMap:
if rdn[0][
'type'] == rfc2985.pkcs_9_at_emailAddress:
assert rdn[0]['value'] == '*****@*****.**'
def testDerCodec(self):
substrate = pem.readBase64fromText(self.pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(der_encoder(asn1Object), substrate)
openTypesMap = {
rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(),
}
openTypesMap.update(rfc5280.certificateAttributesMap)
openTypesMap.update(rfc5652.cmsAttributesMap)
for attr in asn1Object:
self.assertIn(attr['type'], openTypesMap)
av, rest = der_decoder(attr['values'][0],
asn1Spec=openTypesMap[attr['type']])
self.assertFalse(rest)
self.assertTrue(av.prettyPrint())
self.assertEqual(attr['values'][0], der_encoder(av))
if attr['type'] == rfc2985.pkcs_9_at_userPKCS12:
self.assertEqual(univ.Integer(3), av['version'])
self.assertEqual(rfc5652.id_data,
av['authSafe']['contentType'])
outdata, rest = der_decoder(av['authSafe']['content'],
asn1Spec=univ.OctetString())
self.assertFalse(rest)
authsafe, rest = der_decoder(
outdata, asn1Spec=rfc7292.AuthenticatedSafe())
self.assertFalse(rest)
for ci in authsafe:
self.assertEqual(rfc5652.id_data, ci['contentType'])
indata, rest = der_decoder(ci['content'],
asn1Spec=univ.OctetString())
self.assertFalse(rest)
sc, rest = der_decoder(indata,
asn1Spec=rfc7292.SafeContents())
self.assertFalse(rest)
for sb in sc:
if sb['bagId'] in rfc7292.pkcs12BagTypeMap:
bv, rest = der_decoder(
sb['bagValue'],
asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']])
self.assertFalse(rest)
for bagattr in sb['bagAttributes']:
if bagattr['attrType'] in openTypesMap:
inav, rest = der_decoder(
bagattr['attrValues'][0],
asn1Spec=openTypesMap[
bagattr['attrType']])
self.assertFalse(rest)
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_friendlyName:
self.assertEqual(
"3f71af65-1687-444a-9f46-c8be194c3e8e",
inav)
if bagattr[
'attrType'] == rfc2985.pkcs_9_at_localKeyId:
self.assertEqual(
univ.OctetString(
hexValue='01000000'), inav)
if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU:
ci, rest = der_decoder(attr['values'][0],
asn1Spec=rfc5652.ContentInfo())
self.assertFalse(rest)
self.assertEqual(rfc5652.id_signedData, ci['contentType'])
sd, rest = der_decoder(ci['content'],
asn1Spec=rfc5652.SignedData())
self.assertFalse(rest)
self.assertEqual(1, sd['version'])
for si in sd['signerInfos']:
self.assertEqual(1, si['version'])
for siattr in si['signedAttrs']:
if siattr['attrType'] in openTypesMap:
siav, rest = der_decoder(
siattr['attrValues'][0],
asn1Spec=openTypesMap[siattr['attrType']])
self.assertFalse(rest)
if siattr[
'attrType'] == rfc2985.pkcs_9_at_contentType:
self.assertEqual(rfc5652.id_data, siav)
if siattr[
'attrType'] == rfc2985.pkcs_9_at_messageDigest:
self.assertEqual('b6e422a4',
siav.prettyPrint()[2:10])
if siattr[
'attrType'] == rfc2985.pkcs_9_at_signingTime:
self.assertEqual('190529182319Z',
siav['utcTime'])
for choices in sd['certificates']:
for rdn in choices[0]['tbsCertificate']['subject'][
'rdnSequence']:
if rdn[0]['type'] in openTypesMap:
nv, rest = der_decoder(
rdn[0]['value'],
asn1Spec=openTypesMap[rdn[0]['type']])
self.assertFalse(rest)
if rdn[0][
'type'] == rfc2985.pkcs_9_at_emailAddress:
self.assertEqual('*****@*****.**', nv)