def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert sd.prettyPrint() assert sd['encapContentInfo']['eContentType'] == rfc5652.id_data assert sd['encapContentInfo']['eContent'] v2 = rfc5280.Version(value='v2') assert sd['crls'][0]['crl']['tbsCertList']['version'] == v2 ocspr_oid = rfc5940.id_ri_ocsp_response assert sd['crls'][1]['other']['otherRevInfoFormat'] == ocspr_oid ocspr, rest = der_decode(sd['crls'][1]['other']['otherRevInfo'], asn1Spec=rfc5940.OCSPResponse()) assert ocspr.prettyPrint() success = rfc2560.OCSPResponseStatus(value='successful') assert ocspr['responseStatus'] == success
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData inner, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert inner['encapContentInfo'][ 'eContentType'] == rfc4108.id_ct_firmwarePackage assert inner['encapContentInfo']['eContent'] attribute_list = [] for attr in inner['signerInfos'][0]['signedAttrs']: attribute_list.append(attr['attrType']) if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: av, rest = der_decode( attr['attrValues'][0], asn1Spec=rfc4108.TargetHardwareIdentifiers()) assert len(av) == 2 for oid in av: assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint() assert rfc5652.id_contentType in attribute_list assert rfc5652.id_messageDigest in attribute_list assert rfc4108.id_aa_targetHardwareIDs in attribute_list assert rfc4108.id_aa_fwPkgMessageDigest in attribute_list
def testDerCodec(self): substrate = pem.readBase64fromText(self.tsr_pem_text) layers = { rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), rfc5652.id_signedData: rfc5652.SignedData(), rfc5934.id_ct_TAMP_statusResponse: rfc5934.TAMPStatusResponse() } getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc5934.id_ct_TAMP_statusResponse: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc5934.id_ct_TAMP_statusResponse: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decoder(substrate, asn1Spec=layers[next_layer]) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object)
def testDerCodec(self): substrate = pem.readBase64fromText(self.tau_pem_text) layers = { rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), rfc5652.id_signedData: rfc5652.SignedData(), rfc5934.id_ct_TAMP_update: rfc5934.TAMPUpdate() } getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc5934.id_ct_TAMP_update: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc5934.id_ct_TAMP_update: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object)
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc5035.Receipt()) assert not rest assert receipt.prettyPrint() assert der_encode(receipt) == sd['encapContentInfo']['eContent'] for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc5035.ESSAttributeMap.keys(): sav, rest = der_decode(sav0, asn1Spec=rfc5035.ESSAttributeMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0
def testDerCodec(self): substrate = pem.readBase64fromText(self.message3_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] oid = sd['encapContentInfo']['eContentType'] assert oid == rfc7191.id_ct_KP_keyPackageError kpe, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc7191.KeyPackageError()) assert not rest assert kpe.prettyPrint() assert der_encode(kpe) == sd['encapContentInfo']['eContent'] package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert kpe['errorOf']['pkgID'] == package_id assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10)
def testDerCodec(self): substrate = pem.readBase64fromText(self.message1_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq: sav, rest = der_decode(sav0, asn1Spec=rfc7191.KeyPkgIdentifierAndReceiptReq()) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert sav['pkgID'] == package_id
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertTrue(sd.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(sd)) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc6211.id_aa_cmsAlgorithmProtect: sav, rest = der_decoder( sav0, asn1Spec=rfc6211.CMSAlgorithmProtection()) self.assertFalse(rest) self.assertTrue(sav.prettyPrint()) self.assertEqual(sav0, der_encoder(sav))
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) inner, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertEqual( rfc4108.id_ct_firmwarePackage, inner['encapContentInfo']['eContentType']) self.assertTrue(inner['encapContentInfo']['eContent']) attribute_list = [] for attr in inner['signerInfos'][0]['signedAttrs']: attribute_list.append(attr['attrType']) if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: av, rest = der_decoder(attr['attrValues'][0], asn1Spec=rfc4108.TargetHardwareIdentifiers()) self.assertEqual(2, len(av)) for oid in av: self.assertIn('1.3.6.1.4.1.221121.1.1.', oid.prettyPrint()) self.assertIn( rfc5652.id_contentType, attribute_list) self.assertIn( rfc5652.id_messageDigest, attribute_list) self.assertIn(rfc4108.id_aa_targetHardwareIDs, attribute_list) self.assertIn(rfc4108.id_aa_fwPkgMessageDigest, attribute_list)
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate secure_header_field_attr_found = False assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat == rfc7508.id_aa_secureHeaderFieldsIdentifier: assert sat in rfc5652.cmsAttributesMap.keys() sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 from_field = rfc7508.HeaderFieldName('From') alice_email = rfc7508.HeaderFieldValue('*****@*****.**') for shf in sav['secHeaderFields']: if shf['field-Name'] == from_field: assert shf['field-Value'] == alice_email secure_header_field_attr_found = True assert secure_header_field_attr_found
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertTrue(sd.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(sd)) encoded_null = der_encoder(univ.Null("")) si = sd['signerInfos'][0] self.assertEqual(rfc4357.id_GostR3411_94, si['digestAlgorithm']['algorithm']) self.assertEqual(encoded_null, si['digestAlgorithm']['parameters']) self.assertEqual(rfc4357.id_GostR3410_2001, si['signatureAlgorithm']['algorithm']) self.assertEqual(encoded_null, si['signatureAlgorithm']['parameters']) self.assertEqual(64, len(si['signature']))
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_data_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(asn1Object['contentType'], rfc5652.id_signedData) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) oid = sd['signerInfos'][0]['signatureAlgorithm']['algorithm'] self.assertEqual(rfc8708.id_alg_hss_lms_hashsig, oid)
def _parse(self): super()._parse() # - Retrieve object from SpcSpOpusInfo from the authenticated attributes (for normal signer) self.program_name = self.more_info = None if asn1.spc.SpcSpOpusInfo in self.authenticated_attributes: if len(self.authenticated_attributes[asn1.spc.SpcSpOpusInfo]) != 1: raise AuthenticodeParseError( "Only one SpcSpOpusInfo expected in SignerInfo.authenticatedAttributes" ) self.program_name = self.authenticated_attributes[ asn1.spc.SpcSpOpusInfo][0]['programName'].to_python() self.more_info = self.authenticated_attributes[ asn1.spc.SpcSpOpusInfo][0]['moreInfo'].to_python() # - Authenticode can be signed using a RFC-3161 timestamp, so we discover this possibility here if pkcs7.Countersignature in self.unauthenticated_attributes \ and asn1.spc.SpcRfc3161Timestamp in self.unauthenticated_attributes: raise AuthenticodeParseError( "Countersignature and RFC-3161 timestamp present in " "SignerInfo.unauthenticatedAttributes") if asn1.spc.SpcRfc3161Timestamp in self.unauthenticated_attributes: if len(self.unauthenticated_attributes[ asn1.spc.SpcRfc3161Timestamp]) != 1: raise AuthenticodeParseError( "Only one RFC-3161 timestamp expected in " "SignerInfo.unauthenticatedAttributes") ts_data = self.unauthenticated_attributes[ asn1.spc.SpcRfc3161Timestamp][0] content_type = asn1.oids.get(ts_data['contentType']) if content_type is not rfc2315.SignedData: raise AuthenticodeParseError( "RFC-3161 Timestamp does not contain SignedData structure") # Note that we expect rfc5652 compatible data here # This is a work-around for incorrectly tagged v2AttrCerts in the BER-encoded blob, # see the docstring for patch_rfc5652_signeddata for more details try: signed_data = guarded_ber_decode( ts_data['content'], asn1_spec=rfc5652.SignedData()) except ParseError: with patch_rfc5652_signeddata() as asn1_spec: signed_data = guarded_ber_decode(ts_data['content'], asn1_spec=asn1_spec) self.countersigner = RFC3161SignedData(signed_data)
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(1, asn1Object['version']) ts = asn1Object['archiveTimeStampSequence'][0][0]['timeStamp'] self.assertEqual(rfc5652.id_signedData, ts['contentType']) sd, rest = der_decoder(ts['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertTrue(sd.prettyPrint()) self.assertEqual(ts['content'], der_encoder(sd)) self.assertEqual(3, sd['version']) ect = sd['encapContentInfo']['eContentType'] self.assertEqual(rfc3161.id_ct_TSTInfo, ect)
def testDerCodec(self): oids = [] for pem_text in self.pem_text_list: substrate = pem.readBase64fromText(pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] oids.append(sd['encapContentInfo']['eContentType']) assert rfc8358.id_ct_asciiTextWithCRLF in oids assert rfc8358.id_ct_pdf in oids assert rfc8358.id_ct_xml in oids
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(asn1Object['contentType'], rfc5652.id_signedData) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertTrue(sd.prettyPrint()) self.assertEqual(asn1Object['content'], der_encoder(sd)) self.assertEqual(sd['encapContentInfo']['eContentType'], rfc2634.id_ct_receipt) receipt, rest = der_decoder(sd['encapContentInfo']['eContent'], asn1Spec=rfc2634.Receipt()) self.assertFalse(rest) self.assertTrue(receipt.prettyPrint()) self.assertEqual(sd['encapContentInfo']['eContent'], der_encoder(receipt)) self.assertEqual(receipt['version'], rfc2634.ESSVersion().subtype(value='v1')) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc5652.cmsAttributesMap.keys(): sav, rest = der_decoder(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) self.assertFalse(rest) self.assertTrue(sav.prettyPrint()) self.assertEqual(sav0, der_encoder(sav))
def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc6211.id_aa_cmsAlgorithmProtect: sav, rest = der_decode(sav0, asn1Spec=rfc6211.CMSAlgorithmProtection()) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(substrate, der_encoder(asn1Object)) self.assertEqual(rfc5652.id_signedData, asn1Object['contentType']) sd, rest = der_decoder(asn1Object['content'], asn1Spec=rfc5652.SignedData()) self.assertTrue(sd.prettyPrint()) self.assertEqual(rfc5652.id_data, sd['encapContentInfo']['eContentType']) self.assertTrue(sd['encapContentInfo']['eContent']) v2 = rfc5280.Version(value='v2') self.assertEqual(v2, sd['crls'][0]['crl']['tbsCertList']['version']) ocspr_oid = rfc5940.id_ri_ocsp_response self.assertEqual(ocspr_oid, sd['crls'][1]['other']['otherRevInfoFormat']) ocspr, rest = der_decoder(sd['crls'][1]['other']['otherRevInfo'], asn1Spec=rfc5940.OCSPResponse()) self.assertTrue(ocspr.prettyPrint()) success = rfc2560.OCSPResponseStatus(value='successful') self.assertEqual(success, ocspr['responseStatus'])
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate openTypesMap = { rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(), } openTypesMap.update(rfc5280.certificateAttributesMap) openTypesMap.update(rfc5652.cmsAttributesMap) for attr in asn1Object: assert attr['type'] in openTypesMap.keys() av, rest = der_decode(attr['values'][0], asn1Spec=openTypesMap[attr['type']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['values'][0] if attr['type'] == rfc2985.pkcs_9_at_userPKCS12: assert av['version'] == univ.Integer(3) assert av['authSafe']['contentType'] == rfc5652.id_data outdata, rest = der_decode(av['authSafe']['content'], asn1Spec=univ.OctetString()) assert not rest authsafe, rest = der_decode( outdata, asn1Spec=rfc7292.AuthenticatedSafe()) assert not rest for ci in authsafe: assert ci['contentType'] == rfc5652.id_data indata, rest = der_decode(ci['content'], asn1Spec=univ.OctetString()) assert not rest sc, rest = der_decode(indata, asn1Spec=rfc7292.SafeContents()) assert not rest for sb in sc: if sb['bagId'] in rfc7292.pkcs12BagTypeMap: bv, rest = der_decode( sb['bagValue'], asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']]) assert not rest for bagattr in sb['bagAttributes']: if bagattr['attrType'] in openTypesMap: inav, rest = der_decode( bagattr['attrValues'][0], asn1Spec=openTypesMap[ bagattr['attrType']]) assert not rest if bagattr[ 'attrType'] == rfc2985.pkcs_9_at_friendlyName: assert inav == "3f71af65-1687-444a-9f46-c8be194c3e8e" if bagattr[ 'attrType'] == rfc2985.pkcs_9_at_localKeyId: assert inav == univ.OctetString( hexValue='01000000') if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU: ci, rest = der_decode(attr['values'][0], asn1Spec=rfc5652.ContentInfo()) assert not rest assert ci['contentType'] == rfc5652.id_signedData sd, rest = der_decode(ci['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd['version'] == 1 for si in sd['signerInfos']: assert si['version'] == 1 for siattr in si['signedAttrs']: if siattr['attrType'] in openTypesMap: siav, rest = der_decode( siattr['attrValues'][0], asn1Spec=openTypesMap[siattr['attrType']]) assert not rest if siattr[ 'attrType'] == rfc2985.pkcs_9_at_contentType: assert siav == rfc5652.id_data if siattr[ 'attrType'] == rfc2985.pkcs_9_at_messageDigest: assert siav.prettyPrint()[2:10] == 'b6e422a4' if siattr[ 'attrType'] == rfc2985.pkcs_9_at_signingTime: assert siav['utcTime'] == '190529182319Z' for choices in sd['certificates']: for rdn in choices[0]['tbsCertificate']['subject'][ 'rdnSequence']: if rdn[0]['type'] in openTypesMap: nv, rest = der_decode( rdn[0]['value'], asn1Spec=openTypesMap[rdn[0]['type']]) assert not rest if rdn[0][ 'type'] == rfc2985.pkcs_9_at_emailAddress: assert nv == '*****@*****.**'
def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) self.assertFalse(rest) self.assertTrue(asn1Object.prettyPrint()) self.assertEqual(der_encoder(asn1Object), substrate) openTypesMap = { rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(), } openTypesMap.update(rfc5280.certificateAttributesMap) openTypesMap.update(rfc5652.cmsAttributesMap) for attr in asn1Object: self.assertIn(attr['type'], openTypesMap) av, rest = der_decoder(attr['values'][0], asn1Spec=openTypesMap[attr['type']]) self.assertFalse(rest) self.assertTrue(av.prettyPrint()) self.assertEqual(attr['values'][0], der_encoder(av)) if attr['type'] == rfc2985.pkcs_9_at_userPKCS12: self.assertEqual(univ.Integer(3), av['version']) self.assertEqual(rfc5652.id_data, av['authSafe']['contentType']) outdata, rest = der_decoder(av['authSafe']['content'], asn1Spec=univ.OctetString()) self.assertFalse(rest) authsafe, rest = der_decoder( outdata, asn1Spec=rfc7292.AuthenticatedSafe()) self.assertFalse(rest) for ci in authsafe: self.assertEqual(rfc5652.id_data, ci['contentType']) indata, rest = der_decoder(ci['content'], asn1Spec=univ.OctetString()) self.assertFalse(rest) sc, rest = der_decoder(indata, asn1Spec=rfc7292.SafeContents()) self.assertFalse(rest) for sb in sc: if sb['bagId'] in rfc7292.pkcs12BagTypeMap: bv, rest = der_decoder( sb['bagValue'], asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']]) self.assertFalse(rest) for bagattr in sb['bagAttributes']: if bagattr['attrType'] in openTypesMap: inav, rest = der_decoder( bagattr['attrValues'][0], asn1Spec=openTypesMap[ bagattr['attrType']]) self.assertFalse(rest) if bagattr[ 'attrType'] == rfc2985.pkcs_9_at_friendlyName: self.assertEqual( "3f71af65-1687-444a-9f46-c8be194c3e8e", inav) if bagattr[ 'attrType'] == rfc2985.pkcs_9_at_localKeyId: self.assertEqual( univ.OctetString( hexValue='01000000'), inav) if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU: ci, rest = der_decoder(attr['values'][0], asn1Spec=rfc5652.ContentInfo()) self.assertFalse(rest) self.assertEqual(rfc5652.id_signedData, ci['contentType']) sd, rest = der_decoder(ci['content'], asn1Spec=rfc5652.SignedData()) self.assertFalse(rest) self.assertEqual(1, sd['version']) for si in sd['signerInfos']: self.assertEqual(1, si['version']) for siattr in si['signedAttrs']: if siattr['attrType'] in openTypesMap: siav, rest = der_decoder( siattr['attrValues'][0], asn1Spec=openTypesMap[siattr['attrType']]) self.assertFalse(rest) if siattr[ 'attrType'] == rfc2985.pkcs_9_at_contentType: self.assertEqual(rfc5652.id_data, siav) if siattr[ 'attrType'] == rfc2985.pkcs_9_at_messageDigest: self.assertEqual('b6e422a4', siav.prettyPrint()[2:10]) if siattr[ 'attrType'] == rfc2985.pkcs_9_at_signingTime: self.assertEqual('190529182319Z', siav['utcTime']) for choices in sd['certificates']: for rdn in choices[0]['tbsCertificate']['subject'][ 'rdnSequence']: if rdn[0]['type'] in openTypesMap: nv, rest = der_decoder( rdn[0]['value'], asn1Spec=openTypesMap[rdn[0]['type']]) self.assertFalse(rest) if rdn[0][ 'type'] == rfc2985.pkcs_9_at_emailAddress: self.assertEqual('*****@*****.**', nv)
next_layer = rfc5652.id_ct_contentInfo data = substrate while next_layer: if next_layer == rfc5652.id_ct_contentInfo: layer, rest = decoder.decode(data, asn1Spec=rfc5652.ContentInfo()) assert encoder.encode(layer) == data, 'wrapper recode fails' assert not rest print(" * New layer (wrapper):") print(layer.prettyPrint()) next_layer = layer['contentType'] data = layer['content'] elif next_layer == rfc5652.id_signedData: layer, rest = decoder.decode(data, asn1Spec=rfc5652.SignedData()) assert encoder.encode(layer) == data, 'wrapper recode fails' assert not rest print(" * New layer (wrapper):") print(layer.prettyPrint()) next_layer = layer['encapContentInfo']['eContentType'] data = layer['encapContentInfo']['eContent'] elif next_layer == rfc6402.id_cct_PKIData: layer, rest = decoder.decode(data, asn1Spec=rfc6402.PKIData()) assert encoder.encode(layer) == data, 'pkidata recode fails' assert not rest print(" * New layer (pkidata):")