Пример #1
0
class AttributeTypeAndValue(Sequence):
    schema = (
        ("type",
         AttributeType(
             defines=(((".", "value"), {
                 ObjectIdentifier("2.5.4.6"): PrintableString(),
                 ObjectIdentifier("2.5.4.8"): PrintableString(),
                 ObjectIdentifier("2.5.4.7"): PrintableString(),
                 ObjectIdentifier("2.5.4.10"): OrganizationName(),
                 ObjectIdentifier("2.5.4.3"): PrintableString(),
             }), ))),
        ("value", AttributeValue()),
    )
Пример #2
0
 def test__parse_public_key_hash_raise(self):
     pem_cert = self.crypto._parse_pem(valid_cert)
     asn_cert = self.crypto._parse_asn_cert(pem_cert)
     asn_cert["tbsCertificate"]["subjectPublicKeyInfo"]["algorithm"][
         "parameters"] = Any(
             GostR34102012PublicKeyParameters((
                 ("publicKeyParamSet",
                  ObjectIdentifier("1.2.643.7.1.2.1.2.9999")),
                 ("digestParamSet",
                  ObjectIdentifier("1.2.643.7.1.2.1.2.9999")),
             )))
     cert_new = b64encode(asn_cert.encode()).decode()
     with self.assertRaises(CertNotValid):
         self.crypto._parse_public_key_hash(
             "-----BEGIN CERTIFICATE-----\n" + cert_new +
             "\n-----END CERTIFICATE-----")
Пример #3
0
class EncryptionAlgorithmIdentifier(AlgorithmIdentifier):
    schema = (
        ("algorithm", ObjectIdentifier(defines=(
            (("parameters",), {id_pbes2: PBES2Params()}),
        ))),
        ("parameters", Any(optional=True)),
    )
Пример #4
0
class PBES2Encs(AlgorithmIdentifier):
    schema = (
        ("algorithm", ObjectIdentifier(defines=(
            (("parameters",), {id_Gost28147_89: Gost2814789Parameters()}),
        ))),
        ("parameters", Any(optional=True)),
    )
Пример #5
0
class PBES2KDFs(AlgorithmIdentifier):
    schema = (
        ("algorithm", ObjectIdentifier(defines=(
            (("parameters",), {id_pbkdf2: PBKDF2Params()}),
        ))),
        ("parameters", Any(optional=True)),
    )
Пример #6
0
class AccessDescription(Sequence):
    # AccessDescription  ::=  SEQUENCE {
    #     accessMethod          OBJECT IDENTIFIER,
    #     accessLocation        GeneralName  }
    schema = (
        ("accessMethod", ObjectIdentifier()),
        ("accessLocation", GeneralName()),
    )
Пример #7
0
 def test__get_curve_raise(self):
     cert = self.crypto._parse_asn_tbs_cert(valid_cert)
     cert["subjectPublicKeyInfo"]["algorithm"]["parameters"] = Any(
         GostR34102012PublicKeyParameters(
             (("publicKeyParamSet",
               ObjectIdentifier("1.2.643.7.1.2.1.2.9999")), )))
     with self.assertRaises(CertNotValid):
         self.crypto._get_curve(cert)
Пример #8
0
class SafeBag(Sequence):
    schema = (
        ("bagId", ObjectIdentifier(defines=(
            (("bagValue",), {id_encryptedData: EncryptedData()}),
        ))),
        ("bagValue", PKCS12BagSet(expl=tag_ctxc(0))),
        ("bagAttributes", PKCS12Attributes(optional=True)),
    )
Пример #9
0
class OtherName(Sequence):
    #    OtherName ::= SEQUENCE {
    #         type-id    OBJECT IDENTIFIER,
    #         value      [0] EXPLICIT ANY DEFINED BY type-id }
    schema = (
        ("type-id", ObjectIdentifier()),
        ("value", Any(expl=tag_ctxc(0))),
    )
Пример #10
0
class PrivateKeyAlgorithmIdentifier(Sequence):
    schema = (
        ("algorithm",
         ObjectIdentifier(defines=((
             ("parameters", ), {
                 id_tc26_gost3410_2012_256: GostR34102012PublicKeyParameters(),
                 id_tc26_gost3410_2012_512: GostR34102012PublicKeyParameters(),
             }), ))),
        ("parameters", Any(optional=True)),
    )
Пример #11
0
class GostR34102001TransportParameters(Sequence):
    schema = (
        ("encryptionParamSet", ObjectIdentifier()),
        ("ephemeralPublicKey",
         SubjectPublicKeyInfo(
             impl=tag_ctxc(0),
             optional=True,
         )),
        ("ukm", OctetString()),
    )
Пример #12
0
class AlgorithmIdentifier(Sequence):
    # AlgorithmIdentifier  ::=  SEQUENCE  {
    #     algorithm               OBJECT IDENTIFIER,
    #     parameters              ANY DEFINED BY algorithm OPTIONAL  }
    #                                 -- contains a value of the type
    #                                 -- registered for use with the
    #                                 -- algorithm object identifier value
    schema = (
        ("algorithm", ObjectIdentifier()),
        ("parameters", Any(optional=True)),
    )
Пример #13
0
class ContentInfo(Sequence):
    # ContentInfo ::= SEQUENCE {
    #     contentType ContentType,
    #     content [0] EXPLICIT ANY DEFINED BY contentType }
    schema = (
        ("contentType",
         ContentType(
             defines=((("content", ), {
                 ObjectIdentifier("1.2.840.113549.1.7.2"): SignedData(),
             }), ))),
        ("content", ANY(expl=tag_ctxc(0))),
    )
Пример #14
0
class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
    schema = (
        ("algorithm",
         ObjectIdentifier(defines=(
             (("..", "encryptedKey"), {
                 id_tc26_gost3410_2012_256: GostR3410KeyTransport(),
                 id_tc26_gost3410_2012_512: GostR3410KeyTransport(),
             }),
             (("..", "recipientEncryptedKeys", any, "encryptedKey"), {
                 id_tc26_gost3410_2012_256: Gost2814789EncryptedKey(),
                 id_tc26_gost3410_2012_512: Gost2814789EncryptedKey(),
             }),
         ))),
        ("parameters", Any(optional=True)),
    )
Пример #15
0
class Extension(Sequence):
    # Extension  ::=  SEQUENCE  {
    #     extnID      OBJECT IDENTIFIER,
    #     critical    BOOLEAN DEFAULT FALSE,
    #     extnValue   OCTET STRING
    #     }
    schema = (
        ("extnID",
         ObjectIdentifier(
             defines=((("extnValue", ), {
                 id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
                 id_ce_keyUsage: KeyUsage(),
                 id_ce_extKeyUsage: ExtKeyUsage(),
                 id_ce_cRLDistributionPoints: CRLDistributionPoints(),
                 id_pe_authorityInfoAccess: AuthorityInfoAccess(),
             }), ))),
        ("critical", Boolean(default=False)),
        ("extnValue", OCTETSTRING()),  # OctetString()),
    )
Пример #16
0
class GeneralName(Choice):
    #    GeneralName ::= CHOICE {
    #         otherName                       [0]     OtherName,
    #         rfc822Name                      [1]     IA5String,
    #         dNSName                         [2]     IA5String,
    #         x400Address                     [3]     ORAddress,
    #         directoryName                   [4]     Name,
    #         ediPartyName                    [5]     EDIPartyName,
    #         uniformResourceIdentifier       [6]     IA5String,
    #         iPAddress                       [7]     OCTET STRING,
    #         registeredID                    [8]     OBJECT IDENTIFIER }
    schema = (
        ("otherName", OtherName(impl=tag_ctxp(0))),
        ("rfc822Name", IA5String(impl=tag_ctxp(1))),
        ("dNSName", IA5String(impl=tag_ctxp(2))),
        ("x400Address", ORAddress(impl=tag_ctxp(3))),
        ("directoryName", Name(expl=tag_ctxp(4))),
        ("ediPartyName", EDIPartyName(impl=tag_ctxp(5))),
        ("uniformResourceIdentifier", IA5String(impl=tag_ctxp(6))),
        ("iPAddress", OctetString(impl=tag_ctxp(7))),
        ("registeredID", ObjectIdentifier(impl=tag_ctxp(8))),
    )
Пример #17
0
class AlgorithmIdentifier(Sequence):
    schema = (
        ("algorithm", ObjectIdentifier()),
        ("parameters", Any(optional=True)),
    )
Пример #18
0
class Extension(Sequence):
    schema = (
        ("extnID", ObjectIdentifier()),
        ("critical", Boolean(default=False)),
        ("extnValue", OctetString()),
    )
Пример #19
0
class GostR34102012PublicKeyParameters(Sequence):
    schema = (
        ("publicKeyParamSet", ObjectIdentifier()),
        ("digestParamSet", ObjectIdentifier(optional=True)),
    )
Пример #20
0
from pyderasn import ObjectIdentifier


id_pkcs7 = ObjectIdentifier("1.2.840.113549.1.7")
id_data = id_pkcs7 + (1,)
id_signedData = id_pkcs7 + (2,)
id_envelopedData = id_pkcs7 + (3,)
id_digestedData = id_pkcs7 + (5,)
id_encryptedData = id_pkcs7 + (6,)

id_tc26_gost3410_2012_256 = ObjectIdentifier("1.2.643.7.1.1.1.1")
id_tc26_gost3410_2012_512 = ObjectIdentifier("1.2.643.7.1.1.1.2")
id_tc26_gost3411_2012_256 = ObjectIdentifier("1.2.643.7.1.1.2.2")
id_tc26_gost3411_2012_512 = ObjectIdentifier("1.2.643.7.1.1.2.3")
id_tc26_gost3410_2012_256_paramSetA = ObjectIdentifier("1.2.643.7.1.2.1.1.1")
id_tc26_gost3410_2012_256_paramSetB = ObjectIdentifier("1.2.643.7.1.2.1.1.2")
id_tc26_gost3410_2012_256_paramSetC = ObjectIdentifier("1.2.643.7.1.2.1.1.3")
id_tc26_gost3410_2012_256_paramSetD = ObjectIdentifier("1.2.643.7.1.2.1.1.4")
id_tc26_gost3410_2012_512_paramSetTest = ObjectIdentifier("1.2.643.7.1.2.1.2.0")
id_tc26_gost3410_2012_512_paramSetA = ObjectIdentifier("1.2.643.7.1.2.1.2.1")
id_tc26_gost3410_2012_512_paramSetB = ObjectIdentifier("1.2.643.7.1.2.1.2.2")
id_tc26_gost3410_2012_512_paramSetC = ObjectIdentifier("1.2.643.7.1.2.1.2.3")
id_tc26_signwithdigest_gost3410_2012_256 = ObjectIdentifier("1.2.643.7.1.1.3.2")
id_tc26_signwithdigest_gost3410_2012_512 = ObjectIdentifier("1.2.643.7.1.1.3.3")
id_tc26_gost_28147_param_Z = ObjectIdentifier("1.2.643.7.1.2.5.1.1")
id_Gost28147_89 = ObjectIdentifier("1.2.643.2.2.21")
id_GostR3410_2001_TestParamSet = ObjectIdentifier("1.2.643.2.2.35.0")

id_pbes2 = ObjectIdentifier("1.2.840.113549.1.5.13")
id_pbkdf2 = ObjectIdentifier("1.2.840.113549.1.5.12")
Пример #21
0
class Gost2814789Parameters(Sequence):
    schema = (
        ("iv", Gost2814789IV()),
        ("encryptionParamSet", ObjectIdentifier()),
    )
Пример #22
0
import pem as pem
from pygost import gost3410, gost34112012256, gost34112012512
from pygost.asn1schemas.prvkey import PrivateKeyInfo, PrivateKey
from pygost.asn1schemas.x509 import Certificate, AlgorithmIdentifier, GostR34102012PublicKeyParameters, \
    SubjectPublicKeyInfo, TBSCertificate

from pyderasn import ObjectIdentifier, OctetString
from pygost.gost3410 import GOST3410Curve
from pygost.iface import PEP247

from sspvo import AbstractCrypto
from sspvo.errors import BadRequest, CertNotValid, KeyNotValid

oid_curve_names = {
    ObjectIdentifier("1.2.643.2.2.35.1"):
    "id-GostR3410-2001-CryptoPro-A-ParamSet",
    ObjectIdentifier("1.2.643.2.2.35.2"):
    "id-GostR3410-2001-CryptoPro-B-ParamSet",
    ObjectIdentifier("1.2.643.2.2.35.3"):
    "id-GostR3410-2001-CryptoPro-C-ParamSet",
    ObjectIdentifier("1.2.643.2.2.36.0"):
    "id-GostR3410-2001-CryptoPro-XchA-ParamSet",
    ObjectIdentifier("1.2.643.2.2.36.1"):
    "id-GostR3410-2001-CryptoPro-XchB-ParamSet",
    ObjectIdentifier("1.2.643.7.1.2.1.1.1"):
    "id-tc26-gost-3410-2012-256-paramSetA",
    ObjectIdentifier("1.2.643.7.1.2.1.1.2"):
    "id-tc26-gost-3410-2012-256-paramSetB",
    ObjectIdentifier("1.2.643.7.1.2.1.1.3"):
    "id-tc26-gost-3410-2012-256-paramSetC",
Пример #23
0
        ("encryptedData", OctetString()),
    )


class PKCS8ShroudedKeyBag(EncryptedPrivateKeyInfo):
    pass


class PBKDF2Salt(Choice):
    schema = (
        ("specified", OctetString()),
        # ("otherSource", PBKDF2SaltSources()),
    )


id_hmacWithSHA1 = ObjectIdentifier("1.2.840.113549.2.7")


class PBKDF2PRFs(AlgorithmIdentifier):
    schema = (
        ("algorithm", ObjectIdentifier(default=id_hmacWithSHA1)),
        ("parameters", Any(optional=True)),
    )


class IterationCount(Integer):
    bounds = (1, float("+inf"))


class KeyLength(Integer):
    bounds = (1, float("+inf"))
Пример #24
0
class SafeBag(Sequence):
    schema = (
        ("bagId", ObjectIdentifier()),
        ("bagValue", PKCS12BagSet(expl=tag_ctxc(0))),
        ("bagAttributes", PKCS12Attributes(optional=True)),
    )
Пример #25
0
class PBKDF2PRFs(AlgorithmIdentifier):
    schema = (
        ("algorithm", ObjectIdentifier(default=id_hmacWithSHA1)),
        ("parameters", Any(optional=True)),
    )
Пример #26
0
class PBES2Encs(AlgorithmIdentifier):
    schema = (
        ("algorithm", ObjectIdentifier()),
        ("parameters", Any(optional=True)),
    )
Пример #27
0

# -- Upper Bounds
ub_state_name = 128
ub_organization_name = 64
ub_organizational_name = 64
ub_title = 64
ub_serial_number = 64
ub_pseudonym = 128
ub_emailaddress_length = 255
ub_locality_name = 128
ub_common_name = 64
ub_name = 32768

# id-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 }
id_at = ObjectIdentifier((2, 5, 4))

# -- Naming attributes of type X520name
# id-at-name                AttributeType ::= { id-at 41 }
# id-at-surname             AttributeType ::= { id-at  4 }
# id-at-givenName           AttributeType ::= { id-at 42 }
# id-at-initials            AttributeType ::= { id-at 43 }
# id-at-generationQualifier AttributeType ::= { id-at 44 }

id_at_name = AttributeType(id_at + (41, ))
id_at_surname = AttributeType(id_at + (4, ))
id_at_givenName = AttributeType(id_at + (42, ))
id_at_initials = AttributeType(id_at + (43, ))
id_at_generationQualifier = AttributeType(id_at + (44, ))

# -- Naming attributes of type X520Name:
Пример #28
0
class PKCS12Attribute(Sequence):
    schema = (
        ("attrId", ObjectIdentifier()),
        ("attrValue", AttrValue()),
    )
Пример #29
0
class Attribute(Sequence):
    schema = (
        ("type", ObjectIdentifier()),
        ("values", AttributeValues()),
    )
Пример #30
0
class ECParameters(Choice):
    schema = (
        ("namedCurve", ObjectIdentifier()),
        ("implicitCurve", Null()),
        # ("specifiedCurve", SpecifiedECDomain()),
    )