def test_error_stack(self): enc = asn1.Encoder() enc.start() assert_raises(asn1.Error, enc.leave) enc.enter(asn1.Numbers.Sequence) assert_raises(asn1.Error, enc.output) enc.leave() assert_raises(asn1.Error, enc.leave)
def test_context(self): enc = asn1.Encoder() enc.start() enc.enter(1, asn1.Classes.Context) enc.write(1) enc.leave() res = enc.output() assert res == b'\xa1\x03\x02\x01\x01'
def test_private(self): enc = asn1.Encoder() enc.start() enc.enter(1, asn1.Classes.Private) enc.write(1) enc.leave() res = enc.output() assert res == b'\xe1\x03\x02\x01\x01'
def test_long_tag_id(self): enc = asn1.Encoder() enc.start() enc.enter(0xffff) enc.write(1) enc.leave() res = enc.output() assert res == b'\x3f\x83\xff\x7f\x03\x02\x01\x01'
def test_application(self): enc = asn1.Encoder() enc.start() enc.enter(1, asn1.Classes.Application) enc.write(1) enc.leave() res = enc.output() assert res == b'\x61\x03\x02\x01\x01'
def test_sequence(self): enc = asn1.Encoder() enc.start() enc.enter(asn1.Numbers.Sequence) enc.write(1) enc.write(b'foo') enc.leave() res = enc.output() assert res == b'\x30\x08\x02\x01\x01\x04\x03foo'
def test_set(self): enc = asn1.Encoder() enc.start() enc.enter(asn1.Set) enc.write(1) enc.write('foo') enc.leave() res = enc.output() assert res == '\x31\x08\x02\x01\x01\x04\x03foo'
def assert_encode_decode(v, t): encoder = asn1.Encoder() encoder.start() encoder.write(v, t) encoded_bytes = encoder.output() decoder = asn1.Decoder() decoder.start(encoded_bytes) tag, value = decoder.read() assert value == v
def test_set_of(self): enc = asn1.Encoder() enc.start() enc.enter(asn1.Set) enc.write(1) enc.write(2) enc.leave() res = enc.output() assert res == '\x31\x06\x02\x01\x01\x02\x01\x02'
def test_sequence_of(self): enc = asn1.Encoder() enc.start() enc.enter(asn1.Numbers.Sequence) enc.write(1) enc.write(2) enc.leave() res = enc.output() assert res == b'\x30\x06\x02\x01\x01\x02\x01\x02'
def der_encode_privkey(privkey, curve): # encode key, curve to ASN1 DER format encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) # privkey encoder.write(_int_to_bebytes(privkey), asn1.Numbers.OctetString) _der_encode_curve(curve, encoder) encoder.leave() return encoder.output()
def test_error_object_identifier(self): enc = asn1.Encoder() enc.start() assert_raises(asn1.Error, enc.write, '1', asn1.ObjectIdentifier) assert_raises(asn1.Error, enc.write, '40.2.3', asn1.ObjectIdentifier) assert_raises(asn1.Error, enc.write, '1.40.3', asn1.ObjectIdentifier) assert_raises(asn1.Error, enc.write, '1.2.3.', asn1.ObjectIdentifier) assert_raises(asn1.Error, enc.write, '.1.2.3', asn1.ObjectIdentifier) assert_raises(asn1.Error, enc.write, 'foo', asn1.ObjectIdentifier) assert_raises(asn1.Error, enc.write, 'foo.bar', asn1.ObjectIdentifier)
def der_encode_pubkey(pubkey, curve): # encode key, curve to ASN1 DER format encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) # pubkey encoder.write(pubkey.compressed(), asn1.Numbers.OctetString) # curve _der_encode_curve(curve, encoder) encoder.leave() return encoder.output()
def generate(pk_algorithm, sig_algorithm, filename, signing_key, type="sign", ca=False, pathlen=4): filename = filename.lower() set_up_algorithm(pk_algorithm, type) (pk, sk) = get_keys(type, pk_algorithm) write_pem(f"{filename}.pub", b"PUBLIC KEY", public_key_der(pk_algorithm, pk)) write_pem(f"{filename}.key", b"PRIVATE KEY", private_key_der(pk_algorithm, sk)) with open(f"{filename}.pub.bin", "wb") as publickeyfile: publickeyfile.write(pk) with open(f"{filename}.key.bin", "wb") as secretkeyfile: secretkeyfile.write(sk) set_up_sign_algorithm(sig_algorithm) encoder = asn1.Encoder() encoder.start() # SEQUENCE of three things # Certificate ::= SEQUENCE { # tbsCertificate TBSCertificate, # signatureAlgorithm AlgorithmIdentifier, # signatureValue BIT STRING } encoder.enter(asn1.Numbers.Sequence) # Certificate write_tbs_certificate(encoder, pk_algorithm, sig_algorithm, pk, is_ca=ca, pathlen=pathlen) # Write signature algorithm write_signature_algorithm(encoder, sig_algorithm) write_signature(encoder, pk_algorithm, sig_algorithm, pk, signing_key, is_ca=ca, pathlen=pathlen) encoder.leave() # Leave Certificate SEQUENCE with open(f"{filename}.crt.bin", "wb") as file_: file_.write(encoder.output()) write_pem(f"{filename}.crt", b"CERTIFICATE", encoder.output())
def encodeClient_p_r_ta( p, r, t_a ): asn1_encoder = asn1.Encoder() asn1_encoder.start() # Sequence HEADER asn1_encoder.enter(asn1.Numbers.Sequence) #Key set asn1_encoder.enter(asn1.Numbers.Set) # Sequence_2 start asn1_encoder.enter(asn1.Numbers.Sequence) # 0x80070200 - Месси-Омуры asn1_encoder.write(b'\x80\x07\x02\x00', asn1.Numbers.OctetString) asn1_encoder.write(b'mo', asn1.Numbers.UTF8String) asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.leave() # asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.write(p, asn1.Numbers.Integer) asn1_encoder.write(r, asn1.Numbers.Integer) asn1_encoder.leave() asn1_encoder.leave() # asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.write(t_a, asn1.Numbers.Integer) asn1_encoder.leave() # Sequence_2 end asn1_encoder.leave() # Set_1 end asn1_encoder.leave() # asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.leave() # Sequence HEADER end # asn1_encoder.leave() return asn1_encoder.output()
def GOSTencodeSign(xq, yq, prime, A, B, xp, yp, q, r, s): encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) encoder.enter(asn1.Numbers.Set) encoder.enter(asn1.Numbers.Sequence) encoder.write(b'\x80\x06\x07\x00', asn1.Numbers.OctetString) encoder.write(b'gostSignKey', asn1.Numbers.UTF8String) encoder.enter(asn1.Numbers.Sequence) # Open key encoder.write(xq, asn1.Numbers.Integer) encoder.write(yq, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) # cryptosystem params encoder.enter(asn1.Numbers.Sequence) # field params encoder.write(prime, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) # curve params encoder.write(A, asn1.Numbers.Integer) encoder.write(B, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) # points generator encoder.write(xp, asn1.Numbers.Integer) encoder.write(yp, asn1.Numbers.Integer) encoder.leave() encoder.write(q, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) # sign encoder.write(r, asn1.Numbers.Integer) encoder.write(s, asn1.Numbers.Integer) encoder.leave() encoder.leave() encoder.leave() encoder.enter(asn1.Numbers.Sequence) # file params encoder.leave() encoder.leave() return encoder.output()
def der_encode_ecelgamal_ctxt(ctext, curve): # encode key, curve to ASN1 DER format encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) # C encoder.write(ctext.C.compressed(), asn1.Numbers.OctetString) # D encoder.write(ctext.D.compressed(), asn1.Numbers.OctetString) # curve _der_encode_curve(curve, encoder) encoder.leave() return encoder.output()
def der_encode_message(pubkey, nonce, ctext): # encode key, curve to ASN1 DER format encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) # pubkey encoder.write(pubkey.compressed(), asn1.Numbers.OctetString) # nonce encoder.write(nonce, asn1.Numbers.OctetString) # ciphertext encoder.write(ctext, asn1.Numbers.OctetString) encoder.leave() return encoder.output()
def encode_sign( mod, # mod - n exp, # exp - e sign_RSA): asn1_encoder = asn1.Encoder() asn1_encoder.start() # Sequence_1 start asn1_encoder.enter(asn1.Numbers.Sequence) # Set_1 start asn1_encoder.enter(asn1.Numbers.Set) # Sequence_2 start asn1_encoder.enter(asn1.Numbers.Sequence) # \x00\x06 - RSA-SHA1 asn1_encoder.write(b'\x00\x40', asn1.Numbers.OctetString) asn1_encoder.write(b'RSASignature ', asn1.Numbers.UTF8String) # asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.write(mod, asn1.Numbers.Integer) asn1_encoder.write(exp, asn1.Numbers.Integer) asn1_encoder.leave() # asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.leave() # asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.write(sign_RSA, asn1.Numbers.Integer) asn1_encoder.leave() # Sequence_2 start asn1_encoder.leave() # Set_1 end asn1_encoder.leave() # Additional data asn1_encoder.enter(asn1.Numbers.Sequence) asn1_encoder.leave() # Sequence_1 end asn1_encoder.leave() return asn1_encoder.output()
def test_long_object_identifier(self): enc = asn1.Encoder() enc.start() enc.write('39.2.3', asn1.ObjectIdentifier) res = enc.output() assert res == '\x06\x03\x8c\x1a\x03' enc.start() enc.write('1.39.3', asn1.ObjectIdentifier) res = enc.output() assert res == '\x06\x02\x4f\x03' enc.start() enc.write('1.2.300000', asn1.ObjectIdentifier) res = enc.output() assert res == '\x06\x04\x2a\x92\xa7\x60'
def RSAencode( n, e, c, # encrypted aes256 key len, encrypted): encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence ) # Start of sequence_1 -- main sequence of metadata encoder.enter(asn1.Numbers.Set) # Start of set_1 -- set of RSA keys encoder.enter( asn1.Numbers.Sequence) # Start of sequence_2 -- first RSA key encoder.write(b'\x00\x01', asn1.Numbers.OctetString) # RSA identifier encoder.write(b'\x0C\x00', asn1.Numbers.UTF8String) # ID of the key (empty) encoder.enter(asn1.Numbers.Sequence ) # Start of sequence_3 -- sequence of e and n of RSA encoder.write(n, asn1.Numbers.Integer) encoder.write(e, asn1.Numbers.Integer) encoder.leave() # End of sequence_3 encoder.enter( asn1.Numbers.Sequence ) # Cryptographic parameters, not used in RSA, because parameter n is a part of open key encoder.leave() encoder.enter(asn1.Numbers.Sequence ) # Start of sequence_4 -- sequence of RSA encrypted data encoder.write(c, asn1.Numbers.Integer) encoder.leave() encoder.leave() # End of sequence_2 encoder.leave() # End of set_1 encoder.enter(asn1.Numbers.Sequence ) # Start of sequence_5 -- sequence of additional data encoder.write(b'\x10\x82', asn1.Numbers.OctetString) # AES CBC identifier encoder.write(len, asn1.Numbers.Integer) # len of the ciphertext encoder.leave() encoder.leave() # End of sequence_1 encoder.write(encrypted) return encoder.output()
def test_big_negative_numbers(self): for v in \ ( -668929531791034950848739021124816874, -667441897913742713771034596334288035, -664674827807729028941298133900846368, -666811959353093594446621165172641478, ): encoder = asn1.Encoder() encoder.start() encoder.write(v, asn1.Numbers.Integer) encoded_bytes = encoder.output() decoder = asn1.Decoder() decoder.start(encoded_bytes) tag, value = decoder.read() assert value == v
def encode_signature(Q, prime, curve, P, group_order, signature_r, signature_s, ksi): encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) encoder.enter(asn1.Numbers.Set) encoder.enter(asn1.Numbers.Sequence) encoder.write(b'\\x80\\x06\\x07\\x00', asn1.Numbers.OctetString) encoder.write(b'GOST 34.10-2018', asn1.Numbers.UTF8String) # Public key Q(x,y) encoder.enter(asn1.Numbers.Sequence) encoder.write(Q.x, asn1.Numbers.Integer) # Qx encoder.write(Q.y, asn1.Numbers.Integer) # Qy encoder.leave() # Cryptosystem parameters encoder.enter(asn1.Numbers.Sequence) encoder.write(prime, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) encoder.write(curve.a, asn1.Numbers.Integer) # A parameter encoder.write(curve.b, asn1.Numbers.Integer) # B parameter encoder.leave() # P(x,y) encoder.enter(asn1.Numbers.Sequence) encoder.write(P.x, asn1.Numbers.Integer) # Px encoder.write(P.y, asn1.Numbers.Integer) # Py encoder.leave() # Group order (r) encoder.enter(asn1.Numbers.Sequence) encoder.write(group_order, asn1.Numbers.Integer) encoder.leave() encoder.leave() # Sugnature encoder.enter(asn1.Numbers.Sequence) encoder.write(signature_r, asn1.Numbers.Integer) # First part of signature (r) encoder.write(signature_s, asn1.Numbers.Integer) # Second part of signature (s) encoder.leave() encoder.leave() # Files parameters encoder.enter(asn1.Numbers.Sequence) encoder.leave() encoder.leave() encoded_bytes = encoder.output() return encoded_bytes
def test_twos_complement_boundaries(self): enc = asn1.Encoder() enc.start() enc.write(127) res = enc.output() assert res == '\x02\x01\x7f' enc.start() enc.write(128) res = enc.output() assert res == '\x02\x02\x00\x80' enc.start() enc.write(-128) res = enc.output() assert res == '\x02\x01\x80' enc.start() enc.write(-129) res = enc.output() assert res == '\x02\x02\xff\x7f'
def ELGencodeSign( prime, # p r, # r generator, # a w, s, b): encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) encoder.enter(asn1.Numbers.Set) encoder.enter(asn1.Numbers.Sequence) encoder.write(b'\x80\x06', asn1.Numbers.OctetString) # encoder.write(b'\x02\x00', asn1.Numbers.OctetString) encoder.write(b'ELG Sign', asn1.Numbers.UTF8String) encoder.enter(asn1.Numbers.Sequence) encoder.write(b, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) encoder.write(prime, asn1.Numbers.Integer) encoder.write(r, asn1.Numbers.Integer) encoder.write(generator, asn1.Numbers.Integer) encoder.leave() encoder.enter(asn1.Numbers.Sequence) encoder.write(w, asn1.Numbers.Integer) encoder.write(s, asn1.Numbers.Integer) encoder.leave() encoder.leave() encoder.leave() encoder.enter(asn1.Numbers.Sequence) encoder.leave() encoder.leave() return encoder.output()
def __bytes__(self): if self.data is None: return py23_bytes() b = b"" encoder = asn1.Encoder() encoder.start() for name, value in list(self.data.items()): if name == "operations": for operation in value: if isinstance(value, string_types): b = py23_bytes(operation, 'utf-8') else: b = py23_bytes(operation) encoder.write(b, asn1.Numbers.OctetString) elif name != "signatures": if isinstance(value, string_types): b = py23_bytes(value, 'utf-8') else: b = py23_bytes(value) encoder.write(b, asn1.Numbers.OctetString) return encoder.output()
def Enc_DER(self, M, interval, lam=None): """Enc is the encryption function which takes a single element and encrypts it using the encryption key for specific interval. Enc_DER produces output in ASN.1 DER binary format """ ctraw = self._enc(M, interval, lam) encoder = asn1.Encoder() encoder.start() encoder.enter(asn1.Numbers.Sequence) encoder.enter(asn1.Numbers.Sequence) for c in ctraw[:-1]: byteval = unhexlify(str(c)) encoder.write(byteval, asn1.Numbers.OctetString) encoder.leave() encoder.enter(asn1.Numbers.Sequence) Md = ctraw[-1] for n in range(0, 2): byteval = self._byterep_q(Md[n]) encoder.write(byteval, asn1.Numbers.OctetString) encoder.leave() encoder.leave() return encoder.output()
def privateKeyToDER(self, interval): encoder = asn1.Encoder() encoder.start() # enter privkey encoder.enter(asn1.Numbers.Sequence) # encode pubkey to stream self._publicKeyDEREncode(encoder) # enter secrets encoder.enter(asn1.Numbers.Sequence) keyset = self._exportKeyset(interval) if keyset is None: return None for k in keyset: # enter key encoder.enter(asn1.Numbers.Sequence) address, ckey = k[0], k[1] # enter address encoder.enter(asn1.Numbers.Sequence) # write depth, ordinal encoder.write(address[0], asn1.Numbers.Integer) encoder.write(address[1], asn1.Numbers.Integer) # leave address encoder.leave() # enter Rw list encoder.enter(asn1.Numbers.Sequence) for r in ckey[0]: # write Rw encoder.write(unhexlify(str(r)), asn1.Numbers.OctetString) # leave Rw list encoder.leave() # write S encoder.write(unhexlify(str(ckey[1])), asn1.Numbers.OctetString) # leave key encoder.leave() # leave secrets encoder.leave() # leave privkey encoder.leave() return encoder.output()
def encode_file_signature(Q, p, curve, P, q, r, s): struct = asn1.Encoder() struct.start() struct.enter(asn1.Numbers.Sequence) struct.enter(asn1.Numbers.Set) struct.enter(asn1.Numbers.Sequence) struct.write(b'\x00\x06\x07\x00', asn1.Numbers.OctetString) struct.write(b'gostSignKey', asn1.Numbers.UTF8String) struct.enter(asn1.Numbers.Sequence) struct.write(Q.x, asn1.Numbers.Integer) struct.write(Q.y, asn1.Numbers.Integer) struct.leave() struct.enter(asn1.Numbers.Sequence) struct.write(p, asn1.Numbers.Integer) struct.leave() struct.enter(asn1.Numbers.Sequence) struct.write(curve.a, asn1.Numbers.Integer) struct.write(curve.b, asn1.Numbers.Integer) struct.leave() struct.enter(asn1.Numbers.Sequence) struct.write(P.x, asn1.Numbers.Integer) struct.write(P.y, asn1.Numbers.Integer) struct.leave() struct.write(q, asn1.Numbers.Integer) struct.leave() struct.enter(asn1.Numbers.Sequence) struct.write(r, asn1.Numbers.Integer) struct.write(s, asn1.Numbers.Integer) struct.leave() struct.leave() struct.enter(asn1.Numbers.Sequence) struct.leave() struct.leave() return struct.output()
def _generate_dn_hash(dn: str): """ Given a DN one-liner as commonly encoded in the grid world (e.g., output of `openssl x509 -in $FILE -noout -subject`), run the OpenSSL subject hash generation algorithm. This is done by calculating the SHA-1 sum of the canonical form of the X509 certificate's subject. Formatting is a bit like this: SEQUENCE: SET: SEQUENCE: OID UTF8String All the UTF-8 values should be converted to lower-case and multiple spaces should be replaced with a single space. That is, "Foo Bar" should be substituted with "foo bar" for the canonical form. """ encoder = asn1.Encoder() encoder.start() info = __dn_split_re.split(dn)[1:] for attr, val in zip(info[0::2], info[1::2]): oid = __oid_map.get(attr) if not oid: raise ValueError("OID for attribute {} is not known.".format(attr)) encoder.enter(0x11) encoder.enter(0x10) encoder.write(oid, 0x06) encoder.write(val.lower().encode("utf-8"), 0x0c) encoder.leave() encoder.leave() output = encoder.output() hash_obj = hashlib.sha1() hash_obj.update(output) digest = hash_obj.digest() int_summary = digest[0] | digest[1] << 8 | digest[2] << 16 | digest[3] << 24 return "%08lx.0" % int_summary