def testOtherRecipientInfoMap(self):
substrate = pem.readBase64fromText(self.key_trans_psk_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(
rfc5083.id_ct_authEnvelopedData, asn1Object['contentType'])
aed, rest = der_decoder(
asn1Object['content'],
asn1Spec=rfc5083.AuthEnvelopedData())
self.assertFalse(rest)
self.assertTrue(aed.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(aed))
self.assertEqual(0, aed['version'])
ri = aed['recipientInfos'][0]
self.assertIn(ri['ori']['oriType'], rfc5652.otherRecipientInfoMap)
ori, rest = der_decoder(
ri['ori']['oriValue'],
asn1Spec=rfc5652.otherRecipientInfoMap[ri['ori']['oriType']])
self.assertFalse(rest)
self.assertTrue(ori.prettyPrint())
self.assertEqual(ri['ori']['oriValue'], der_encoder(ori))
def testDerCodec(self):
substrate = pem.readBase64fromText(self.key_trans_psk_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(
rfc5083.id_ct_authEnvelopedData, asn1Object['contentType'])
aed, rest = der_decoder(
asn1Object['content'],
asn1Spec=rfc5083.AuthEnvelopedData())
self.assertFalse(rest)
self.assertTrue(aed.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(aed))
self.assertEqual(0, aed['version'])
ri = aed['recipientInfos'][0]
self.assertEqual(rfc8696.id_ori_keyTransPSK, ri['ori']['oriType'])
ktpsk, rest = der_decoder(
ri['ori']['oriValue'],
asn1Spec=rfc8696.KeyTransPSKRecipientInfo())
self.assertFalse(rest)
self.assertTrue(ktpsk.prettyPrint())
self.assertEqual(ri['ori']['oriValue'], der_encoder(ktpsk))
self.assertEqual(0, ktpsk['version'])
ktri = ktpsk['ktris'][0]
self.assertEqual(2, ktri['version'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.rfc8591_pem_pext)
asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec)
assert not rest
assert asn1Object.prettyPrint()
assert der_encode(asn1Object) == substrate
assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData
aed, rest = der_decode(asn1Object['content'],
asn1Spec=rfc5083.AuthEnvelopedData(),
decodeOpenTypes=True)
assert not rest
assert aed.prettyPrint()
assert der_encode(aed) == asn1Object['content']
assert aed['version'] == 0
cea = aed['authEncryptedContentInfo']['contentEncryptionAlgorithm']
assert cea['algorithm'] == rfc5084.id_aes128_GCM
assert cea['parameters']['aes-ICVlen'] == 16
def testDerCodec(self):
substrate = pem.readBase64fromText(self.rfc8591_pem_pext)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(
rfc5083.id_ct_authEnvelopedData, asn1Object['contentType'])
aed, rest = der_decoder(
asn1Object['content'], asn1Spec=rfc5083.AuthEnvelopedData(),
decodeOpenTypes=True)
self.assertFalse(rest)
self.assertTrue(aed.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(aed))
self.assertEqual(0, aed['version'])
cea = aed['authEncryptedContentInfo']['contentEncryptionAlgorithm']
self.assertEqual(rfc5084.id_aes128_GCM, cea['algorithm'])
self.assertEqual(16, cea['parameters']['aes-ICVlen'])
def testDerCodec(self):
substrate = pem.readBase64fromText(self.key_agree_psk_pem_text)
asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
self.assertFalse(rest)
self.assertTrue(asn1Object.prettyPrint())
self.assertEqual(substrate, der_encoder(asn1Object))
self.assertEqual(
rfc5083.id_ct_authEnvelopedData, asn1Object['contentType'])
aed, rest = der_decoder(
asn1Object['content'],
asn1Spec=rfc5083.AuthEnvelopedData())
self.assertFalse(rest)
self.assertTrue(aed.prettyPrint())
self.assertEqual(asn1Object['content'], der_encoder(aed))
self.assertEqual(0, aed['version'])
ri = aed['recipientInfos'][0]
self.assertEqual(rfc8696.id_ori_keyAgreePSK, ri['ori']['oriType'])
kapsk, rest = der_decoder(
ri['ori']['oriValue'],
asn1Spec=rfc8696.KeyAgreePSKRecipientInfo())
self.assertFalse(rest)
self.assertTrue(kapsk.prettyPrint())
self.assertEqual(ri['ori']['oriValue'], der_encoder(kapsk))
self.assertEqual(0, kapsk['version'])
rek = kapsk['recipientEncryptedKeys'][0]
ski = rek['rid']['rKeyId']['subjectKeyIdentifier']
expected_ski = univ.OctetString(
hexValue='e8218b98b8b7d86b5e9ebdc8aeb8c4ecdc05c529')
self.assertEqual(expected_ski, ski)
def setUp(self):
self.asn1Spec = rfc5083.AuthEnvelopedData()
id_ct_KP_encryptedKeyPkg = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.2')
class EncryptedKeyPackage(univ.Choice):
pass
EncryptedKeyPackage.componentType = namedtype.NamedTypes(
namedtype.NamedType('encrypted', rfc5652.EncryptedData()),
namedtype.NamedType(
'enveloped',
rfc5652.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType(
'authEnveloped',
rfc5083.AuthEnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))))
# Map of Attribute Type OIDs to Attributes are
# added to the ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# Map of Content Type OIDs to Content Types are
# added to the ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_KP_encryptedKeyPkg: EncryptedKeyPackage(),