class CGA_Params(Packet):
name = "CGA Parameters data structure"
fields_desc = [StrFixedLenField("modifier", RandBin(size=16), length=16),
StrFixedLenField("subprefix", "", length=8),
ByteField("cc", 0),
PacketField("pubkey", X509_SubjectPublicKeyInfo(),
X509_SubjectPublicKeyInfo)]
class SAPPSE_Root_Key(ASN1_Packet):
"""SAP PSEv2 Root Key definition"""
ASN1_codec = ASN1_Codecs.BER
ASN1_root = ASN1F_SEQUENCE(
ASN1F_enum_INTEGER("version", 0x0, ["v0"], explicit_tag=0xa0),
ASN1F_INTEGER("serial_number", 0),
ASN1F_PACKET("public_key", X509_SubjectPublicKeyInfo(), X509_SubjectPublicKeyInfo),
ASN1F_PACKET("validity", X509_Validity(), X509_Validity, explicit_tag=0xa1),
ASN1F_PACKET("sign_alg_id", X509_AlgorithmIdentifier(), X509_AlgorithmIdentifier, explicit_tag=0xa2),
ASN1F_BIT_STRING("sign_bit_string", ""),
)
class SAPPSE_Obj_PKList(ASN1_Packet):
"""SAP PSEv2 PKList, EKList, PCAList Object definition"""
ASN1_codec = ASN1_Codecs.BER
ASN1_root = ASN1F_SEQUENCE(
ASN1F_enum_INTEGER("version", 0x0, ["v0"], explicit_tag=0xa0),
ASN1F_INTEGER("serial_number", 0),
ASN1F_PACKET("signature", X509_AlgorithmIdentifier(), X509_AlgorithmIdentifier),
ASN1F_PACKET("issuer", X509_DirectoryName(), X509_DirectoryName),
ASN1F_PACKET("validity", X509_Validity(), X509_Validity),
ASN1F_PACKET("partner", X509_DirectoryName(), X509_DirectoryName),
ASN1F_PACKET("verification_key", X509_SubjectPublicKeyInfo(), X509_SubjectPublicKeyInfo),
)
def __call__(cls, key_path=None):
if key_path is None:
obj = type.__call__(cls)
if cls is PubKey:
cls = PubKeyRSA
obj.__class__ = cls
obj.frmt = "original"
obj.fill_and_store()
return obj
# This deals with the rare RSA 'kx export' call.
if isinstance(key_path, tuple):
obj = type.__call__(cls)
obj.__class__ = PubKeyRSA
obj.frmt = "tuple"
obj.import_from_tuple(key_path)
return obj
# Now for the usual calls, key_path may be the path to either:
# _an X509_SubjectPublicKeyInfo, as processed by openssl;
# _an RSAPublicKey;
# _an ECDSAPublicKey.
obj = _PKIObjMaker.__call__(cls, key_path, _MAX_KEY_SIZE)
try:
spki = X509_SubjectPublicKeyInfo(obj.der)
pubkey = spki.subjectPublicKey
if isinstance(pubkey, RSAPublicKey):
obj.__class__ = PubKeyRSA
obj.import_from_asn1pkt(pubkey)
elif isinstance(pubkey, ECDSAPublicKey):
obj.__class__ = PubKeyECDSA
try:
obj.import_from_der(obj.der)
except ImportError:
pass
else:
raise
marker = b"PUBLIC KEY"
except:
try:
pubkey = RSAPublicKey(obj.der)
obj.__class__ = PubKeyRSA
obj.import_from_asn1pkt(pubkey)
marker = b"RSA PUBLIC KEY"
except:
# We cannot import an ECDSA public key without curve knowledge
raise Exception("Unable to import public key")
if obj.frmt == "DER":
obj.pem = der2pem(obj.der, marker)
return obj
def __call__(cls, key_path):
# First, we deal with the exceptional RSA KEA call.
if type(key_path) is tuple:
e, m, mLen = key_path
obj = type.__call__(cls)
obj.frmt = "tuple"
obj.modulus = m
obj.modulusLen = mLen
obj.pubExp = e
return obj
# Now for the usual calls, key_path may be the path to either:
# _an X509_SubjectPublicKeyInfo, as processed by openssl;
# _an RSAPublicKey;
# _an ECDSAPublicKey.
obj = _PKIObjMaker.__call__(cls, key_path, MAX_KEY_SIZE)
try:
spki = X509_SubjectPublicKeyInfo(obj.der)
pubkey = spki.subjectPublicKey
if isinstance(pubkey, RSAPublicKey):
obj.__class__ = PubKeyRSA
obj.updateWith(pubkey)
elif isinstance(pubkey, ECDSAPublicKey):
obj.__class__ = PubKeyECDSA
obj.updateWith(spki)
else:
raise Exception("Unsupported publicKey type")
marker = "PUBLIC KEY"
except:
try:
pubkey = RSAPublicKey(obj.der)
obj.__class__ = PubKeyRSA
obj.updateWith(pubkey)
marker = "RSA PUBLIC KEY"
except:
# We cannot import an ECDSA public key without curve knowledge
raise Exception("Unable to import public key")
if obj.frmt == "DER":
obj.pem = der2pem(obj.der, marker)
return obj
