123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274 |
- #
- # This file is part of pyasn1-modules software.
- #
- # Copyright (c) 2019, Vigil Security, LLC
- # License: http://snmplabs.com/pyasn1/license.html
- #
- import sys
- import unittest
- from pyasn1.type import univ
- from pyasn1.codec.der.decoder import decode as der_decoder
- from pyasn1.codec.der.encoder import encode as der_encoder
- from pyasn1_modules import pem
- from pyasn1_modules import rfc5652
- from pyasn1_modules import rfc5280
- from pyasn1_modules import rfc4357
- from pyasn1_modules import rfc4490
- class SignedTestCase(unittest.TestCase):
- signed_pem_text = """\
- MIIBKAYJKoZIhvcNAQcCoIIBGTCCARUCAQExDDAKBgYqhQMCAgkFADAbBgkqhkiG
- 9w0BBwGgDgQMc2FtcGxlIHRleHQKMYHkMIHhAgEBMIGBMG0xHzAdBgNVBAMMFkdv
- c3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkGA1UE
- BhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUuY29t
- AhAr9cYewhG9F8fc1GJmtC4hMAoGBiqFAwICCQUAMAoGBiqFAwICEwUABEDAw0LZ
- P4/+JRERiHe/icPbg0IE1iD5aCqZ9v4wO+T0yPjVtNr74caRZzQfvKZ6DRJ7/RAl
- xlHbjbL0jHF+7XKp
- """
- def setUp(self):
- self.asn1Spec = rfc5652.ContentInfo()
- def testDerCodec(self):
- substrate = pem.readBase64fromText(self.signed_pem_text)
- asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
- self.assertFalse(rest)
- self.assertTrue(asn1Object.prettyPrint())
- self.assertEqual(substrate, der_encoder(asn1Object))
- self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
-
- sd, rest = der_decoder(
- asn1Object['content'], asn1Spec=rfc5652.SignedData())
- self.assertFalse(rest)
- self.assertTrue(sd.prettyPrint())
- self.assertEqual(asn1Object['content'], der_encoder(sd))
- encoded_null = der_encoder(univ.Null(""))
- si = sd['signerInfos'][0]
- self.assertEqual(rfc4357.id_GostR3411_94, si['digestAlgorithm']['algorithm'])
- self.assertEqual(encoded_null, si['digestAlgorithm']['parameters'])
- self.assertEqual(rfc4357.id_GostR3410_2001, si['signatureAlgorithm']['algorithm'])
- self.assertEqual(encoded_null, si['signatureAlgorithm']['parameters'])
- sig = rfc4490.GostR3410_2001_Signature()
- sig = si['signature']
- self.assertEqual(64, len(sig))
- def testOpenTypes(self):
- substrate = pem.readBase64fromText(self.signed_pem_text)
- asn1Object, rest = der_decoder(
- substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
- self.assertFalse(rest)
- self.assertTrue(asn1Object.prettyPrint())
- self.assertEqual(substrate, der_encoder(asn1Object))
- self.assertEqual(rfc5652.id_signedData, asn1Object['contentType'])
- si = asn1Object['content']['signerInfos'][0]
- self.assertEqual(rfc4357.id_GostR3411_94, si['digestAlgorithm']['algorithm'])
- self.assertEqual(univ.Null(""), si['digestAlgorithm']['parameters'])
- self.assertEqual(rfc4357.id_GostR3410_2001, si['signatureAlgorithm']['algorithm'])
- self.assertEqual(univ.Null(""), si['signatureAlgorithm']['parameters'])
- sig = rfc4490.GostR3410_2001_Signature()
- sig = si['signature']
- self.assertEqual(64, len(sig))
- class KeyAgreeTestCase(unittest.TestCase):
- keyagree_pem_text = """\
- MIIBpAYJKoZIhvcNAQcDoIIBlTCCAZECAQIxggFQoYIBTAIBA6BloWMwHAYGKoUD
- AgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQLNVOfRngZcrpcTZhB8n+4HtCDLm
- mtTyAHi4/4Nk6tIdsHg8ff4DwfQG5DvMFrnF9vYZNxwXuKCqx9GhlLOlNiChCgQI
- L/D20YZLMoowHgYGKoUDAgJgMBQGByqFAwICDQAwCQYHKoUDAgIfATCBszCBsDCB
- gTBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQKDAlD
- cnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0UjM0MTAt
- MjAwMUBleGFtcGxlLmNvbQIQK/XGHsIRvRfH3NRiZrQuIQQqMCgEIBajHOfOTukN
- 8ex0aQRoHsefOu24Ox8dSn75pdnLGdXoBAST/YZ+MDgGCSqGSIb3DQEHATAdBgYq
- hQMCAhUwEwQItzXhegc1oh0GByqFAwICHwGADDmxivS/qeJlJbZVyQ==
- """
- def setUp(self):
- self.asn1Spec = rfc5652.ContentInfo()
- def testDerCodec(self):
- substrate = pem.readBase64fromText(self.keyagree_pem_text)
- asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
- self.assertFalse(rest)
- self.assertTrue(asn1Object.prettyPrint())
- self.assertEqual(substrate, der_encoder(asn1Object))
- self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType'])
- ed, rest = der_decoder(
- asn1Object['content'], asn1Spec=rfc5652.EnvelopedData())
- self.assertFalse(rest)
- self.assertTrue(ed.prettyPrint())
- self.assertEqual(asn1Object['content'], der_encoder(ed))
- ri = ed['recipientInfos'][0]
- alg1 = ri['kari']['originator']['originatorKey']['algorithm']
- self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
- param1, rest = der_decoder(
- alg1['parameters'],
- asn1Spec=rfc4357.GostR3410_2001_PublicKeyParameters())
- self.assertFalse(rest)
- self.assertTrue(param1.prettyPrint())
- self.assertEqual(alg1['parameters'], der_encoder(param1))
- self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet'])
- self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet'])
- self.assertEqual(8, len(ri['kari']['ukm']))
-
- alg2 = ri['kari']['keyEncryptionAlgorithm']
- self.assertEqual(rfc4490.id_GostR3410_2001_CryptoPro_ESDH, alg2['algorithm'])
- param2, rest = der_decoder(
- alg2['parameters'], asn1Spec=rfc4357.AlgorithmIdentifier())
- self.assertFalse(rest)
- self.assertTrue(param2.prettyPrint())
- self.assertEqual(alg2['parameters'], der_encoder(param2))
- self.assertEqual(rfc4490.id_Gost28147_89_None_KeyWrap, param2['algorithm'])
- kwa_p, rest = der_decoder(
- param2['parameters'], asn1Spec=rfc4490.Gost28147_89_KeyWrapParameters())
- self.assertFalse(rest)
- self.assertTrue(kwa_p.prettyPrint())
- self.assertEqual(param2['parameters'], der_encoder(kwa_p))
- self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, kwa_p['encryptionParamSet'])
- alg3 = ed['encryptedContentInfo']['contentEncryptionAlgorithm']
- self.assertEqual(rfc4357.id_Gost28147_89, alg3['algorithm'])
- param3, rest = der_decoder(alg3['parameters'], asn1Spec=rfc4357.Gost28147_89_Parameters())
- self.assertFalse(rest)
- self.assertTrue(param3.prettyPrint())
- self.assertEqual(alg3['parameters'], der_encoder(param3))
- self.assertEqual(8, len(param3['iv']))
- self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param3['encryptionParamSet'])
- def testOpenTypes(self):
- openTypeMap = {
- rfc4357.id_GostR3410_2001: rfc4357.GostR3410_2001_PublicKeyParameters(),
- rfc4357.id_Gost28147_89: rfc4357.Gost28147_89_Parameters(),
- rfc4490.id_GostR3410_2001_CryptoPro_ESDH: rfc5280.AlgorithmIdentifier(),
- }
- substrate = pem.readBase64fromText(self.keyagree_pem_text)
- asn1Object, rest = der_decoder(
- substrate, asn1Spec=self.asn1Spec,
- openTypes=openTypeMap, decodeOpenTypes=True)
- self.assertFalse(rest)
- self.assertTrue(asn1Object.prettyPrint())
- self.assertEqual(substrate, der_encoder(asn1Object))
- self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType'])
- ri = asn1Object['content']['recipientInfos'][0]
- alg1 = ri['kari']['originator']['originatorKey']['algorithm']
- self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
- param1 = alg1['parameters']
- self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet'])
- self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet'])
- self.assertEqual(8, len(ri['kari']['ukm']))
- alg2 = ri['kari']['keyEncryptionAlgorithm']
- self.assertEqual(rfc4490.id_GostR3410_2001_CryptoPro_ESDH, alg2['algorithm'])
- param2 = alg2['parameters']
- self.assertEqual(rfc4490.id_Gost28147_89_None_KeyWrap, param2['algorithm'])
- kwa_p = param2['parameters']
- self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, kwa_p['encryptionParamSet'])
-
- alg3 = asn1Object['content']['encryptedContentInfo']['contentEncryptionAlgorithm']
- self.assertEqual(rfc4357.id_Gost28147_89, alg3['algorithm'])
- param3 = alg3['parameters']
- self.assertEqual(8, len(param3['iv']))
- self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param3['encryptionParamSet'])
- class KeyTransportTestCase(unittest.TestCase):
- keytrans_pem_text = """\
- MIIBpwYJKoZIhvcNAQcDoIIBmDCCAZQCAQAxggFTMIIBTwIBADCBgTBtMR8wHQYD
- VQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8x
- CzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0UjM0MTAtMjAwMUBleGFt
- cGxlLmNvbQIQK/XGHsIRvRfH3NRiZrQuITAcBgYqhQMCAhMwEgYHKoUDAgIkAAYH
- KoUDAgIeAQSBpzCBpDAoBCBqL6ghBpVon5/kR6qey2EVK35BYLxdjfv1PSgbGJr5
- dQQENm2Yt6B4BgcqhQMCAh8BoGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwIC
- HgEDQwAEQE0rLzOQ5tyj3VUqzd/g7/sx93N+Tv+/eImKK8PNMZQESw5gSJYf28dd
- Em/askCKd7W96vLsNMsjn5uL3Z4SwPYECJeV4ywrrSsMMDgGCSqGSIb3DQEHATAd
- BgYqhQMCAhUwEwQIvBCLHwv/NCkGByqFAwICHwGADKqOch3uT7Mu4w+hNw==
- """
- def setUp(self):
- self.asn1Spec = rfc5652.ContentInfo()
- def testDerCodec(self):
- substrate = pem.readBase64fromText(self.keytrans_pem_text)
- asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
- self.assertFalse(rest)
- self.assertTrue(asn1Object.prettyPrint())
- self.assertEqual(substrate, der_encoder(asn1Object))
- self.assertEqual(rfc5652.id_envelopedData, asn1Object['contentType'])
- ed, rest = der_decoder(
- asn1Object['content'], asn1Spec=rfc5652.EnvelopedData())
- self.assertFalse(rest)
- self.assertTrue(ed.prettyPrint())
- self.assertEqual(asn1Object['content'], der_encoder(ed))
- ri = ed['recipientInfos'][0]
- alg1 = ri['ktri']['keyEncryptionAlgorithm']
- self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
- param1, rest = der_decoder(
- alg1['parameters'], asn1Spec=rfc4357.GostR3410_2001_PublicKeyParameters())
- self.assertFalse(rest)
- self.assertTrue(param1.prettyPrint())
- self.assertEqual(alg1['parameters'], der_encoder(param1))
- self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet'])
- self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet'])
- alg2 = ed['encryptedContentInfo']['contentEncryptionAlgorithm']
- self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm'])
- param2, rest = der_decoder(
- alg2['parameters'], asn1Spec=rfc4357.Gost28147_89_Parameters())
- self.assertFalse(rest)
- self.assertTrue(param2.prettyPrint())
- self.assertEqual(alg2['parameters'], der_encoder(param2))
- self.assertEqual(8, len(param2['iv']))
- self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param2['encryptionParamSet'])
- def testOpenTypes(self):
- openTypeMap = {
- rfc4357.id_GostR3410_2001: rfc4357.GostR3410_2001_PublicKeyParameters(),
- rfc4357.id_Gost28147_89: rfc4357.Gost28147_89_Parameters(),
- }
- substrate = pem.readBase64fromText(self.keytrans_pem_text)
- asn1Object, rest = der_decoder(
- substrate, asn1Spec=self.asn1Spec,
- openTypes=openTypeMap, decodeOpenTypes=True)
- self.assertFalse(rest)
- self.assertTrue(asn1Object.prettyPrint())
- self.assertEqual(substrate, der_encoder(asn1Object))
- ri = asn1Object['content']['recipientInfos'][0]
- alg1 = ri['ktri']['keyEncryptionAlgorithm']
- self.assertEqual(rfc4357.id_GostR3410_2001, alg1['algorithm'])
- param1 = alg1['parameters']
- self.assertEqual(rfc4357.id_GostR3410_2001_CryptoPro_XchA_ParamSet, param1['publicKeyParamSet'])
- self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, param1['digestParamSet'])
- alg2 = asn1Object['content']['encryptedContentInfo']['contentEncryptionAlgorithm']
- self.assertEqual(rfc4357.id_Gost28147_89, alg2['algorithm'])
- param2 = alg2['parameters']
- self.assertEqual(8, len(param2['iv']))
- self.assertEqual(rfc4357.id_Gost28147_89_CryptoPro_A_ParamSet, param2['encryptionParamSet'])
- suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
- if __name__ == '__main__':
- result = unittest.TextTestRunner(verbosity=2).run(suite)
- sys.exit(not result.wasSuccessful())
|