SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156
							#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
import sys
import unittest

from pyasn1.codec.der.decoder import decode as der_decoder
from pyasn1.codec.der.encoder import encode as der_encoder

from pyasn1_modules import pem
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc4491
from pyasn1_modules import rfc4357


class GostR341094CertificateTestCase(unittest.TestCase):
    gostR3410_94_cert_pem_text = """\
MIICCzCCAboCECMO42BGlSTOxwvklBgufuswCAYGKoUDAgIEMGkxHTAbBgNVBAMM
FEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8xCzAJBgNV
BAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAtOTRAZXhhbXBsZS5jb20w
HhcNMDUwODE2MTIzMjUwWhcNMTUwODE2MTIzMjUwWjBpMR0wGwYDVQQDDBRHb3N0
UjM0MTAtOTQgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYDVQQGEwJS
VTEnMCUGCSqGSIb3DQEJARYYR29zdFIzNDEwLTk0QGV4YW1wbGUuY29tMIGlMBwG
BiqFAwICFDASBgcqhQMCAiACBgcqhQMCAh4BA4GEAASBgLuEZuF5nls02CyAfxOo
GWZxV/6MVCUhR28wCyd3RpjG+0dVvrey85NsObVCNyaE4g0QiiQOHwxCTSs7ESuo
v2Y5MlyUi8Go/htjEvYJJYfMdRv05YmKCYJo01x3pg+2kBATjeM+fJyR1qwNCCw+
eMG1wra3Gqgqi0WBkzIydvp7MAgGBiqFAwICBANBABHHCH4S3ALxAiMpR3aPRyqB
g1DjB8zy5DEjiULIc+HeIveF81W9lOxGkZxnrFjXBSqnjLeFKgF1hffXOAP7zUM=
"""

    def setUp(self):
        self.asn1Spec = rfc5280.Certificate()

    def testDerCodec(self):
        substrate = pem.readBase64fromText(self.gostR3410_94_cert_pem_text)
        asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
        self.assertFalse(rest)
        self.assertTrue(asn1Object.prettyPrint())
        self.assertEqual(substrate, der_encoder(asn1Object))
        
        sa1 = asn1Object['signatureAlgorithm']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_94, sa1)

        sa2 = asn1Object['tbsCertificate']['signature']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_94, sa2)

        spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm']
        self.assertEqual(rfc4491.id_GostR3410_94, spki_a['algorithm'])

        pk_p, rest = der_decoder(
            spki_a['parameters'],
            asn1Spec=rfc4491.GostR3410_94_PublicKeyParameters())

        self.assertFalse(rest)
        self.assertTrue(pk_p.prettyPrint())
        self.assertEqual(spki_a['parameters'], der_encoder(pk_p))
        self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, pk_p['digestParamSet'])

    def testOpenTypes(self):
        openTypesMap = {
            rfc4491.id_GostR3410_94: rfc4491.GostR3410_94_PublicKeyParameters(),
        }

        substrate = pem.readBase64fromText(self.gostR3410_94_cert_pem_text)
        asn1Object, rest = der_decoder(
            substrate, asn1Spec=self.asn1Spec,
            openTypes=openTypesMap, decodeOpenTypes=True)

        self.assertFalse(rest)
        self.assertTrue(asn1Object.prettyPrint())
        self.assertEqual(substrate, der_encoder(asn1Object))

        sa1 = asn1Object['signatureAlgorithm']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_94, sa1)

        sa2 = asn1Object['tbsCertificate']['signature']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_94, sa2)

        spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm']
        self.assertEqual(rfc4491.id_GostR3410_94, spki_a['algorithm'])
        self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, spki_a['parameters']['digestParamSet'])

class GostR34102001CertificateTestCase(unittest.TestCase):
    gostR3410_2001_cert_pem_text = """\
MIIB0DCCAX8CECv1xh7CEb0Xx9zUYma0LiEwCAYGKoUDAgIDMG0xHzAdBgNVBAMM
Fkdvc3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkG
A1UEBhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUu
Y29tMB4XDTA1MDgxNjE0MTgyMFoXDTE1MDgxNjE0MTgyMFowbTEfMB0GA1UEAwwW
R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYD
VQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIwMDFAZXhhbXBsZS5j
b20wYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAhJVodWACGkB1
CM0TjDGJLP3lBQN6Q1z0bSsP508yfleP68wWuZWIA9CafIWuD+SN6qa7flbHy7Df
D2a8yuoaYDAIBgYqhQMCAgMDQQA8L8kJRLcnqeyn1en7U23Sw6pkfEQu3u0xFkVP
vFQ/3cHeF26NG+xxtZPz3TaTVXdoiYkXYiD02rEx1bUcM97i
"""

    def setUp(self):
        self.asn1Spec = rfc5280.Certificate()

    def testDerCodec(self):
        substrate = pem.readBase64fromText(self.gostR3410_2001_cert_pem_text)
        asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec)
        self.assertFalse(rest)
        self.assertTrue(asn1Object.prettyPrint())
        self.assertEqual(substrate, der_encoder(asn1Object))

        sa1 = asn1Object['signatureAlgorithm']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_2001, sa1)

        sa2 = asn1Object['tbsCertificate']['signature']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_2001, sa2)

        spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm']
        self.assertEqual(rfc4491.id_GostR3410_2001, spki_a['algorithm'])

        pk_p, rest = der_decoder(
            spki_a['parameters'], asn1Spec=rfc4491.GostR3410_2001_PublicKeyParameters())

        self.assertFalse(rest)
        self.assertTrue(pk_p.prettyPrint())
        self.assertEqual(spki_a['parameters'], der_encoder(pk_p))
        self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, pk_p['digestParamSet'])

    def testOpenTypes(self):
        openTypeMap = {
            rfc4491.id_GostR3410_2001: rfc4491.GostR3410_2001_PublicKeyParameters(),
        }

        substrate = pem.readBase64fromText(self.gostR3410_2001_cert_pem_text)
        asn1Object, rest = der_decoder(
            substrate, asn1Spec=self.asn1Spec,
            openTypes=openTypeMap, decodeOpenTypes=True)

        self.assertFalse(rest)
        self.assertTrue(asn1Object.prettyPrint())
        self.assertEqual(substrate, der_encoder(asn1Object))

        sa1 = asn1Object['signatureAlgorithm']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_2001, sa1)

        sa2 = asn1Object['tbsCertificate']['signature']['algorithm']
        self.assertEqual(rfc4491.id_GostR3411_94_with_GostR3410_2001, sa2)

        spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm']
        self.assertEqual(rfc4491.id_GostR3410_2001, spki_a['algorithm'])
        self.assertEqual(rfc4357.id_GostR3411_94_CryptoProParamSet, spki_a['parameters']['digestParamSet'])


suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])

if __name__ == '__main__':
    result = unittest.TextTestRunner(verbosity=2).run(suite)
    sys.exit(not result.wasSuccessful())