diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-04-08 16:01:41 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-04-08 16:01:41 +0000 |
| commit | 94b853ca5336effcbef41be2f549d456030e5731 (patch) | |
| tree | 74ccc78f47c0f5e49729ef26516e4d524ff02833 | |
| parent | 12d93f4d776bf2e38ba9a1d6ee48cfaa74defec8 (diff) | |
| parent | c340f08f61bbea0a35f7030eba6c67b93cbd43e2 (diff) | |
| download | pyasn1-modules-94b853ca5336effcbef41be2f549d456030e5731.tar.gz | |
Snap for 8426163 from c340f08f61bbea0a35f7030eba6c67b93cbd43e2 to mainline-tzdata2-releaseandroid-mainline-12.0.0_r112aml_tz2_305400500aml_tz2_305400300aml_tz2_305400100aml_tz2_304500300aml_tz2_303900110aml_tz2_303900102aml_tz2_303800002aml_tz2_303800001aml_tz2_303200001android12-mainline-tzdata2-releaseaml_tz2_305400100
Change-Id: Iab9a48e058aeee7f6a7ddb7822d1a4a650e4f5ee
160 files changed, 273 insertions, 14365 deletions
@@ -4,9 +4,6 @@ __pycache__ # vim swapfiles *.sw? -# virtual environment -.venv/ - # python packaging MANIFEST dist/ diff --git a/.travis.yml b/.travis.yml index 94d7ad5..07294be 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,9 +28,6 @@ matrix: dist: xenial python: '3.7' - os: linux - dist: bionic - python: '3.8' - - os: linux dist: trusty python: 'nightly' - os: linux diff --git a/Android.bp b/Android.bp deleted file mode 100644 index 0b72a11..0000000 --- a/Android.bp +++ /dev/null @@ -1,31 +0,0 @@ -// -// Copyright (C) 2021 The Android Open Source Project -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package { - default_applicable_licenses: ["external_python_pyasn1-modules_license"], -} - -// Added automatically by a large-scale-change -// See: http://go/android-license-faq -license { - name: "external_python_pyasn1-modules_license", - visibility: [":__subpackages__"], - license_kinds: [ - "SPDX-license-identifier-BSD", - ], - license_text: [ - "LICENSE.txt", - ], -} diff --git a/CHANGES.txt b/CHANGES.txt index bb82416..fd564f8 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,93 +1,4 @@ -Revision 0.2.8, released 16-11-2019 ------------------------------------ - -- Improve test routines for modules that use certificate extensions -- Improve test for RFC3709 with a real world certificate -- Added RFC7633 providing TLS Features Certificate Extension -- Added RFC7229 providing OIDs for Test Certificate Policies -- Added tests for RFC3280, RFC3281, RFC3852, and RFC4211 -- Added RFC6960 providing Online Certificate Status Protocol (OCSP) -- Added RFC6955 providing Diffie-Hellman Proof-of-Possession Algorithms -- Updated the handling of maps for use with openType for RFC 3279 -- Added RFC6486 providing RPKI Manifests -- Added RFC6487 providing Profile for X.509 PKIX Resource Certificates -- Added RFC6170 providing Certificate Image in the Internet X.509 Public - Key Infrastructure, and import the object identifier into RFC3709. -- Added RFC6187 providing Certificates for Secure Shell Authentication -- Added RFC6482 providing RPKI Route Origin Authorizations (ROAs) -- Added RFC6664 providing S/MIME Capabilities for Public Keys -- Added RFC6120 providing Extensible Messaging and Presence Protocol - names in certificates -- Added RFC4985 providing Subject Alternative Name for expression of - service names in certificates -- Added RFC5924 providing Extended Key Usage for Session Initiation - Protocol (SIP) in X.509 certificates -- Added RFC5916 providing Device Owner Attribute -- Added RFC7508 providing Securing Header Fields with S/MIME -- Update RFC8226 to use ComponentPresentConstraint() instead of the - previous work around -- Add RFC2631 providing OtherInfo for Diffie-Hellman Key Agreement -- Add RFC3114 providing test values for the S/MIME Security Label -- Add RFC5755 providing Attribute Certificate Profile for Authorization -- Add RFC5913 providing Clearance Attribute and Authority Clearance - Constraints Certificate Extension -- Add RFC5917 providing Clearance Sponsor Attribute -- Add RFC4043 providing Internet X.509 PKI Permanent Identifier -- Add RFC7585 providing Network Access Identifier (NAI) Realm Name - for Certificates -- Update RFC3770 to support openType for attributes and reported errata -- Add RFC4334 providing Certificate Extensions and Attributes for - Authentication in PPP and Wireless LAN Networks - -Revision 0.2.7, released 09-10-2019 ------------------------------------ - -- Added maps for use with openType to RFC 3565 -- Added RFC2985 providing PKCS#9 Attributes -- Added RFC3770 providing Certificate Extensions and Attributes for - Authentication in PPP and Wireless LAN Networks -- Added RFC5914 providing Trust Anchor Format -- Added RFC6010 providing CMS Content Constraints (CCC) Extension -- Added RFC6031 providing CMS Symmetric Key Package Content Type -- Added RFC6032 providing CMS Encrypted Key Package Content Type -- Added RFC7030 providing Enrollment over Secure Transport (EST) -- Added RFC7292 providing PKCS #12, which is the Personal Information - Exchange Syntax v1.1 -- Added RFC8018 providing PKCS #5, which is the Password-Based - Cryptography Specification, Version 2.1 -- Automatically update the maps for use with openType for RFC3709, - RFC6402, RFC7191, and RFC8226 when the module is imported -- Added RFC6211 providing CMS Algorithm Identifier Protection Attribute -- Added RFC8449 providing Certificate Extension for Hash Of Root Key -- Updated RFC2459 and RFC5280 for TODO in the certificate extension map -- Added RFC7906 providing NSA's CMS Key Management Attributes -- Added RFC7894 providing EST Alternative Challenge Password Attributes -- Updated the handling of maps for use with openType so that just doing - an import of the modules is enough in most situations; updates to - RFC 2634, RFC 3274, RFC 3779, RFC 4073, RFC 4108, RFC 5035, RFC 5083, - RFC 5084, RFC 5480, RFC 5940, RFC 5958, RFC 6019, and RFC 8520 -- Updated the handling of attribute maps for use with openType in - RFC 5958 to use the rfc5652.cmsAttributesMap -- Added RFC5990 providing RSA-KEM Key Transport Algorithm in the CMS -- Fixed malformed `rfc4210.RevRepContent` data structure layout -- Added RFC5934 providing Trust Anchor Management Protocol (TAMP) -- Added RFC6210 providing Experiment for Hash Functions with Parameters -- Added RFC5751 providing S/MIME Version 3.2 Message Specification -- Added RFC8494 providing Multicast Email (MULE) over ACP 142 -- Added RFC8398 providing Internationalized Email Addresses in - X.509 Certificates -- Added RFC8419 providing Edwards-Curve Digital Signature Algorithm - (EdDSA) Signatures in the CMS -- Added RFC8479 providing Storing Validation Parameters in PKCS#8 -- Added RFC8360 providing Resource Public Key Infrastructure (RPKI) - Validation Reconsidered -- Added RFC8358 providing Digital Signatures on Internet-Draft Documents -- Added RFC8209 providing BGPsec Router PKI Profile -- Added RFC8017 providing PKCS #1 Version 2.2 -- Added RFC7914 providing scrypt Password-Based Key Derivation Function -- Added RFC7773 providing Authentication Context Certificate Extension - Revision 0.2.6, released 31-07-2019 ----------------------------------- @@ -9,11 +9,10 @@ third_party { type: GIT value: "https://github.com/etingof/pyasn1-modules" } - version: "v0.2.8" - license_type: NOTICE + version: "v0.2.6" last_upgrade_date { - year: 2020 - month: 4 - day: 8 + year: 2019 + month: 8 + day: 1 } } diff --git a/TEST_MAPPING b/TEST_MAPPING new file mode 100644 index 0000000..61a80b2 --- /dev/null +++ b/TEST_MAPPING @@ -0,0 +1,8 @@ +{ + "presubmit" : [ + { + "name" : "acloud_test", + "host" : true + } + ] +} diff --git a/pyasn1_modules/Android.bp b/pyasn1_modules/Android.bp index 24b2cdf..500c140 100644 --- a/pyasn1_modules/Android.bp +++ b/pyasn1_modules/Android.bp @@ -11,15 +11,6 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -package { - // See: http://go/android-license-faq - // A large-scale-change added 'default_applicable_licenses' to import - // all of the 'license_kinds' from "external_python_pyasn1-modules_license" - // to get the below license kinds: - // SPDX-license-identifier-BSD - default_applicable_licenses: ["external_python_pyasn1-modules_license"], -} - python_library { name: "py-pyasn1-modules", host_supported: true, diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 917ac12..7bb503a 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.2.8' +__version__ = '0.2.6' diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 9f35787..2a2e696 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1,9 +1,6 @@ # # This file is part of pyasn1-modules software. # -# Updated by Russ Housley to resolve the TODO regarding the Certificate -# Policies Certificate Extension. -# # Copyright (c) 2005-2019, Ilya Etingof <etingof@gmail.com> # License: http://snmplabs.com/pyasn1/license.html # @@ -1315,7 +1312,8 @@ _certificateExtensionsMapUpdate = { id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), - id_ce_certificatePolicies: CertificatePolicies(), +# TODO +# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? id_ce_policyMappings: PolicyMappings(), id_ce_subjectAltName: SubjectAltName(), id_ce_issuerAltName: IssuerAltName(), diff --git a/pyasn1_modules/rfc2631.py b/pyasn1_modules/rfc2631.py deleted file mode 100644 index 44e5371..0000000 --- a/pyasn1_modules/rfc2631.py +++ /dev/null @@ -1,37 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Diffie-Hellman Key Agreement -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc2631.txt -# https://www.rfc-editor.org/errata/eid5897 -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import tag -from pyasn1.type import univ - - -class KeySpecificInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithm', univ.ObjectIdentifier()), - namedtype.NamedType('counter', univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(4, 4))) - ) - - -class OtherInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('keyInfo', KeySpecificInfo()), - namedtype.OptionalNamedType('partyAInfo', univ.OctetString().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('suppPubInfo', univ.OctetString().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) diff --git a/pyasn1_modules/rfc2634.py b/pyasn1_modules/rfc2634.py index 2099a4b..4b4e5bb 100644 --- a/pyasn1_modules/rfc2634.py +++ b/pyasn1_modules/rfc2634.py @@ -308,10 +308,9 @@ Receipt.componentType = namedtype.NamedTypes( ) -# Map of Attribute Type to the Attribute structure is added to the -# ones that are in rfc5652.py +# Map of Attribute Type to the Attribute structure -_cmsAttributesMapUpdate = { +ESSAttributeMap = { id_aa_signingCertificate: SigningCertificate(), id_aa_mlExpandHistory: MLExpansionHistory(), id_aa_securityLabel: ESSSecurityLabel(), @@ -323,14 +322,10 @@ _cmsAttributesMapUpdate = { id_aa_receiptRequest: ReceiptRequest(), } -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_receipt: Receipt(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc2985.py b/pyasn1_modules/rfc2985.py deleted file mode 100644 index 75bccf0..0000000 --- a/pyasn1_modules/rfc2985.py +++ /dev/null @@ -1,588 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# PKCS#9: Selected Attribute Types (Version 2.0) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc2985.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import opentype -from pyasn1.type import tag -from pyasn1.type import univ -from pyasn1.type import useful - -from pyasn1_modules import rfc7292 -from pyasn1_modules import rfc5958 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5280 - - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - - return univ.ObjectIdentifier(output) - - -MAX = float('inf') - - -# Imports from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - -Attribute = rfc5280.Attribute - -EmailAddress = rfc5280.EmailAddress - -Extensions = rfc5280.Extensions - -Time = rfc5280.Time - -X520countryName = rfc5280.X520countryName - -X520SerialNumber = rfc5280.X520SerialNumber - - -# Imports from RFC 5652 - -ContentInfo = rfc5652.ContentInfo - -ContentType = rfc5652.ContentType - -Countersignature = rfc5652.Countersignature - -MessageDigest = rfc5652.MessageDigest - -SignerInfo = rfc5652.SignerInfo - -SigningTime = rfc5652.SigningTime - - -# Imports from RFC 5958 - -EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo - - -# Imports from RFC 7292 - -PFX = rfc7292.PFX - - -# TODO: -# Need a place to import PKCS15Token; it does not yet appear in an RFC - - -# SingleAttribute is the same as Attribute in RFC 5280, except that the -# attrValues SET must have one and only one member - -class AttributeType(univ.ObjectIdentifier): - pass - - -class AttributeValue(univ.Any): - pass - - -class AttributeValues(univ.SetOf): - pass - -AttributeValues.componentType = AttributeValue() - - -class SingleAttributeValues(univ.SetOf): - pass - -SingleAttributeValues.componentType = AttributeValue() - - -class SingleAttribute(univ.Sequence): - pass - -SingleAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('values', - AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), - openType=opentype.OpenType('type', rfc5280.certificateAttributesMap) - ) -) - - -# CMSAttribute is the same as Attribute in RFC 5652, and CMSSingleAttribute -# is the companion where the attrValues SET must have one and only one member - -CMSAttribute = rfc5652.Attribute - - -class CMSSingleAttribute(univ.Sequence): - pass - -CMSSingleAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('attrType', AttributeType()), - namedtype.NamedType('attrValues', - AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), - openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) - ) -) - - -# DirectoryString is the same as RFC 5280, except the length is limited to 255 - -class DirectoryString(univ.Choice): - pass - -DirectoryString.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('printableString', char.PrintableString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('universalString', char.UniversalString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('utf8String', char.UTF8String().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('bmpString', char.BMPString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))) -) - - -# PKCS9String is DirectoryString with an additional choice of IA5String, -# and the SIZE is limited to 255 - -class PKCS9String(univ.Choice): - pass - -PKCS9String.componentType = namedtype.NamedTypes( - namedtype.NamedType('ia5String', char.IA5String().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('directoryString', DirectoryString()) -) - - -# Upper Bounds - -pkcs_9_ub_pkcs9String = univ.Integer(255) - -pkcs_9_ub_challengePassword = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_ub_emailAddress = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_ub_match = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_ub_signingDescription = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_ub_unstructuredAddress = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_ub_unstructuredName = univ.Integer(pkcs_9_ub_pkcs9String) - - -ub_name = univ.Integer(32768) - -pkcs_9_ub_placeOfBirth = univ.Integer(ub_name) - -pkcs_9_ub_pseudonym = univ.Integer(ub_name) - - -# Object Identifier Arcs - -ietf_at = _OID(1, 3, 6, 1, 5, 5, 7, 9) - -id_at = _OID(2, 5, 4) - -pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) - -pkcs_9_mo = _OID(pkcs_9, 0) - -smime = _OID(pkcs_9, 16) - -certTypes = _OID(pkcs_9, 22) - -crlTypes = _OID(pkcs_9, 23) - -pkcs_9_oc = _OID(pkcs_9, 24) - -pkcs_9_at = _OID(pkcs_9, 25) - -pkcs_9_sx = _OID(pkcs_9, 26) - -pkcs_9_mr = _OID(pkcs_9, 27) - - -# Object Identifiers for Syntaxes for use with LDAP-accessible directories - -pkcs_9_sx_pkcs9String = _OID(pkcs_9_sx, 1) - -pkcs_9_sx_signingTime = _OID(pkcs_9_sx, 2) - - -# Object Identifiers for object classes - -pkcs_9_oc_pkcsEntity = _OID(pkcs_9_oc, 1) - -pkcs_9_oc_naturalPerson = _OID(pkcs_9_oc, 2) - - -# Object Identifiers for matching rules - -pkcs_9_mr_caseIgnoreMatch = _OID(pkcs_9_mr, 1) - -pkcs_9_mr_signingTimeMatch = _OID(pkcs_9_mr, 2) - - -# PKCS #7 PDU - -pkcs_9_at_pkcs7PDU = _OID(pkcs_9_at, 5) - -pKCS7PDU = Attribute() -pKCS7PDU['type'] = pkcs_9_at_pkcs7PDU -pKCS7PDU['values'][0] = ContentInfo() - - -# PKCS #12 token - -pkcs_9_at_userPKCS12 = _OID(2, 16, 840, 1, 113730, 3, 1, 216) - -userPKCS12 = Attribute() -userPKCS12['type'] = pkcs_9_at_userPKCS12 -userPKCS12['values'][0] = PFX() - - -# PKCS #15 token - -pkcs_9_at_pkcs15Token = _OID(pkcs_9_at, 1) - -# TODO: Once PKCS15Token can be imported, this can be included -# -# pKCS15Token = Attribute() -# userPKCS12['type'] = pkcs_9_at_pkcs15Token -# userPKCS12['values'][0] = PKCS15Token() - - -# PKCS #8 encrypted private key information - -pkcs_9_at_encryptedPrivateKeyInfo = _OID(pkcs_9_at, 2) - -encryptedPrivateKeyInfo = Attribute() -encryptedPrivateKeyInfo['type'] = pkcs_9_at_encryptedPrivateKeyInfo -encryptedPrivateKeyInfo['values'][0] = EncryptedPrivateKeyInfo() - - -# Electronic-mail address - -pkcs_9_at_emailAddress = rfc5280.id_emailAddress - -emailAddress = Attribute() -emailAddress['type'] = pkcs_9_at_emailAddress -emailAddress['values'][0] = EmailAddress() - - -# Unstructured name - -pkcs_9_at_unstructuredName = _OID(pkcs_9, 2) - -unstructuredName = Attribute() -unstructuredName['type'] = pkcs_9_at_unstructuredName -unstructuredName['values'][0] = PKCS9String() - - -# Unstructured address - -pkcs_9_at_unstructuredAddress = _OID(pkcs_9, 8) - -unstructuredAddress = Attribute() -unstructuredAddress['type'] = pkcs_9_at_unstructuredAddress -unstructuredAddress['values'][0] = DirectoryString() - - -# Date of birth - -pkcs_9_at_dateOfBirth = _OID(ietf_at, 1) - -dateOfBirth = SingleAttribute() -dateOfBirth['type'] = pkcs_9_at_dateOfBirth -dateOfBirth['values'][0] = useful.GeneralizedTime() - - -# Place of birth - -pkcs_9_at_placeOfBirth = _OID(ietf_at, 2) - -placeOfBirth = SingleAttribute() -placeOfBirth['type'] = pkcs_9_at_placeOfBirth -placeOfBirth['values'][0] = DirectoryString() - - -# Gender - -class GenderString(char.PrintableString): - pass - -GenderString.subtypeSpec = constraint.ValueSizeConstraint(1, 1) -GenderString.subtypeSpec = constraint.SingleValueConstraint("M", "F", "m", "f") - - -pkcs_9_at_gender = _OID(ietf_at, 3) - -gender = SingleAttribute() -gender['type'] = pkcs_9_at_gender -gender['values'][0] = GenderString() - - -# Country of citizenship - -pkcs_9_at_countryOfCitizenship = _OID(ietf_at, 4) - -countryOfCitizenship = Attribute() -countryOfCitizenship['type'] = pkcs_9_at_countryOfCitizenship -countryOfCitizenship['values'][0] = X520countryName() - - -# Country of residence - -pkcs_9_at_countryOfResidence = _OID(ietf_at, 5) - -countryOfResidence = Attribute() -countryOfResidence['type'] = pkcs_9_at_countryOfResidence -countryOfResidence['values'][0] = X520countryName() - - -# Pseudonym - -id_at_pseudonym = _OID(2, 5, 4, 65) - -pseudonym = Attribute() -pseudonym['type'] = id_at_pseudonym -pseudonym['values'][0] = DirectoryString() - - -# Serial number - -id_at_serialNumber = rfc5280.id_at_serialNumber - -serialNumber = Attribute() -serialNumber['type'] = id_at_serialNumber -serialNumber['values'][0] = X520SerialNumber() - - -# Content type - -pkcs_9_at_contentType = rfc5652.id_contentType - -contentType = CMSSingleAttribute() -contentType['attrType'] = pkcs_9_at_contentType -contentType['attrValues'][0] = ContentType() - - -# Message digest - -pkcs_9_at_messageDigest = rfc5652.id_messageDigest - -messageDigest = CMSSingleAttribute() -messageDigest['attrType'] = pkcs_9_at_messageDigest -messageDigest['attrValues'][0] = MessageDigest() - - -# Signing time - -pkcs_9_at_signingTime = rfc5652.id_signingTime - -signingTime = CMSSingleAttribute() -signingTime['attrType'] = pkcs_9_at_signingTime -signingTime['attrValues'][0] = SigningTime() - - -# Random nonce - -class RandomNonce(univ.OctetString): - pass - -RandomNonce.subtypeSpec = constraint.ValueSizeConstraint(4, MAX) - - -pkcs_9_at_randomNonce = _OID(pkcs_9_at, 3) - -randomNonce = CMSSingleAttribute() -randomNonce['attrType'] = pkcs_9_at_randomNonce -randomNonce['attrValues'][0] = RandomNonce() - - -# Sequence number - -class SequenceNumber(univ.Integer): - pass - -SequenceNumber.subtypeSpec = constraint.ValueRangeConstraint(1, MAX) - - -pkcs_9_at_sequenceNumber = _OID(pkcs_9_at, 4) - -sequenceNumber = CMSSingleAttribute() -sequenceNumber['attrType'] = pkcs_9_at_sequenceNumber -sequenceNumber['attrValues'][0] = SequenceNumber() - - -# Countersignature - -pkcs_9_at_counterSignature = rfc5652.id_countersignature - -counterSignature = CMSAttribute() -counterSignature['attrType'] = pkcs_9_at_counterSignature -counterSignature['attrValues'][0] = Countersignature() - - -# Challenge password - -pkcs_9_at_challengePassword = _OID(pkcs_9, 7) - -challengePassword = SingleAttribute() -challengePassword['type'] = pkcs_9_at_challengePassword -challengePassword['values'][0] = DirectoryString() - - -# Extension request - -class ExtensionRequest(Extensions): - pass - - -pkcs_9_at_extensionRequest = _OID(pkcs_9, 14) - -extensionRequest = SingleAttribute() -extensionRequest['type'] = pkcs_9_at_extensionRequest -extensionRequest['values'][0] = ExtensionRequest() - - -# Extended-certificate attributes (deprecated) - -class AttributeSet(univ.SetOf): - pass - -AttributeSet.componentType = Attribute() - - -pkcs_9_at_extendedCertificateAttributes = _OID(pkcs_9, 9) - -extendedCertificateAttributes = SingleAttribute() -extendedCertificateAttributes['type'] = pkcs_9_at_extendedCertificateAttributes -extendedCertificateAttributes['values'][0] = AttributeSet() - - -# Friendly name - -class FriendlyName(char.BMPString): - pass - -FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName) - - -pkcs_9_at_friendlyName = _OID(pkcs_9, 20) - -friendlyName = SingleAttribute() -friendlyName['type'] = pkcs_9_at_friendlyName -friendlyName['values'][0] = FriendlyName() - - -# Local key identifier - -pkcs_9_at_localKeyId = _OID(pkcs_9, 21) - -localKeyId = SingleAttribute() -localKeyId['type'] = pkcs_9_at_localKeyId -localKeyId['values'][0] = univ.OctetString() - - -# Signing description - -pkcs_9_at_signingDescription = _OID(pkcs_9, 13) - -signingDescription = CMSSingleAttribute() -signingDescription['attrType'] = pkcs_9_at_signingDescription -signingDescription['attrValues'][0] = DirectoryString() - - -# S/MIME capabilities - -class SMIMECapability(AlgorithmIdentifier): - pass - - -class SMIMECapabilities(univ.SequenceOf): - pass - -SMIMECapabilities.componentType = SMIMECapability() - - -pkcs_9_at_smimeCapabilities = _OID(pkcs_9, 15) - -smimeCapabilities = CMSSingleAttribute() -smimeCapabilities['attrType'] = pkcs_9_at_smimeCapabilities -smimeCapabilities['attrValues'][0] = SMIMECapabilities() - - -# Certificate Attribute Map - -_certificateAttributesMapUpdate = { - # Attribute types for use with the "pkcsEntity" object class - pkcs_9_at_pkcs7PDU: ContentInfo(), - pkcs_9_at_userPKCS12: PFX(), - # TODO: Once PKCS15Token can be imported, this can be included - # pkcs_9_at_pkcs15Token: PKCS15Token(), - pkcs_9_at_encryptedPrivateKeyInfo: EncryptedPrivateKeyInfo(), - # Attribute types for use with the "naturalPerson" object class - pkcs_9_at_emailAddress: EmailAddress(), - pkcs_9_at_unstructuredName: PKCS9String(), - pkcs_9_at_unstructuredAddress: DirectoryString(), - pkcs_9_at_dateOfBirth: useful.GeneralizedTime(), - pkcs_9_at_placeOfBirth: DirectoryString(), - pkcs_9_at_gender: GenderString(), - pkcs_9_at_countryOfCitizenship: X520countryName(), - pkcs_9_at_countryOfResidence: X520countryName(), - id_at_pseudonym: DirectoryString(), - id_at_serialNumber: X520SerialNumber(), - # Attribute types for use with PKCS #10 certificate requests - pkcs_9_at_challengePassword: DirectoryString(), - pkcs_9_at_extensionRequest: ExtensionRequest(), - pkcs_9_at_extendedCertificateAttributes: AttributeSet(), -} - -rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) - - -# CMS Attribute Map - -# Note: pkcs_9_at_smimeCapabilities is not included in the map because -# the definition in RFC 5751 is preferred, which produces the same -# encoding, but it allows different parameters for SMIMECapability -# and AlgorithmIdentifier. - -_cmsAttributesMapUpdate = { - # Attribute types for use in PKCS #7 data (a.k.a. CMS) - pkcs_9_at_contentType: ContentType(), - pkcs_9_at_messageDigest: MessageDigest(), - pkcs_9_at_signingTime: SigningTime(), - pkcs_9_at_randomNonce: RandomNonce(), - pkcs_9_at_sequenceNumber: SequenceNumber(), - pkcs_9_at_counterSignature: Countersignature(), - # Attributes for use in PKCS #12 "PFX" PDUs or PKCS #15 tokens - pkcs_9_at_friendlyName: FriendlyName(), - pkcs_9_at_localKeyId: univ.OctetString(), - pkcs_9_at_signingDescription: DirectoryString(), - # pkcs_9_at_smimeCapabilities: SMIMECapabilities(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/pyasn1_modules/rfc3114.py b/pyasn1_modules/rfc3114.py deleted file mode 100644 index badcb1f..0000000 --- a/pyasn1_modules/rfc3114.py +++ /dev/null @@ -1,77 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# TEST Company Classification Policies -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc3114.txt -# - -from pyasn1.type import char -from pyasn1.type import namedval -from pyasn1.type import univ - -from pyasn1_modules import rfc5755 - - -id_smime = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, )) - -id_tsp = id_smime + (7, ) - -id_tsp_TEST_Amoco = id_tsp + (1, ) - -class Amoco_SecurityClassification(univ.Integer): - namedValues = namedval.NamedValues( - ('amoco-general', 6), - ('amoco-confidential', 7), - ('amoco-highly-confidential', 8) - ) - - -id_tsp_TEST_Caterpillar = id_tsp + (2, ) - -class Caterpillar_SecurityClassification(univ.Integer): - namedValues = namedval.NamedValues( - ('caterpillar-public', 6), - ('caterpillar-green', 7), - ('caterpillar-yellow', 8), - ('caterpillar-red', 9) - ) - - -id_tsp_TEST_Whirlpool = id_tsp + (3, ) - -class Whirlpool_SecurityClassification(univ.Integer): - namedValues = namedval.NamedValues( - ('whirlpool-public', 6), - ('whirlpool-internal', 7), - ('whirlpool-confidential', 8) - ) - - -id_tsp_TEST_Whirlpool_Categories = id_tsp + (4, ) - -class SecurityCategoryValues(univ.SequenceOf): - componentType = char.UTF8String() - -# Example SecurityCategoryValues: "LAW DEPARTMENT USE ONLY" -# Example SecurityCategoryValues: "HUMAN RESOURCES USE ONLY" - - -# Also, the privacy mark in the security label can contain a string, -# such as: "ATTORNEY-CLIENT PRIVILEGED INFORMATION" - - -# Map of security category type OIDs to security category added -# to the ones that are in rfc5755.py - -_securityCategoryMapUpdate = { - id_tsp_TEST_Whirlpool_Categories: SecurityCategoryValues(), -} - -rfc5755.securityCategoryMap.update(_securityCategoryMapUpdate) diff --git a/pyasn1_modules/rfc3274.py b/pyasn1_modules/rfc3274.py index 425e006..8d8541c 100644 --- a/pyasn1_modules/rfc3274.py +++ b/pyasn1_modules/rfc3274.py @@ -49,11 +49,9 @@ cpa_zlibCompress['algorithm'] = id_alg_zlibCompress # cpa_zlibCompress['parameters'] are absent -# Map of Content Type OIDs to Content Types is added to thr -# ones that are in rfc5652.py +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_compressedData: CompressedData(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc3279.py b/pyasn1_modules/rfc3279.py index f6e24de..428c0e8 100644 --- a/pyasn1_modules/rfc3279.py +++ b/pyasn1_modules/rfc3279.py @@ -4,19 +4,12 @@ # Copyright (c) 2017, Danielle Madeley <danielle@madeley.id.au> # License: http://snmplabs.com/pyasn1/license.html # -# Modified by Russ Housley to add maps for use with opentypes. -# -# Algorithms and Identifiers for Internet X.509 Certificates and CRLs -# -# Derived from RFC 3279: -# https://www.rfc-editor.org/rfc/rfc3279.txt +# Derived from RFC 3279 # from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ -from pyasn1_modules import rfc5280 - def _OID(*components): output = [] @@ -238,23 +231,3 @@ prime239v1 = _OID(primeCurve, 4) prime239v2 = _OID(primeCurve, 5) prime239v3 = _OID(primeCurve, 6) prime256v1 = _OID(primeCurve, 7) - - -# Map of Algorithm Identifier OIDs to Parameters added to the -# ones in rfc5280.py. Do not add OIDs with absent paramaters. - -_algorithmIdentifierMapUpdate = { - md2: univ.Null(""), - md5: univ.Null(""), - id_sha1: univ.Null(""), - id_dsa: Dss_Parms(), - rsaEncryption: univ.Null(""), - md2WithRSAEncryption: univ.Null(""), - md5WithRSAEncryption: univ.Null(""), - sha1WithRSAEncryption: univ.Null(""), - dhpublicnumber: DomainParameters(), - id_keyExchangeAlgorithm: KEA_Parms_Id(), - id_ecPublicKey: EcpkParameters(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc3565.py b/pyasn1_modules/rfc3565.py index ec75e23..c4b742d 100644 --- a/pyasn1_modules/rfc3565.py +++ b/pyasn1_modules/rfc3565.py @@ -1,8 +1,3 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley. -# Modified by Russ Housley to add maps for use with opentypes. -# # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # @@ -12,7 +7,6 @@ # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3565.txt - from pyasn1.type import constraint from pyasn1.type import univ @@ -26,8 +20,8 @@ class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier): class AES_IV(univ.OctetString): pass -AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) +AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) id_aes128_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.2') @@ -35,23 +29,8 @@ id_aes192_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.22') id_aes256_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.42') - id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5') id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25') id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45') - - -# Update the Algorithm Identifier map - -_algorithmIdentifierMapUpdate = { - id_aes128_CBC: AES_IV(), - id_aes192_CBC: AES_IV(), - id_aes256_CBC: AES_IV(), - id_aes128_wrap: univ.Null(), - id_aes192_wrap: univ.Null(), - id_aes256_wrap: univ.Null(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc3709.py b/pyasn1_modules/rfc3709.py index aa1d5b6..a52f99e 100644 --- a/pyasn1_modules/rfc3709.py +++ b/pyasn1_modules/rfc3709.py @@ -21,7 +21,6 @@ from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc6170 MAX = float('inf') @@ -163,8 +162,6 @@ id_logo_background = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.2') id_logo_loyalty = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.1') -id_logo_certImage = rfc6170.id_logo_certImage - class OtherLogotypeInfo(univ.Sequence): pass @@ -197,11 +194,9 @@ LogotypeExtn.componentType = namedtype.NamedTypes( ) -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py -_certificateExtensionsMapUpdate = { +certificateExtensionsMapUpdate = { id_pe_logotype: LogotypeExtn(), } - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc3770.py b/pyasn1_modules/rfc3770.py deleted file mode 100644 index 3fefe1d..0000000 --- a/pyasn1_modules/rfc3770.py +++ /dev/null @@ -1,75 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Certificate Extensions and Attributes Supporting Authentication -# in PPP and Wireless LAN Networks -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc3770.txt -# https://www.rfc-editor.org/errata/eid234 -# - -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -MAX = float('inf') - - -# Extended Key Usage Values - -id_kp_eapOverLAN = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.14') - -id_kp_eapOverPPP = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.13') - - -# Wireless LAN SSID Extension - -id_pe_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.13') - - -class SSID(univ.OctetString): - pass - -SSID.subtypeSpec = constraint.ValueSizeConstraint(1, 32) - - -class SSIDList(univ.SequenceOf): - pass - -SSIDList.componentType = SSID() -SSIDList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -# Wireless LAN SSID Attribute Certificate Attribute -# Uses same syntax as the certificate extension: SSIDList -# Correction for https://www.rfc-editor.org/errata/eid234 - -id_aca_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.10.7') - - -# Map of Certificate Extension OIDs to Extensions -# To be added to the ones that are in rfc5280.py - -_certificateExtensionsMap = { - id_pe_wlanSSID: SSIDList(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) - - -# Map of AttributeType OIDs to AttributeValue added to the -# ones that are in rfc5280.py - -_certificateAttributesMapUpdate = { - id_aca_wlanSSID: SSIDList(), -} - -rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/pyasn1_modules/rfc3779.py b/pyasn1_modules/rfc3779.py index 8e6eaa3..125351e 100644 --- a/pyasn1_modules/rfc3779.py +++ b/pyasn1_modules/rfc3779.py @@ -18,8 +18,6 @@ from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ -from pyasn1_modules import rfc5280 - # IP Address Delegation Extension @@ -126,12 +124,10 @@ ASIdentifiers.componentType = namedtype.NamedTypes( ) -# Map of Certificate Extension OIDs to Extensions is added to the -# ones that are in rfc5280.py +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py -_certificateExtensionsMapUpdate = { +certificateExtensionsMapUpdate = { id_pe_ipAddrBlocks: IPAddrBlocks(), id_pe_autonomousSysIds: ASIdentifiers(), } - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc4043.py b/pyasn1_modules/rfc4043.py deleted file mode 100644 index cf0a801..0000000 --- a/pyasn1_modules/rfc4043.py +++ /dev/null @@ -1,43 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Internet X.509 Public Key Infrastructure Permanent Identifier -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc4043.txt -# - -from pyasn1.type import char -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) - -id_on = id_pkix + (8, ) - -id_on_permanentIdentifier = id_on + (3, ) - - -class PermanentIdentifier(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('identifierValue', char.UTF8String()), - namedtype.OptionalNamedType('assigner', univ.ObjectIdentifier()) - ) - - -# Map of Other Name OIDs to Other Name is added to the -# ones that are in rfc5280.py - -_anotherNameMapUpdate = { - id_on_permanentIdentifier: PermanentIdentifier(), -} - -rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/pyasn1_modules/rfc4073.py b/pyasn1_modules/rfc4073.py index 3f425b2..12a9ec0 100644 --- a/pyasn1_modules/rfc4073.py +++ b/pyasn1_modules/rfc4073.py @@ -48,12 +48,10 @@ ContentWithAttributes.componentType = namedtype.NamedTypes( ) -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_contentCollection: ContentCollection(), id_ct_contentWithAttrs: ContentWithAttributes(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc4108.py b/pyasn1_modules/rfc4108.py index ecace9e..c5cdfe9 100644 --- a/pyasn1_modules/rfc4108.py +++ b/pyasn1_modules/rfc4108.py @@ -310,10 +310,10 @@ HardwareModuleName.componentType = namedtype.NamedTypes( ) -# Map of Attribute Type OIDs to Attributes is added to the -# ones that are in rfc5652.py +# Map of Attribute Type OIDs to Attributes +# To be added to the ones that are in rfc5652.py -_cmsAttributesMapUpdate = { +cmsAttributesMapUpdate = { id_aa_wrappedFirmwareKey: WrappedFirmwareKey(), id_aa_firmwarePackageInfo: FirmwarePackageInfo(), id_aa_communityIdentifiers: CommunityIdentifiers(), @@ -325,26 +325,21 @@ _cmsAttributesMapUpdate = { id_aa_fwPkgMessageDigest: FirmwarePackageMessageDigest(), } -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_firmwareLoadError: FirmwarePackageLoadError(), id_ct_firmwareLoadReceipt: FirmwarePackageLoadReceipt(), id_ct_firmwarePackage: FirmwarePkgData(), } -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) - -# Map of Other Name OIDs to Other Name is added to the -# ones that are in rfc5280.py +# Map of Other Name OIDs to Other Name +# To be added to the ones that are in rfc5280.py -_anotherNameMapUpdate = { +anotherNameMapUpdate = { id_on_hardwareModuleName: HardwareModuleName(), } -rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 4d01a33..fd3b256 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -354,12 +354,8 @@ class RevRepContent(univ.Sequence): OPTIONAL """ componentType = namedtype.NamedTypes( - namedtype.NamedType( - 'status', univ.SequenceOf( - componentType=PKIStatusInfo(), - sizeSpec=constraint.ValueSizeConstraint(1, MAX) - ) - ), + namedtype.NamedType('status', PKIStatusInfo( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.OptionalNamedType( 'revCerts', univ.SequenceOf(componentType=rfc2511.CertId()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX), @@ -743,11 +739,11 @@ class PKIHeader(univ.Sequence): namedtype.OptionalNamedType('generalInfo', univ.SequenceOf( componentType=InfoTypeAndValue().subtype( - sizeSpec=constraint.ValueSizeConstraint(1, MAX) + sizeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8) ) - ).subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)) - ) + ) + ) ) diff --git a/pyasn1_modules/rfc4334.py b/pyasn1_modules/rfc4334.py deleted file mode 100644 index 44cd31b..0000000 --- a/pyasn1_modules/rfc4334.py +++ /dev/null @@ -1,75 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Certificate Extensions and Attributes Supporting Authentication -# in PPP and Wireless LAN Networks -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc4334.txt -# - -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# OID Arcs - -id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') - -id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') - -id_aca = univ.ObjectIdentifier('1.3.6.1.5.5.7.10') - - -# Extended Key Usage Values - -id_kp_eapOverPPP = id_kp + (13, ) - -id_kp_eapOverLAN = id_kp + (14, ) - - -# Wireless LAN SSID Extension - -id_pe_wlanSSID = id_pe + (13, ) - -class SSID(univ.OctetString): - constraint.ValueSizeConstraint(1, 32) - - -class SSIDList(univ.SequenceOf): - componentType = SSID() - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -# Wireless LAN SSID Attribute Certificate Attribute - -id_aca_wlanSSID = id_aca + (7, ) - - -# Map of Certificate Extension OIDs to Extensions -# To be added to the ones that are in rfc5280.py - -_certificateExtensionsMap = { - id_pe_wlanSSID: SSIDList(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) - - -# Map of AttributeType OIDs to AttributeValue added to the -# ones that are in rfc5280.py - -_certificateAttributesMapUpdate = { - id_aca_wlanSSID: SSIDList(), -} - -rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/pyasn1_modules/rfc4985.py b/pyasn1_modules/rfc4985.py deleted file mode 100644 index 318e412..0000000 --- a/pyasn1_modules/rfc4985.py +++ /dev/null @@ -1,49 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Expression of Service Names in X.509 Certificates -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc4985.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# As specified in Appendix A.2 of RFC 4985 - -id_pkix = rfc5280.id_pkix - -id_on = id_pkix + (8, ) - -id_on_dnsSRV = id_on + (7, ) - - -class SRVName(char.IA5String): - subtypeSpec = constraint.ValueSizeConstraint(1, MAX) - - -srvName = rfc5280.AnotherName() -srvName['type-id'] = id_on_dnsSRV -srvName['value'] = SRVName() - - -# Map of Other Name OIDs to Other Name is added to the -# ones that are in rfc5280.py - -_anotherNameMapUpdate = { - id_on_dnsSRV: SRVName(), -} - -rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/pyasn1_modules/rfc5035.py b/pyasn1_modules/rfc5035.py index 1cec982..4a70bb0 100644 --- a/pyasn1_modules/rfc5035.py +++ b/pyasn1_modules/rfc5035.py @@ -179,21 +179,20 @@ ub_receiptsTo = rfc2634.ub_receiptsTo ReceiptRequest = rfc2634.ReceiptRequest -# Map of Attribute Type to the Attribute structure is added to the -# ones that are in rfc5652.py +# Map of Attribute Type to the Attribute structure -_cmsAttributesMapUpdate = { +ESSAttributeMap = rfc2634.ESSAttributeMap + +_ESSAttributeMapAddition = { id_aa_signingCertificateV2: SigningCertificateV2(), } -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) +ESSAttributeMap.update(_ESSAttributeMapAddition) -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_receipt: Receipt(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc5083.py b/pyasn1_modules/rfc5083.py index 26ef550..e3df086 100644 --- a/pyasn1_modules/rfc5083.py +++ b/pyasn1_modules/rfc5083.py @@ -42,11 +42,9 @@ AuthEnvelopedData.componentType = namedtype.NamedTypes( ) -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_authEnvelopedData: AuthEnvelopedData(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc5084.py b/pyasn1_modules/rfc5084.py index 7686839..18abec8 100644 --- a/pyasn1_modules/rfc5084.py +++ b/pyasn1_modules/rfc5084.py @@ -16,8 +16,6 @@ from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ -from pyasn1_modules import rfc5280 - def _OID(*components): output = [] @@ -80,18 +78,3 @@ id_aes192_GCM = _OID(aes, 26) id_aes256_CCM = _OID(aes, 47) id_aes256_GCM = _OID(aes, 46) - - -# Map of Algorithm Identifier OIDs to Parameters is added to the -# ones in rfc5280.py - -_algorithmIdentifierMapUpdate = { - id_aes128_CCM: CCMParameters(), - id_aes128_GCM: GCMParameters(), - id_aes192_CCM: CCMParameters(), - id_aes192_GCM: GCMParameters(), - id_aes256_CCM: CCMParameters(), - id_aes256_GCM: GCMParameters(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index f2b52b2..181584c 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -1635,7 +1635,7 @@ _certificateExtensionsMap = { id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), - id_ce_certificatePolicies: CertificatePolicies(), + id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? id_ce_policyMappings: PolicyMappings(), id_ce_subjectAltName: SubjectAltName(), id_ce_issuerAltName: IssuerAltName(), diff --git a/pyasn1_modules/rfc5480.py b/pyasn1_modules/rfc5480.py index 84c0c11..0113826 100644 --- a/pyasn1_modules/rfc5480.py +++ b/pyasn1_modules/rfc5480.py @@ -18,7 +18,6 @@ from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc3279 -from pyasn1_modules import rfc5280 # These structures are the same as RFC 3279. @@ -171,7 +170,7 @@ sect571r1 = univ.ObjectIdentifier('1.3.132.0.39') # Map of Algorithm Identifier OIDs to Parameters # The algorithm is not included if the parameters MUST be absent -_algorithmIdentifierMapUpdate = { +algorithmIdentifierMapUpdate = { rsaEncryption: univ.Null(), md2WithRSAEncryption: univ.Null(), md5WithRSAEncryption: univ.Null(), @@ -182,9 +181,4 @@ _algorithmIdentifierMapUpdate = { id_ecPublicKey: ECParameters(), id_ecDH: ECParameters(), id_ecMQV: ECParameters(), -} - - -# Add these Algorithm Identifier map entries to the ones in rfc5280.py - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc5751.py b/pyasn1_modules/rfc5751.py deleted file mode 100644 index 7e20001..0000000 --- a/pyasn1_modules/rfc5751.py +++ /dev/null @@ -1,124 +0,0 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# S/MIME Version 3.2 Message Specification -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5751.txt - -from pyasn1.type import namedtype -from pyasn1.type import opentype -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc8018 - - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - return univ.ObjectIdentifier(output) - - -# Imports from RFC 5652 and RFC 8018 - -IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber - -RecipientKeyIdentifier = rfc5652.RecipientKeyIdentifier - -SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier - -rc2CBC = rfc8018.rc2CBC - - -# S/MIME Capabilities Attribute - -smimeCapabilities = univ.ObjectIdentifier('1.2.840.113549.1.9.15') - - -smimeCapabilityMap = { } - - -class SMIMECapability(univ.Sequence): - pass - -SMIMECapability.componentType = namedtype.NamedTypes( - namedtype.NamedType('capabilityID', univ.ObjectIdentifier()), - namedtype.OptionalNamedType('parameters', univ.Any(), - openType=opentype.OpenType('capabilityID', smimeCapabilityMap)) -) - - -class SMIMECapabilities(univ.SequenceOf): - pass - -SMIMECapabilities.componentType = SMIMECapability() - - -class SMIMECapabilitiesParametersForRC2CBC(univ.Integer): - # which carries the RC2 Key Length (number of bits) - pass - - -# S/MIME Encryption Key Preference Attribute - -id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16') - -id_aa = _OID(id_smime, 2) - -id_aa_encrypKeyPref = _OID(id_aa, 11) - - -class SMIMEEncryptionKeyPreference(univ.Choice): - pass - -SMIMEEncryptionKeyPreference.componentType = namedtype.NamedTypes( - namedtype.NamedType('issuerAndSerialNumber', - IssuerAndSerialNumber().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('receipentKeyId', - # Yes, 'receipentKeyId' is spelled incorrectly, but kept - # this way for alignment with the ASN.1 module in the RFC. - RecipientKeyIdentifier().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('subjectAltKeyIdentifier', - SubjectKeyIdentifier().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 2))) -) - - -# The Prefer Binary Inside SMIMECapabilities attribute - -id_cap = _OID(id_smime, 11) - -id_cap_preferBinaryInside = _OID(id_cap, 1) - - -# CMS Attribute Map - -_cmsAttributesMapUpdate = { - smimeCapabilities: SMIMECapabilities(), - id_aa_encrypKeyPref: SMIMEEncryptionKeyPreference(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) - - -# SMIMECapabilities Attribute Map -# -# Do not include OIDs in the dictionary when the parameters are absent. - -_smimeCapabilityMapUpdate = { - rc2CBC: SMIMECapabilitiesParametersForRC2CBC(), -} - -smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/pyasn1_modules/rfc5755.py b/pyasn1_modules/rfc5755.py deleted file mode 100644 index 14f56fc..0000000 --- a/pyasn1_modules/rfc5755.py +++ /dev/null @@ -1,398 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# An Internet Attribute Certificate Profile for Authorization -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5755.txt -# https://www.rfc-editor.org/rfc/rfc5912.txt (see Section 13) -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import opentype -from pyasn1.type import tag -from pyasn1.type import univ -from pyasn1.type import useful - -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 - -MAX = float('inf') - -# Map for Security Category type to value - -securityCategoryMap = { } - - -# Imports from RFC 5652 - -ContentInfo = rfc5652.ContentInfo - - -# Imports from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - -Attribute = rfc5280.Attribute - -AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax - -AuthorityKeyIdentifier = rfc5280.AuthorityKeyIdentifier - -CertificateSerialNumber = rfc5280.CertificateSerialNumber - -CRLDistributionPoints = rfc5280.CRLDistributionPoints - -Extensions = rfc5280.Extensions - -Extension = rfc5280.Extension - -GeneralNames = rfc5280.GeneralNames - -GeneralName = rfc5280.GeneralName - -UniqueIdentifier = rfc5280.UniqueIdentifier - - -# Object Identifier arcs - -id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) - -id_pe = id_pkix + (1, ) - -id_kp = id_pkix + (3, ) - -id_aca = id_pkix + (10, ) - -id_ad = id_pkix + (48, ) - -id_at = univ.ObjectIdentifier((2, 5, 4, )) - -id_ce = univ.ObjectIdentifier((2, 5, 29, )) - - -# Attribute Certificate - -class AttCertVersion(univ.Integer): - namedValues = namedval.NamedValues( - ('v2', 1) - ) - - -class IssuerSerial(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('issuer', GeneralNames()), - namedtype.NamedType('serial', CertificateSerialNumber()), - namedtype.OptionalNamedType('issuerUID', UniqueIdentifier()) - ) - - -class ObjectDigestInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('digestedObjectType', - univ.Enumerated(namedValues=namedval.NamedValues( - ('publicKey', 0), - ('publicKeyCert', 1), - ('otherObjectTypes', 2)))), - namedtype.OptionalNamedType('otherObjectTypeID', - univ.ObjectIdentifier()), - namedtype.NamedType('digestAlgorithm', - AlgorithmIdentifier()), - namedtype.NamedType('objectDigest', - univ.BitString()) - ) - - -class Holder(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('baseCertificateID', - IssuerSerial().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('entityName', - GeneralNames().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('objectDigestInfo', - ObjectDigestInfo().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 2))) -) - - -class V2Form(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('issuerName', - GeneralNames()), - namedtype.OptionalNamedType('baseCertificateID', - IssuerSerial().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('objectDigestInfo', - ObjectDigestInfo().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 1))) - ) - - -class AttCertIssuer(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('v1Form', GeneralNames()), - namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 0))) - ) - - -class AttCertValidityPeriod(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()), - namedtype.NamedType('notAfterTime', useful.GeneralizedTime()) - ) - - -class AttributeCertificateInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('version', - AttCertVersion()), - namedtype.NamedType('holder', - Holder()), - namedtype.NamedType('issuer', - AttCertIssuer()), - namedtype.NamedType('signature', - AlgorithmIdentifier()), - namedtype.NamedType('serialNumber', - CertificateSerialNumber()), - namedtype.NamedType('attrCertValidityPeriod', - AttCertValidityPeriod()), - namedtype.NamedType('attributes', - univ.SequenceOf(componentType=Attribute())), - namedtype.OptionalNamedType('issuerUniqueID', - UniqueIdentifier()), - namedtype.OptionalNamedType('extensions', - Extensions()) - ) - - -class AttributeCertificate(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('acinfo', AttributeCertificateInfo()), - namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('signatureValue', univ.BitString()) - ) - - -# Attribute Certificate Extensions - -id_pe_ac_auditIdentity = id_pe + (4, ) - -id_ce_noRevAvail = id_ce + (56, ) - -id_ce_targetInformation = id_ce + (55, ) - - -class TargetCert(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('targetCertificate', IssuerSerial()), - namedtype.OptionalNamedType('targetName', GeneralName()), - namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo()) - ) - - -class Target(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('targetName', - GeneralName().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('targetGroup', - GeneralName().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('targetCert', - TargetCert().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 2))) - ) - - -class Targets(univ.SequenceOf): - componentType = Target() - - -id_pe_ac_proxying = id_pe + (10, ) - - -class ProxyInfo(univ.SequenceOf): - componentType = Targets() - - -id_pe_aaControls = id_pe + (6, ) - - -class AttrSpec(univ.SequenceOf): - componentType = univ.ObjectIdentifier() - - -class AAControls(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('pathLenConstraint', - univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), - namedtype.OptionalNamedType('permittedAttrs', - AttrSpec().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('excludedAttrs', - AttrSpec().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.DefaultedNamedType('permitUnSpecified', - univ.Boolean().subtype(value=1)) - ) - - -# Attribute Certificate Attributes - -id_aca_authenticationInfo = id_aca + (1, ) - - -id_aca_accessIdentity = id_aca + (2, ) - - -class SvceAuthInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('service', GeneralName()), - namedtype.NamedType('ident', GeneralName()), - namedtype.OptionalNamedType('authInfo', univ.OctetString()) - ) - - -id_aca_chargingIdentity = id_aca + (3, ) - - -id_aca_group = id_aca + (4, ) - - -class IetfAttrSyntax(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('policyAuthority', - GeneralNames().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('values', univ.SequenceOf( - componentType=univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('octets', univ.OctetString()), - namedtype.NamedType('oid', univ.ObjectIdentifier()), - namedtype.NamedType('string', char.UTF8String()) - )) - )) - ) - - -id_at_role = id_at + (72,) - - -class RoleSyntax(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('roleAuthority', - GeneralNames().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('roleName', - GeneralName().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))) - ) - - -class ClassList(univ.BitString): - namedValues = namedval.NamedValues( - ('unmarked', 0), - ('unclassified', 1), - ('restricted', 2), - ('confidential', 3), - ('secret', 4), - ('topSecret', 5) - ) - - -class SecurityCategory(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('type', - univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('value', - univ.Any().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1)), - openType=opentype.OpenType('type', securityCategoryMap)) - ) - - -id_at_clearance = univ.ObjectIdentifier((2, 5, 4, 55, )) - - -class Clearance(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('policyId', - univ.ObjectIdentifier()), - namedtype.DefaultedNamedType('classList', - ClassList().subtype(value='unclassified')), - namedtype.OptionalNamedType('securityCategories', - univ.SetOf(componentType=SecurityCategory())) - ) - - -id_at_clearance_rfc3281 = univ.ObjectIdentifier((2, 5, 1, 5, 55, )) - - -class Clearance_rfc3281(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('policyId', - univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.DefaultedNamedType('classList', - ClassList().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1)).subtype( - value='unclassified')), - namedtype.OptionalNamedType('securityCategories', - univ.SetOf(componentType=SecurityCategory()).subtype( - implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 2))) - ) - - -id_aca_encAttrs = id_aca + (6, ) - - -class ACClearAttrs(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('acIssuer', GeneralName()), - namedtype.NamedType('acSerial', univ.Integer()), - namedtype.NamedType('attrs', univ.SequenceOf(componentType=Attribute())) - ) - - -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - id_pe_ac_auditIdentity: univ.OctetString(), - id_ce_noRevAvail: univ.Null(), - id_ce_targetInformation: Targets(), - id_pe_ac_proxying: ProxyInfo(), - id_pe_aaControls: AAControls(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) - - -# Map of AttributeType OIDs to AttributeValue added to the -# ones that are in rfc5280.py - -_certificateAttributesMapUpdate = { - id_aca_authenticationInfo: SvceAuthInfo(), - id_aca_accessIdentity: SvceAuthInfo(), - id_aca_chargingIdentity: IetfAttrSyntax(), - id_aca_group: IetfAttrSyntax(), - id_at_role: RoleSyntax(), - id_at_clearance: Clearance(), - id_at_clearance_rfc3281: Clearance_rfc3281(), - id_aca_encAttrs: ContentInfo(), -} - -rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/pyasn1_modules/rfc5913.py b/pyasn1_modules/rfc5913.py deleted file mode 100644 index 0bd0653..0000000 --- a/pyasn1_modules/rfc5913.py +++ /dev/null @@ -1,44 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Authority Clearance Constraints Certificate Extension -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5913.txt -# https://www.rfc-editor.org/errata/eid5890 -# - -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5755 - -MAX = float('inf') - - -# Authority Clearance Constraints Certificate Extension - -id_pe_clearanceConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.21') - -id_pe_authorityClearanceConstraints = id_pe_clearanceConstraints - - -class AuthorityClearanceConstraints(univ.SequenceOf): - componentType = rfc5755.Clearance() - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - id_pe_clearanceConstraints: AuthorityClearanceConstraints(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc5914.py b/pyasn1_modules/rfc5914.py deleted file mode 100644 index d125ea2..0000000 --- a/pyasn1_modules/rfc5914.py +++ /dev/null @@ -1,119 +0,0 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Trust Anchor Format -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5914.txt - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -MAX = float('inf') - -Certificate = rfc5280.Certificate - -Name = rfc5280.Name - -Extensions = rfc5280.Extensions - -SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo - -TBSCertificate = rfc5280.TBSCertificate - -CertificatePolicies = rfc5280.CertificatePolicies - -KeyIdentifier = rfc5280.KeyIdentifier - -NameConstraints = rfc5280.NameConstraints - - -class CertPolicyFlags(univ.BitString): - pass - -CertPolicyFlags.namedValues = namedval.NamedValues( - ('inhibitPolicyMapping', 0), - ('requireExplicitPolicy', 1), - ('inhibitAnyPolicy', 2) -) - - -class CertPathControls(univ.Sequence): - pass - -CertPathControls.componentType = namedtype.NamedTypes( - namedtype.NamedType('taName', Name()), - namedtype.OptionalNamedType('certificate', Certificate().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('policySet', CertificatePolicies().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('policyFlags', CertPolicyFlags().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('nameConstr', NameConstraints().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) -) - - -class TrustAnchorTitle(char.UTF8String): - pass - -TrustAnchorTitle.subtypeSpec = constraint.ValueSizeConstraint(1, 64) - - -class TrustAnchorInfoVersion(univ.Integer): - pass - -TrustAnchorInfoVersion.namedValues = namedval.NamedValues( - ('v1', 1) -) - - -class TrustAnchorInfo(univ.Sequence): - pass - -TrustAnchorInfo.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', TrustAnchorInfoVersion().subtype(value='v1')), - namedtype.NamedType('pubKey', SubjectPublicKeyInfo()), - namedtype.NamedType('keyId', KeyIdentifier()), - namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()), - namedtype.OptionalNamedType('certPath', CertPathControls()), - namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('taTitleLangTag', char.UTF8String().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) -) - - -class TrustAnchorChoice(univ.Choice): - pass - -TrustAnchorChoice.componentType = namedtype.NamedTypes( - namedtype.NamedType('certificate', Certificate()), - namedtype.NamedType('tbsCert', TBSCertificate().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('taInfo', TrustAnchorInfo().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) -) - - -id_ct_trustAnchorList = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.34') - -class TrustAnchorList(univ.SequenceOf): - pass - -TrustAnchorList.componentType = TrustAnchorChoice() -TrustAnchorList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) diff --git a/pyasn1_modules/rfc5916.py b/pyasn1_modules/rfc5916.py deleted file mode 100644 index ac23c86..0000000 --- a/pyasn1_modules/rfc5916.py +++ /dev/null @@ -1,35 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Device Owner Attribute -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5916.txt -# - -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -# Device Owner Attribute - -id_deviceOwner = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 69)) - -at_deviceOwner = rfc5280.Attribute() -at_deviceOwner['type'] = id_deviceOwner -at_deviceOwner['values'][0] = univ.ObjectIdentifier() - - -# Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. - -_certificateAttributesMapUpdate = { - id_deviceOwner: univ.ObjectIdentifier(), -} - -rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/pyasn1_modules/rfc5917.py b/pyasn1_modules/rfc5917.py deleted file mode 100644 index ed9af98..0000000 --- a/pyasn1_modules/rfc5917.py +++ /dev/null @@ -1,55 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Clearance Sponsor Attribute -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5917.txt -# https://www.rfc-editor.org/errata/eid4558 -# https://www.rfc-editor.org/errata/eid5883 -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -# DirectoryString is the same as RFC 5280, except for two things: -# 1. the length is limited to 64; -# 2. only the 'utf8String' choice remains because the ASN.1 -# specification says: ( WITH COMPONENTS { utf8String PRESENT } ) - -class DirectoryString(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('utf8String', char.UTF8String().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 64))), - ) - - -# Clearance Sponsor Attribute - -id_clearanceSponsor = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 68)) - -ub_clearance_sponsor = univ.Integer(64) - - -at_clearanceSponsor = rfc5280.Attribute() -at_clearanceSponsor['type'] = id_clearanceSponsor -at_clearanceSponsor['values'][0] = DirectoryString() - - -# Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. - -_certificateAttributesMapUpdate = { - id_clearanceSponsor: DirectoryString(), -} - -rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/pyasn1_modules/rfc5924.py b/pyasn1_modules/rfc5924.py deleted file mode 100644 index 4358e4f..0000000 --- a/pyasn1_modules/rfc5924.py +++ /dev/null @@ -1,19 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Extended Key Usage (EKU) for Session Initiation Protocol (SIP) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5924.txt -# - -from pyasn1.type import univ - -id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') - -id_kp_sipDomain = id_kp + (20, ) diff --git a/pyasn1_modules/rfc5934.py b/pyasn1_modules/rfc5934.py deleted file mode 100644 index e3ad247..0000000 --- a/pyasn1_modules/rfc5934.py +++ /dev/null @@ -1,786 +0,0 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Trust Anchor Format -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5934.txt - -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful - -from pyasn1_modules import rfc2985 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5914 - -MAX = float('inf') - - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - return univ.ObjectIdentifier(output) - - -# Imports from RFC 2985 - -SingleAttribute = rfc2985.SingleAttribute - - -# Imports from RFC5914 - -CertPathControls = rfc5914.CertPathControls - -TrustAnchorChoice = rfc5914.TrustAnchorChoice - -TrustAnchorTitle = rfc5914.TrustAnchorTitle - - -# Imports from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - -AnotherName = rfc5280.AnotherName - -Attribute = rfc5280.Attribute - -Certificate = rfc5280.Certificate - -CertificateSerialNumber = rfc5280.CertificateSerialNumber - -Extension = rfc5280.Extension - -Extensions = rfc5280.Extensions - -KeyIdentifier = rfc5280.KeyIdentifier - -Name = rfc5280.Name - -SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo - -TBSCertificate = rfc5280.TBSCertificate - -Validity = rfc5280.Validity - - -# Object Identifier Arc for TAMP Message Content Types - -id_tamp = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.77') - - -# TAMP Status Query Message - -id_ct_TAMP_statusQuery = _OID(id_tamp, 1) - - -class TAMPVersion(univ.Integer): - pass - -TAMPVersion.namedValues = namedval.NamedValues( - ('v1', 1), - ('v2', 2) -) - - -class TerseOrVerbose(univ.Enumerated): - pass - -TerseOrVerbose.namedValues = namedval.NamedValues( - ('terse', 1), - ('verbose', 2) -) - - -class HardwareSerialEntry(univ.Choice): - pass - -HardwareSerialEntry.componentType = namedtype.NamedTypes( - namedtype.NamedType('all', univ.Null()), - namedtype.NamedType('single', univ.OctetString()), - namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('low', univ.OctetString()), - namedtype.NamedType('high', univ.OctetString()) - )) - ) -) - - -class HardwareModules(univ.Sequence): - pass - -HardwareModules.componentType = namedtype.NamedTypes( - namedtype.NamedType('hwType', univ.ObjectIdentifier()), - namedtype.NamedType('hwSerialEntries', univ.SequenceOf( - componentType=HardwareSerialEntry()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) -) - - -class HardwareModuleIdentifierList(univ.SequenceOf): - pass - -HardwareModuleIdentifierList.componentType = HardwareModules() -HardwareModuleIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class Community(univ.ObjectIdentifier): - pass - - -class CommunityIdentifierList(univ.SequenceOf): - pass - -CommunityIdentifierList.componentType = Community() -CommunityIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(0, MAX) - - -class TargetIdentifier(univ.Choice): - pass - -TargetIdentifier.componentType = namedtype.NamedTypes( - namedtype.NamedType('hwModules', HardwareModuleIdentifierList().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('communities', CommunityIdentifierList().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('allModules', univ.Null().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('uri', char.IA5String().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.NamedType('otherName', AnotherName().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) -) - - -class SeqNumber(univ.Integer): - pass - -SeqNumber.subtypeSpec = constraint.ValueRangeConstraint(0, 9223372036854775807) - - -class TAMPMsgRef(univ.Sequence): - pass - -TAMPMsgRef.componentType = namedtype.NamedTypes( - namedtype.NamedType('target', TargetIdentifier()), - namedtype.NamedType('seqNum', SeqNumber()) -) - - -class TAMPStatusQuery(univ.Sequence): - pass - -TAMPStatusQuery.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', TAMPVersion().subtype( - implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype( - implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1)).subtype(value='verbose')), - namedtype.NamedType('query', TAMPMsgRef()) -) - - -tamp_status_query = rfc5652.ContentInfo() -tamp_status_query['contentType'] = id_ct_TAMP_statusQuery -tamp_status_query['content'] = TAMPStatusQuery() - - -# TAMP Status Response Message - -id_ct_TAMP_statusResponse = _OID(id_tamp, 2) - - -class KeyIdentifiers(univ.SequenceOf): - pass - -KeyIdentifiers.componentType = KeyIdentifier() -KeyIdentifiers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class TrustAnchorChoiceList(univ.SequenceOf): - pass - -TrustAnchorChoiceList.componentType = TrustAnchorChoice() -TrustAnchorChoiceList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class TAMPSequenceNumber(univ.Sequence): - pass - -TAMPSequenceNumber.componentType = namedtype.NamedTypes( - namedtype.NamedType('keyId', KeyIdentifier()), - namedtype.NamedType('seqNumber', SeqNumber()) -) - - -class TAMPSequenceNumbers(univ.SequenceOf): - pass - -TAMPSequenceNumbers.componentType = TAMPSequenceNumber() -TAMPSequenceNumbers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class TerseStatusResponse(univ.Sequence): - pass - -TerseStatusResponse.componentType = namedtype.NamedTypes( - namedtype.NamedType('taKeyIds', KeyIdentifiers()), - namedtype.OptionalNamedType('communities', CommunityIdentifierList()) -) - - -class VerboseStatusResponse(univ.Sequence): - pass - -VerboseStatusResponse.componentType = namedtype.NamedTypes( - namedtype.NamedType('taInfo', TrustAnchorChoiceList()), - namedtype.OptionalNamedType('continPubKeyDecryptAlg', - AlgorithmIdentifier().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('communities', - CommunityIdentifierList().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('tampSeqNumbers', - TAMPSequenceNumbers().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 2))) -) - - -class StatusResponse(univ.Choice): - pass - -StatusResponse.componentType = namedtype.NamedTypes( - namedtype.NamedType('terseResponse', TerseStatusResponse().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('verboseResponse', VerboseStatusResponse().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) -) - - -class TAMPStatusResponse(univ.Sequence): - pass - -TAMPStatusResponse.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', TAMPVersion().subtype( - implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('query', TAMPMsgRef()), - namedtype.NamedType('response', StatusResponse()), - namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1)) -) - - -tamp_status_response = rfc5652.ContentInfo() -tamp_status_response['contentType'] = id_ct_TAMP_statusResponse -tamp_status_response['content'] = TAMPStatusResponse() - - -# Trust Anchor Update Message - -id_ct_TAMP_update = _OID(id_tamp, 3) - - -class TBSCertificateChangeInfo(univ.Sequence): - pass - -TBSCertificateChangeInfo.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('serialNumber', CertificateSerialNumber()), - namedtype.OptionalNamedType('signature', AlgorithmIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('validity', Validity().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 5))) -) - - -class TrustAnchorChangeInfo(univ.Sequence): - pass - -TrustAnchorChangeInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('pubKey', SubjectPublicKeyInfo()), - namedtype.OptionalNamedType('keyId', KeyIdentifier()), - namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()), - namedtype.OptionalNamedType('certPath', CertPathControls()), - namedtype.OptionalNamedType('exts', Extensions().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) -) - - -class TrustAnchorChangeInfoChoice(univ.Choice): - pass - -TrustAnchorChangeInfoChoice.componentType = namedtype.NamedTypes( - namedtype.NamedType('tbsCertChange', TBSCertificateChangeInfo().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('taChange', TrustAnchorChangeInfo().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) -) - - -class TrustAnchorUpdate(univ.Choice): - pass - -TrustAnchorUpdate.componentType = namedtype.NamedTypes( - namedtype.NamedType('add', TrustAnchorChoice().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('remove', SubjectPublicKeyInfo().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('change', TrustAnchorChangeInfoChoice().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) -) - - -class TAMPUpdate(univ.Sequence): - pass - -TAMPUpdate.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.DefaultedNamedType('terse', - TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1)).subtype(value='verbose')), - namedtype.NamedType('msgRef', TAMPMsgRef()), - namedtype.NamedType('updates', - univ.SequenceOf(componentType=TrustAnchorUpdate()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.OptionalNamedType('tampSeqNumbers', - TAMPSequenceNumbers().subtype(implicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 2))) -) - - -tamp_update = rfc5652.ContentInfo() -tamp_update['contentType'] = id_ct_TAMP_update -tamp_update['content'] = TAMPUpdate() - - -# Trust Anchor Update Confirm Message - -id_ct_TAMP_updateConfirm = _OID(id_tamp, 4) - - -class StatusCode(univ.Enumerated): - pass - -StatusCode.namedValues = namedval.NamedValues( - ('success', 0), - ('decodeFailure', 1), - ('badContentInfo', 2), - ('badSignedData', 3), - ('badEncapContent', 4), - ('badCertificate', 5), - ('badSignerInfo', 6), - ('badSignedAttrs', 7), - ('badUnsignedAttrs', 8), - ('missingContent', 9), - ('noTrustAnchor', 10), - ('notAuthorized', 11), - ('badDigestAlgorithm', 12), - ('badSignatureAlgorithm', 13), - ('unsupportedKeySize', 14), - ('unsupportedParameters', 15), - ('signatureFailure', 16), - ('insufficientMemory', 17), - ('unsupportedTAMPMsgType', 18), - ('apexTAMPAnchor', 19), - ('improperTAAddition', 20), - ('seqNumFailure', 21), - ('contingencyPublicKeyDecrypt', 22), - ('incorrectTarget', 23), - ('communityUpdateFailed', 24), - ('trustAnchorNotFound', 25), - ('unsupportedTAAlgorithm', 26), - ('unsupportedTAKeySize', 27), - ('unsupportedContinPubKeyDecryptAlg', 28), - ('missingSignature', 29), - ('resourcesBusy', 30), - ('versionNumberMismatch', 31), - ('missingPolicySet', 32), - ('revokedCertificate', 33), - ('unsupportedTrustAnchorFormat', 34), - ('improperTAChange', 35), - ('malformed', 36), - ('cmsError', 37), - ('unsupportedTargetIdentifier', 38), - ('other', 127) -) - - -class StatusCodeList(univ.SequenceOf): - pass - -StatusCodeList.componentType = StatusCode() -StatusCodeList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class TerseUpdateConfirm(StatusCodeList): - pass - - -class VerboseUpdateConfirm(univ.Sequence): - pass - -VerboseUpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.NamedType('status', StatusCodeList()), - namedtype.NamedType('taInfo', TrustAnchorChoiceList()), - namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers()), - namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1)) -) - - -class UpdateConfirm(univ.Choice): - pass - -UpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.NamedType('terseConfirm', TerseUpdateConfirm().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('verboseConfirm', VerboseUpdateConfirm().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) -) - - -class TAMPUpdateConfirm(univ.Sequence): - pass - -TAMPUpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', TAMPVersion().subtype( - implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('update', TAMPMsgRef()), - namedtype.NamedType('confirm', UpdateConfirm()) -) - - -tamp_update_confirm = rfc5652.ContentInfo() -tamp_update_confirm['contentType'] = id_ct_TAMP_updateConfirm -tamp_update_confirm['content'] = TAMPUpdateConfirm() - - -# Apex Trust Anchor Update Message - -id_ct_TAMP_apexUpdate = _OID(id_tamp, 5) - - -class TAMPApexUpdate(univ.Sequence): - pass - -TAMPApexUpdate.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.DefaultedNamedType('terse', - TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1)).subtype(value='verbose')), - namedtype.NamedType('msgRef', TAMPMsgRef()), - namedtype.NamedType('clearTrustAnchors', univ.Boolean()), - namedtype.NamedType('clearCommunities', univ.Boolean()), - namedtype.OptionalNamedType('seqNumber', SeqNumber()), - namedtype.NamedType('apexTA', TrustAnchorChoice()) -) - - -tamp_apex_update = rfc5652.ContentInfo() -tamp_apex_update['contentType'] = id_ct_TAMP_apexUpdate -tamp_apex_update['content'] = TAMPApexUpdate() - - -# Apex Trust Anchor Update Confirm Message - -id_ct_TAMP_apexUpdateConfirm = _OID(id_tamp, 6) - - -class TerseApexUpdateConfirm(StatusCode): - pass - - -class VerboseApexUpdateConfirm(univ.Sequence): - pass - -VerboseApexUpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.NamedType('status', StatusCode()), - namedtype.NamedType('taInfo', TrustAnchorChoiceList()), - namedtype.OptionalNamedType('communities', - CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('tampSeqNumbers', - TAMPSequenceNumbers().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1))) -) - - -class ApexUpdateConfirm(univ.Choice): - pass - -ApexUpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.NamedType('terseApexConfirm', - TerseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0))), - namedtype.NamedType('verboseApexConfirm', - VerboseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatConstructed, 1))) -) - - -class TAMPApexUpdateConfirm(univ.Sequence): - pass - -TAMPApexUpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('apexReplace', TAMPMsgRef()), - namedtype.NamedType('apexConfirm', ApexUpdateConfirm()) -) - - -tamp_apex_update_confirm = rfc5652.ContentInfo() -tamp_apex_update_confirm['contentType'] = id_ct_TAMP_apexUpdateConfirm -tamp_apex_update_confirm['content'] = TAMPApexUpdateConfirm() - - -# Community Update Message - -id_ct_TAMP_communityUpdate = _OID(id_tamp, 7) - - -class CommunityUpdates(univ.Sequence): - pass - -CommunityUpdates.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('remove', - CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('add', - CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 2))) -) - - -class TAMPCommunityUpdate(univ.Sequence): - pass - -TAMPCommunityUpdate.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.DefaultedNamedType('terse', - TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1)).subtype(value='verbose')), - namedtype.NamedType('msgRef', TAMPMsgRef()), - namedtype.NamedType('updates', CommunityUpdates()) -) - - -tamp_community_update = rfc5652.ContentInfo() -tamp_community_update['contentType'] = id_ct_TAMP_communityUpdate -tamp_community_update['content'] = TAMPCommunityUpdate() - - -# Community Update Confirm Message - -id_ct_TAMP_communityUpdateConfirm = _OID(id_tamp, 8) - - -class TerseCommunityConfirm(StatusCode): - pass - - -class VerboseCommunityConfirm(univ.Sequence): - pass - -VerboseCommunityConfirm.componentType = namedtype.NamedTypes( - namedtype.NamedType('status', StatusCode()), - namedtype.OptionalNamedType('communities', CommunityIdentifierList()) -) - - -class CommunityConfirm(univ.Choice): - pass - -CommunityConfirm.componentType = namedtype.NamedTypes( - namedtype.NamedType('terseCommConfirm', - TerseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0))), - namedtype.NamedType('verboseCommConfirm', - VerboseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatConstructed, 1))) -) - - -class TAMPCommunityUpdateConfirm(univ.Sequence): - pass - -TAMPCommunityUpdateConfirm.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('update', TAMPMsgRef()), - namedtype.NamedType('commConfirm', CommunityConfirm()) -) - - -tamp_community_update_confirm = rfc5652.ContentInfo() -tamp_community_update_confirm['contentType'] = id_ct_TAMP_communityUpdateConfirm -tamp_community_update_confirm['content'] = TAMPCommunityUpdateConfirm() - - -# Sequence Number Adjust Message - -id_ct_TAMP_seqNumAdjust = _OID(id_tamp, 10) - - - -class SequenceNumberAdjust(univ.Sequence): - pass - -SequenceNumberAdjust.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('msgRef', TAMPMsgRef()) -) - - -tamp_sequence_number_adjust = rfc5652.ContentInfo() -tamp_sequence_number_adjust['contentType'] = id_ct_TAMP_seqNumAdjust -tamp_sequence_number_adjust['content'] = SequenceNumberAdjust() - - -# Sequence Number Adjust Confirm Message - -id_ct_TAMP_seqNumAdjustConfirm = _OID(id_tamp, 11) - - -class SequenceNumberAdjustConfirm(univ.Sequence): - pass - -SequenceNumberAdjustConfirm.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('adjust', TAMPMsgRef()), - namedtype.NamedType('status', StatusCode()) -) - - -tamp_sequence_number_adjust_confirm = rfc5652.ContentInfo() -tamp_sequence_number_adjust_confirm['contentType'] = id_ct_TAMP_seqNumAdjustConfirm -tamp_sequence_number_adjust_confirm['content'] = SequenceNumberAdjustConfirm() - - -# TAMP Error Message - -id_ct_TAMP_error = _OID(id_tamp, 9) - - -class TAMPError(univ.Sequence): - pass - -TAMPError.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value='v2')), - namedtype.NamedType('msgType', univ.ObjectIdentifier()), - namedtype.NamedType('status', StatusCode()), - namedtype.OptionalNamedType('msgRef', TAMPMsgRef()) -) - - -tamp_error = rfc5652.ContentInfo() -tamp_error['contentType'] = id_ct_TAMP_error -tamp_error['content'] = TAMPError() - - -# Object Identifier Arc for Attributes - -id_attributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.5') - - -# contingency-public-key-decrypt-key unsigned attribute - -id_aa_TAMP_contingencyPublicKeyDecryptKey = _OID(id_attributes, 63) - - -class PlaintextSymmetricKey(univ.OctetString): - pass - - -contingency_public_key_decrypt_key = Attribute() -contingency_public_key_decrypt_key['type'] = id_aa_TAMP_contingencyPublicKeyDecryptKey -contingency_public_key_decrypt_key['values'][0] = PlaintextSymmetricKey() - - -# id-pe-wrappedApexContinKey extension - -id_pe_wrappedApexContinKey =univ.ObjectIdentifier('1.3.6.1.5.5.7.1.20') - - -class ApexContingencyKey(univ.Sequence): - pass - -ApexContingencyKey.componentType = namedtype.NamedTypes( - namedtype.NamedType('wrapAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('wrappedContinPubKey', univ.OctetString()) -) - - -wrappedApexContinKey = Extension() -wrappedApexContinKey['extnID'] = id_pe_wrappedApexContinKey -wrappedApexContinKey['critical'] = 0 -wrappedApexContinKey['extnValue'] = univ.OctetString() - - -# Add to the map of CMS Content Type OIDs to Content Types in -# rfc5652.py - -_cmsContentTypesMapUpdate = { - id_ct_TAMP_statusQuery: TAMPStatusQuery(), - id_ct_TAMP_statusResponse: TAMPStatusResponse(), - id_ct_TAMP_update: TAMPUpdate(), - id_ct_TAMP_updateConfirm: TAMPUpdateConfirm(), - id_ct_TAMP_apexUpdate: TAMPApexUpdate(), - id_ct_TAMP_apexUpdateConfirm: TAMPApexUpdateConfirm(), - id_ct_TAMP_communityUpdate: TAMPCommunityUpdate(), - id_ct_TAMP_communityUpdateConfirm: TAMPCommunityUpdateConfirm(), - id_ct_TAMP_seqNumAdjust: SequenceNumberAdjust(), - id_ct_TAMP_seqNumAdjustConfirm: SequenceNumberAdjustConfirm(), - id_ct_TAMP_error: TAMPError(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) - - -# Add to the map of CMS Attribute OIDs to Attribute Values in -# rfc5652.py - -_cmsAttributesMapUpdate = { - id_aa_TAMP_contingencyPublicKeyDecryptKey: PlaintextSymmetricKey(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) - - -# Add to the map of Certificate Extension OIDs to Extensions in -# rfc5280.py - -_certificateExtensionsMap = { - id_pe_wrappedApexContinKey: ApexContingencyKey(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) diff --git a/pyasn1_modules/rfc5940.py b/pyasn1_modules/rfc5940.py index e105923..c5ae0c8 100644 --- a/pyasn1_modules/rfc5940.py +++ b/pyasn1_modules/rfc5940.py @@ -42,18 +42,15 @@ class SCVPReqRes(univ.Sequence): pass SCVPReqRes.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('request', - ContentInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('request', ContentInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('response', ContentInfo()) ) # Map of Revocation Info Format OIDs to Revocation Info Format -# is added to the ones that are in rfc5652.py +# To be added to the ones that are in rfc5652.py -_otherRevInfoFormatMapUpdate = { +otherRevInfoFormatMapUpdate = { id_ri_ocsp_response: OCSPResponse(), id_ri_scvp: SCVPReqRes(), } - -rfc5652.otherRevInfoFormatMap.update(_otherRevInfoFormatMapUpdate) diff --git a/pyasn1_modules/rfc5958.py b/pyasn1_modules/rfc5958.py index 1aaa928..d8c7c90 100644 --- a/pyasn1_modules/rfc5958.py +++ b/pyasn1_modules/rfc5958.py @@ -16,7 +16,6 @@ from pyasn1.type import univ, constraint, namedtype, namedval, tag from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 MAX = float('inf') @@ -50,7 +49,7 @@ class PrivateKey(univ.OctetString): class Attributes(univ.SetOf): - componentType = rfc5652.Attribute() + componentType = rfc5280.Attribute() class PublicKey(univ.BitString): @@ -88,11 +87,9 @@ AsymmetricKeyPackage.componentType = OneAsymmetricKey() AsymmetricKeyPackage.sizeSpec=constraint.ValueSizeConstraint(1, MAX) -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_KP_aKeyPackage: AsymmetricKeyPackage(), } - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc5990.py b/pyasn1_modules/rfc5990.py deleted file mode 100644 index 281316f..0000000 --- a/pyasn1_modules/rfc5990.py +++ /dev/null @@ -1,237 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Use of the RSA-KEM Key Transport Algorithm in the CMS -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc5990.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - return univ.ObjectIdentifier(output) - - -# Imports from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - - -# Useful types and definitions - -class NullParms(univ.Null): - pass - - -# Object identifier arcs - -is18033_2 = _OID(1, 0, 18033, 2) - -nistAlgorithm = _OID(2, 16, 840, 1, 101, 3, 4) - -pkcs_1 = _OID(1, 2, 840, 113549, 1, 1) - -x9_44 = _OID(1, 3, 133, 16, 840, 9, 44) - -x9_44_components = _OID(x9_44, 1) - - -# Types for algorithm identifiers - -class Camellia_KeyWrappingScheme(AlgorithmIdentifier): - pass - -class DataEncapsulationMechanism(AlgorithmIdentifier): - pass - -class KDF2_HashFunction(AlgorithmIdentifier): - pass - -class KDF3_HashFunction(AlgorithmIdentifier): - pass - -class KeyDerivationFunction(AlgorithmIdentifier): - pass - -class KeyEncapsulationMechanism(AlgorithmIdentifier): - pass - -class X9_SymmetricKeyWrappingScheme(AlgorithmIdentifier): - pass - - -# RSA-KEM Key Transport Algorithm - -id_rsa_kem = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 14) - - -class GenericHybridParameters(univ.Sequence): - pass - -GenericHybridParameters.componentType = namedtype.NamedTypes( - namedtype.NamedType('kem', KeyEncapsulationMechanism()), - namedtype.NamedType('dem', DataEncapsulationMechanism()) -) - - -rsa_kem = AlgorithmIdentifier() -rsa_kem['algorithm'] = id_rsa_kem -rsa_kem['parameters'] = GenericHybridParameters() - - -# KEM-RSA Key Encapsulation Mechanism - -id_kem_rsa = _OID(is18033_2, 2, 4) - - -class KeyLength(univ.Integer): - pass - -KeyLength.subtypeSpec = constraint.ValueRangeConstraint(1, MAX) - - -class RsaKemParameters(univ.Sequence): - pass - -RsaKemParameters.componentType = namedtype.NamedTypes( - namedtype.NamedType('keyDerivationFunction', KeyDerivationFunction()), - namedtype.NamedType('keyLength', KeyLength()) -) - - -kem_rsa = AlgorithmIdentifier() -kem_rsa['algorithm'] = id_kem_rsa -kem_rsa['parameters'] = RsaKemParameters() - - -# Key Derivation Functions - -id_kdf_kdf2 = _OID(x9_44_components, 1) - -id_kdf_kdf3 = _OID(x9_44_components, 2) - - -kdf2 = AlgorithmIdentifier() -kdf2['algorithm'] = id_kdf_kdf2 -kdf2['parameters'] = KDF2_HashFunction() - -kdf3 = AlgorithmIdentifier() -kdf3['algorithm'] = id_kdf_kdf3 -kdf3['parameters'] = KDF3_HashFunction() - - -# Hash Functions - -id_sha1 = _OID(1, 3, 14, 3, 2, 26) - -id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4) - -id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1) - -id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2) - -id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3) - - -sha1 = AlgorithmIdentifier() -sha1['algorithm'] = id_sha1 -sha1['parameters'] = univ.Null("") - -sha224 = AlgorithmIdentifier() -sha224['algorithm'] = id_sha224 -sha224['parameters'] = univ.Null("") - -sha256 = AlgorithmIdentifier() -sha256['algorithm'] = id_sha256 -sha256['parameters'] = univ.Null("") - -sha384 = AlgorithmIdentifier() -sha384['algorithm'] = id_sha384 -sha384['parameters'] = univ.Null("") - -sha512 = AlgorithmIdentifier() -sha512['algorithm'] = id_sha512 -sha512['parameters'] = univ.Null("") - - -# Symmetric Key-Wrapping Schemes - -id_aes128_Wrap = _OID(nistAlgorithm, 1, 5) - -id_aes192_Wrap = _OID(nistAlgorithm, 1, 25) - -id_aes256_Wrap = _OID(nistAlgorithm, 1, 45) - -id_alg_CMS3DESwrap = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 6) - -id_camellia128_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 2) - -id_camellia192_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 3) - -id_camellia256_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 4) - - -aes128_Wrap = AlgorithmIdentifier() -aes128_Wrap['algorithm'] = id_aes128_Wrap -# aes128_Wrap['parameters'] are absent - -aes192_Wrap = AlgorithmIdentifier() -aes192_Wrap['algorithm'] = id_aes128_Wrap -# aes192_Wrap['parameters'] are absent - -aes256_Wrap = AlgorithmIdentifier() -aes256_Wrap['algorithm'] = id_sha256 -# aes256_Wrap['parameters'] are absent - -tdes_Wrap = AlgorithmIdentifier() -tdes_Wrap['algorithm'] = id_alg_CMS3DESwrap -tdes_Wrap['parameters'] = univ.Null("") - -camellia128_Wrap = AlgorithmIdentifier() -camellia128_Wrap['algorithm'] = id_camellia128_Wrap -# camellia128_Wrap['parameters'] are absent - -camellia192_Wrap = AlgorithmIdentifier() -camellia192_Wrap['algorithm'] = id_camellia192_Wrap -# camellia192_Wrap['parameters'] are absent - -camellia256_Wrap = AlgorithmIdentifier() -camellia256_Wrap['algorithm'] = id_camellia256_Wrap -# camellia256_Wrap['parameters'] are absent - - -# Update the Algorithm Identifier map in rfc5280.py. -# Note that the ones that must not have parameters are not added to the map. - -_algorithmIdentifierMapUpdate = { - id_rsa_kem: GenericHybridParameters(), - id_kem_rsa: RsaKemParameters(), - id_kdf_kdf2: KDF2_HashFunction(), - id_kdf_kdf3: KDF3_HashFunction(), - id_sha1: univ.Null(), - id_sha224: univ.Null(), - id_sha256: univ.Null(), - id_sha384: univ.Null(), - id_sha512: univ.Null(), - id_alg_CMS3DESwrap: univ.Null(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc6010.py b/pyasn1_modules/rfc6010.py deleted file mode 100644 index 250e207..0000000 --- a/pyasn1_modules/rfc6010.py +++ /dev/null @@ -1,88 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# Modified by Russ Housley to add maps for use with opentypes. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Certificate Extension for CMS Content Constraints (CCC) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6010.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -AttributeType = rfc5280.AttributeType - -AttributeValue = rfc5280.AttributeValue - - -id_ct_anyContentType = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.0') - - -class AttrConstraint(univ.Sequence): - pass - -AttrConstraint.componentType = namedtype.NamedTypes( - namedtype.NamedType('attrType', AttributeType()), - namedtype.NamedType('attrValues', univ.SetOf( - componentType=AttributeValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) -) - - -class AttrConstraintList(univ.SequenceOf): - pass - -AttrConstraintList.componentType = AttrConstraint() -AttrConstraintList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class ContentTypeGeneration(univ.Enumerated): - pass - -ContentTypeGeneration.namedValues = namedval.NamedValues( - ('canSource', 0), - ('cannotSource', 1) -) - - -class ContentTypeConstraint(univ.Sequence): - pass - -ContentTypeConstraint.componentType = namedtype.NamedTypes( - namedtype.NamedType('contentType', univ.ObjectIdentifier()), - namedtype.DefaultedNamedType('canSource', ContentTypeGeneration().subtype(value='canSource')), - namedtype.OptionalNamedType('attrConstraints', AttrConstraintList()) -) - - -# CMS Content Constraints (CCC) Extension and Object Identifier - -id_pe_cmsContentConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.18') - -class CMSContentConstraints(univ.SequenceOf): - pass - -CMSContentConstraints.componentType = ContentTypeConstraint() -CMSContentConstraints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -# Map of Certificate Extension OIDs to Extensions -# To be added to the ones that are in rfc5280.py - -_certificateExtensionsMap = { - id_pe_cmsContentConstraints: CMSContentConstraints(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) diff --git a/pyasn1_modules/rfc6019.py b/pyasn1_modules/rfc6019.py index c6872c7..7816593 100644 --- a/pyasn1_modules/rfc6019.py +++ b/pyasn1_modules/rfc6019.py @@ -14,8 +14,6 @@ from pyasn1.type import constraint from pyasn1.type import univ -from pyasn1_modules import rfc5652 - MAX = float('inf') @@ -35,11 +33,9 @@ class BinarySigningTime(BinaryTime): pass -# Map of Attribute Type OIDs to Attributes ia added to the -# ones that are in rfc5652.py +# Map of Attribute Type OIDs to Attributes +# To be added to the ones that are in rfc5652.py -_cmsAttributesMapUpdate = { +cmsAttributesMapUpdate = { id_aa_binarySigningTime: BinarySigningTime(), } - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/pyasn1_modules/rfc6031.py b/pyasn1_modules/rfc6031.py deleted file mode 100644 index 6e1bb22..0000000 --- a/pyasn1_modules/rfc6031.py +++ /dev/null @@ -1,469 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# CMS Symmetric Key Package Content Type -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6031.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import opentype -from pyasn1.type import tag -from pyasn1.type import univ -from pyasn1.type import useful - -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6019 - - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - return univ.ObjectIdentifier(output) - - -MAX = float('inf') - -id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12') - - -# Symmetric Key Package Attributes - -id_pskc_manufacturer = _OID(id_pskc, 1) - -class at_pskc_manufacturer(char.UTF8String): - pass - - -id_pskc_serialNo = _OID(id_pskc, 2) - -class at_pskc_serialNo(char.UTF8String): - pass - - -id_pskc_model = _OID(id_pskc, 3) - -class at_pskc_model(char.UTF8String): - pass - - -id_pskc_issueNo = _OID(id_pskc, 4) - -class at_pskc_issueNo(char.UTF8String): - pass - - -id_pskc_deviceBinding = _OID(id_pskc, 5) - -class at_pskc_deviceBinding(char.UTF8String): - pass - - -id_pskc_deviceStartDate = _OID(id_pskc, 6) - -class at_pskc_deviceStartDate(useful.GeneralizedTime): - pass - - -id_pskc_deviceExpiryDate = _OID(id_pskc, 7) - -class at_pskc_deviceExpiryDate(useful.GeneralizedTime): - pass - - -id_pskc_moduleId = _OID(id_pskc, 8) - -class at_pskc_moduleId(char.UTF8String): - pass - - -id_pskc_deviceUserId = _OID(id_pskc, 26) - -class at_pskc_deviceUserId(char.UTF8String): - pass - - -# Symmetric Key Attributes - -id_pskc_keyId = _OID(id_pskc, 9) - -class at_pskc_keyUserId(char.UTF8String): - pass - - -id_pskc_algorithm = _OID(id_pskc, 10) - -class at_pskc_algorithm(char.UTF8String): - pass - - -id_pskc_issuer = _OID(id_pskc, 11) - -class at_pskc_issuer(char.UTF8String): - pass - - -id_pskc_keyProfileId = _OID(id_pskc, 12) - -class at_pskc_keyProfileId(char.UTF8String): - pass - - -id_pskc_keyReference = _OID(id_pskc, 13) - -class at_pskc_keyReference(char.UTF8String): - pass - - -id_pskc_friendlyName = _OID(id_pskc, 14) - -class FriendlyName(univ.Sequence): - pass - -FriendlyName.componentType = namedtype.NamedTypes( - namedtype.NamedType('friendlyName', char.UTF8String()), - namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String()) -) - -class at_pskc_friendlyName(FriendlyName): - pass - - -id_pskc_algorithmParameters = _OID(id_pskc, 15) - -class Encoding(char.UTF8String): - pass - -Encoding.namedValues = namedval.NamedValues( - ('dec', "DECIMAL"), - ('hex', "HEXADECIMAL"), - ('alpha', "ALPHANUMERIC"), - ('b64', "BASE64"), - ('bin', "BINARY") -) - -Encoding.subtypeSpec = constraint.SingleValueConstraint( - "DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" ) - -class ChallengeFormat(univ.Sequence): - pass - -ChallengeFormat.componentType = namedtype.NamedTypes( - namedtype.NamedType('encoding', Encoding()), - namedtype.DefaultedNamedType('checkDigit', - univ.Boolean().subtype(value=0)), - namedtype.NamedType('min', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), - namedtype.NamedType('max', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) -) - -class ResponseFormat(univ.Sequence): - pass - -ResponseFormat.componentType = namedtype.NamedTypes( - namedtype.NamedType('encoding', Encoding()), - namedtype.NamedType('length', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), - namedtype.DefaultedNamedType('checkDigit', - univ.Boolean().subtype(value=0)) -) - -class PSKCAlgorithmParameters(univ.Choice): - pass - -PSKCAlgorithmParameters.componentType = namedtype.NamedTypes( - namedtype.NamedType('suite', char.UTF8String()), - namedtype.NamedType('challengeFormat', ChallengeFormat().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('responseFormat', ResponseFormat().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) -) - -class at_pskc_algorithmParameters(PSKCAlgorithmParameters): - pass - - -id_pskc_counter = _OID(id_pskc, 16) - -class at_pskc_counter(univ.Integer): - pass - -at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) - - -id_pskc_time = _OID(id_pskc, 17) - -class at_pskc_time(rfc6019.BinaryTime): - pass - - -id_pskc_timeInterval = _OID(id_pskc, 18) - -class at_pskc_timeInterval(univ.Integer): - pass - -at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) - - -id_pskc_timeDrift = _OID(id_pskc, 19) - -class at_pskc_timeDrift(univ.Integer): - pass - -at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) - - -id_pskc_valueMAC = _OID(id_pskc, 20) - -class ValueMac(univ.Sequence): - pass - -ValueMac.componentType = namedtype.NamedTypes( - namedtype.NamedType('macAlgorithm', char.UTF8String()), - namedtype.NamedType('mac', char.UTF8String()) -) - -class at_pskc_valueMAC(ValueMac): - pass - - -id_pskc_keyUserId = _OID(id_pskc, 27) - -class at_pskc_keyId(char.UTF8String): - pass - - -id_pskc_keyStartDate = _OID(id_pskc, 21) - -class at_pskc_keyStartDate(useful.GeneralizedTime): - pass - - -id_pskc_keyExpiryDate = _OID(id_pskc, 22) - -class at_pskc_keyExpiryDate(useful.GeneralizedTime): - pass - - -id_pskc_numberOfTransactions = _OID(id_pskc, 23) - -class at_pskc_numberOfTransactions(univ.Integer): - pass - -at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) - - -id_pskc_keyUsages = _OID(id_pskc, 24) - -class PSKCKeyUsage(char.UTF8String): - pass - -PSKCKeyUsage.namedValues = namedval.NamedValues( - ('otp', "OTP"), - ('cr', "CR"), - ('encrypt', "Encrypt"), - ('integrity', "Integrity"), - ('verify', "Verify"), - ('unlock', "Unlock"), - ('decrypt', "Decrypt"), - ('keywrap', "KeyWrap"), - ('unwrap', "Unwrap"), - ('derive', "Derive"), - ('generate', "Generate") -) - -PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint( - "OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock", - "Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" ) - -class PSKCKeyUsages(univ.SequenceOf): - pass - -PSKCKeyUsages.componentType = PSKCKeyUsage() - -class at_pskc_keyUsage(PSKCKeyUsages): - pass - - -id_pskc_pinPolicy = _OID(id_pskc, 25) - -class PINUsageMode(char.UTF8String): - pass - -PINUsageMode.namedValues = namedval.NamedValues( - ("local", "Local"), - ("prepend", "Prepend"), - ("append", "Append"), - ("algorithmic", "Algorithmic") -) - -PINUsageMode.subtypeSpec = constraint.SingleValueConstraint( - "Local", "Prepend", "Append", "Algorithmic" ) - -class PINPolicy(univ.Sequence): - pass - -PINPolicy.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('pinUsageMode', PINUsageMode().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('minLength', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('maxLength', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('pinEncoding', Encoding().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) -) - -class at_pskc_pinPolicy(PINPolicy): - pass - - -# Map of Symmetric Key Package Attribute OIDs to Attributes - -sKeyPkgAttributesMap = { - id_pskc_manufacturer: at_pskc_manufacturer(), - id_pskc_serialNo: at_pskc_serialNo(), - id_pskc_model: at_pskc_model(), - id_pskc_issueNo: at_pskc_issueNo(), - id_pskc_deviceBinding: at_pskc_deviceBinding(), - id_pskc_deviceStartDate: at_pskc_deviceStartDate(), - id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(), - id_pskc_moduleId: at_pskc_moduleId(), - id_pskc_deviceUserId: at_pskc_deviceUserId(), -} - - -# Map of Symmetric Key Attribute OIDs to Attributes - -sKeyAttributesMap = { - id_pskc_keyId: at_pskc_keyId(), - id_pskc_algorithm: at_pskc_algorithm(), - id_pskc_issuer: at_pskc_issuer(), - id_pskc_keyProfileId: at_pskc_keyProfileId(), - id_pskc_keyReference: at_pskc_keyReference(), - id_pskc_friendlyName: at_pskc_friendlyName(), - id_pskc_algorithmParameters: at_pskc_algorithmParameters(), - id_pskc_counter: at_pskc_counter(), - id_pskc_time: at_pskc_time(), - id_pskc_timeInterval: at_pskc_timeInterval(), - id_pskc_timeDrift: at_pskc_timeDrift(), - id_pskc_valueMAC: at_pskc_valueMAC(), - id_pskc_keyUserId: at_pskc_keyUserId(), - id_pskc_keyStartDate: at_pskc_keyStartDate(), - id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(), - id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(), - id_pskc_keyUsages: at_pskc_keyUsage(), - id_pskc_pinPolicy: at_pskc_pinPolicy(), -} - - -# This definition replaces Attribute() from rfc5652.py; it is the same except -# that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap - -class AttributeType(univ.ObjectIdentifier): - pass - - -class AttributeValue(univ.Any): - pass - - -class SKeyAttribute(univ.Sequence): - pass - -SKeyAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('attrType', AttributeType()), - namedtype.NamedType('attrValues', - univ.SetOf(componentType=AttributeValue()), - openType=opentype.OpenType('attrType', sKeyAttributesMap) - ) -) - - -class SKeyPkgAttribute(univ.Sequence): - pass - -SKeyPkgAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('attrType', AttributeType()), - namedtype.NamedType('attrValues', - univ.SetOf(componentType=AttributeValue()), - openType=opentype.OpenType('attrType', sKeyPkgAttributesMap) - ) -) - - -# Symmetric Key Package Content Type - -id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25') - - -class KeyPkgVersion(univ.Integer): - pass - -KeyPkgVersion.namedValues = namedval.NamedValues( - ('v1', 1) -) - - -class OneSymmetricKey(univ.Sequence): - pass - -OneSymmetricKey.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('sKeyAttrs', - univ.SequenceOf(componentType=SKeyAttribute()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.OptionalNamedType('sKey', univ.OctetString()) -) - -OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) - - -class SymmetricKeys(univ.SequenceOf): - pass - -SymmetricKeys.componentType = OneSymmetricKey() -SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -class SymmetricKeyPackage(univ.Sequence): - pass - -SymmetricKeyPackage.componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')), - namedtype.OptionalNamedType('sKeyPkgAttrs', - univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('sKeys', SymmetricKeys()) -) - - -# Map of Content Type OIDs to Content Types are -# added to the ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { - id_ct_KP_sKeyPackage: SymmetricKeyPackage(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc6032.py b/pyasn1_modules/rfc6032.py deleted file mode 100644 index 563639a..0000000 --- a/pyasn1_modules/rfc6032.py +++ /dev/null @@ -1,68 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# CMS Encrypted Key Package Content Type -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6032.txt -# - -from pyasn1.type import namedtype -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5083 - - -# Content Decryption Key Identifier attribute - -id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') - -class ContentDecryptKeyID(univ.OctetString): - pass - -aa_content_decrypt_key_identifier = rfc5652.Attribute() -aa_content_decrypt_key_identifier['attrType'] = id_aa_KP_contentDecryptKeyID -aa_content_decrypt_key_identifier['attrValues'][0] = ContentDecryptKeyID() - - -# Encrypted Key Package Content Type - -id_ct_KP_encryptedKeyPkg = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.2') - -class EncryptedKeyPackage(univ.Choice): - pass - -EncryptedKeyPackage.componentType = namedtype.NamedTypes( - namedtype.NamedType('encrypted', rfc5652.EncryptedData()), - namedtype.NamedType('enveloped', rfc5652.EnvelopedData().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('authEnveloped', rfc5083.AuthEnvelopedData().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) -) - - -# Map of Attribute Type OIDs to Attributes are -# added to the ones that are in rfc5652.py - -_cmsAttributesMapUpdate = { - id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) - - -# Map of Content Type OIDs to Content Types are -# added to the ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { - id_ct_KP_encryptedKeyPkg: EncryptedKeyPackage(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc6120.py b/pyasn1_modules/rfc6120.py deleted file mode 100644 index ab25620..0000000 --- a/pyasn1_modules/rfc6120.py +++ /dev/null @@ -1,43 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Extensible Messaging and Presence Protocol (XMPP) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6120.txt -# - -from pyasn1.type import char -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# XmppAddr Identifier Type as specified in Section 13.7.1.4. of RFC 6120 - -id_pkix = rfc5280.id_pkix - -id_on = id_pkix + (8, ) - -id_on_xmppAddr = id_on + (5, ) - - -class XmppAddr(char.UTF8String): - pass - - -# Map of Other Name OIDs to Other Name is added to the -# ones that are in rfc5280.py - -_anotherNameMapUpdate = { - id_on_xmppAddr: XmppAddr(), -} - -rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/pyasn1_modules/rfc6170.py b/pyasn1_modules/rfc6170.py deleted file mode 100644 index e287616..0000000 --- a/pyasn1_modules/rfc6170.py +++ /dev/null @@ -1,17 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Certificate Image in the Internet X.509 Public Key Infrastructure -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6170.txt -# - -from pyasn1.type import univ - -id_logo_certImage = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.3') diff --git a/pyasn1_modules/rfc6187.py b/pyasn1_modules/rfc6187.py deleted file mode 100644 index 4be0054..0000000 --- a/pyasn1_modules/rfc6187.py +++ /dev/null @@ -1,22 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# X.509v3 Certificates for Secure Shell Authentication -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6187.txt -# - -from pyasn1.type import univ - -id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') - -id_kp = id_pkix + (3, ) - -id_kp_secureShellClient = id_kp + (21, ) -id_kp_secureShellServer = id_kp + (22, ) diff --git a/pyasn1_modules/rfc6210.py b/pyasn1_modules/rfc6210.py deleted file mode 100644 index 28587b9..0000000 --- a/pyasn1_modules/rfc6210.py +++ /dev/null @@ -1,42 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Experiment for Hash Functions with Parameters in the CMS -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6210.txt -# - -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -id_alg_MD5_XOR_EXPERIMENT = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.13') - - -class MD5_XOR_EXPERIMENT(univ.OctetString): - pass - -MD5_XOR_EXPERIMENT.subtypeSpec = constraint.ValueSizeConstraint(64, 64) - - -mda_xor_md5_EXPERIMENT = rfc5280.AlgorithmIdentifier() -mda_xor_md5_EXPERIMENT['algorithm'] = id_alg_MD5_XOR_EXPERIMENT -mda_xor_md5_EXPERIMENT['parameters'] = MD5_XOR_EXPERIMENT() - - -# Map of Algorithm Identifier OIDs to Parameters added to the -# ones that are in rfc5280.py. - -_algorithmIdentifierMapUpdate = { - id_alg_MD5_XOR_EXPERIMENT: MD5_XOR_EXPERIMENT(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc6211.py b/pyasn1_modules/rfc6211.py deleted file mode 100644 index abd7a86..0000000 --- a/pyasn1_modules/rfc6211.py +++ /dev/null @@ -1,72 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# CMS Algorithm Identifier Protection Attribute -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6211.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - - -# Imports from RFC 5652 - -DigestAlgorithmIdentifier = rfc5652.DigestAlgorithmIdentifier - -MessageAuthenticationCodeAlgorithm = rfc5652.MessageAuthenticationCodeAlgorithm - -SignatureAlgorithmIdentifier = rfc5652.SignatureAlgorithmIdentifier - - -# CMS Algorithm Protection attribute - -id_aa_cmsAlgorithmProtect = univ.ObjectIdentifier('1.2.840.113549.1.9.52') - - -class CMSAlgorithmProtection(univ.Sequence): - pass - -CMSAlgorithmProtection.componentType = namedtype.NamedTypes( - namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), - namedtype.OptionalNamedType('signatureAlgorithm', - SignatureAlgorithmIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('macAlgorithm', - MessageAuthenticationCodeAlgorithm().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) -) - -CMSAlgorithmProtection.subtypeSpec = constraint.ConstraintsUnion( - constraint.WithComponentsConstraint( - ('signatureAlgorithm', constraint.ComponentPresentConstraint()), - ('macAlgorithm', constraint.ComponentAbsentConstraint())), - constraint.WithComponentsConstraint( - ('signatureAlgorithm', constraint.ComponentAbsentConstraint()), - ('macAlgorithm', constraint.ComponentPresentConstraint())) -) - - -aa_cmsAlgorithmProtection = rfc5652.Attribute() -aa_cmsAlgorithmProtection['attrType'] = id_aa_cmsAlgorithmProtect -aa_cmsAlgorithmProtection['attrValues'][0] = CMSAlgorithmProtection() - - -# Map of Attribute Type OIDs to Attributes are -# added to the ones that are in rfc5652.py - -_cmsAttributesMapUpdate = { - id_aa_cmsAlgorithmProtect: CMSAlgorithmProtection(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
\ No newline at end of file diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index b5f0d48..dbb699a 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -41,8 +41,7 @@ def _buildOid(*components): return univ.ObjectIdentifier(output) -# Since CMS Attributes and CMC Controls both use 'attrType', one map is used -cmcControlAttributesMap = rfc5652.cmsAttributesMap +cmcControlAttributesMap = { } class ChangeSubjectName(univ.Sequence): @@ -616,13 +615,10 @@ _cmcControlAttributesMapUpdate = { cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) -# Map of CMC Content Type OIDs to CMC Content Types are added to -# the ones that are in rfc5652.py +# Map of CMC Content Type OIDs to CMC Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_cct_PKIData: PKIData(), id_cct_PKIResponse: PKIResponse(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) - +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc6482.py b/pyasn1_modules/rfc6482.py deleted file mode 100644 index d213a46..0000000 --- a/pyasn1_modules/rfc6482.py +++ /dev/null @@ -1,74 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# RPKI Route Origin Authorizations (ROAs) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6482.txt -# https://www.rfc-editor.org/errata/eid5881 -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - -MAX = float('inf') - - -id_ct_routeOriginAuthz = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.24') - - -class ASID(univ.Integer): - pass - - -class IPAddress(univ.BitString): - pass - - -class ROAIPAddress(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('address', IPAddress()), - namedtype.OptionalNamedType('maxLength', univ.Integer()) - ) - - -class ROAIPAddressFamily(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('addressFamily', - univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(2, 3))), - namedtype.NamedType('addresses', - univ.SequenceOf(componentType=ROAIPAddress()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) - ) - - -class RouteOriginAttestation(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - univ.Integer().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), - namedtype.NamedType('asID', ASID()), - namedtype.NamedType('ipAddrBlocks', - univ.SequenceOf(componentType=ROAIPAddressFamily()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) - ) - - -# Map of Content Type OIDs to Content Types added to the -# ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { - id_ct_routeOriginAuthz: RouteOriginAttestation(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc6486.py b/pyasn1_modules/rfc6486.py deleted file mode 100644 index 31c936a..0000000 --- a/pyasn1_modules/rfc6486.py +++ /dev/null @@ -1,68 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# RPKI Manifests -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6486.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import tag -from pyasn1.type import useful -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - -MAX = float('inf') - - -id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16') - -id_ct = id_smime + (1, ) - -id_ct_rpkiManifest = id_ct + (26, ) - - -class FileAndHash(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('file', char.IA5String()), - namedtype.NamedType('hash', univ.BitString()) - ) - - -class Manifest(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', - univ.Integer().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), - namedtype.NamedType('manifestNumber', - univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), - namedtype.NamedType('thisUpdate', - useful.GeneralizedTime()), - namedtype.NamedType('nextUpdate', - useful.GeneralizedTime()), - namedtype.NamedType('fileHashAlg', - univ.ObjectIdentifier()), - namedtype.NamedType('fileList', - univ.SequenceOf(componentType=FileAndHash()).subtype( - subtypeSpec=constraint.ValueSizeConstraint(0, MAX))) - ) - - -# Map of Content Type OIDs to Content Types added to the -# ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { - id_ct_rpkiManifest: Manifest(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc6487.py b/pyasn1_modules/rfc6487.py deleted file mode 100644 index d8c2f87..0000000 --- a/pyasn1_modules/rfc6487.py +++ /dev/null @@ -1,22 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Profile for X.509 PKIX Resource Certificates -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6487.txt -# - -from pyasn1.type import univ - -id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') - -id_ad = id_pkix + (48, ) - -id_ad_rpkiManifest = id_ad + (10, ) -id_ad_signedObject = id_ad + (11, ) diff --git a/pyasn1_modules/rfc6664.py b/pyasn1_modules/rfc6664.py deleted file mode 100644 index 41629d8..0000000 --- a/pyasn1_modules/rfc6664.py +++ /dev/null @@ -1,147 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with some assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# S/MIME Capabilities for Public Key Definitions -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6664.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5751 -from pyasn1_modules import rfc5480 -from pyasn1_modules import rfc4055 -from pyasn1_modules import rfc3279 - -MAX = float('inf') - - -# Imports from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - - -# Imports from RFC 3279 - -dhpublicnumber = rfc3279.dhpublicnumber - -Dss_Parms = rfc3279.Dss_Parms - -id_dsa = rfc3279.id_dsa - -id_ecPublicKey = rfc3279.id_ecPublicKey - -rsaEncryption = rfc3279.rsaEncryption - - -# Imports from RFC 4055 - -id_mgf1 = rfc4055.id_mgf1 - -id_RSAES_OAEP = rfc4055.id_RSAES_OAEP - -id_RSASSA_PSS = rfc4055.id_RSASSA_PSS - - -# Imports from RFC 5480 - -ECParameters = rfc5480.ECParameters - -id_ecDH = rfc5480.id_ecDH - -id_ecMQV = rfc5480.id_ecMQV - - -# RSA - -class RSAKeySize(univ.Integer): - # suggested values are 1024, 2048, 3072, 4096, 7680, 8192, and 15360; - # however, the integer value is not limited to these suggestions - pass - - -class RSAKeyCapabilities(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('minKeySize', RSAKeySize()), - namedtype.OptionalNamedType('maxKeySize', RSAKeySize()) - ) - - -class RsaSsa_Pss_sig_caps(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('hashAlg', AlgorithmIdentifier()), - namedtype.OptionalNamedType('maskAlg', AlgorithmIdentifier()), - namedtype.DefaultedNamedType('trailerField', univ.Integer().subtype(value=1)) - ) - - -# Diffie-Hellman and DSA - -class DSAKeySize(univ.Integer): - subtypeSpec = constraint.SingleValueConstraint(1024, 2048, 3072, 7680, 15360) - - -class DSAKeyCapabilities(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('keySizes', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('minKeySize', - DSAKeySize()), - namedtype.OptionalNamedType('maxKeySize', - DSAKeySize()), - namedtype.OptionalNamedType('maxSizeP', - univ.Integer().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('maxSizeQ', - univ.Integer().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('maxSizeG', - univ.Integer().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 3))) - )).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('keyParams', - Dss_Parms().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatConstructed, 1))) - ) - - -# Elliptic Curve - -class EC_SMimeCaps(univ.SequenceOf): - componentType = ECParameters() - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -# Update the SMIMECapabilities Attribute Map in rfc5751.py -# -# The map can either include an entry for scap-sa-rsaSSA-PSS or -# scap-pk-rsaSSA-PSS, but not both. One is associated with the -# public key and the other is associated with the signature -# algorithm; however, they use the same OID. If you need the -# other one in your application, copy the map into a local dict, -# adjust as needed, and pass the local dict to the decoder with -# openTypes=your_local_map. - -_smimeCapabilityMapUpdate = { - rsaEncryption: RSAKeyCapabilities(), - id_RSASSA_PSS: RSAKeyCapabilities(), - # id_RSASSA_PSS: RsaSsa_Pss_sig_caps(), - id_RSAES_OAEP: RSAKeyCapabilities(), - id_dsa: DSAKeyCapabilities(), - dhpublicnumber: DSAKeyCapabilities(), - id_ecPublicKey: EC_SMimeCaps(), - id_ecDH: EC_SMimeCaps(), - id_ecMQV: EC_SMimeCaps(), - id_mgf1: AlgorithmIdentifier(), -} - -rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/pyasn1_modules/rfc6955.py b/pyasn1_modules/rfc6955.py deleted file mode 100644 index 09f2d65..0000000 --- a/pyasn1_modules/rfc6955.py +++ /dev/null @@ -1,108 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Diffie-Hellman Proof-of-Possession Algorithms -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6955.txt -# - -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc3279 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 - - -# Imports from RFC 5652 - -MessageDigest = rfc5652.MessageDigest - -IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber - - -# Imports from RFC 5280 - -id_pkix = rfc5280.id_pkix - - -# Imports from RFC 3279 - -Dss_Sig_Value = rfc3279.Dss_Sig_Value - -DomainParameters = rfc3279.DomainParameters - - -# Static DH Proof-of-Possession - -class DhSigStatic(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('issuerAndSerial', IssuerAndSerialNumber()), - namedtype.NamedType('hashValue', MessageDigest()) - ) - - -# Object Identifiers - -id_dh_sig_hmac_sha1 = id_pkix + (6, 3, ) - -id_dhPop_static_sha1_hmac_sha1 = univ.ObjectIdentifier(id_dh_sig_hmac_sha1) - - -id_alg_dh_pop = id_pkix + (6, 4, ) - -id_alg_dhPop_sha1 = univ.ObjectIdentifier(id_alg_dh_pop) - -id_alg_dhPop_sha224 = id_pkix + (6, 5, ) - -id_alg_dhPop_sha256 = id_pkix + (6, 6, ) - -id_alg_dhPop_sha384 = id_pkix + (6, 7, ) - -id_alg_dhPop_sha512 = id_pkix + (6, 8, ) - - -id_alg_dhPop_static_sha224_hmac_sha224 = id_pkix + (6, 15, ) - -id_alg_dhPop_static_sha256_hmac_sha256 = id_pkix + (6, 16, ) - -id_alg_dhPop_static_sha384_hmac_sha384 = id_pkix + (6, 17, ) - -id_alg_dhPop_static_sha512_hmac_sha512 = id_pkix + (6, 18, ) - - -id_alg_ecdhPop_static_sha224_hmac_sha224 = id_pkix + (6, 25, ) - -id_alg_ecdhPop_static_sha256_hmac_sha256 = id_pkix + (6, 26, ) - -id_alg_ecdhPop_static_sha384_hmac_sha384 = id_pkix + (6, 27, ) - -id_alg_ecdhPop_static_sha512_hmac_sha512 = id_pkix + (6, 28, ) - - -# Update the Algorithm Identifier map in rfc5280.py - -_algorithmIdentifierMapUpdate = { - id_alg_dh_pop: DomainParameters(), - id_alg_dhPop_sha224: DomainParameters(), - id_alg_dhPop_sha256: DomainParameters(), - id_alg_dhPop_sha384: DomainParameters(), - id_alg_dhPop_sha512: DomainParameters(), - id_dh_sig_hmac_sha1: univ.Null(""), - id_alg_dhPop_static_sha224_hmac_sha224: univ.Null(""), - id_alg_dhPop_static_sha256_hmac_sha256: univ.Null(""), - id_alg_dhPop_static_sha384_hmac_sha384: univ.Null(""), - id_alg_dhPop_static_sha512_hmac_sha512: univ.Null(""), - id_alg_ecdhPop_static_sha224_hmac_sha224: univ.Null(""), - id_alg_ecdhPop_static_sha256_hmac_sha256: univ.Null(""), - id_alg_ecdhPop_static_sha384_hmac_sha384: univ.Null(""), - id_alg_ecdhPop_static_sha512_hmac_sha512: univ.Null(""), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc6960.py b/pyasn1_modules/rfc6960.py deleted file mode 100644 index e5f1305..0000000 --- a/pyasn1_modules/rfc6960.py +++ /dev/null @@ -1,223 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Online Certificate Status Protocol (OCSP) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc6960.txt -# - -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful - -from pyasn1_modules import rfc2560 -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# Imports from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier -AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax -Certificate = rfc5280.Certificate -CertificateSerialNumber = rfc5280.CertificateSerialNumber -CRLReason = rfc5280.CRLReason -Extensions = rfc5280.Extensions -GeneralName = rfc5280.GeneralName -Name = rfc5280.Name - -id_kp = rfc5280.id_kp - -id_ad_ocsp = rfc5280.id_ad_ocsp - - -# Imports from the original OCSP module in RFC 2560 - -AcceptableResponses = rfc2560.AcceptableResponses -ArchiveCutoff = rfc2560.ArchiveCutoff -CertStatus = rfc2560.CertStatus -KeyHash = rfc2560.KeyHash -OCSPResponse = rfc2560.OCSPResponse -OCSPResponseStatus = rfc2560.OCSPResponseStatus -ResponseBytes = rfc2560.ResponseBytes -RevokedInfo = rfc2560.RevokedInfo -UnknownInfo = rfc2560.UnknownInfo -Version = rfc2560.Version - -id_kp_OCSPSigning = rfc2560.id_kp_OCSPSigning - -id_pkix_ocsp = rfc2560.id_pkix_ocsp -id_pkix_ocsp_archive_cutoff = rfc2560.id_pkix_ocsp_archive_cutoff -id_pkix_ocsp_basic = rfc2560.id_pkix_ocsp_basic -id_pkix_ocsp_crl = rfc2560.id_pkix_ocsp_crl -id_pkix_ocsp_nocheck = rfc2560.id_pkix_ocsp_nocheck -id_pkix_ocsp_nonce = rfc2560.id_pkix_ocsp_nonce -id_pkix_ocsp_response = rfc2560.id_pkix_ocsp_response -id_pkix_ocsp_service_locator = rfc2560.id_pkix_ocsp_service_locator - - -# Additional object identifiers - -id_pkix_ocsp_pref_sig_algs = id_pkix_ocsp + (8, ) -id_pkix_ocsp_extended_revoke = id_pkix_ocsp + (9, ) - - -# Updated structures (mostly to improve openTypes support) - -class CertID(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('issuerNameHash', univ.OctetString()), - namedtype.NamedType('issuerKeyHash', univ.OctetString()), - namedtype.NamedType('serialNumber', CertificateSerialNumber()) - ) - - -class SingleResponse(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('certID', CertID()), - namedtype.NamedType('certStatus', CertStatus()), - namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), - namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('singleExtensions', Extensions().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - ) - - -class ResponderID(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('byName', Name().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('byKey', KeyHash().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) - - -class ResponseData(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1').subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('responderID', ResponderID()), - namedtype.NamedType('producedAt', useful.GeneralizedTime()), - namedtype.NamedType('responses', univ.SequenceOf( - componentType=SingleResponse())), - namedtype.OptionalNamedType('responseExtensions', Extensions().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - ) - - -class BasicOCSPResponse(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('tbsResponseData', ResponseData()), - namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('signature', univ.BitString()), - namedtype.OptionalNamedType('certs', univ.SequenceOf( - componentType=Certificate()).subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))) - ) - - -class Request(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('reqCert', CertID()), - namedtype.OptionalNamedType('singleRequestExtensions', Extensions().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) - - -class Signature(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('signature', univ.BitString()), - namedtype.OptionalNamedType('certs', univ.SequenceOf( - componentType=Certificate()).subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))) - ) - - -class TBSRequest(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1').subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('requestorName', GeneralName().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('requestList', univ.SequenceOf( - componentType=Request())), - namedtype.OptionalNamedType('requestExtensions', Extensions().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) - - -class OCSPRequest(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('tbsRequest', TBSRequest()), - namedtype.OptionalNamedType('optionalSignature', Signature().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) - - -# Previously omitted structure - -class ServiceLocator(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('issuer', Name()), - namedtype.NamedType('locator', AuthorityInfoAccessSyntax()) - ) - - -# Additional structures - -class CrlID(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('crlUrl', char.IA5String().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crlNum', univ.Integer().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('crlTime', useful.GeneralizedTime().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) - - -class PreferredSignatureAlgorithm(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('sigIdentifier', AlgorithmIdentifier()), - namedtype.OptionalNamedType('certIdentifier', AlgorithmIdentifier()) - ) - - -class PreferredSignatureAlgorithms(univ.SequenceOf): - componentType = PreferredSignatureAlgorithm() - - - -# Response Type OID to Response Map - -ocspResponseMap = { - id_pkix_ocsp_basic: BasicOCSPResponse(), -} - - -# Map of Extension OIDs to Extensions added to the ones -# that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - # Certificate Extension - id_pkix_ocsp_nocheck: univ.Null(""), - # OCSP Request Extensions - id_pkix_ocsp_nonce: univ.OctetString(), - id_pkix_ocsp_response: AcceptableResponses(), - id_pkix_ocsp_service_locator: ServiceLocator(), - id_pkix_ocsp_pref_sig_algs: PreferredSignatureAlgorithms(), - # OCSP Response Extensions - id_pkix_ocsp_crl: CrlID(), - id_pkix_ocsp_archive_cutoff: ArchiveCutoff(), - id_pkix_ocsp_extended_revoke: univ.Null(""), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc7030.py b/pyasn1_modules/rfc7030.py deleted file mode 100644 index 84b6dc5..0000000 --- a/pyasn1_modules/rfc7030.py +++ /dev/null @@ -1,66 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Enrollment over Secure Transport (EST) -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7030.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - -MAX = float('inf') - - -# Imports from RFC 5652 - -Attribute = rfc5652.Attribute - - -# Asymmetric Decrypt Key Identifier Attribute - -id_aa_asymmDecryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.54') - -class AsymmetricDecryptKeyIdentifier(univ.OctetString): - pass - - -aa_asymmDecryptKeyID = Attribute() -aa_asymmDecryptKeyID['attrType'] = id_aa_asymmDecryptKeyID -aa_asymmDecryptKeyID['attrValues'][0] = AsymmetricDecryptKeyIdentifier() - - -# CSR Attributes - -class AttrOrOID(univ.Choice): - pass - -AttrOrOID.componentType = namedtype.NamedTypes( - namedtype.NamedType('oid', univ.ObjectIdentifier()), - namedtype.NamedType('attribute', Attribute()) -) - - -class CsrAttrs(univ.SequenceOf): - pass - -CsrAttrs.componentType = AttrOrOID() -CsrAttrs.subtypeSpec=constraint.ValueSizeConstraint(0, MAX) - - -# Update CMS Attribute Map - -_cmsAttributesMapUpdate = { - id_aa_asymmDecryptKeyID: AsymmetricDecryptKeyIdentifier(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/pyasn1_modules/rfc7191.py b/pyasn1_modules/rfc7191.py index 7c2be11..4f90be1 100644 --- a/pyasn1_modules/rfc7191.py +++ b/pyasn1_modules/rfc7191.py @@ -240,22 +240,18 @@ KeyPkgIdentifierAndReceiptReq.componentType = namedtype.NamedTypes( ) -# Map of Attribute Type OIDs to Attributes are added to -# the ones that are in rfc5652.py +# Map of Attribute Type OIDs to Attributes +# To be added to the ones that are in rfc5652.py -_cmsAttributesMapUpdate = { +cmsAttributesMapUpdate = { id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), } -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -# Map of CMC Content Type OIDs to CMC Content Types are added to -# the ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_KP_keyPackageError: KeyPackageError(), id_ct_KP_keyPackageReceipt: KeyPackageReceipt(), } - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc7229.py b/pyasn1_modules/rfc7229.py deleted file mode 100644 index e9bce2d..0000000 --- a/pyasn1_modules/rfc7229.py +++ /dev/null @@ -1,29 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Object Identifiers for Test Certificate Policies -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7229.txt -# - -from pyasn1.type import univ - - -id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') - -id_TEST = id_pkix + (13, ) - -id_TEST_certPolicyOne = id_TEST + (1, ) -id_TEST_certPolicyTwo = id_TEST + (2, ) -id_TEST_certPolicyThree = id_TEST + (3, ) -id_TEST_certPolicyFour = id_TEST + (4, ) -id_TEST_certPolicyFive = id_TEST + (5, ) -id_TEST_certPolicySix = id_TEST + (6, ) -id_TEST_certPolicySeven = id_TEST + (7, ) -id_TEST_certPolicyEight = id_TEST + (8, ) diff --git a/pyasn1_modules/rfc7292.py b/pyasn1_modules/rfc7292.py deleted file mode 100644 index 1c9f319..0000000 --- a/pyasn1_modules/rfc7292.py +++ /dev/null @@ -1,357 +0,0 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley with assistance from the asn1ate tool. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# PKCS #12: Personal Information Exchange Syntax v1.1 -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7292.txt -# https://www.rfc-editor.org/errata_search.php?rfc=7292 - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import opentype -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc2315 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5958 - - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - - return univ.ObjectIdentifier(output) - - -# Initialize the maps used in PKCS#12 - -pkcs12BagTypeMap = { } - -pkcs12CertBagMap = { } - -pkcs12CRLBagMap = { } - -pkcs12SecretBagMap = { } - - -# Imports from RFC 2315, RFC 5652, and RFC 5958 - -DigestInfo = rfc2315.DigestInfo - - -ContentInfo = rfc5652.ContentInfo - -PKCS12Attribute = rfc5652.Attribute - - -EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo - -PrivateKeyInfo = rfc5958.PrivateKeyInfo - - -# CMSSingleAttribute is the same as Attribute in RFC 5652 except the attrValues -# SET must have one and only one member - -class AttributeType(univ.ObjectIdentifier): - pass - - -class AttributeValue(univ.Any): - pass - - -class AttributeValues(univ.SetOf): - pass - -AttributeValues.componentType = AttributeValue() - - -class CMSSingleAttribute(univ.Sequence): - pass - -CMSSingleAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('attrType', AttributeType()), - namedtype.NamedType('attrValues', - AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), - openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) - ) -) - - -# Object identifier arcs - -rsadsi = _OID(1, 2, 840, 113549) - -pkcs = _OID(rsadsi, 1) - -pkcs_9 = _OID(pkcs, 9) - -certTypes = _OID(pkcs_9, 22) - -crlTypes = _OID(pkcs_9, 23) - -pkcs_12 = _OID(pkcs, 12) - - -# PBE Algorithm Identifiers and Parameters Structure - -pkcs_12PbeIds = _OID(pkcs_12, 1) - -pbeWithSHAAnd128BitRC4 = _OID(pkcs_12PbeIds, 1) - -pbeWithSHAAnd40BitRC4 = _OID(pkcs_12PbeIds, 2) - -pbeWithSHAAnd3_KeyTripleDES_CBC = _OID(pkcs_12PbeIds, 3) - -pbeWithSHAAnd2_KeyTripleDES_CBC = _OID(pkcs_12PbeIds, 4) - -pbeWithSHAAnd128BitRC2_CBC = _OID(pkcs_12PbeIds, 5) - -pbeWithSHAAnd40BitRC2_CBC = _OID(pkcs_12PbeIds, 6) - - -class Pkcs_12PbeParams(univ.Sequence): - pass - -Pkcs_12PbeParams.componentType = namedtype.NamedTypes( - namedtype.NamedType('salt', univ.OctetString()), - namedtype.NamedType('iterations', univ.Integer()) -) - - -# Bag types - -bagtypes = _OID(pkcs_12, 10, 1) - -class BAG_TYPE(univ.Sequence): - pass - -BAG_TYPE.componentType = namedtype.NamedTypes( - namedtype.NamedType('id', univ.ObjectIdentifier()), - namedtype.NamedType('unnamed1', univ.Any(), - openType=opentype.OpenType('attrType', pkcs12BagTypeMap) - ) -) - - -id_keyBag = _OID(bagtypes, 1) - -class KeyBag(PrivateKeyInfo): - pass - - -id_pkcs8ShroudedKeyBag = _OID(bagtypes, 2) - -class PKCS8ShroudedKeyBag(EncryptedPrivateKeyInfo): - pass - - -id_certBag = _OID(bagtypes, 3) - -class CertBag(univ.Sequence): - pass - -CertBag.componentType = namedtype.NamedTypes( - namedtype.NamedType('certId', univ.ObjectIdentifier()), - namedtype.NamedType('certValue', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), - openType=opentype.OpenType('certId', pkcs12CertBagMap) - ) -) - - -x509Certificate = CertBag() -x509Certificate['certId'] = _OID(certTypes, 1) -x509Certificate['certValue'] = univ.OctetString() -# DER-encoded X.509 certificate stored in OCTET STRING - - -sdsiCertificate = CertBag() -sdsiCertificate['certId'] = _OID(certTypes, 2) -sdsiCertificate['certValue'] = char.IA5String() -# Base64-encoded SDSI certificate stored in IA5String - - -id_CRLBag = _OID(bagtypes, 4) - -class CRLBag(univ.Sequence): - pass - -CRLBag.componentType = namedtype.NamedTypes( - namedtype.NamedType('crlId', univ.ObjectIdentifier()), - namedtype.NamedType('crlValue', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), - openType=opentype.OpenType('crlId', pkcs12CRLBagMap) - ) -) - - -x509CRL = CRLBag() -x509CRL['crlId'] = _OID(crlTypes, 1) -x509CRL['crlValue'] = univ.OctetString() -# DER-encoded X.509 CRL stored in OCTET STRING - - -id_secretBag = _OID(bagtypes, 5) - -class SecretBag(univ.Sequence): - pass - -SecretBag.componentType = namedtype.NamedTypes( - namedtype.NamedType('secretTypeId', univ.ObjectIdentifier()), - namedtype.NamedType('secretValue', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), - openType=opentype.OpenType('secretTypeId', pkcs12SecretBagMap) - ) -) - - -id_safeContentsBag = _OID(bagtypes, 6) - -class SafeBag(univ.Sequence): - pass - -SafeBag.componentType = namedtype.NamedTypes( - namedtype.NamedType('bagId', univ.ObjectIdentifier()), - namedtype.NamedType('bagValue', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), - openType=opentype.OpenType('bagId', pkcs12BagTypeMap) - ), - namedtype.OptionalNamedType('bagAttributes', - univ.SetOf(componentType=PKCS12Attribute()) - ) -) - - -class SafeContents(univ.SequenceOf): - pass - -SafeContents.componentType = SafeBag() - - -# The PFX PDU - -class AuthenticatedSafe(univ.SequenceOf): - pass - -AuthenticatedSafe.componentType = ContentInfo() -# Data if unencrypted -# EncryptedData if password-encrypted -# EnvelopedData if public key-encrypted - - -class MacData(univ.Sequence): - pass - -MacData.componentType = namedtype.NamedTypes( - namedtype.NamedType('mac', DigestInfo()), - namedtype.NamedType('macSalt', univ.OctetString()), - namedtype.DefaultedNamedType('iterations', univ.Integer().subtype(value=1)) - # Note: The default is for historical reasons and its use is deprecated -) - - -class PFX(univ.Sequence): - pass - -PFX.componentType = namedtype.NamedTypes( - namedtype.NamedType('version', - univ.Integer(namedValues=namedval.NamedValues(('v3', 3))) - ), - namedtype.NamedType('authSafe', ContentInfo()), - namedtype.OptionalNamedType('macData', MacData()) -) - - -# Local key identifier (also defined as certificateAttribute in rfc2985.py) - -pkcs_9_at_localKeyId = _OID(pkcs_9, 21) - -localKeyId = CMSSingleAttribute() -localKeyId['attrType'] = pkcs_9_at_localKeyId -localKeyId['attrValues'][0] = univ.OctetString() - - -# Friendly name (also defined as certificateAttribute in rfc2985.py) - -pkcs_9_ub_pkcs9String = univ.Integer(255) - -pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String) - -pkcs_9_at_friendlyName = _OID(pkcs_9, 20) - -class FriendlyName(char.BMPString): - pass - -FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName) - - -friendlyName = CMSSingleAttribute() -friendlyName['attrType'] = pkcs_9_at_friendlyName -friendlyName['attrValues'][0] = FriendlyName() - - -# Update the PKCS#12 maps - -_pkcs12BagTypeMap = { - id_keyBag: KeyBag(), - id_pkcs8ShroudedKeyBag: PKCS8ShroudedKeyBag(), - id_certBag: CertBag(), - id_CRLBag: CRLBag(), - id_secretBag: SecretBag(), - id_safeContentsBag: SafeBag(), -} - -pkcs12BagTypeMap.update(_pkcs12BagTypeMap) - - -_pkcs12CertBagMap = { - _OID(certTypes, 1): univ.OctetString(), - _OID(certTypes, 2): char.IA5String(), -} - -pkcs12CertBagMap.update(_pkcs12CertBagMap) - - -_pkcs12CRLBagMap = { - _OID(crlTypes, 1): univ.OctetString(), -} - -pkcs12CRLBagMap.update(_pkcs12CRLBagMap) - - -# Update the Algorithm Identifier map - -_algorithmIdentifierMapUpdate = { - pbeWithSHAAnd128BitRC4: Pkcs_12PbeParams(), - pbeWithSHAAnd40BitRC4: Pkcs_12PbeParams(), - pbeWithSHAAnd3_KeyTripleDES_CBC: Pkcs_12PbeParams(), - pbeWithSHAAnd2_KeyTripleDES_CBC: Pkcs_12PbeParams(), - pbeWithSHAAnd128BitRC2_CBC: Pkcs_12PbeParams(), - pbeWithSHAAnd40BitRC2_CBC: Pkcs_12PbeParams(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) - - -# Update the CMS Attribute map - -_cmsAttributesMapUpdate = { - pkcs_9_at_friendlyName: FriendlyName(), - pkcs_9_at_localKeyId: univ.OctetString(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/pyasn1_modules/rfc7508.py b/pyasn1_modules/rfc7508.py deleted file mode 100644 index 6646024..0000000 --- a/pyasn1_modules/rfc7508.py +++ /dev/null @@ -1,90 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Securing Header Fields with S/MIME -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7508.txt -# https://www.rfc-editor.org/errata/eid5875 -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - -import string - -MAX = float('inf') - - -class Algorithm(univ.Enumerated): - namedValues = namedval.NamedValues( - ('canonAlgorithmSimple', 0), - ('canonAlgorithmRelaxed', 1) - ) - - -class HeaderFieldStatus(univ.Integer): - namedValues = namedval.NamedValues( - ('duplicated', 0), - ('deleted', 1), - ('modified', 2) - ) - - -class HeaderFieldName(char.VisibleString): - subtypeSpec = ( - constraint.PermittedAlphabetConstraint(*string.printable) - - constraint.PermittedAlphabetConstraint(':') - ) - - -class HeaderFieldValue(char.UTF8String): - pass - - -class HeaderField(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('field-Name', HeaderFieldName()), - namedtype.NamedType('field-Value', HeaderFieldValue()), - namedtype.DefaultedNamedType('field-Status', - HeaderFieldStatus().subtype(value='duplicated')) - ) - - -class HeaderFields(univ.SequenceOf): - componentType = HeaderField() - subtypeSpec = constraint.ValueSizeConstraint(1, MAX) - - -class SecureHeaderFields(univ.Set): - componentType = namedtype.NamedTypes( - namedtype.NamedType('canonAlgorithm', Algorithm()), - namedtype.NamedType('secHeaderFields', HeaderFields()) - ) - - -id_aa = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, 2, )) - -id_aa_secureHeaderFieldsIdentifier = id_aa + (55, ) - - - -# Map of Attribute Type OIDs to Attributes added to the -# ones that are in rfc5652.py - -_cmsAttributesMapUpdate = { - id_aa_secureHeaderFieldsIdentifier: SecureHeaderFields(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) - diff --git a/pyasn1_modules/rfc7585.py b/pyasn1_modules/rfc7585.py deleted file mode 100644 index b3fd4a5..0000000 --- a/pyasn1_modules/rfc7585.py +++ /dev/null @@ -1,50 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with some assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Network Access Identifier (NAI) Realm Name for Certificates -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7585.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -# NAI Realm Name for Certificates - -id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') - -id_on = id_pkix + (8, ) - -id_on_naiRealm = id_on + (8, ) - - -ub_naiRealm_length = univ.Integer(255) - - -class NAIRealm(char.UTF8String): - subtypeSpec = constraint.ValueSizeConstraint(1, ub_naiRealm_length) - - -naiRealm = rfc5280.AnotherName() -naiRealm['type-id'] = id_on_naiRealm -naiRealm['value'] = NAIRealm() - - -# Map of Other Name OIDs to Other Name is added to the -# ones that are in rfc5280.py - -_anotherNameMapUpdate = { - id_on_naiRealm: NAIRealm(), -} - -rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/pyasn1_modules/rfc7633.py b/pyasn1_modules/rfc7633.py deleted file mode 100644 index f518440..0000000 --- a/pyasn1_modules/rfc7633.py +++ /dev/null @@ -1,38 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with some assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Transport Layer Security (TLS) Feature Certificate Extension -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7633.txt -# - -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -# TLS Features Extension - -id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') - -id_pe_tlsfeature = id_pe + (24, ) - - -class Features(univ.SequenceOf): - componentType = univ.Integer() - - -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - id_pe_tlsfeature: Features(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc7773.py b/pyasn1_modules/rfc7773.py deleted file mode 100644 index 0fee2aa..0000000 --- a/pyasn1_modules/rfc7773.py +++ /dev/null @@ -1,52 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with some assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Authentication Context Certificate Extension -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7773.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# Authentication Context Extension - -e_legnamnden = univ.ObjectIdentifier('1.2.752.201') - -id_eleg_ce = e_legnamnden + (5, ) - -id_ce_authContext = id_eleg_ce + (1, ) - - -class AuthenticationContext(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('contextType', char.UTF8String()), - namedtype.OptionalNamedType('contextInfo', char.UTF8String()) - ) - -class AuthenticationContexts(univ.SequenceOf): - componentType = AuthenticationContext() - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - id_ce_authContext: AuthenticationContexts(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc7894.py b/pyasn1_modules/rfc7894.py deleted file mode 100644 index 4193643..0000000 --- a/pyasn1_modules/rfc7894.py +++ /dev/null @@ -1,92 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Alternative Challenge Password Attributes for EST -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7894.txt -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6402 -from pyasn1_modules import rfc7191 - - -# SingleAttribute is the same as Attribute in RFC 5652, except that the -# attrValues SET must have one and only one member - -Attribute = rfc7191.SingleAttribute - - -# DirectoryString is the same as RFC 5280, except the length is limited to 255 - -class DirectoryString(univ.Choice): - pass - -DirectoryString.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('printableString', char.PrintableString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('universalString', char.UniversalString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('utf8String', char.UTF8String().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))), - namedtype.NamedType('bmpString', char.BMPString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, 255))) -) - - -# OTP Challenge Attribute - -id_aa_otpChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.56') - -ub_aa_otpChallenge = univ.Integer(255) - -otpChallenge = Attribute() -otpChallenge['attrType'] = id_aa_otpChallenge -otpChallenge['attrValues'][0] = DirectoryString() - - -# Revocation Challenge Attribute - -id_aa_revocationChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.57') - -ub_aa_revocationChallenge = univ.Integer(255) - -revocationChallenge = Attribute() -revocationChallenge['attrType'] = id_aa_revocationChallenge -revocationChallenge['attrValues'][0] = DirectoryString() - - -# EST Identity Linking Attribute - -id_aa_estIdentityLinking = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.58') - -ub_aa_est_identity_linking = univ.Integer(255) - -estIdentityLinking = Attribute() -estIdentityLinking['attrType'] = id_aa_estIdentityLinking -estIdentityLinking['attrValues'][0] = DirectoryString() - - -# Map of Attribute Type OIDs to Attributes added to the -# ones that are in rfc6402.py - -_cmcControlAttributesMapUpdate = { - id_aa_otpChallenge: DirectoryString(), - id_aa_revocationChallenge: DirectoryString(), - id_aa_estIdentityLinking: DirectoryString(), -} - -rfc6402.cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) diff --git a/pyasn1_modules/rfc7906.py b/pyasn1_modules/rfc7906.py deleted file mode 100644 index fa5f6b0..0000000 --- a/pyasn1_modules/rfc7906.py +++ /dev/null @@ -1,736 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# NSA's CMS Key Management Attributes -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc7906.txt -# https://www.rfc-editor.org/errata/eid5850 -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import tag -from pyasn1.type import univ - -from pyasn1_modules import rfc2634 -from pyasn1_modules import rfc4108 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6010 -from pyasn1_modules import rfc6019 -from pyasn1_modules import rfc7191 - -MAX = float('inf') - - -# Imports From RFC 2634 - -id_aa_contentHint = rfc2634.id_aa_contentHint - -ContentHints = rfc2634.ContentHints - -id_aa_securityLabel = rfc2634.id_aa_securityLabel - -SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier - -SecurityClassification = rfc2634.SecurityClassification - -ESSPrivacyMark = rfc2634.ESSPrivacyMark - -SecurityCategories= rfc2634.SecurityCategories - -ESSSecurityLabel = rfc2634.ESSSecurityLabel - - -# Imports From RFC 4108 - -id_aa_communityIdentifiers = rfc4108.id_aa_communityIdentifiers - -CommunityIdentifier = rfc4108.CommunityIdentifier - -CommunityIdentifiers = rfc4108.CommunityIdentifiers - - -# Imports From RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - -Name = rfc5280.Name - -Certificate = rfc5280.Certificate - -GeneralNames = rfc5280.GeneralNames - -GeneralName = rfc5280.GeneralName - - -SubjectInfoAccessSyntax = rfc5280.SubjectInfoAccessSyntax - -id_pkix = rfc5280.id_pkix - -id_pe = rfc5280.id_pe - -id_pe_subjectInfoAccess = rfc5280.id_pe_subjectInfoAccess - - -# Imports From RFC 6010 - -CMSContentConstraints = rfc6010.CMSContentConstraints - - -# Imports From RFC 6019 - -BinaryTime = rfc6019.BinaryTime - -id_aa_binarySigningTime = rfc6019.id_aa_binarySigningTime - -BinarySigningTime = rfc6019.BinarySigningTime - - -# Imports From RFC 5652 - -Attribute = rfc5652.Attribute - -CertificateSet = rfc5652.CertificateSet - -CertificateChoices = rfc5652.CertificateChoices - -id_contentType = rfc5652.id_contentType - -ContentType = rfc5652.ContentType - -id_messageDigest = rfc5652.id_messageDigest - -MessageDigest = rfc5652.MessageDigest - - -# Imports From RFC 7191 - -SIREntityName = rfc7191.SIREntityName - -id_aa_KP_keyPkgIdAndReceiptReq = rfc7191.id_aa_KP_keyPkgIdAndReceiptReq - -KeyPkgIdentifierAndReceiptReq = rfc7191.KeyPkgIdentifierAndReceiptReq - - -# Key Province Attribute - -id_aa_KP_keyProvinceV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.71') - - -class KeyProvinceV2(univ.ObjectIdentifier): - pass - - -aa_keyProvince_v2 = Attribute() -aa_keyProvince_v2['attrType'] = id_aa_KP_keyProvinceV2 -aa_keyProvince_v2['attrValues'][0] = KeyProvinceV2() - - -# Manifest Attribute - -id_aa_KP_manifest = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.72') - - -class ShortTitle(char.PrintableString): - pass - - -class Manifest(univ.SequenceOf): - pass - -Manifest.componentType = ShortTitle() -Manifest.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -aa_manifest = Attribute() -aa_manifest['attrType'] = id_aa_KP_manifest -aa_manifest['attrValues'][0] = Manifest() - - -# Key Algorithm Attribute - -id_kma_keyAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.1') - - -class KeyAlgorithm(univ.Sequence): - pass - -KeyAlgorithm.componentType = namedtype.NamedTypes( - namedtype.NamedType('keyAlg', univ.ObjectIdentifier()), - namedtype.OptionalNamedType('checkWordAlg', univ.ObjectIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('crcAlg', univ.ObjectIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) -) - - -aa_keyAlgorithm = Attribute() -aa_keyAlgorithm['attrType'] = id_kma_keyAlgorithm -aa_keyAlgorithm['attrValues'][0] = KeyAlgorithm() - - -# User Certificate Attribute - -id_at_userCertificate = univ.ObjectIdentifier('2.5.4.36') - - -aa_userCertificate = Attribute() -aa_userCertificate['attrType'] = id_at_userCertificate -aa_userCertificate['attrValues'][0] = Certificate() - - -# Key Package Receivers Attribute - -id_kma_keyPkgReceiversV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.16') - - -class KeyPkgReceiver(univ.Choice): - pass - -KeyPkgReceiver.componentType = namedtype.NamedTypes( - namedtype.NamedType('sirEntity', SIREntityName().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('community', CommunityIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) -) - - -class KeyPkgReceiversV2(univ.SequenceOf): - pass - -KeyPkgReceiversV2.componentType = KeyPkgReceiver() -KeyPkgReceiversV2.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -aa_keyPackageReceivers_v2 = Attribute() -aa_keyPackageReceivers_v2['attrType'] = id_kma_keyPkgReceiversV2 -aa_keyPackageReceivers_v2['attrValues'][0] = KeyPkgReceiversV2() - - -# TSEC Nomenclature Attribute - -id_kma_TSECNomenclature = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.3') - - -class CharEdition(char.PrintableString): - pass - - -class CharEditionRange(univ.Sequence): - pass - -CharEditionRange.componentType = namedtype.NamedTypes( - namedtype.NamedType('firstCharEdition', CharEdition()), - namedtype.NamedType('lastCharEdition', CharEdition()) -) - - -class NumEdition(univ.Integer): - pass - -NumEdition.subtypeSpec = constraint.ValueRangeConstraint(0, 308915776) - - -class NumEditionRange(univ.Sequence): - pass - -NumEditionRange.componentType = namedtype.NamedTypes( - namedtype.NamedType('firstNumEdition', NumEdition()), - namedtype.NamedType('lastNumEdition', NumEdition()) -) - - -class EditionID(univ.Choice): - pass - -EditionID.componentType = namedtype.NamedTypes( - namedtype.NamedType('char', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('charEdition', CharEdition().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('charEditionRange', CharEditionRange().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) - )) - ), - namedtype.NamedType('num', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('numEdition', NumEdition().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('numEditionRange', NumEditionRange().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) - )) - ) -) - - -class Register(univ.Integer): - pass - -Register.subtypeSpec = constraint.ValueRangeConstraint(0, 2147483647) - - -class RegisterRange(univ.Sequence): - pass - -RegisterRange.componentType = namedtype.NamedTypes( - namedtype.NamedType('firstRegister', Register()), - namedtype.NamedType('lastRegister', Register()) -) - - -class RegisterID(univ.Choice): - pass - -RegisterID.componentType = namedtype.NamedTypes( - namedtype.NamedType('register', Register().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), - namedtype.NamedType('registerRange', RegisterRange().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))) -) - - -class SegmentNumber(univ.Integer): - pass - -SegmentNumber.subtypeSpec = constraint.ValueRangeConstraint(1, 127) - - -class SegmentRange(univ.Sequence): - pass - -SegmentRange.componentType = namedtype.NamedTypes( - namedtype.NamedType('firstSegment', SegmentNumber()), - namedtype.NamedType('lastSegment', SegmentNumber()) -) - - -class SegmentID(univ.Choice): - pass - -SegmentID.componentType = namedtype.NamedTypes( - namedtype.NamedType('segmentNumber', SegmentNumber().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('segmentRange', SegmentRange().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))) -) - - -class TSECNomenclature(univ.Sequence): - pass - -TSECNomenclature.componentType = namedtype.NamedTypes( - namedtype.NamedType('shortTitle', ShortTitle()), - namedtype.OptionalNamedType('editionID', EditionID()), - namedtype.OptionalNamedType('registerID', RegisterID()), - namedtype.OptionalNamedType('segmentID', SegmentID()) -) - - -aa_tsecNomenclature = Attribute() -aa_tsecNomenclature['attrType'] = id_kma_TSECNomenclature -aa_tsecNomenclature['attrValues'][0] = TSECNomenclature() - - -# Key Purpose Attribute - -id_kma_keyPurpose = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.13') - - -class KeyPurpose(univ.Enumerated): - pass - -KeyPurpose.namedValues = namedval.NamedValues( - ('n-a', 0), - ('a', 65), - ('b', 66), - ('l', 76), - ('m', 77), - ('r', 82), - ('s', 83), - ('t', 84), - ('v', 86), - ('x', 88), - ('z', 90) -) - - -aa_keyPurpose = Attribute() -aa_keyPurpose['attrType'] = id_kma_keyPurpose -aa_keyPurpose['attrValues'][0] = KeyPurpose() - - -# Key Use Attribute - -id_kma_keyUse = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.14') - - -class KeyUse(univ.Enumerated): - pass - -KeyUse.namedValues = namedval.NamedValues( - ('n-a', 0), - ('ffk', 1), - ('kek', 2), - ('kpk', 3), - ('msk', 4), - ('qkek', 5), - ('tek', 6), - ('tsk', 7), - ('trkek', 8), - ('nfk', 9), - ('effk', 10), - ('ebfk', 11), - ('aek', 12), - ('wod', 13), - ('kesk', 246), - ('eik', 247), - ('ask', 248), - ('kmk', 249), - ('rsk', 250), - ('csk', 251), - ('sak', 252), - ('rgk', 253), - ('cek', 254), - ('exk', 255) -) - - -aa_keyUse = Attribute() -aa_keyPurpose['attrType'] = id_kma_keyUse -aa_keyPurpose['attrValues'][0] = KeyUse() - - -# Transport Key Attribute - -id_kma_transportKey = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.15') - - -class TransOp(univ.Enumerated): - pass - -TransOp.namedValues = namedval.NamedValues( - ('transport', 1), - ('operational', 2) -) - - -aa_transportKey = Attribute() -aa_transportKey['attrType'] = id_kma_transportKey -aa_transportKey['attrValues'][0] = TransOp() - - -# Key Distribution Period Attribute - -id_kma_keyDistPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.5') - - -class KeyDistPeriod(univ.Sequence): - pass - -KeyDistPeriod.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('doNotDistBefore', BinaryTime().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('doNotDistAfter', BinaryTime()) -) - - -aa_keyDistributionPeriod = Attribute() -aa_keyDistributionPeriod['attrType'] = id_kma_keyDistPeriod -aa_keyDistributionPeriod['attrValues'][0] = KeyDistPeriod() - - -# Key Validity Period Attribute - -id_kma_keyValidityPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.6') - - -class KeyValidityPeriod(univ.Sequence): - pass - -KeyValidityPeriod.componentType = namedtype.NamedTypes( - namedtype.NamedType('doNotUseBefore', BinaryTime()), - namedtype.OptionalNamedType('doNotUseAfter', BinaryTime()) -) - - -aa_keyValidityPeriod = Attribute() -aa_keyValidityPeriod['attrType'] = id_kma_keyValidityPeriod -aa_keyValidityPeriod['attrValues'][0] = KeyValidityPeriod() - - -# Key Duration Attribute - -id_kma_keyDuration = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.7') - - -ub_KeyDuration_months = univ.Integer(72) - -ub_KeyDuration_hours = univ.Integer(96) - -ub_KeyDuration_days = univ.Integer(732) - -ub_KeyDuration_weeks = univ.Integer(104) - -ub_KeyDuration_years = univ.Integer(100) - - -class KeyDuration(univ.Choice): - pass - -KeyDuration.componentType = namedtype.NamedTypes( - namedtype.NamedType('hours', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_hours)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('days', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_days))), - namedtype.NamedType('weeks', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_weeks)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('months', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_months)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('years', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_years)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) -) - - -aa_keyDurationPeriod = Attribute() -aa_keyDurationPeriod['attrType'] = id_kma_keyDuration -aa_keyDurationPeriod['attrValues'][0] = KeyDuration() - - -# Classification Attribute - -id_aa_KP_classification = univ.ObjectIdentifier(id_aa_securityLabel) - - -id_enumeratedPermissiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.1') - -id_enumeratedRestrictiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.4') - -id_informativeAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.3') - - -class SecurityAttribute(univ.Integer): - pass - -SecurityAttribute.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) - - -class EnumeratedTag(univ.Sequence): - pass - -EnumeratedTag.componentType = namedtype.NamedTypes( - namedtype.NamedType('tagName', univ.ObjectIdentifier()), - namedtype.NamedType('attributeList', univ.SetOf(componentType=SecurityAttribute())) -) - - -class FreeFormField(univ.Choice): - pass - -FreeFormField.componentType = namedtype.NamedTypes( - namedtype.NamedType('bitSetAttributes', univ.BitString()), # Not permitted in RFC 7906 - namedtype.NamedType('securityAttributes', univ.SetOf(componentType=SecurityAttribute())) -) - - -class InformativeTag(univ.Sequence): - pass - -InformativeTag.componentType = namedtype.NamedTypes( - namedtype.NamedType('tagName', univ.ObjectIdentifier()), - namedtype.NamedType('attributes', FreeFormField()) -) - - -class Classification(ESSSecurityLabel): - pass - - -aa_classification = Attribute() -aa_classification['attrType'] = id_aa_KP_classification -aa_classification['attrValues'][0] = Classification() - - -# Split Identifier Attribute - -id_kma_splitID = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.11') - - -class SplitID(univ.Sequence): - pass - -SplitID.componentType = namedtype.NamedTypes( - namedtype.NamedType('half', univ.Enumerated( - namedValues=namedval.NamedValues(('a', 0), ('b', 1)))), - namedtype.OptionalNamedType('combineAlg', AlgorithmIdentifier()) -) - - -aa_splitIdentifier = Attribute() -aa_splitIdentifier['attrType'] = id_kma_splitID -aa_splitIdentifier['attrValues'][0] = SplitID() - - -# Key Package Type Attribute - -id_kma_keyPkgType = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.12') - - -class KeyPkgType(univ.ObjectIdentifier): - pass - - -aa_keyPackageType = Attribute() -aa_keyPackageType['attrType'] = id_kma_keyPkgType -aa_keyPackageType['attrValues'][0] = KeyPkgType() - - -# Signature Usage Attribute - -id_kma_sigUsageV3 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.22') - - -class SignatureUsage(CMSContentConstraints): - pass - - -aa_signatureUsage_v3 = Attribute() -aa_signatureUsage_v3['attrType'] = id_kma_sigUsageV3 -aa_signatureUsage_v3['attrValues'][0] = SignatureUsage() - - -# Other Certificate Format Attribute - -id_kma_otherCertFormats = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.19') - - -aa_otherCertificateFormats = Attribute() -aa_signatureUsage_v3['attrType'] = id_kma_otherCertFormats -aa_signatureUsage_v3['attrValues'][0] = CertificateChoices() - - -# PKI Path Attribute - -id_at_pkiPath = univ.ObjectIdentifier('2.5.4.70') - - -class PkiPath(univ.SequenceOf): - pass - -PkiPath.componentType = Certificate() -PkiPath.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - - -aa_pkiPath = Attribute() -aa_pkiPath['attrType'] = id_at_pkiPath -aa_pkiPath['attrValues'][0] = PkiPath() - - -# Useful Certificates Attribute - -id_kma_usefulCerts = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.20') - - -aa_usefulCertificates = Attribute() -aa_usefulCertificates['attrType'] = id_kma_usefulCerts -aa_usefulCertificates['attrValues'][0] = CertificateSet() - - -# Key Wrap Attribute - -id_kma_keyWrapAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.21') - - -aa_keyWrapAlgorithm = Attribute() -aa_keyWrapAlgorithm['attrType'] = id_kma_keyWrapAlgorithm -aa_keyWrapAlgorithm['attrValues'][0] = AlgorithmIdentifier() - - -# Content Decryption Key Identifier Attribute - -id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') - - -class ContentDecryptKeyID(univ.OctetString): - pass - - -aa_contentDecryptKeyIdentifier = Attribute() -aa_contentDecryptKeyIdentifier['attrType'] = id_aa_KP_contentDecryptKeyID -aa_contentDecryptKeyIdentifier['attrValues'][0] = ContentDecryptKeyID() - - -# Certificate Pointers Attribute - -aa_certificatePointers = Attribute() -aa_certificatePointers['attrType'] = id_pe_subjectInfoAccess -aa_certificatePointers['attrValues'][0] = SubjectInfoAccessSyntax() - - -# CRL Pointers Attribute - -id_aa_KP_crlPointers = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.70') - - -aa_cRLDistributionPoints = Attribute() -aa_cRLDistributionPoints['attrType'] = id_aa_KP_crlPointers -aa_cRLDistributionPoints['attrValues'][0] = GeneralNames() - - -# Extended Error Codes - -id_errorCodes = univ.ObjectIdentifier('2.16.840.1.101.2.1.22') - -id_missingKeyType = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.1') - -id_privacyMarkTooLong = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.2') - -id_unrecognizedSecurityPolicy = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.3') - - -# Map of Attribute Type OIDs to Attributes added to the -# ones that are in rfc5652.py - -_cmsAttributesMapUpdate = { - id_aa_contentHint: ContentHints(), - id_aa_communityIdentifiers: CommunityIdentifiers(), - id_aa_binarySigningTime: BinarySigningTime(), - id_contentType: ContentType(), - id_messageDigest: MessageDigest(), - id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), - id_aa_KP_keyProvinceV2: KeyProvinceV2(), - id_aa_KP_manifest: Manifest(), - id_kma_keyAlgorithm: KeyAlgorithm(), - id_at_userCertificate: Certificate(), - id_kma_keyPkgReceiversV2: KeyPkgReceiversV2(), - id_kma_TSECNomenclature: TSECNomenclature(), - id_kma_keyPurpose: KeyPurpose(), - id_kma_keyUse: KeyUse(), - id_kma_transportKey: TransOp(), - id_kma_keyDistPeriod: KeyDistPeriod(), - id_kma_keyValidityPeriod: KeyValidityPeriod(), - id_kma_keyDuration: KeyDuration(), - id_aa_KP_classification: Classification(), - id_kma_splitID: SplitID(), - id_kma_keyPkgType: KeyPkgType(), - id_kma_sigUsageV3: SignatureUsage(), - id_kma_otherCertFormats: CertificateChoices(), - id_at_pkiPath: PkiPath(), - id_kma_usefulCerts: CertificateSet(), - id_kma_keyWrapAlgorithm: AlgorithmIdentifier(), - id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), - id_pe_subjectInfoAccess: SubjectInfoAccessSyntax(), - id_aa_KP_crlPointers: GeneralNames(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/pyasn1_modules/rfc7914.py b/pyasn1_modules/rfc7914.py deleted file mode 100644 index 99e9551..0000000 --- a/pyasn1_modules/rfc7914.py +++ /dev/null @@ -1,49 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -#The scrypt Password-Based Key Derivation Function -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8520.txt -# https://www.rfc-editor.org/errata/eid5871 -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -id_scrypt = univ.ObjectIdentifier('1.3.6.1.4.1.11591.4.11') - - -class Scrypt_params(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('salt', - univ.OctetString()), - namedtype.NamedType('costParameter', - univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), - namedtype.NamedType('blockSize', - univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), - namedtype.NamedType('parallelizationParameter', - univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), - namedtype.OptionalNamedType('keyLength', - univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))) - ) - - -# Update the Algorithm Identifier map in rfc5280.py - -_algorithmIdentifierMapUpdate = { - id_scrypt: Scrypt_params(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc8017.py b/pyasn1_modules/rfc8017.py deleted file mode 100644 index fefed1d..0000000 --- a/pyasn1_modules/rfc8017.py +++ /dev/null @@ -1,153 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# PKCS #1: RSA Cryptography Specifications Version 2.2 -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8017.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import univ - -from pyasn1_modules import rfc2437 -from pyasn1_modules import rfc3447 -from pyasn1_modules import rfc4055 -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# Import Algorithm Identifier from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - -class DigestAlgorithm(AlgorithmIdentifier): - pass - -class HashAlgorithm(AlgorithmIdentifier): - pass - -class MaskGenAlgorithm(AlgorithmIdentifier): - pass - -class PSourceAlgorithm(AlgorithmIdentifier): - pass - - -# Object identifiers from NIST SHA2 - -hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') -id_sha256 = rfc4055.id_sha256 -id_sha384 = rfc4055.id_sha384 -id_sha512 = rfc4055.id_sha512 -id_sha224 = rfc4055.id_sha224 -id_sha512_224 = hashAlgs + (5, ) -id_sha512_256 = hashAlgs + (6, ) - - -# Basic object identifiers - -pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') -rsaEncryption = rfc2437.rsaEncryption -id_RSAES_OAEP = rfc2437.id_RSAES_OAEP -id_pSpecified = rfc2437.id_pSpecified -id_RSASSA_PSS = rfc4055.id_RSASSA_PSS -md2WithRSAEncryption = rfc2437.md2WithRSAEncryption -md5WithRSAEncryption = rfc2437.md5WithRSAEncryption -sha1WithRSAEncryption = rfc2437.sha1WithRSAEncryption -sha224WithRSAEncryption = rfc4055.sha224WithRSAEncryption -sha256WithRSAEncryption = rfc4055.sha256WithRSAEncryption -sha384WithRSAEncryption = rfc4055.sha384WithRSAEncryption -sha512WithRSAEncryption = rfc4055.sha512WithRSAEncryption -sha512_224WithRSAEncryption = pkcs_1 + (15, ) -sha512_256WithRSAEncryption = pkcs_1 + (16, ) -id_sha1 = rfc2437.id_sha1 -id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2') -id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5') -id_mgf1 = rfc2437.id_mgf1 - - -# Default parameter values - -sha1 = rfc4055.sha1Identifier -SHA1Parameters = univ.Null("") - -mgf1SHA1 = rfc4055.mgf1SHA1Identifier - -class EncodingParameters(univ.OctetString): - subtypeSpec = constraint.ValueSizeConstraint(0, MAX) - -pSpecifiedEmpty = rfc4055.pSpecifiedEmptyIdentifier - -emptyString = EncodingParameters(value='') - - -# Main structures - -class Version(univ.Integer): - namedValues = namedval.NamedValues( - ('two-prime', 0), - ('multi', 1) - ) - -class TrailerField(univ.Integer): - namedValues = namedval.NamedValues( - ('trailerFieldBC', 1) - ) - -RSAPublicKey = rfc2437.RSAPublicKey - -OtherPrimeInfo = rfc3447.OtherPrimeInfo -OtherPrimeInfos = rfc3447.OtherPrimeInfos -RSAPrivateKey = rfc3447.RSAPrivateKey - -RSAES_OAEP_params = rfc4055.RSAES_OAEP_params -rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier - -RSASSA_PSS_params = rfc4055.RSASSA_PSS_params -rSASSA_PSS_Default_Identifier = rfc4055.rSASSA_PSS_Default_Identifier - - -# Syntax for the EMSA-PKCS1-v1_5 hash identifier - -class DigestInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('digestAlgorithm', DigestAlgorithm()), - namedtype.NamedType('digest', univ.OctetString()) - ) - - -# Update the Algorithm Identifier map - -_algorithmIdentifierMapUpdate = { - id_sha1: univ.Null(), - id_sha224: univ.Null(), - id_sha256: univ.Null(), - id_sha384: univ.Null(), - id_sha512: univ.Null(), - id_sha512_224: univ.Null(), - id_sha512_256: univ.Null(), - id_mgf1: AlgorithmIdentifier(), - id_pSpecified: univ.OctetString(), - id_RSAES_OAEP: RSAES_OAEP_params(), - id_RSASSA_PSS: RSASSA_PSS_params(), - md2WithRSAEncryption: univ.Null(), - md5WithRSAEncryption: univ.Null(), - sha1WithRSAEncryption: univ.Null(), - sha224WithRSAEncryption: univ.Null(), - sha256WithRSAEncryption: univ.Null(), - sha384WithRSAEncryption: univ.Null(), - sha512WithRSAEncryption: univ.Null(), - sha512_224WithRSAEncryption: univ.Null(), - sha512_256WithRSAEncryption: univ.Null(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc8018.py b/pyasn1_modules/rfc8018.py deleted file mode 100644 index 7a44eea..0000000 --- a/pyasn1_modules/rfc8018.py +++ /dev/null @@ -1,260 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# PKCS #5: Password-Based Cryptography Specification, Version 2.1 -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8018.txt -# - -from pyasn1.type import constraint -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import univ - -from pyasn1_modules import rfc3565 -from pyasn1_modules import rfc5280 - -MAX = float('inf') - -def _OID(*components): - output = [] - for x in tuple(components): - if isinstance(x, univ.ObjectIdentifier): - output.extend(list(x)) - else: - output.append(int(x)) - - return univ.ObjectIdentifier(output) - - -# Import from RFC 3565 - -AES_IV = rfc3565.AES_IV - - -# Import from RFC 5280 - -AlgorithmIdentifier = rfc5280.AlgorithmIdentifier - - -# Basic object identifiers - -nistAlgorithms = _OID(2, 16, 840, 1, 101, 3, 4) - -aes = _OID(nistAlgorithms, 1) - -oiw = _OID(1, 3, 14) - -rsadsi = _OID(1, 2, 840, 113549) - -pkcs = _OID(rsadsi, 1) - -digestAlgorithm = _OID(rsadsi, 2) - -encryptionAlgorithm = _OID(rsadsi, 3) - -pkcs_5 = _OID(pkcs, 5) - - - -# HMAC object identifiers - -id_hmacWithSHA1 = _OID(digestAlgorithm, 7) - -id_hmacWithSHA224 = _OID(digestAlgorithm, 8) - -id_hmacWithSHA256 = _OID(digestAlgorithm, 9) - -id_hmacWithSHA384 = _OID(digestAlgorithm, 10) - -id_hmacWithSHA512 = _OID(digestAlgorithm, 11) - -id_hmacWithSHA512_224 = _OID(digestAlgorithm, 12) - -id_hmacWithSHA512_256 = _OID(digestAlgorithm, 13) - - -# PBES1 object identifiers - -pbeWithMD2AndDES_CBC = _OID(pkcs_5, 1) - -pbeWithMD2AndRC2_CBC = _OID(pkcs_5, 4) - -pbeWithMD5AndDES_CBC = _OID(pkcs_5, 3) - -pbeWithMD5AndRC2_CBC = _OID(pkcs_5, 6) - -pbeWithSHA1AndDES_CBC = _OID(pkcs_5, 10) - -pbeWithSHA1AndRC2_CBC = _OID(pkcs_5, 11) - - -# Supporting techniques object identifiers - -desCBC = _OID(oiw, 3, 2, 7) - -des_EDE3_CBC = _OID(encryptionAlgorithm, 7) - -rc2CBC = _OID(encryptionAlgorithm, 2) - -rc5_CBC_PAD = _OID(encryptionAlgorithm, 9) - -aes128_CBC_PAD = _OID(aes, 2) - -aes192_CBC_PAD = _OID(aes, 22) - -aes256_CBC_PAD = _OID(aes, 42) - - -# PBES1 - -class PBEParameter(univ.Sequence): - pass - -PBEParameter.componentType = namedtype.NamedTypes( - namedtype.NamedType('salt', univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(8, 8))), - namedtype.NamedType('iterationCount', univ.Integer()) -) - - -# PBES2 - -id_PBES2 = _OID(pkcs_5, 13) - - -class PBES2_params(univ.Sequence): - pass - -PBES2_params.componentType = namedtype.NamedTypes( - namedtype.NamedType('keyDerivationFunc', AlgorithmIdentifier()), - namedtype.NamedType('encryptionScheme', AlgorithmIdentifier()) -) - - -# PBMAC1 - -id_PBMAC1 = _OID(pkcs_5, 14) - - -class PBMAC1_params(univ.Sequence): - pass - -PBMAC1_params.componentType = namedtype.NamedTypes( - namedtype.NamedType('keyDerivationFunc', AlgorithmIdentifier()), - namedtype.NamedType('messageAuthScheme', AlgorithmIdentifier()) -) - - -# PBKDF2 - -id_PBKDF2 = _OID(pkcs_5, 12) - - -algid_hmacWithSHA1 = AlgorithmIdentifier() -algid_hmacWithSHA1['algorithm'] = id_hmacWithSHA1 -algid_hmacWithSHA1['parameters'] = univ.Null("") - - -class PBKDF2_params(univ.Sequence): - pass - -PBKDF2_params.componentType = namedtype.NamedTypes( - namedtype.NamedType('salt', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('specified', univ.OctetString()), - namedtype.NamedType('otherSource', AlgorithmIdentifier()) - ))), - namedtype.NamedType('iterationCount', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), - namedtype.OptionalNamedType('keyLength', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), - namedtype.DefaultedNamedType('prf', algid_hmacWithSHA1) -) - - -# RC2 CBC algorithm parameter - -class RC2_CBC_Parameter(univ.Sequence): - pass - -RC2_CBC_Parameter.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('rc2ParameterVersion', univ.Integer()), - namedtype.NamedType('iv', univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(8, 8))) -) - - -# RC5 CBC algorithm parameter - -class RC5_CBC_Parameters(univ.Sequence): - pass - -RC5_CBC_Parameters.componentType = namedtype.NamedTypes( - namedtype.NamedType('version', - univ.Integer(namedValues=namedval.NamedValues(('v1_0', 16))).subtype( - subtypeSpec=constraint.SingleValueConstraint(16))), - namedtype.NamedType('rounds', - univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(8, 127))), - namedtype.NamedType('blockSizeInBits', - univ.Integer().subtype(subtypeSpec=constraint.SingleValueConstraint(64, 128))), - namedtype.OptionalNamedType('iv', univ.OctetString()) -) - - -# Initialization Vector for AES: OCTET STRING (SIZE(16)) - -class AES_IV(univ.OctetString): - pass - -AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) - - -# Initialization Vector for DES: OCTET STRING (SIZE(8)) - -class DES_IV(univ.OctetString): - pass - -DES_IV.subtypeSpec = constraint.ValueSizeConstraint(8, 8) - - -# Update the Algorithm Identifier map - -_algorithmIdentifierMapUpdate = { - # PBKDF2-PRFs - id_hmacWithSHA1: univ.Null(), - id_hmacWithSHA224: univ.Null(), - id_hmacWithSHA256: univ.Null(), - id_hmacWithSHA384: univ.Null(), - id_hmacWithSHA512: univ.Null(), - id_hmacWithSHA512_224: univ.Null(), - id_hmacWithSHA512_256: univ.Null(), - # PBES1Algorithms - pbeWithMD2AndDES_CBC: PBEParameter(), - pbeWithMD2AndRC2_CBC: PBEParameter(), - pbeWithMD5AndDES_CBC: PBEParameter(), - pbeWithMD5AndRC2_CBC: PBEParameter(), - pbeWithSHA1AndDES_CBC: PBEParameter(), - pbeWithSHA1AndRC2_CBC: PBEParameter(), - # PBES2Algorithms - id_PBES2: PBES2_params(), - # PBES2-KDFs - id_PBKDF2: PBKDF2_params(), - # PBMAC1Algorithms - id_PBMAC1: PBMAC1_params(), - # SupportingAlgorithms - desCBC: DES_IV(), - des_EDE3_CBC: DES_IV(), - rc2CBC: RC2_CBC_Parameter(), - rc5_CBC_PAD: RC5_CBC_Parameters(), - aes128_CBC_PAD: AES_IV(), - aes192_CBC_PAD: AES_IV(), - aes256_CBC_PAD: AES_IV(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc8209.py b/pyasn1_modules/rfc8209.py deleted file mode 100644 index 7d70f51..0000000 --- a/pyasn1_modules/rfc8209.py +++ /dev/null @@ -1,20 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# BGPsec Router PKI Profile -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8209.txt -# - -from pyasn1.type import univ - - -id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') - -id_kp_bgpsec_router = id_kp + (30, ) diff --git a/pyasn1_modules/rfc8226.py b/pyasn1_modules/rfc8226.py index e7fe946..0c3dc21 100644 --- a/pyasn1_modules/rfc8226.py +++ b/pyasn1_modules/rfc8226.py @@ -18,7 +18,6 @@ from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ -from pyasn1_modules import rfc5280 MAX = float('inf') @@ -75,12 +74,8 @@ JWTClaimConstraints.componentType = namedtype.NamedTypes( tag.tagFormatSimple, 1))) ) -JWTClaimConstraints.subtypeSpec = constraint.ConstraintsUnion( - constraint.WithComponentsConstraint( - ('mustInclude', constraint.ComponentPresentConstraint())), - constraint.WithComponentsConstraint( - ('permittedValues', constraint.ComponentPresentConstraint())) -) + +JWTClaimConstraints.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) id_pe_JWTClaimConstraints = _OID(1, 3, 6, 1, 5, 5, 7, 1, 27) @@ -138,12 +133,11 @@ id_pe_TNAuthList = _OID(1, 3, 6, 1, 5, 5, 7, 1, 26) id_ad_stirTNList = _OID(1, 3, 6, 1, 5, 5, 7, 48, 14) -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py -_certificateExtensionsMapUpdate = { +certificateExtensionsMapUpdate = { id_pe_TNAuthList: TNAuthorizationList(), id_pe_JWTClaimConstraints: JWTClaimConstraints(), } -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc8358.py b/pyasn1_modules/rfc8358.py deleted file mode 100644 index 647a366..0000000 --- a/pyasn1_modules/rfc8358.py +++ /dev/null @@ -1,50 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Digital Signatures on Internet-Draft Documents -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8358.txt -# - -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - - -id_ct = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1') - -id_ct_asciiTextWithCRLF = id_ct + (27, ) - -id_ct_epub = id_ct + (39, ) - -id_ct_htmlWithCRLF = id_ct + (38, ) - -id_ct_pdf = id_ct + (29, ) - -id_ct_postscript = id_ct + (30, ) - -id_ct_utf8TextWithCRLF = id_ct + (37, ) - -id_ct_xml = id_ct + (28, ) - - -# Map of Content Type OIDs to Content Types is added to the -# ones that are in rfc5652.py - -_cmsContentTypesMapUpdate = { - id_ct_asciiTextWithCRLF: univ.OctetString(), - id_ct_epub: univ.OctetString(), - id_ct_htmlWithCRLF: univ.OctetString(), - id_ct_pdf: univ.OctetString(), - id_ct_postscript: univ.OctetString(), - id_ct_utf8TextWithCRLF: univ.OctetString(), - id_ct_xml: univ.OctetString(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/pyasn1_modules/rfc8360.py b/pyasn1_modules/rfc8360.py deleted file mode 100644 index ca180c1..0000000 --- a/pyasn1_modules/rfc8360.py +++ /dev/null @@ -1,44 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Resource Public Key Infrastructure (RPKI) Validation Reconsidered -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8360.txt -# https://www.rfc-editor.org/errata/eid5870 -# - -from pyasn1.type import univ - -from pyasn1_modules import rfc3779 -from pyasn1_modules import rfc5280 - - -# IP Address Delegation Extension V2 - -id_pe_ipAddrBlocks_v2 = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.28') - -IPAddrBlocks = rfc3779.IPAddrBlocks - - -# Autonomous System Identifier Delegation Extension V2 - -id_pe_autonomousSysIds_v2 = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.29') - -ASIdentifiers = rfc3779.ASIdentifiers - - -# Map of Certificate Extension OIDs to Extensions is added to the -# ones that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - id_pe_ipAddrBlocks_v2: IPAddrBlocks(), - id_pe_autonomousSysIds_v2: ASIdentifiers(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/pyasn1_modules/rfc8398.py b/pyasn1_modules/rfc8398.py deleted file mode 100644 index 151b632..0000000 --- a/pyasn1_modules/rfc8398.py +++ /dev/null @@ -1,52 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with some assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Internationalized Email Addresses in X.509 Certificates -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8398.txt -# https://www.rfc-editor.org/errata/eid5418 -# - -from pyasn1.type import char -from pyasn1.type import constraint -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - -MAX = float('inf') - - -# SmtpUTF8Mailbox contains Mailbox as specified in Section 3.3 of RFC 6531 - -id_pkix = rfc5280.id_pkix - -id_on = id_pkix + (8, ) - -id_on_SmtpUTF8Mailbox = id_on + (9, ) - - -class SmtpUTF8Mailbox(char.UTF8String): - pass - -SmtpUTF8Mailbox.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) - - -on_SmtpUTF8Mailbox = rfc5280.AnotherName() -on_SmtpUTF8Mailbox['type-id'] = id_on_SmtpUTF8Mailbox -on_SmtpUTF8Mailbox['value'] = SmtpUTF8Mailbox() - - -# Map of Other Name OIDs to Other Name is added to the -# ones that are in rfc5280.py - -_anotherNameMapUpdate = { - id_on_SmtpUTF8Mailbox: SmtpUTF8Mailbox(), -} - -rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/pyasn1_modules/rfc8419.py b/pyasn1_modules/rfc8419.py deleted file mode 100644 index f10994b..0000000 --- a/pyasn1_modules/rfc8419.py +++ /dev/null @@ -1,68 +0,0 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the CMS -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8419.txt -# https://www.rfc-editor.org/errata/eid5869 - - -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -class ShakeOutputLen(univ.Integer): - pass - - -id_Ed25519 = univ.ObjectIdentifier('1.3.101.112') - -sigAlg_Ed25519 = rfc5280.AlgorithmIdentifier() -sigAlg_Ed25519['algorithm'] = id_Ed25519 -# sigAlg_Ed25519['parameters'] is absent - - -id_Ed448 = univ.ObjectIdentifier('1.3.101.113') - -sigAlg_Ed448 = rfc5280.AlgorithmIdentifier() -sigAlg_Ed448['algorithm'] = id_Ed448 -# sigAlg_Ed448['parameters'] is absent - - -hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') - -id_sha512 = hashAlgs + (3, ) - -hashAlg_SHA_512 = rfc5280.AlgorithmIdentifier() -hashAlg_SHA_512['algorithm'] = id_sha512 -# hashAlg_SHA_512['parameters'] is absent - - -id_shake256 = hashAlgs + (12, ) - -hashAlg_SHAKE256 = rfc5280.AlgorithmIdentifier() -hashAlg_SHAKE256['algorithm'] = id_shake256 -# hashAlg_SHAKE256['parameters']is absent - - -id_shake256_len = hashAlgs + (18, ) - -hashAlg_SHAKE256_LEN = rfc5280.AlgorithmIdentifier() -hashAlg_SHAKE256_LEN['algorithm'] = id_shake256_len -hashAlg_SHAKE256_LEN['parameters'] = ShakeOutputLen() - - -# Map of Algorithm Identifier OIDs to Parameters added to the -# ones in rfc5280.py. Do not add OIDs with absent paramaters. - -_algorithmIdentifierMapUpdate = { - id_shake256_len: ShakeOutputLen(), -} - -rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/pyasn1_modules/rfc8479.py b/pyasn1_modules/rfc8479.py deleted file mode 100644 index 57f78b6..0000000 --- a/pyasn1_modules/rfc8479.py +++ /dev/null @@ -1,45 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Storing Validation Parameters in PKCS#8 -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8479.txt -# - -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5652 - - -id_attr_validation_parameters = univ.ObjectIdentifier('1.3.6.1.4.1.2312.18.8.1') - - -class ValidationParams(univ.Sequence): - pass - -ValidationParams.componentType = namedtype.NamedTypes( - namedtype.NamedType('hashAlg', univ.ObjectIdentifier()), - namedtype.NamedType('seed', univ.OctetString()) -) - - -at_validation_parameters = rfc5652.Attribute() -at_validation_parameters['attrType'] = id_attr_validation_parameters -at_validation_parameters['attrValues'][0] = ValidationParams() - - -# Map of Attribute Type OIDs to Attributes added to the -# ones that are in rfc5652.py - -_cmsAttributesMapUpdate = { - id_attr_validation_parameters: ValidationParams(), -} - -rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/pyasn1_modules/rfc8494.py b/pyasn1_modules/rfc8494.py deleted file mode 100644 index fe349e1..0000000 --- a/pyasn1_modules/rfc8494.py +++ /dev/null @@ -1,80 +0,0 @@ -# This file is being contributed to pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# Multicast Email (MULE) over Allied Communications Publication 142 -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8494.txt - -from pyasn1.type import namedtype -from pyasn1.type import namedval -from pyasn1.type import tag -from pyasn1.type import univ - - -id_mmhs_CDT = univ.ObjectIdentifier('1.3.26.0.4406.0.4.2') - - -class AlgorithmID_ShortForm(univ.Integer): - pass - -AlgorithmID_ShortForm.namedValues = namedval.NamedValues( - ('zlibCompress', 0) -) - - -class ContentType_ShortForm(univ.Integer): - pass - -ContentType_ShortForm.namedValues = namedval.NamedValues( - ('unidentified', 0), - ('external', 1), - ('p1', 2), - ('p3', 3), - ('p7', 4), - ('mule', 25) -) - - -class CompressedContentInfo(univ.Sequence): - pass - -CompressedContentInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('unnamed', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('contentType-ShortForm', - ContentType_ShortForm().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('contentType-OID', - univ.ObjectIdentifier().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))) - ))), - namedtype.NamedType('compressedContent', - univ.OctetString().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))) -) - - -class CompressionAlgorithmIdentifier(univ.Choice): - pass - -CompressionAlgorithmIdentifier.componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithmID-ShortForm', - AlgorithmID_ShortForm().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('algorithmID-OID', - univ.ObjectIdentifier().subtype(explicitTag=tag.Tag( - tag.tagClassContext, tag.tagFormatSimple, 1))) -) - - -class CompressedData(univ.Sequence): - pass - -CompressedData.componentType = namedtype.NamedTypes( - namedtype.NamedType('compressionAlgorithm', CompressionAlgorithmIdentifier()), - namedtype.NamedType('compressedContentInfo', CompressedContentInfo()) -) diff --git a/pyasn1_modules/rfc8520.py b/pyasn1_modules/rfc8520.py index b9eb6e9..8e4adf3 100644 --- a/pyasn1_modules/rfc8520.py +++ b/pyasn1_modules/rfc8520.py @@ -14,11 +14,8 @@ # https://www.rfc-editor.org/rfc/rfc8520.txt # -from pyasn1.type import char -from pyasn1.type import univ - +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 # X.509 Extension for MUD URL @@ -42,22 +39,18 @@ class MUDsignerSyntax(rfc5280.Name): id_ct_mudtype = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.41') -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py -_certificateExtensionsMapUpdate = { +certificateExtensionsMapUpdate = { id_pe_mud_url: MUDURLSyntax(), id_pe_mudsigner: MUDsignerSyntax(), } -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) - -# Map of Content Type OIDs to Content Types added to the -# ones that are in rfc5652.py +# Map of Content Type OIDs to Content Types +# To be added to the ones that are in rfc5652.py -_cmsContentTypesMapUpdate = { +cmsContentTypesMapUpdate = { id_ct_mudtype: univ.OctetString(), -} - -rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) +}
\ No newline at end of file diff --git a/pyasn1_modules/rfc8649.py b/pyasn1_modules/rfc8649.py deleted file mode 100644 index c405f05..0000000 --- a/pyasn1_modules/rfc8649.py +++ /dev/null @@ -1,40 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley with assistance from asn1ate v.0.6.0. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -# X.509 Certificate Extension for Hash Of Root Key -# -# ASN.1 source from: -# https://www.rfc-editor.org/rfc/rfc8649.txt -# - -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import rfc5280 - - -id_ce_hashOfRootKey = univ.ObjectIdentifier('1.3.6.1.4.1.51483.2.1') - - -class HashedRootKey(univ.Sequence): - pass - -HashedRootKey.componentType = namedtype.NamedTypes( - namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), - namedtype.NamedType('hashValue', univ.OctetString()) -) - - -# Map of Certificate Extension OIDs to Extensions added to the -# ones that are in rfc5280.py - -_certificateExtensionsMapUpdate = { - id_ce_hashOfRootKey: HashedRootKey(), -} - -rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/requirements.txt b/requirements.txt index 943e6cd..cb1feb0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -pyasn1>=0.4.7,<0.6.0 +pyasn1>=0.4.6,<0.5.0 @@ -40,7 +40,6 @@ Programming Language :: Python :: 3.4 Programming Language :: Python :: 3.5 Programming Language :: Python :: 3.6 Programming Language :: Python :: 3.7 -Programming Language :: Python :: 3.8 Topic :: Communications Topic :: System :: Monitoring Topic :: System :: Networking :: Monitoring diff --git a/tests/__main__.py b/tests/__main__.py index dd0bc32..08300c2 100644 --- a/tests/__main__.py +++ b/tests/__main__.py @@ -18,31 +18,18 @@ suite = unittest.TestLoader().loadTestsFromNames( 'tests.test_rfc2459.suite', 'tests.test_rfc2511.suite', 'tests.test_rfc2560.suite', - 'tests.test_rfc2631.suite', 'tests.test_rfc2634.suite', - 'tests.test_rfc2985.suite', 'tests.test_rfc2986.suite', - 'tests.test_rfc3114.suite', 'tests.test_rfc3161.suite', 'tests.test_rfc3274.suite', - 'tests.test_rfc3279.suite', - 'tests.test_rfc3280.suite', - 'tests.test_rfc3281.suite', - 'tests.test_rfc3447.suite', 'tests.test_rfc3560.suite', 'tests.test_rfc3565.suite', 'tests.test_rfc3709.suite', - 'tests.test_rfc3770.suite', 'tests.test_rfc3779.suite', - 'tests.test_rfc3852.suite', - 'tests.test_rfc4043.suite', 'tests.test_rfc4055.suite', 'tests.test_rfc4073.suite', 'tests.test_rfc4108.suite', 'tests.test_rfc4210.suite', - 'tests.test_rfc4211.suite', - 'tests.test_rfc4334.suite', - 'tests.test_rfc4985.suite', 'tests.test_rfc5035.suite', 'tests.test_rfc5083.suite', 'tests.test_rfc5084.suite', @@ -51,60 +38,18 @@ suite = unittest.TestLoader().loadTestsFromNames( 'tests.test_rfc5480.suite', 'tests.test_rfc5649.suite', 'tests.test_rfc5652.suite', - 'tests.test_rfc5751.suite', - 'tests.test_rfc5755.suite', - 'tests.test_rfc5913.suite', - 'tests.test_rfc5914.suite', 'tests.test_rfc5915.suite', - 'tests.test_rfc5916.suite', - 'tests.test_rfc5917.suite', - 'tests.test_rfc5924.suite', - 'tests.test_rfc5934.suite', 'tests.test_rfc5940.suite', 'tests.test_rfc5958.suite', - 'tests.test_rfc5990.suite', - 'tests.test_rfc6010.suite', 'tests.test_rfc6019.suite', - 'tests.test_rfc6031.suite', - 'tests.test_rfc6032.suite', - 'tests.test_rfc6120.suite', - 'tests.test_rfc6187.suite', - 'tests.test_rfc6210.suite', - 'tests.test_rfc6211.suite', - 'tests.test_rfc6482.suite', - 'tests.test_rfc6486.suite', - 'tests.test_rfc6487.suite', - 'tests.test_rfc6664.suite', - 'tests.test_rfc6955.suite', - 'tests.test_rfc6960.suite', - 'tests.test_rfc7030.suite', 'tests.test_rfc7191.suite', - 'tests.test_rfc7229.suite', - 'tests.test_rfc7292.suite', 'tests.test_rfc7296.suite', - 'tests.test_rfc7508.suite', - 'tests.test_rfc7585.suite', - 'tests.test_rfc7633.suite', - 'tests.test_rfc7773.suite', - 'tests.test_rfc7894.suite', - 'tests.test_rfc7906.suite', - 'tests.test_rfc7914.suite', - 'tests.test_rfc8017.suite', - 'tests.test_rfc8018.suite', 'tests.test_rfc8103.suite', - 'tests.test_rfc8209.suite', 'tests.test_rfc8226.suite', - 'tests.test_rfc8358.suite', - 'tests.test_rfc8360.suite', - 'tests.test_rfc8398.suite', 'tests.test_rfc8410.suite', 'tests.test_rfc8418.suite', - 'tests.test_rfc8419.suite', - 'tests.test_rfc8479.suite', - 'tests.test_rfc8494.suite', 'tests.test_rfc8520.suite', - 'tests.test_rfc8619.suite', - 'tests.test_rfc8649.suite'] + 'tests.test_rfc8619.suite'] ) diff --git a/tests/test_rfc2631.py b/tests/test_rfc2631.py deleted file mode 100644 index 7abdcd7..0000000 --- a/tests/test_rfc2631.py +++ /dev/null @@ -1,48 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc2631 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class OtherInfoTestCase(unittest.TestCase): - pem_text = "MB0wEwYLKoZIhvcNAQkQAwYEBAAAAAGiBgQEAAAAwA==" - - def setUp(self): - self.asn1Spec = rfc2631.OtherInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - hex1 = univ.OctetString(hexValue='00000001') - assert asn1Object['keyInfo']['counter'] == hex1 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc2634.py b/tests/test_rfc2634.py index 18c8a3d..d57315b 100644 --- a/tests/test_rfc2634.py +++ b/tests/test_rfc2634.py @@ -73,8 +73,8 @@ mNTr0mjYeUWRe/15IsWNx+kuFcLDr71DFHvMFY5M3sdfMA== sat = sa['attrType'] sav0 = sa['attrValues'][0] - if sat in rfc5652.cmsAttributesMap.keys(): - sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) + if sat in rfc2634.ESSAttributeMap.keys(): + sav, rest = der_decode(sav0, asn1Spec=rfc2634.ESSAttributeMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 @@ -139,17 +139,18 @@ lropBdPJ6jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS sat = sa['attrType'] sav0 = sa['attrValues'][0] - if sat in rfc5652.cmsAttributesMap.keys(): - sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) + if sat in rfc2634.ESSAttributeMap.keys(): + sav, rest = der_decode(sav0, asn1Spec=rfc2634.ESSAttributeMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 def testOpenTypes(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) + rfc5652.cmsContentTypesMap.update(rfc2634.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap) asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) + asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate diff --git a/tests/test_rfc2985.py b/tests/test_rfc2985.py deleted file mode 100644 index f95ede8..0000000 --- a/tests/test_rfc2985.py +++ /dev/null @@ -1,299 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc2985 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc7292 - - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class PKCS9AttrsTestCase(unittest.TestCase): - pem_text = """\ -MYIQjzAOBgNVBEExBwwFQWxpY2UwDwYIKwYBBQUHCQMxAxMBTTAQBgNVBAUxCRMH -QjQ4LTAwNzAQBggrBgEFBQcJBDEEEwJVUzAQBggrBgEFBQcJBTEEEwJVUzARBgoq -hkiG9w0BCRkEMQMCATAwFAYJKoZIhvcNAQkCMQcWBUFsaWNlMBgGCiqGSIb3DQEJ -GQMxCgQIUTeqnHYky4AwHAYJKoZIhvcNAQkPMQ8wDTALBglghkgBZQMEAS0wHQYI -KwYBBQUHCQExERgPMjAxOTA4MDMxMjAwMDBaMB0GCCsGAQUFBwkCMREMD0hlcm5k -b24sIFZBLCBVUzApBgkqhkiG9w0BCRQxHB4aAEYAcgBpAGUAbgBkAGwAeQAgAE4A -YQBtAGUwLwYJKoZIhvcNAQkIMSITIDEyMyBVbmtub3duIFdheSwgTm93aGVyZSwg -VkEsIFVTMIGZBgoqhkiG9w0BCRkCMYGKMIGHMAsGCWCGSAFlAwQBLQR4VsJb7t4l -IqjJCT54rqkbCJsBPE17YQJeEYvyA4M1aDIUU5GnCgEhctgMiDPWGMvaSziixdIg -aU/0zvWvYCm8UwPvBBwMtm9X5NDvk9p4nXbGAT8E/OsV1SYWVvwRJwYak0yWWexM -HSixw1Ljh2nb0fIbqwLOeMmIMIIEsQYKKoZIhvcNAQkZBTGCBKEwggSdBgkqhkiG -9w0BBwKgggSOMIIEigIBATENMAsGCWCGSAFlAwQCAjBRBgkqhkiG9w0BBwGgRARC -Q29udGVudC1UeXBlOiB0ZXh0L3BsYWluDQoNCldhdHNvbiwgY29tZSBoZXJlIC0g -SSB3YW50IHRvIHNlZSB5b3UuoIICfDCCAngwggH+oAMCAQICCQCls1QoG7BuOzAK -BggqhkjOPQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcM -B0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4XDTE5MDUyOTE0NDU0MVoXDTIw -MDUyODE0NDU0MVowcDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQH -EwdIZXJuZG9uMRAwDgYDVQQKEwdFeGFtcGxlMQ4wDAYDVQQDEwVBbGljZTEgMB4G -CSqGSIb3DQEJARYRYWxpY2VAZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQA -IgNiAAT4zZ8HL+xEDpXWkoWp5xFMTz4u4Ae1nF6zXCYlmsEGD5vPu5hl9hDEjd1U -HRgJIPoy3fJcWWeZ8FHCirICtuMgFisNscG/aTwKyDYOFDuqz/C2jyEwqgWCRyxy -ohuJXtmjgZQwgZEwCwYDVR0PBAQDAgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNl -cnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYD -VR0OBBYEFMS6Wg4+euM8gbD0Aqpouxbglg41MB8GA1UdIwQYMBaAFPI12zQE2qVV -8r1pA5mwYuziFQjBMAoGCCqGSM49BAMDA2gAMGUCMGO5H9E1uAveRGGaf48lN4po -v2yH+hCAc5hOAuZKe/f40MKSF8q4w2ij+0euSaKFiAIxAL3gxp6sMitCmLQgOH6/ -RBIC/2syJ97y0KVp9da0PDAvwxLugCHTKZPjjpSLPHHc9TGCAaEwggGdAgEBMEww -PzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREw -DwYDVQQKDAhCb2d1cyBDQQIJAKWzVCgbsG47MAsGCWCGSAFlAwQCAqCByDAYBgkq -hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xOTA1MjkxODIz -MTlaMD8GCSqGSIb3DQEJBDEyBDC25CKk/YJnHtT3qsZtRPTosLmNUVhxxlbn8Jo2 -+lys4+IKEOba8jebiTfTTPmZJmwwTQYLKoZIhvcNAQkQAgExPjA8BCDHTyEPZCdX -CPUOh5EQs211nQ999bgFAi9zDBVz+ChTo4ABATAVMBOBEWFsaWNlQGV4YW1wbGUu -Y29tMAoGCCqGSM49BAMDBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzmo18WwkF -rEYH3EMsvpXEIGqsFTFN6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZyb2xSX6Gr -/IfCIm0angfOI39g7lAZDyivjh5H/oQwggnoBgtghkgBhvhCAwGBWDGCCdcwggnT -AgEDMIIJjwYJKoZIhvcNAQcBoIIJgASCCXwwggl4MIIGCAYJKoZIhvcNAQcBoIIF -+QSCBfUwggXxMIIF7QYLKoZIhvcNAQwKAQKgggT+MIIE+jAcBgoqhkiG9w0BDAED -MA4ECO6rT/7SnK61AgIH0ASCBNhl7+ZgGmaQO8qy97gTAhXCjVM2/iV3LHWodlbY -iHqpAJj42/Uye/3B7TNROXine1DMI9ZeetIDzYiA52i0sh7PhjBeuCIqFwiRJIv7 -bIKYCgz6qSOIAgqr6XdQnpeFp97YqDgST/RGQel7obCNO115+SlelmBxwwSik60p -AwslawMzunvvH9qafrIiTa2myQqpRj/ifxjESJNZxG1O2FiplAi36r3icotim3Sj -zzRJU5+90SqnkogjtxODrQYkv6fqg3qGY/RuwAy+eT3V/z+UUoyL22w1T8qdSFsN -WmMnAFCSGBuoHHoZ22ipItKVg09UzTCWe3CbUmEfjJuJDmw3Oo7sWVYLltxjCS86 -XHWAauyFjmMr9aNsDiloGnFKSChslF6Ktj0F6ohOe+iReW5vi16EeEzbQiTjakpr -eQZoeajC/N+XGoT6jKxbk5r1dtnEEJ+Q4wnvSjiGpr6frr4T+4pw301sptOjfO3f -F23rKk7Advvi3k5xZobHcRmzDSfT9X5agtKlc4HCnHTz7XKHstXb1o1DSgTNVWQX -phhFBm10gx6zfEHaLqyMtqXbWe2TuIHMwnBWiLnbhIBn+hbxK4MCfVz3cBZbApks -Au/lXcVnakOJBcCtx/MMfZ3kcnI3Hs6W8rM2ASeDBLIQLVduOc6xlVSoYUQ24NNr -9usfigQkcSTJZPIO52vPyIIQ7zR7U8TiqonkKWU3QJJVarPgLEYMUhBfNHqiGfx/ -d1Hf4MBoti8CMFUwsmOTv6d+cHYvQelqeFMXP0DE88gN/mkFBDAzXiXzAqMQcjJ+ -pyW6l4o2iQFSvXKSKg/IKved/hGp7RngQohjg4KlbqeGuRYea8Xs4pH5ue5KTeOc -HGNI3Qi/Lmr2rd+e1iuGxwwYZHve6Z+Lxnb20zW9I/2MFm+KsCiB4Z/+x84jR7BG -8l//lpuc2D/vxnKTxaaUAdUXM0Zwze7e+Gc2lMhVG5TJWR1KY51vN5J+apDYc8IR -0L0c2bbkom3WkPq/po/dPDuoaX61nKmztUHaL5r5QZzBBwKVyhdw9J0btnWAFPNK -vzgy5U9iV4+6jXH5TCmlIreszwRPoqqEaYRIfmUpp2+zy91PpzjTs98tx/HIAbOM -fT3WmuTahEnEHehABhwq+S4xwzoVIskLbrcOP6l7UYYR7GTUCjKxh7ru0rSwHrqG -9t33YdzJaFbz+8jb88xtf454Rvur66Cew/4GYX9u1Zef0DF9So1ay3IicpOf5emo -VWIwg4bh7bELi78i/MbdWtNZQcXimykfeTsYH8Q4u+1uxHS5pwEWWwKiUnLQVpZP -2ut255TdgSIhEILwsaLVelRrx/lp14EpY355FOusXiju6g14aWfBnt5udvuTXxDQ -ZHPPNNk+gwzgvvTey98T941hYUctjg0NApJiB66bfrlYB9mkc5ftg5zqhEasYH5C -4ajKKRNMM7zGlwSZvy8PPhnAeE3Q9LTnos0l4ygjQD/kMlvd7XSLW3GUzjyxtkG4 -gQh6LGvnafAbgu7GpcapKEppN86sXEePHiQjj92n103+TxMYWwtaO4iAwkjqdEdt -avEHcXRcpdqC0st6nUwPAPAC4LKJbZgLQnNG+wlWIiCMMD56IdfQ7r/zGIr13MxC -kjNNUdISoWWE5GnQMYHbMBMGCSqGSIb3DQEJFTEGBAQBAAAAMFcGCSqGSIb3DQEJ -FDFKHkgAMwBmADcAMQBhAGYANgA1AC0AMQA2ADgANwAtADQANAA0AGEALQA5AGYA -NAA2AC0AYwA4AGIAZQAxADkANABjADMAZQA4AGUwawYJKwYBBAGCNxEBMV4eXABN -AGkAYwByAG8AcwBvAGYAdAAgAEUAbgBoAGEAbgBjAGUAZAAgAEMAcgB5AHAAdABv -AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIAIAB2ADEALgAwMIIDaAYJ -KoZIhvcNAQcBoIIDWQSCA1UwggNRMIIDTQYLKoZIhvcNAQwKAQOgggMlMIIDIQYK -KoZIhvcNAQkWAaCCAxEEggMNMIIDCTCCAfGgAwIBAgIQNu32hzqhCKdHATXzboyI -ETANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlhbm9ueW1vdXMwIBcNMTYwNzE5 -MjIwMDAxWhgPMjExNjA2MjUyMjAwMDFaMBQxEjAQBgNVBAMTCWFub255bW91czCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALy2sEJMGNdcDg6BI7mdFM5T -lPzo5sKBzvUnagK5SKBJ11xMPN5toPTBzICB/XTWEB3AwpD0O+srSca+bsUAyedS -5V4BNp8qCyEu5RNRR8qPHheJ/guhLT96/gGI4jlrUyUhFntPkLKODxu+7KanMy6K -dD+PVE8shXRUZTYe4PG64/c7z3wapnf4XoCXkJRzCY5f3MKz3Ul039kVnTlJcikd -C7I9I9RflXLwXVl4nxUbeeRt6Z8WVWS4pCq+14v2aVPvP3mtVmAYHedRkvS04Hrx -4xx98D3NSSw6Z5OLkzqOcFw15fYmH2NLdhh34gSWJmaaCBAbuQ+1rx/42p7MvvsC -AwEAAaNVMFMwFQYDVR0lBA4wDAYKKwYBBAGCNwoDBDAvBgNVHREEKDAmoCQGCisG -AQQBgjcUAgOgFgwUYW5vbnltb3VzQHdpbmRvd3MteAAwCQYDVR0TBAIwADANBgkq -hkiG9w0BAQUFAAOCAQEAuH7iqY0/MLozwFb39ILYAJDHE+HToZBQbHQP4YtienrU -Stk60rIp0WH65lam7m/JhgAcItc/tV1L8mEnLrvvKcA+NeIL8sDOtM28azvgcOi0 -P3roeLLLRCuiykUaKmUcZEDm9cDYKIpJf7QetWQ3uuGTk9iRzpH79x2ix35BnyWQ -Rr3INZzmX/+9YRvPBXKYl/89F/w1ORYArpI9XtjfuPWaGQmM4f1WRHE2t3qRyKFF -ri7QiZdpcSx5zvsRHSyjfUMoKs+b6upk+P01lIhg/ewwYngGab+fZhF15pTNN2hx -8PdNGcrGzrkNKCmJKrWCa2xczuMA+z8SCuC1tYTKmDEVMBMGCSqGSIb3DQEJFTEG -BAQBAAAAMDswHzAHBgUrDgMCGgQUpWCP/fZR0TK5BwGuqvTd0+duiKcEFJTubF2k -HktMK+isIjxOTk4yJTOOAgIH0A== -""" - - def setUp(self): - self.asn1Spec = rfc2985.AttributeSet() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - openTypesMap = { - rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(), - } - openTypesMap.update(rfc5280.certificateAttributesMap) - openTypesMap.update(rfc5652.cmsAttributesMap) - - for attr in asn1Object: - assert attr['type'] in openTypesMap.keys() - av, rest = der_decode(attr['values'][0], - asn1Spec=openTypesMap[attr['type']]) - assert not rest - assert av.prettyPrint() - assert der_encode(av) == attr['values'][0] - - if attr['type'] == rfc2985.pkcs_9_at_userPKCS12: - assert av['version'] == univ.Integer(3) - assert av['authSafe']['contentType'] == rfc5652.id_data - outdata, rest = der_decode(av['authSafe']['content'], - asn1Spec=univ.OctetString()) - assert not rest - authsafe, rest = der_decode(outdata, - asn1Spec=rfc7292.AuthenticatedSafe()) - assert not rest - - for ci in authsafe: - assert ci['contentType'] == rfc5652.id_data - indata, rest = der_decode(ci['content'], - asn1Spec=univ.OctetString()) - assert not rest - sc, rest = der_decode(indata, - asn1Spec=rfc7292.SafeContents()) - assert not rest - - for sb in sc: - if sb['bagId'] in rfc7292.pkcs12BagTypeMap: - bv, rest = der_decode(sb['bagValue'], - asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']]) - assert not rest - - for bagattr in sb['bagAttributes']: - if bagattr['attrType'] in openTypesMap: - inav, rest = der_decode(bagattr['attrValues'][0], - asn1Spec=openTypesMap[bagattr['attrType']]) - assert not rest - - if bagattr['attrType'] == rfc2985.pkcs_9_at_friendlyName: - assert inav == "3f71af65-1687-444a-9f46-c8be194c3e8e" - - if bagattr['attrType'] == rfc2985.pkcs_9_at_localKeyId: - assert inav == univ.OctetString(hexValue='01000000') - - if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU: - ci, rest = der_decode(attr['values'][0], - asn1Spec=rfc5652.ContentInfo()) - assert not rest - assert ci['contentType'] == rfc5652.id_signedData - - sd, rest = der_decode(ci['content'], - asn1Spec=rfc5652.SignedData()) - assert not rest - assert sd['version'] == 1 - - for si in sd['signerInfos']: - assert si['version'] == 1 - - for siattr in si['signedAttrs']: - if siattr['attrType'] in openTypesMap: - siav, rest = der_decode(siattr['attrValues'][0], - asn1Spec=openTypesMap[siattr['attrType']]) - assert not rest - - if siattr['attrType'] == rfc2985.pkcs_9_at_contentType: - assert siav == rfc5652.id_data - - if siattr['attrType'] == rfc2985.pkcs_9_at_messageDigest: - assert siav.prettyPrint()[2:10] == 'b6e422a4' - - if siattr['attrType'] == rfc2985.pkcs_9_at_signingTime: - assert siav['utcTime'] == '190529182319Z' - - for choices in sd['certificates']: - for rdn in choices[0]['tbsCertificate']['subject']['rdnSequence']: - if rdn[0]['type'] in openTypesMap: - nv, rest = der_decode(rdn[0]['value'], - asn1Spec=openTypesMap[rdn[0]['type']]) - assert not rest - - if rdn[0]['type'] == rfc2985.pkcs_9_at_emailAddress: - assert nv == 'alice@example.com' - - def testOpenTypes(self): - openTypesMap = { - rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(), - } - openTypesMap.update(rfc5280.certificateAttributesMap) - openTypesMap.update(rfc5652.cmsAttributesMap) - - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - openTypes=openTypesMap, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr in asn1Object: - assert attr['type'] in openTypesMap.keys() - - if attr['type'] == rfc2985.pkcs_9_at_userPKCS12: - assert attr['values'][0]['version'] == univ.Integer(3) - assert attr['values'][0]['authSafe']['contentType'] == rfc5652.id_data - authsafe, rest = der_decode(attr['values'][0]['authSafe']['content'], - asn1Spec=rfc7292.AuthenticatedSafe()) - assert not rest - - for ci in authsafe: - assert ci['contentType'] == rfc5652.id_data - indata, rest = der_decode(ci['content'], - asn1Spec=univ.OctetString()) - assert not rest - - sc, rest = der_decode(indata, - asn1Spec=rfc7292.SafeContents(), - decodeOpenTypes=True) - assert not rest - - for sb in sc: - if sb['bagId'] in rfc7292.pkcs12BagTypeMap: - for bagattr in sb['bagAttributes']: - if bagattr['attrType'] in openTypesMap: - - if bagattr['attrType'] == rfc2985.pkcs_9_at_friendlyName: - assert bagattr['attrValues'][0] == "3f71af65-1687-444a-9f46-c8be194c3e8e" - - if bagattr['attrType'] == rfc2985.pkcs_9_at_localKeyId: - assert bagattr['attrValues'][0] == univ.OctetString(hexValue='01000000') - - if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU: - assert attr['values'][0]['contentType'] == rfc5652.id_signedData - assert attr['values'][0]['content']['version'] == 1 - - for si in attr['values'][0]['content']['signerInfos']: - assert si['version'] == 1 - - for siattr in si['signedAttrs']: - if siattr['attrType'] in openTypesMap: - - if siattr['attrType'] == rfc2985.pkcs_9_at_contentType: - assert siattr['attrValues'][0] == rfc5652.id_data - - if siattr['attrType'] == rfc2985.pkcs_9_at_messageDigest: - assert siattr['attrValues'][0].prettyPrint()[2:10] == 'b6e422a4' - - if siattr['attrType'] == rfc2985.pkcs_9_at_signingTime: - assert siattr['attrValues'][0]['utcTime'] == '190529182319Z' - - for choices in attr['values'][0]['content']['certificates']: - for rdn in choices[0]['tbsCertificate']['subject']['rdnSequence']: - if rdn[0]['type'] in openTypesMap: - if rdn[0]['type'] == rfc2985.pkcs_9_at_emailAddress: - assert rdn[0]['value'] == 'alice@example.com' - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc2986.py b/tests/test_rfc2986.py index fa1370d..92834ee 100644 --- a/tests/test_rfc2986.py +++ b/tests/test_rfc2986.py @@ -6,8 +6,8 @@ # import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1.type import char from pyasn1.type import univ @@ -50,28 +50,28 @@ fi6h7i9VVAZpslaKFfkNg12gLbbsCB1q36l5VXjHY/qe0FIUa9ogRrOi substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate def testOpenTypes(self): - openTypesMap = { + algorithmIdentifierMapUpdate = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } + rfc5280.algorithmIdentifierMap.update(algorithmIdentifierMapUpdate) substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=rfc2986.CertificationRequest(), - openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate for rdn in asn1Object['certificationRequestInfo']['subject']['rdnSequence']: for atv in rdn: diff --git a/tests/test_rfc3114.py b/tests/test_rfc3114.py deleted file mode 100644 index 537fe9a..0000000 --- a/tests/test_rfc3114.py +++ /dev/null @@ -1,235 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc3114 -from pyasn1_modules import rfc5035 -from pyasn1_modules import rfc5083 -from pyasn1_modules import rfc5084 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5755 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SecurityLabelTestCase(unittest.TestCase): - pem_text = """\ -MIITHAYJKoZIhvcNAQcCoIITDTCCEwkCAQMxDTALBglghkgBZQMEAgIwggeUBgsq -hkiG9w0BCRABF6CCB4MEggd/MIIHewIBADGCAk8wggJLAgEAMDMwJjEUMBIGA1UE -CgwLZXhhbXBsZS5jb20xDjAMBgNVBAMMBUFsaWNlAgkAg/ULtwvVxA4wDQYJKoZI -hvcNAQEBBQAEggIAdZphtN3x8a8kZoAFY15HYRD6JyPBueRUhLbTPoOH3pZ9xeDK -+zVXGlahl1y1UOe+McEx2oD7cxAkhFuruNZMrCYEBCTZMwVhyEOZlBXdZEs8rZUH -L3FFE5PJnygsSIO9DMxd1UuTFGTgCm5V5ZLFGmjeEGJRbsfTyo52S7iseJqIN3dl -743DbApu0+yuUoXKxqKdUFlEVxmhvc+Qbg/zfiwu8PTsYiUQDMBi4cdIlju8iLjj -389xQHNyndXHWD51is89GG8vpBe+IsN8mnbGtCcpqtJ/c65ErJhHTR7rSJSMEqQD -0LPOCKIY1q9FaSSJfMXJZk9t/rPxgUEVjfw7hAkKpgOAqoZRN+FpnFyBl0FnnXo8 -kLp55tfVyNibtUpmdCPkOwt9b3jAtKtnvDQ2YqY1/llfEUnFOVDKwuC6MYwifm92 -qNlAQA/T0+ocjs6gA9zOLx+wD1zqM13hMD/L+T2OHL/WgvGb62JLrNHXuPWA8RSh -O4kIlPtARKXap2S3+MX/kpSUUrNa65Y5uK1jwFFclczG+CPCIBBn6iJiQT/vOX1I -97YUP4Qq6OGkjK064Bq6o8+e5+NmIOBcygYRv6wA7vGkmPLSWbnw99qD728bBh84 -fC3EjItdusqGIwjzL0eSUWXJ5eu0Z3mYhJGN1pe0R/TEB5ibiJsMLpWAr3gwggUP -BgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEGMBEEDE2HVyIurFKUEX8MEgIBEICCBOD+ -L7PeC/BpmMOb9KlS+r+LD+49fi6FGBrs8aieGi7ezZQEiFYS38aYQzTYYCt3SbJQ -TkX1fDsGZiaw/HRiNh7sJnxWATm+XNKGoq+Wls9RhSJ45Sw4GMqwpoxZjeT84Uoz -OITk3l3fV+3XiGcCejHkp8DAKZFExd5rrjlpnnAOBX6w8NrXO4s2n0LrMhtBU4eB -2YKhGgs5Q6wQyXtU7rc7OOwTGvxWEONzSHJ01pyvqVQZAohsZPaWLULrM/kEGkrh -G4jcaVjVPfULi7Uqo14imYhdCq5Ba4bwqI0Ot6mB27KD6LlOnVC/YmXCNIoYoWmq -y1o3pSm9ovnLEO/dzxQjEJXYeWRje9M/sTxotM/5oZBpYMHqIwHTJbehXFgp8+oD -jyTfayMYA3fTcTH3XbGPQfnYW2U9+ka/JhcSYybM8cuDNFd1I1LIQXoJRITXtkvP -UbJqm+s6DtS5yvG9I8aQxlT365zphS4vbQaO74ujO8bE3dynrvTTV0c318TcHpN3 -DY9PIt6mHXMIPDLEA4wes90zg6iah5XiQcLtfLaAdYwEEGlImGD8n0kOhSNgclSL -Mklpj5mVOs8exli3qoXlVMRJcBptSwOe0QPcRY30spywS4zt1UDIQ0jaecGGVtUY -j586nkubhAxwZkuQKWxgt6yYTpGNSKCdvd+ygfyGJRDbWdn6nck/EPnG1773KTHR -hMrXrBPBpSlfyJ/ju3644CCFqCjFoTh4bmB63k9ejUEVkJIJuoeKeTBaUxbCIink -K4htBkgchHP51RJp4q9jQbziD3aOhg13hO1GFQ4E/1DNIJxbEnURNp/ga8SqmnLY -8f5Pzwhm1mSzZf+obowbQ+epISrswWyjUKKO+uJfrAVN2TS/5+X6T3U6pBWWjH6+ -xDngrAJwtIdKBo0iSEwJ2eir4X8TcrSy9l8RSOiTPtqS5dF3RWSWOzkcO72fHCf/ -42+DLgUVX8Oe5mUvp7QYiXXsXGezLJ8hPIrGuOEypafDv3TwFkBc2MIB0QUhk+GG -1ENY3jiNcyEbovF5Lzz+ubvechHSb1arBuEczJzN4riM2Dc3c+r8N/2Ft6eivK7H -UuYX1uAcArhunZpA8yBGLF1m+DUXFtzWAUvfMKYPdfwGMckghF7YwLrTXd8ZhPIk -HNO1KdwQKIRfgIlUPfTxRB7eNrG/Ma9a/IwrcI1QtkXU59uIZIw+7+FHZRWPsOjT -u1Pdy+JtcSTG4dmS+DIwqpUzdu6MaBCVaOhXHwybvaSPTfMG/nR/NxF1FI8xgydn -zXZs8HtFDL9iytKnvXHx+IIz8Rahp/PK8S80vPQNIeef/JgnIhtosID/A614LW1t -B4cWdveYlD5U8T/XXInAtCY78Q9WJD+ecu87OJmlOdmjrFvitpQAo8+NGWxc7Wl7 -LtgDuYel7oXFCVtI2npbA7R+K5/kzUvDCY6GTgzn1Gfamc1/Op6Ue17qd/emvhbI -x+ng3swf8TJVnCNDIXucKVA4boXSlCEhCGzfoZZYGVvm1/hrypiBtpUIKWTxLnz4 -AQJdZ5LGiCQJQU1wMyHsg6vWmNaJVhGHE6D/EnKsvJptFIkAx0wWkh35s48p7EbU -8QBg//5eNru6yvLRutfdBX7T4w681pCD+dOiom75C3UdahrfoFkNsZ2hB88+qNsE -EPb/xuGu8ZzSPZhakhl2NS2ggglpMIICAjCCAYigAwIBAgIJAOiR1gaRT87yMAoG -CCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH -SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwNTE0MDg1ODExWhcNMjEw -NTEzMDg1ODExWjA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcM -B0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMHYwEAYHKoZIzj0CAQYFK4EEACID -YgAE8FF2VLHojmqlnawpQwjG6fWBQDPOy05hYq8oKcyg1PXH6kgoO8wQyKYVwsDH -Evc1Vg6ErQm3LzdI8OQpYx3H386R2F/dT/PEmUSdcOIWsB4zrFsbzNwJGIGeZ33Z -S+xGo1AwTjAdBgNVHQ4EFgQU8jXbNATapVXyvWkDmbBi7OIVCMEwHwYDVR0jBBgw -FoAU8jXbNATapVXyvWkDmbBi7OIVCMEwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQD -AwNoADBlAjBaUY2Nv03KolLNRJ2wSoNK8xlvzIWTFgIhsBWpD1SpJxRRv22kkoaw -9bBtmyctW+YCMQC3/KmjNtSFDDh1I+lbOufkFDSQpsMzcNAlwEAERQGgg6iXX+Nh -A+bFqNC7FyF4WWQwggOHMIIDDqADAgECAgkApbNUKBuwbkYwCgYIKoZIzj0EAwMw -PzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREw -DwYDVQQKDAhCb2d1cyBDQTAeFw0xOTExMDIxODQyMThaFw0yMDExMDExODQyMTha -MGYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjEQ -MA4GA1UEChMHRXhhbXBsZTEMMAoGA1UECxMDUENBMRgwFgYDVQQDEw9wY2EuZXhh -bXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ9/m9uACpsTl2frBuILHiw -IJyfUEpKseYJ+JYL1AtIZU0YeJ9DA+32h0ZeNGJDtDClnbBEPpn3W/5+TzldcsTe -QlAJB08gcVRjkQym9LtPq7rGubCeVWlRRE9M7F9znk6jggGtMIIBqTAdBgNVHQ4E -FgQUJuolDwsyICik11oKjf8t3L1/VGUwbwYDVR0jBGgwZoAU8jXbNATapVXyvWkD -mbBi7OIVCMGhQ6RBMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UE -BwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0GCCQDokdYGkU/O8jAPBgNVHRMB -Af8EBTADAQH/MAsGA1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0 -aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1Ud -IAQOMAwwCgYIKwYBBQUHDQIwCgYDVR02BAMCAQIwgZEGCCsGAQUFBwEVBIGEMIGB -MFkGCyqGSIb3DQEJEAcDAwIF4DFGMESACyqGSIb3DQEJEAcEgTUwMwwXTEFXIERF -UEFSVE1FTlQgVVNFIE9OTFkMGEhVTUFOIFJFU09VUkNFUyBVU0UgT05MWTARBgsq -hkiG9w0BCRAHAgMCBPAwEQYLKoZIhvcNAQkQBwEDAgXgMAoGCCqGSM49BAMDA2cA -MGQCMBlIP4FWrNzWXR8OgfcvCLGPG+110EdsmwznIF6ThT1vbJYvYoSbBXTZ9OCh -/cCMMQIwJOySybHl/eLkNJh971DWF4mUQkt3WGBmZ+9Rg2cJTdat2ZjPKg101NuD -tkUyjGxfMIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZI -zj0EAwMwZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJu -ZG9uMRAwDgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3Bj -YS5leGFtcGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGS -MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAO -BgNVBAoTB0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1l -bnQxDTALBgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5j -b20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQg -KpBispSxXxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQ -QXc3zxnkcl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m71 -1OqFDNGRSWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/ -VGWhQ6RBMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVy -bmRvbjERMA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTAD -AQH/MAsGA1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0 -ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAww -CgYIKwYBBQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsq -hkiG9w0BCRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09V -UkNFUyBVU0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERl -cGFydG1lbnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/ -Hea3Hk8PtTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weB -dBa5WEDIFFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2MYIB7jCCAeoCAQEwfjBmMQsw -CQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNV -BAoTB0V4YW1wbGUxDDAKBgNVBAsTA1BDQTEYMBYGA1UEAxMPcGNhLmV4YW1wbGUu -Y29tAhRRzUhAYml5hDRfA5LZmZURvdp5nTALBglghkgBZQMEAgKggeIwGgYJKoZI -hvcNAQkDMQ0GCyqGSIb3DQEJEAEXMBwGCSqGSIb3DQEJBTEPFw0xOTExMDgyMDA4 -MzFaMD8GCSqGSIb3DQEJBDEyBDCd5WyvIB0VdXgPBWPtI152MIJLg5o68IRimCXx -bVY0j3YyAKbi0egiZ/UunkyCfv0wZQYLKoZIhvcNAQkQAgIxVjFUAgEIBgsqhkiG -9w0BCRAHAzEtMCuACyqGSIb3DQEJEAcEgRwwGgwYSFVNQU4gUkVTT1VSQ0VTIFVT -RSBPTkxZExNCb2FndXMgUHJpdmFjeSBNYXJrMAoGCCqGSM49BAMDBGcwZQIwWkD7 -03QoNrKL5HJnuGJqvML1KlUXZDHnFpnJ+QMzXi8gocyfpRXWm6h0NjXieE0XAjEA -uuDSOoaUIz+G9aemAE0ldpo1c0avNGa7BtynUTHmwosD6Sjfj0epAg9OnMedOjbr -""" - - def testDerCodec(self): - layers = { } - layers.update(rfc5652.cmsContentTypesMap) - - getNextLayer = { - rfc5652.id_ct_contentInfo: lambda x: x['contentType'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc5083.id_ct_authEnvelopedData: lambda x: None - } - - getNextSubstrate = { - rfc5652.id_ct_contentInfo: lambda x: x['content'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc5083.id_ct_authEnvelopedData: lambda x: None - } - - substrate = pem.readBase64fromText(self.pem_text) - - next_layer = rfc5652.id_ct_contentInfo - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - if next_layer == rfc5652.id_signedData: - attrs = asn1Object['signerInfos'][0]['signedAttrs'] - certs = asn1Object['certificates'] - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - spid = rfc3114.id_tsp_TEST_Whirlpool - catid = rfc3114.id_tsp_TEST_Whirlpool_Categories - conf = rfc3114.Whirlpool_SecurityClassification(value='whirlpool-confidential') - - assert catid in rfc5755.securityCategoryMap.keys() - assert rfc5755.id_at_clearance in rfc5280.certificateAttributesMap.keys() - assert rfc5280.id_ce_subjectDirectoryAttributes in rfc5280.certificateExtensionsMap.keys() - - security_label_okay = False - for attr in attrs: - if attr['attrType'] == rfc5035.id_aa_securityLabel: - esssl, rest = der_decode(attr['attrValues'][0], - asn1Spec=rfc5035.ESSSecurityLabel()) - assert not rest - assert esssl.prettyPrint() - assert der_encode(esssl) == attr['attrValues'][0] - - assert esssl['security-policy-identifier'] == spid - assert esssl['security-classification'] == conf - - for cat in esssl['security-categories']: - if cat['type'] == catid: - scv, rest = der_decode(cat['value'], - asn1Spec=rfc3114.SecurityCategoryValues()) - assert not rest - assert scv.prettyPrint() - assert der_encode(scv) == cat['value'] - for scv_str in scv: - assert 'USE ONLY' in scv_str - security_label_okay = True - - assert security_label_okay - - clearance_okay = False - for cert_choice in certs: - for extn in cert_choice['certificate']['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5755.id_at_clearance: - av, rest = der_decode(attr['values'][0], - asn1Spec=rfc5280.certificateAttributesMap[attr['type']]) - assert av['policyId'] == spid - for cat in av['securityCategories']: - assert cat['type'] == catid - scv, rest = der_decode(cat['value'], - asn1Spec=rfc5755.securityCategoryMap[cat['type']]) - assert not rest - assert scv.prettyPrint() - assert der_encode(scv) == cat['value'] - for scv_str in scv: - assert 'USE ONLY' in scv_str - clearance_okay = True - - assert clearance_okay - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc3274.py b/tests/test_rfc3274.py index a024b77..a8137fd 100644 --- a/tests/test_rfc3274.py +++ b/tests/test_rfc3274.py @@ -57,9 +57,11 @@ XQ7u2qbaKFtZ7V96NH8ApkUFkg== def testOpenTypes(self): substrate = pem.readBase64fromText(self.compressed_data_pem_text) + + rfc5652.cmsContentTypesMap.update(rfc3274.cmsContentTypesMapUpdate) asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate diff --git a/tests/test_rfc3279.py b/tests/test_rfc3279.py deleted file mode 100644 index 28d5cce..0000000 --- a/tests/test_rfc3279.py +++ /dev/null @@ -1,356 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc3279 - -try: - import unittest2 as unittest -except ImportError: - import unittest - -class RSACertificateTestCase(unittest.TestCase): - rsa_cert_pem_text = """\ -MIIE8TCCA9mgAwIBAgIQbyXcFa/fXqMIVgw7ek/H+DANBgkqhkiG9w0BAQUFADBv -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk -ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF -eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow -gYExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO -BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMScwJQYD -VQQDEx5DT01PRE8gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDQQIuLcuORG/dRwRtUBJjTqb/B5opdO4f7u4jO -DeMvPwaW8KIpUJmu2zuhV7B0UXHN7UKRTUH+qcjYaoZ3RLtZZpdQXrTULHBEz9o3 -lUJpPDDEcbNS8CFNodi6OXwcnqMknfKDFpiqFnxDmxVbt640kf7UYiYYRpo/68H5 -8ZBX66x6DYvbcjBqZtXgRqNw3GjZ/wRIiXfeten7Z21B6bw5vTLZYgLxsag9bjec -4i/i06Imi8a4VUOI4SM+pdIkOWpHqwDUobOpJf4NP6cdutNRwQuk2qw471VQJAVl -RpM0Ty2NrcbUIRnSjsoFYXEHc0flihkSvQRNzk6cpUisuyb3AgMBAAGjggF0MIIB -cDAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73gJMtUGjAdBgNVHQ4EFgQUC1jl -i8ZMFTekQKkwqSG+RzZaVv8wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMB -Af8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9j -cmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LmNybDCBswYI -KwYBBQUHAQEEgaYwgaMwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0 -LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LnA3YzA5BggrBgEFBQcwAoYtaHR0 -cDovL2NydC51c2VydHJ1c3QuY29tL0FkZFRydXN0VVROU0dDQ0EuY3J0MCUGCCsG -AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBBQUA -A4IBAQAHYJOZqs7Q00fQNzPeP2S35S6jJQzVMx0Njav2fkZ7WQaS44LE5/X289kF -z0k0LTdf9CXH8PtrI3fx8UDXTLtJRTHdAChntylMdagfeTHJNjcPyjVPjPF+3vxG -q79om3AjMC63xVx7ivsYE3lLkkKM3CyrbCK3KFOzGkrOG/soDrc6pNoN90AyT99v -uwFQ/IfTdtn8+7aEA8rJNhj33Wzbu7qBHKat/ij5z7micV0ZBepKRtxzQe+JlEKx -Q4hvNRevHmCDrHqMEHufyfaDbZ76iO4+3e6esL/garnQnweyCROa9aTlyFt5p0c1 -M2jlVZ6qW8swC53HD79oRIGXi1FK -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.rsa_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.rsaEncryption - - spki_pk = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'].asOctets() - pk, rest = der_decode(spki_pk, asn1Spec=rfc3279.RSAPublicKey()) - assert not rest - assert pk.prettyPrint() - assert der_encode(pk) == spki_pk - assert pk['publicExponent'] == 65537 - - assert asn1Object['tbsCertificate']['signature']['algorithm'] == rfc3279.sha1WithRSAEncryption - assert asn1Object['signatureAlgorithm']['algorithm'] == rfc3279.sha1WithRSAEncryption - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.rsa_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.rsaEncryption - assert spki_a['parameters'] == univ.Null("") - - -class ECCertificateTestCase(unittest.TestCase): - ec_cert_pem_text = """\ -MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBT -ZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6g -LGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv -68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0w -EgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEE -KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0f -BDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv -YmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc -aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/A -buiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJ -KoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/6 -3qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoB -UEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6 -mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3 -loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQd -Ea8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.ec_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.id_ecPublicKey - - spki_a_p, rest = der_decode(spki_a['parameters'], - asn1Spec=rfc3279.EcpkParameters()) - assert not rest - assert spki_a_p.prettyPrint() - assert der_encode(spki_a_p) == spki_a['parameters'] - assert spki_a_p['namedCurve'] == univ.ObjectIdentifier('1.3.132.0.34') - - def testOpenTypes(self): - asn1Spec = rfc5280.Certificate() - substrate = pem.readBase64fromText(self.ec_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.id_ecPublicKey - assert spki_a['parameters']['namedCurve'] == univ.ObjectIdentifier('1.3.132.0.34') - - -class DSACertificateTestCase(unittest.TestCase): - dsa_cert_pem_text = """\ -MIIDpjCCA0ygAwIBAgIUY8xt3l0B9nIPWSpjs0hDJUJZmCkwCwYJYIZIAWUDBAMC -MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjER -MA8GA1UEChMIQm9ndXMgQ0EwHhcNMTkxMDIwMjAxMjMwWhcNMjAxMDE5MjAxMjMw -WjBwMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24x -EDAOBgNVBAoTB0V4YW1wbGUxDjAMBgNVBAsTBUFsaWNlMSAwHgYJKoZIhvcNAQkB -FhFhbGljZUBleGFtcGxlLmNvbTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCLpR53 -xHfe+SiknAK/L9lm/ZO1109c9iYkriPIW/5MMlM+qc/tdRkKpG6ELIpfXTPtKCJm -zqqVIyTmAJryyE8Xw0Ie2mzYPU5ULvKmllQkjTsWgPGgQBkciZ0AW9ggD9VwZilg -4qh3iSO7T97hVQFnpCh6vm8pOH6UP/5kpr9ZJQIVANzdbztBJlJfqCB1t4h/NvSu -wCFvAoGAITP+jhYk9Rngd98l+5ccgauQ+cLEUBgNG2Wq56zBXQbLou6eKkQi7ecL -NiRmExq3IU3LOj426wSxL72Kw6FPyOEv3edIFkJJEHL4Z+ZJeVe//dzya0ddOJ7k -k6qNF2ic+viD/5Vm8yRyKiig2uHH/MgIesLdZnvbzvX+f/P0z50DgYQAAoGALAUl -jkOi1PxjjFVvhGfK95yIsrfbfcIEKUBaTs9NR2rbGWUeP+93paoXwP39X9wrJx2M -SWeHWhWKszNgoiyqYT0k4R9mem3WClotxOvB5fHfwIp2kQYvE7H0/TPdGhfUpHQG -YpyLQgT6L80meSKMFnu4VXGzOANhWDxu3JxiADCjgZQwgZEwCwYDVR0PBAQDAgeA -MEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVz -dGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFO37wHcauyc03rDc6cDRRsHz -gcK+MB8GA1UdIwQYMBaAFM1IZQGDsqYHWwb+I4EMxHPk0bU4MAsGCWCGSAFlAwQD -AgNHADBEAiBBRbfMzLi7+SVyO8SM3xxwUsMf/k1B+Nkvf1kBTfCfGwIgSAx/6mI+ -pNqdXqZZGESXy1MT1aBc4ynPGLFUr2r7cPY= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.dsa_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.id_dsa - - spki_a_p, rest = der_decode(spki_a['parameters'], - asn1Spec=rfc3279.Dss_Parms()) - assert not rest - assert spki_a_p.prettyPrint() - assert der_encode(spki_a_p) == spki_a['parameters'] - q_value = 1260916123897116834511257683105158021801897369967 - assert spki_a_p['q'] == q_value - - sig_value, rest = der_decode(asn1Object['signature'].asOctets(), - asn1Spec=rfc3279.Dss_Sig_Value()) - assert not rest - assert sig_value.prettyPrint() - assert der_encode(sig_value) == asn1Object['signature'].asOctets() - assert sig_value['r'].hasValue() - assert sig_value['s'].hasValue() - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.dsa_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.id_dsa - q_value = 1260916123897116834511257683105158021801897369967 - assert spki_a['parameters']['q'] == q_value - - -class KEACertificateTestCase(unittest.TestCase): - kea_cert_pem_text = """\ -MIICizCCAjOgAwIBAgIUY8xt3l0B9nIPWSpjs0hDJUJZmCgwCQYHKoZIzjgEAzA/ -MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xETAP -BgNVBAoTCEJvZ3VzIENBMB4XDTE5MTAyMDIwMDkyMVoXDTIwMTAxOTIwMDkyMVow -cDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw -DgYDVQQKEwdFeGFtcGxlMQ4wDAYDVQQDEwVBbGljZTEgMB4GCSqGSIb3DQEJARYR -YWxpY2VAZXhhbXBsZS5jb20wgaAwFwYJYIZIAWUCAQEWBApc+PEn5ladbYizA4GE -AAKBgB9Lc2QcoSW0E9/VnQ2xGBtpYh9MaDUBzIixbN8rhDwh0BBesD2TwHjzBpDM -2PJ6DD1ZbBcz2M3vJaIKoZ8hA2EUtbbHX1BSnVfAdeqr5St5gfnuxSdloUjLQlWO -rOYfpFVEp6hJoKAZiYfiXz0fohNXn8+fiU5k214byxlCPlU0o4GUMIGRMAsGA1Ud -DwQEAwIDCDBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3Qg -YmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMB0GA1UdDgQWBBSE49bkPB9sQm27 -Rs2jgAPMyY6UCDAfBgNVHSMEGDAWgBTNSGUBg7KmB1sG/iOBDMRz5NG1ODAJBgcq -hkjOOAQDA0cAMEQCIE9PWhUbnJVdNQcVYSc36BMZ+23uk2ITLsgSXtkScF6TAiAf -TPnJ5Wym0hv2fOpnPPsWTgqvLFYfX27GGTquuOd/6A== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - asn1Spec = rfc5280.Certificate() - substrate = pem.readBase64fromText(self.kea_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.id_keyExchangeAlgorithm - - spki_a_p, rest = der_decode(spki_a['parameters'], - asn1Spec=rfc3279.KEA_Parms_Id()) - assert not rest - assert spki_a_p.prettyPrint() - assert der_encode(spki_a_p) == spki_a['parameters'] - assert spki_a_p == univ.OctetString(hexValue='5cf8f127e6569d6d88b3') - - assert asn1Object['tbsCertificate']['signature']['algorithm'] == rfc3279.id_dsa_with_sha1 - assert asn1Object['signatureAlgorithm']['algorithm'] == rfc3279.id_dsa_with_sha1 - - sig_value, rest = der_decode(asn1Object['signature'].asOctets(), - asn1Spec=rfc3279.Dss_Sig_Value()) - assert not rest - assert sig_value.prettyPrint() - assert der_encode(sig_value) == asn1Object['signature'].asOctets() - assert sig_value['r'].hasValue() - assert sig_value['s'].hasValue() - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.kea_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.id_keyExchangeAlgorithm - assert spki_a['parameters'] == univ.OctetString(hexValue='5cf8f127e6569d6d88b3') - - assert asn1Object['tbsCertificate']['signature']['algorithm'] == rfc3279.id_dsa_with_sha1 - assert asn1Object['signatureAlgorithm']['algorithm'] == rfc3279.id_dsa_with_sha1 - - -class DHCertificateTestCase(unittest.TestCase): - dh_cert_pem_text = """\ -MIIEtDCCBFqgAwIBAgIUY8xt3l0B9nIPWSpjs0hDJUJZmCkwCwYJYIZIAWUDBAMC -MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjER -MA8GA1UEChMIQm9ndXMgQ0EwHhcNMTkxMDIwMjAxMjMwWhcNMjAxMDE5MjAxMjMw -WjBwMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24x -EDAOBgNVBAoTB0V4YW1wbGUxDjAMBgNVBAsTBUFsaWNlMSAwHgYJKoZIhvcNAQkB -FhFhbGljZUBleGFtcGxlLmNvbTCCAsQwggI5BgcqhkjOPgIBMIICLAKCAQEAt9x/ -0iwGww3k19h+wbODVK1yqjFzEY2pyfXthHcn+nEw+DpURJ+iOhYPr68E3XO5sB48 -r5xTZhPN5+YejD3T8qhnDtiq4qrrSH7BOaEzqCDpHE2Bpoy3SodQ5Obaiu9Kx1ix -BRk/oRZUH+F+ATZmF0rPKrZGZOnmsh0IZm3dlmRR9FRGn0aJlZKXveqp+hZ97/r0 -cbSo6wdT47APfocgweZMvgWu1IQBs6FiunRgaeX3RyLr4fnkvCzUM7TmxpRJYtL6 -myAp007QvtgQ0AdEwVfNl3jQ0IIW7TtpXVxDDQaKZZe9yYrY4GV3etlYk8a4cpjN -rBxBCCTMASE4+iVtPQKCAQAg3m19vWc1TlHmkeqLwgvHN0Ufdyw5axWtc8qIJGZ1 -MezhyLyD4RU0VFCSocJCCe2k2kS2P2vQERZZYcn/nCYuiswCjOCbnwKozfaTZ3Fc -1KOCtb4EEcuk/th5XNhWCYJJ7Hasym8zuPaqh5TLcsHXp0/lQUiOV2uVHnAt503A -HY1v4PhlZ3G0CRZMenafU0Ky7a6zhrqFvWgtSdo+vN0S9xS/KJuTaWsYgOAt4r2I -K1uwuWuvA5L1Qrdj8pDzMLkdlyHU1Jgjzk0rNQDTbUkZX9CAi/xKUGZysjWfOn1F -HC1vJ1sbP9nTXpWRain1/6yatB2RxLTvWYyAq9IsL/8PAiEAkY8lGryvcZI/pxXt -XwSaXEL2d77GSGICMGZa1wOJtdEDgYQAAoGALAUljkOi1PxjjFVvhGfK95yIsrfb -fcIEKUBaTs9NR2rbGWUeP+93paoXwP39X9wrJx2MSWeHWhWKszNgoiyqYT0k4R9m -em3WClotxOvB5fHfwIp2kQYvE7H0/TPdGhfUpHQGYpyLQgT6L80meSKMFnu4VXGz -OANhWDxu3JxiADCjgZQwgZEwCwYDVR0PBAQDAgMIMEIGCWCGSAGG+EIBDQQ1FjNU -aGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVycG9z -ZS4wHQYDVR0OBBYEFO37wHcauyc03rDc6cDRRsHzgcK+MB8GA1UdIwQYMBaAFM1I -ZQGDsqYHWwb+I4EMxHPk0bU4MAsGCWCGSAFlAwQDAgNHADBEAiB1LU0esRdHDvSj -kqAm+3viU2a+hl66sLrK5lYBOYqGYAIgWG7bDxqFVP6/stHfdbeMovLejquEl9tr -iPEBA+EDHjk= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.dh_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.dhpublicnumber - - spki_a_p, rest = der_decode(spki_a['parameters'], - asn1Spec=rfc3279.DomainParameters()) - assert not rest - assert spki_a_p.prettyPrint() - assert der_encode(spki_a_p) == spki_a['parameters'] - q_value = 65838278260281264030127352144753816831178774189428428256716126077244217603537 - assert spki_a_p['q'] == q_value - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.dh_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc3279.dhpublicnumber - q_value = 65838278260281264030127352144753816831178774189428428256716126077244217603537 - assert spki_a['parameters']['q'] == q_value - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc3280.py b/tests/test_rfc3280.py deleted file mode 100644 index 0a4dd02..0000000 --- a/tests/test_rfc3280.py +++ /dev/null @@ -1,84 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc3280 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class CertificateTestCase(unittest.TestCase): - pem_text = """\ -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 -IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz -BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y -aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG -9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy -NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y -azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw -Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl -cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD -cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs -2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY -JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE -Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ -n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A -PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu -""" - - def setUp(self): - self.asn1Spec = rfc3280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - -class CertificateListTestCase(unittest.TestCase): - pem_text = """\ -MIIBVjCBwAIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJBVTETMBEGA1UE -CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk -MRUwEwYDVQQDEwxzbm1wbGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25t -cGxhYnMuY29tFw0xMjA0MTExMzQwNTlaFw0xMjA1MTExMzQwNTlaoA4wDDAKBgNV -HRQEAwIBATANBgkqhkiG9w0BAQUFAAOBgQC1D/wwnrcY/uFBHGc6SyoYss2kn+nY -RTwzXmmldbNTCQ03x5vkWGGIaRJdN8QeCzbEi7gpgxgpxAx6Y5WkxkMQ1UPjNM5n -DGVDOtR0dskFrrbHuNpWqWrDaBN0/ryZiWKjr9JRbrpkHgVY29I1gLooQ6IHuKHY -vjnIhxTFoCb5vA== -""" - - def setUp(self): - self.asn1Spec = rfc3280.CertificateList() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc3281.py b/tests/test_rfc3281.py deleted file mode 100644 index 915f791..0000000 --- a/tests/test_rfc3281.py +++ /dev/null @@ -1,84 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc3281 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class AttributeCertificateTestCase(unittest.TestCase): - pem_text = """\ -MIIDBTCCAm4CAQEwgY+gUTBKpEgwRjEjMCEGA1UEAwwaQUNNRSBJbnRlcm1lZGlh -dGUgRUNEU0EgQ0ExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlBQ01FIEx0ZC4CAx7N -WqE6pDgwNjETMBEGA1UEAwwKQUNNRSBFQ0RTQTELMAkGA1UEBhMCRkkxEjAQBgNV -BAoMCUFDTUUgTHRkLqA9MDukOTA3MRQwEgYDVQQDDAtleGFtcGxlLmNvbTELMAkG -A1UEBhMCRkkxEjAQBgNVBAoMCUFDTUUgTHRkLjANBgkqhkiG9w0BAQsFAAIEC63K -/jAiGA8yMDE2MDEwMTEyMDAwMFoYDzIwMTYwMzAxMTIwMDAwWjCB8jA8BggrBgEF -BQcKATEwMC6GC3VybjpzZXJ2aWNlpBUwEzERMA8GA1UEAwwIdXNlcm5hbWUECHBh -c3N3b3JkMDIGCCsGAQUFBwoCMSYwJIYLdXJuOnNlcnZpY2WkFTATMREwDwYDVQQD -DAh1c2VybmFtZTA1BggrBgEFBQcKAzEpMCegGKQWMBQxEjAQBgNVBAMMCUFDTUUg -THRkLjALDAlBQ01FIEx0ZC4wIAYIKwYBBQUHCgQxFDASMBAMBmdyb3VwMQwGZ3Jv -dXAyMCUGA1UESDEeMA2hC4YJdXJuOnJvbGUxMA2hC4YJdXJuOnJvbGUyMGowHwYD -VR0jBBgwFoAUgJCMhskAsEBzvklAX8yJBOXO500wCQYDVR04BAIFADA8BgNVHTcB -Af8EMjAwMB2gCoYIdXJuOnRlc3SgD4INKi5leGFtcGxlLmNvbTAPoA2GC3Vybjph -bm90aGVyMA0GCSqGSIb3DQEBCwUAA4GBACygfTs6TkPurZQTLufcE3B1H2707OXK -sJlwRpuodR2oJbunSHZ94jcJHs5dfbzFs6vNfVLlBiDBRieX4p+4JcQ2P44bkgyi -UTJu7g1b6C1liB3vO6yH5hOZicOAaKd+c/myuGb9uJ4n6y2oLNxnk/fDzpuZUe2h -Q4eikPk4LQey -""" - - def setUp(self): - self.asn1Spec = rfc3281.AttributeCertificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['acinfo']['version'] == 1 - - attributeMap = { - rfc3281.id_at_role: rfc3281.RoleSyntax(), - rfc3281.id_aca_authenticationInfo: rfc3281.SvceAuthInfo(), - rfc3281.id_aca_accessIdentity: rfc3281.SvceAuthInfo(), - rfc3281.id_aca_chargingIdentity: rfc3281.IetfAttrSyntax(), - rfc3281.id_aca_group: rfc3281.IetfAttrSyntax(), - } - - count = 0 - for attr in asn1Object['acinfo']['attributes']: - assert attr['type'] in attributeMap - av, rest = der_decode(attr['values'][0], - asn1Spec=attributeMap[attr['type']]) - assert not rest - assert av.prettyPrint() - assert der_encode(av) == attr['values'][0] - count += 1 - - assert count == 5 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc3447.py b/tests/test_rfc3447.py deleted file mode 100644 index d4114c7..0000000 --- a/tests/test_rfc3447.py +++ /dev/null @@ -1,73 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc3447 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -# openssl genrsa -primes 3 -f4 -out multiprime.key - -class MultiprimeRSAPrivateKeyTestCase(unittest.TestCase): - pem_text = """\ -MIIE2QIBAQKCAQEAn82EqwXasE2TFNSmZucB8LNza2mOWLHF3nxpxKXalPMDvezc -5Dq7Ytcv/k9jJL4j4jYfvR4yyZdU9iHLaD6hOINZ8E6hVpx/4c96ZUSOLzD2g+u+ -jIuoNfG+zygSBGYCS6BLCAIsZ+2wUyxYpLJknHJld9/jy+aLmmyrilhH9dH5AUiV -3NeWht/68++dMXf4ZI/gV4bMSlWhggxkz2WJJpiQdCdJatGkwNDkHmLA9X0tC6OH -SPE7qYdxG38cYS5F445SgnhDpiK7BodSqYLwgehaDjoOYdEgHVnOcpBCDI5zCJSL -b1c/z8uhrB1xxlECR44wCLcKsIIYQxaEErRJ/wIDAQABAoIBAD+Ra5L0szeqxDVn -GgKZJkZvvBwgU0WpAgMtDo3xQ/A4c2ab0IrhaiU5YJgTUGcPVArqaNm8J4vVrTBz -5QxEzbFDXwWe4cMoYh6bgB7ElKLlIUr8/kGZUfgc7kI29luEjcAIEAC2/RQHesVn -DHkL5OzqZL+4fIwckAMh0tXdflsPgZ/jgIaKca4OqKu4KGnczm3UvqtlvwisAjkx -zMyfZXOLn0vEwP2bfbhQrCVrP7n6a+CV+Kqm8NBWnbiS6x2rWemVVssNTbfXQztq -wC6ZJZCLK7plciDBWvHcS6vxdcsS9DUxuqSV6o/stCGTl1D+9tDx8Od0Eunna2B2 -wAoRHZECVgbNO1bqwfYpp5aFuySWoP+KZz8f/5ZkHjLwiNGpQcqVd4+7Ql2R4qgF -NgSoQQOZFhKtiOeLVU0HYfp6doI4waSINZdF/fJDHD6fY3AMOc/IIMDHHIzbAlYG -vKOocLXWj/2+gcyQ1XoAmrE70aIFUBLSvd7RCi8GI74zYWp5lCSvO850Z4GsWSZT -41iF13sTDDJPm3+BbzMvEu2GuACi/8/IpbUr24/FP9Cp1Rf7kwJWAgMxfoshbrNu -ebQB5laHNnT+DYhrOFVRNiNDaD2bUNSetrFidosWtD4ueHxMGENwa4BbFJ9+UrdP -fyxC6k7exM7khGjaNZczwTep1VpYtKjzP/bp9KcCVgYoj9s9HZ1FCAsNEPodjGfd -AcPTQS9mIa7wzy19B7uvFQJXPURi/p4KKBMVQ99Pp8/r9lJzxxiEf8FyPr8N7lZM -EUKkFkDrZQDhKpsrHWSNj6yRFlltAlYC7dYR8KLEWoOUATLosxQhwgypv+23r+d4 -ZdPOdDv9n8Kmj+NFy/oISFfdXzlOU4RWQtMx3hEwAabwct7vjiJEej/kmiTqco02 -17tt13VvvQ5ZXF73dDCCAQwwggEIAlYDfMpM1WNfxcLLOgkRZ+0S9OvIrEOi0ALV -SquTdi/thhCuCsK3lMD4miN9te8j16YtqEFVWXC3a6DWwIJ6m/xZ50bBwPqM8RsI -6FWhZw4Dr5VqjYXUvwJWAvapRk9SydDYri/cAtGIkUJVlspkE1emALAaSw30vmfd -hrgYLT6YGOmK3UmcNJ4NVeET275MXWF1ZOhkOGKTN6aj5wPhJaHBMnmUQrq7GwC6 -/LfUkSsCVgMCDTV9gbFW8u6TcTVW85dBIeUGxZh1T2pbU3dkGO3IOxOhzJUplH4/ -EeEs9dusHakg1ERXAg4Vo1YowPW8kuVbZ9faxeVrmuER5NcCuZzS5X/obGUw -""" - - def setUp(self): - self.asn1Spec = rfc3447.RSAPrivateKey() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc3565.py b/tests/test_rfc3565.py index f69e392..99cb567 100644 --- a/tests/test_rfc3565.py +++ b/tests/test_rfc3565.py @@ -11,8 +11,6 @@ import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder -from pyasn1.type import univ - from pyasn1_modules import pem from pyasn1_modules import rfc3565 @@ -52,20 +50,11 @@ class AESCBCTestCase(unittest.TestCase): assert asn1Object[1].isValue assert der_encoder.encode(asn1Object) == substrate - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.aes_alg_id_pem_text) - asn1Object, rest = der_decoder.decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object[0] == rfc3565.id_aes256_CBC - aes_iv = univ.OctetString(hexValue='108996ba850e3f0339993bb5878a0e37') - assert asn1Object[1] == aes_iv - assert der_encoder.encode(asn1Object) == substrate - suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) + import sys + + result = unittest.TextTestRunner(verbosity=2).run(suite) + sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc3709.py b/tests/test_rfc3709.py index 8313129..a7d0ef8 100644 --- a/tests/test_rfc3709.py +++ b/tests/test_rfc3709.py @@ -6,8 +6,8 @@ # import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 @@ -19,7 +19,7 @@ except ImportError: import unittest -class CertificateExtnWithUrlTestCase(unittest.TestCase): +class CertificateExtnTestCase(unittest.TestCase): pem_text = """\ MIIC9zCCAn2gAwIBAgIJAKWzVCgbsG46MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n @@ -43,133 +43,40 @@ Pj22pmfmQi5w21UljqoTj/+lQLkU3wfy5BdVKBwI0GfEA+YL3ctSzPNqAA== self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - extn_list = [ ] - for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - - if extn['extnID'] == rfc3709.id_pe_logotype: - s = extn['extnValue'] - logotype, rest = der_decode(s, rfc3709.LogotypeExtn()) - assert not rest - assert logotype.prettyPrint() - assert der_encode(logotype) == s - ids = logotype['subjectLogo']['direct']['image'][0]['imageDetails'] - assert ids['mediaType'] == "image/png" - assert ids['logotypeURI'][0] == "http://www.vigilsec.com/vigilsec_logo.png" - - assert rfc3709.id_pe_logotype in extn_list - def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert der_encode(extnValue) == extn['extnValue'] - - -class CertificateExtnWithDataTestCase(unittest.TestCase): - pem_text = """\ -MIIJJDCCCAygAwIBAgIRAPIGo/5ScWbpAAAAAFwQBqkwDQYJKoZIhvcNAQELBQAw -gbkxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL -Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg -MjAxOCBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLTAr -BgNVBAMTJEVudHJ1c3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gVk1DMTAeFw0x -OTA4MzAxNDMyMzlaFw0yMDAyMjUxNTAyMzZaMIIBjTEOMAwGA1UEERMFMTAwMTcx -CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlv -cmsxGDAWBgNVBAkTDzI3MCBQYXJrIEF2ZW51ZTETMBEGCysGAQQBgjc8AgEDEwJV -UzEZMBcGCysGAQQBgjc8AgECEwhEZWxhd2FyZTEfMB0GA1UEChMWSlBNb3JnYW4g -Q2hhc2UgYW5kIENvLjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xNzA1 -BgNVBAsTLkpQTUMgRmlyc3QgVmVyaWZpZWQgTWFyayBDZXJ0aWZpY2F0ZSBXb3Js -ZHdpZGUxDzANBgNVBAUTBjY5MTAxMTEXMBUGCisGAQQBg55fAQQTBzIwMTUzODkx -EjAQBgorBgEEAYOeXwEDEwJVUzEmMCQGCisGAQQBg55fAQITFmh0dHBzOi8vd3d3 -LnVzcHRvLmdvdi8xHzAdBgNVBAMTFkpQTW9yZ2FuIENoYXNlIGFuZCBDby4wggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNLY+etlX06q1MxA1VT/P20h1i -eFGTzX4fqSQNG+ypmjNfLa8YXraO1v1hahenkRUWrVPW0Hq3zKNJcCDmosox6+tB -59u0b1xgN8y8D05AEC7qoVVdbaWKENMxCN4CDfST6d3YOqApjqEFAGZ71s39tRRG -kmWGJb4jKXcUX8FWV8w/vjKrpipZ8JsX2tuOp2uxFLkmi+V7gvN8tpbHUipP5K7L -190VOBytSWPudXefnYG3UWRfwah7Fq1bKYT/cCwStUm8XlfA8nUumeVsAiyC6phs -adn26MYiSddsBU08TGthmunLAO0+shaBy6jHYZxMa37S67vVlDpxbeF+TPVXAgMB -AAGjggROMIIESjATBgorBgEEAdZ5AgQDAQH/BAIFADCCArAGCCsGAQUFBwEMBIIC -ojCCAp6iggKaoIICljCCApIwggKOMIICihYNaW1hZ2Uvc3ZnK3htbDAzMDEwDQYJ -YIZIAWUDBAIBBQAEIBnwW6ChGgWWIRn3qn/xGAOlhDflA3z5jhZcZTNDlxF5MIIC -QhaCAj5kYXRhOmltYWdlL3N2Zyt4bWw7YmFzZTY0LEg0c0lBQUFBQUFBQUFJV1Iz -V3JqTUJCR3I1dW5tR3F2Rml4NUpQODBObkZLRTVhbTRFSmhJYmVMazZpT1dhOXRa -TWQyOXVrN2NsTG9SV25CMHNENGNPYVR0TGdmLzVYUWE5TVdkWlV3S1pDQnJ2YjFv -YWp5aEoyNlZ6NW45OHZaNHBaemVOU1ZObGxYbXhnZUR2Vk93MU5abnRwdWFvRlNB -b1YwNFBmMkVYNk5UVzA2ZUNsUE9YK3FRRXpON1dWR0RLRkFoTldwS0ErQVB3RTRK -MzNiNXg5REtBYTdyTlV2cG40dFNwMndycWpPRElwRHd0THNyTTBmeVlCaVYyM0Nq -bDNYeEs0N0RJTVlQRkdiM0ZXSTZKTHZpc1JqV1ZSL1B3TmxGRVh1OUpmTmJtQk1H -RFlqZy9PMTlvVWVWclh0QWtJWTBEY0o0N2JKOXBTb01iclZwdGVNd3VmTDJjMml5 -Ym9qVU5veVlUOFFnL1VxWWtCNW41VW5QQWZYU2pub0tPbEl1eW5oOVRJVTh1Z3JF -YVMrVC9lRzZRWDh6OXl2YkdIZ0VLZjJ5S1h3dU9Sa2VsOGJQeFJoUHhtSnN0TDBT -bi9qOUtXWU8yR3dsM2EremNhbmhOYTV0YzZORkdHcVVFUUVwVmY0R3lVNnhOMnRx -WGgwWXQrM1BpcEhlK2l0cElRMGg0VHBoWnRrQ3plM0d6M2NjdllHbkp0cjZKVUNB -QUE9MCIGA1UdEQQbMBmCF2V4Y2hhZGRldi5sYWJtb3JnYW4uY29tMBMGA1UdJQQM -MAoGCCsGAQUFBwMfMA4GA1UdDwEB/wQEAwIHgDBmBggrBgEFBQcBAQRaMFgwIwYI -KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDEGCCsGAQUFBzAChiVo -dHRwOi8vYWlhLmVudHJ1c3QubmV0L3ZtYzEtY2hhaW4uY2VyMDIGA1UdHwQrMCkw -J6AloCOGIWh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvdm1jMWNhLmNybDBPBgNVHSAE -SDBGMDYGCmCGSAGG+mwKAQswKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRy -dXN0Lm5ldC9ycGEwDAYKKwYBBAGDnl8BATAfBgNVHSMEGDAWgBSLtjl20DSQpj9i -4WTqPrz0fEahczAdBgNVHQ4EFgQUxAJ+yoDhzpPUzAPWKBYxg108dU0wCQYDVR0T -BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnqdB/vcwxFcxAlyCK0W5HOthXUdXRg9a -GwPDupqmLq2rKfyysZXonJJfr8jqO0f3l6TWTTJlXHljAwwXMtg3T3ngLyEzip5p -g0zH7s5eXjmWRhOeuHt21o611bXDbUNFTF0IpbYBTgOwAz/+k3XLVehf8dW7Y0Lr -VkzxJ6U82NxmqjaAnkm+H127x5/jPAr4LLD4gZfqFaHzw/ZLoS+fXFGs+dpuYE4s -n+xe0msYMu8qWABiMGA+MCKl45Dp5di+c2fyXtKyQ3rKI8XXZ0nN4bXK7DZd+3E3 -kbpmR6cDliloU808Bi/erMkrfUHRoZ2d586lkmwkLcoDkJ/yPD+Jhw== -""" - def setUp(self): - self.asn1Spec = rfc5280.Certificate() + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate - extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) if extn['extnID'] == rfc3709.id_pe_logotype: s = extn['extnValue'] - logotype, rest = der_decode(s, rfc3709.LogotypeExtn()) + logotype, rest = der_decoder.decode(s, rfc3709.LogotypeExtn()) assert not rest assert logotype.prettyPrint() - assert der_encode(logotype) == s + assert der_encoder.encode(logotype) == s ids = logotype['subjectLogo']['direct']['image'][0]['imageDetails'] - assert ids['mediaType'] == "image/svg+xml" - assert ids['logotypeURI'][0][0:25] == "data:image/svg+xml;base64" - - assert rfc3709.id_pe_logotype in extn_list + assert ids['mediaType'] == "image/png" + assert ids['logotypeURI'][0] == "http://www.vigilsec.com/vigilsec_logo.png" def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + rfc5280.certificateExtensionsMap.update(rfc3709.certificateExtensionsMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - extnValue, rest = der_decode(extn['extnValue'], + extnValue, rest = der_decoder.decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert der_encode(extnValue) == extn['extnValue'] + assert der_encoder.encode(extnValue) == extn['extnValue'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc3770.py b/tests/test_rfc3770.py deleted file mode 100644 index df6e0dc..0000000 --- a/tests/test_rfc3770.py +++ /dev/null @@ -1,94 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.compat.octets import str2octs - -from pyasn1_modules import pem -from pyasn1_modules import rfc5480 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc3770 - -try: - import unittest2 as unittest -except ImportError: - import unittest - -class CertificateTestCase(unittest.TestCase): - cert_pem_text = """\ -MIICqzCCAjCgAwIBAgIJAKWzVCgbsG4/MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkwNzE5MTk0MjQ3WhcNMjAwNzE4MTk0MjQ3WjBjMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZp -Z2lsIFNlY3VyaXR5IExMQzEYMBYGA1UEAxMPZWFwLmV4YW1wbGUuY29tMHYwEAYH -KoZIzj0CAQYFK4EEACIDYgAEMMbnIp2BUbuyMgH9HhNHrh7VBy7ql2lBjGRSsefR -Wa7+vCWs4uviW6On4eem5YoP9/UdO7DaIL+/J9/3DJHERI17oFxn+YWiE4JwXofy -QwfSu3cncVNMqpiDjEkUGGvBo4HTMIHQMAsGA1UdDwQEAwIHgDBCBglghkgBhvhC -AQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55 -IHB1cnBvc2UuMB0GA1UdDgQWBBSDjPGr7M742rsE4oQGwBvGvllZ+zAfBgNVHSME -GDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAeBggrBgEFBQcBDQQSMBAEB0V4YW1w -bGUEBUJvZ3VzMB0GA1UdJQQWMBQGCCsGAQUFBwMOBggrBgEFBQcDDTAKBggqhkjO -PQQDAwNpADBmAjEAmCPZnnlUQOKlcOIIOgFrRCkOqO0ESs+dobYwAc2rFCBtQyP7 -C3N00xkX8WZZpiAZAjEAi1Z5+nGbJg5eJTc8fwudutN/HNwJEIS6mHds9kfcy26x -DAlVlhox680Jxy5J8Pkx -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - sig_alg = asn1Object['tbsCertificate']['signature'] - assert sig_alg['algorithm'] == rfc5480.ecdsa_with_SHA384 - assert not sig_alg['parameters'].hasValue() - - spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_alg['algorithm'] == rfc5480.id_ecPublicKey - assert spki_alg['parameters']['namedCurve'] == rfc5480.secp384r1 - - extn_list = [ ] - for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert der_encode(extnValue) == extn['extnValue'] - - if extn['extnID'] == rfc3770.id_pe_wlanSSID: - assert str2octs('Example') in extnValue - - if extn['extnID'] == rfc5280.id_ce_extKeyUsage: - assert rfc3770.id_kp_eapOverLAN in extnValue - assert rfc3770.id_kp_eapOverPPP in extnValue - - assert rfc3770.id_pe_wlanSSID in extn_list - assert rfc5280.id_ce_extKeyUsage in extn_list - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc3779.py b/tests/test_rfc3779.py index af90376..081f69b 100644 --- a/tests/test_rfc3779.py +++ b/tests/test_rfc3779.py @@ -58,9 +58,7 @@ V+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate - extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks: s = extn['extnValue'] @@ -76,12 +74,9 @@ V+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi assert as_ids.prettyPrint() assert der_encoder.encode(as_ids) == s - assert rfc3779.id_pe_ipAddrBlocks in extn_list - assert rfc3779.id_pe_autonomousSysIds in extn_list - - def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) + rfc5280.certificateExtensionsMap.update(rfc3779.certificateExtensionsMapUpdate) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() diff --git a/tests/test_rfc3852.py b/tests/test_rfc3852.py deleted file mode 100644 index 94a618c..0000000 --- a/tests/test_rfc3852.py +++ /dev/null @@ -1,131 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc3852 -from pyasn1_modules import rfc6402 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class ContentInfoTestCase(unittest.TestCase): - pem_text = """\ -MIIEJQYJKoZIhvcNAQcCoIIEFjCCBBICAQMxCzAJBgUrDgMCGgUAMIIDAgYIKwYBBQUHDAKgggL0 -BIIC8DCCAuwweDB2AgECBgorBgEEAYI3CgoBMWUwYwIBADADAgEBMVkwVwYJKwYBBAGCNxUUMUow -SAIBBQwZcGl0dWNoYTEuZW1lYS5ocHFjb3JwLm5ldAwMRU1FQVxwaXR1Y2hhDBpDTUNSZXFHZW5l -cmF0b3IudnNob3N0LmV4ZTCCAmqgggJmAgEBMIICXzCCAcgCAQAwADCBnzANBgkqhkiG9w0BAQEF -AAOBjQAwgYkCgYEA0jm7SSSm2wyEAzuNKtFZFJKo91SrJq9wQwEhEKHDavZwMQOm1rZ2PF8NWCEb -PqrhToQ7rtiGLSZa4dF4bzgmBqQ9aoSfEX4jISt31Vy+skHidXjHHpbsjT24NPhrZgANivL7CxD6 -Ft+s7qS1gL4HRm2twQkqSwOLrE/q2QeXl2UCAwEAAaCCAR0wGgYKKwYBBAGCNw0CAzEMFgo2LjIu -OTIwMC4yMD4GCSqGSIb3DQEJDjExMC8wHQYDVR0OBBYEFMW2skn88gxhONWZQA4sWGBDb68yMA4G -A1UdDwEB/wQEAwIHgDBXBgkrBgEEAYI3FRQxSjBIAgEFDBlwaXR1Y2hhMS5lbWVhLmhwcWNvcnAu -bmV0DAxFTUVBXHBpdHVjaGEMGkNNQ1JlcUdlbmVyYXRvci52c2hvc3QuZXhlMGYGCisGAQQBgjcN -AgIxWDBWAgECHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABv -AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAwDQYJKoZIhvcNAQEFBQADgYEAJZlu -mxjtCxSOQi27jsVdd3y8NSIlzNv0b3LqmzvAly6L+CstXcnuG2MPQqPH9R7tbJonGUniBQO9sQ7C -KhYWj2gfhiEkSID82lV5chINVUFKoUlSiEhWr0tPGgvOaqdsKQcrHfzrsBbFkhDqrFSVy7Yivbnh -qYszKrOjJKiiCPMwADAAMYH5MIH2AgEDgBTFtrJJ/PIMYTjVmUAOLFhgQ2+vMjAJBgUrDgMCGgUA -oD4wFwYJKoZIhvcNAQkDMQoGCCsGAQUFBwwCMCMGCSqGSIb3DQEJBDEWBBTFTkK/OifaFjwqHiJu -xM7qXcg/VzANBgkqhkiG9w0BAQEFAASBgKfC6jOi1Wgy4xxDCQVK9+e5tktL8wE/j2cb9JSqq+aU -5UxEgXEw7q7BoYZCAzcxMRriGzakXr8aXHcgkRJ7XcFvLPUjpmGg9SOZ2sGW4zQdWAwImN/i8loc -xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn -""" - - def setUp(self): - self.asn1Spec = rfc3852.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - - layers = { - rfc3852.id_ct_contentInfo: rfc3852.ContentInfo(), - rfc3852.id_signedData: rfc3852.SignedData(), - rfc6402.id_cct_PKIData: rfc6402.PKIData() - } - - getNextLayer = { - rfc3852.id_ct_contentInfo: lambda x: x['contentType'], - rfc3852.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc6402.id_cct_PKIData: lambda x: None - } - - getNextSubstrate = { - rfc3852.id_ct_contentInfo: lambda x: x['content'], - rfc3852.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc6402.id_cct_PKIData: lambda x: None - } - - alg_oids = ( - univ.ObjectIdentifier('1.3.14.3.2.26'), - univ.ObjectIdentifier('1.2.840.113549.1.1.1'), - univ.ObjectIdentifier('1.2.840.113549.1.1.5'), - univ.ObjectIdentifier('1.2.840.113549.1.1.11'), - ) - - encoded_null = der_encode(univ.Null("")) - - next_layer = rfc3852.id_ct_contentInfo - - count = 0 - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - if next_layer == rfc3852.id_signedData: - for d in asn1Object['digestAlgorithms']: - assert d['algorithm'] in alg_oids - assert d['parameters'] == encoded_null - count += 1 - - for si in asn1Object['signerInfos']: - assert si['digestAlgorithm']['algorithm'] in alg_oids - assert si['digestAlgorithm']['parameters'] == encoded_null - count += 1 - - assert si['signatureAlgorithm']['algorithm'] in alg_oids - assert si['signatureAlgorithm']['parameters'] == encoded_null - count += 1 - - if next_layer == rfc6402.id_cct_PKIData: - for req in asn1Object['reqSequence']: - cr = req['tcr']['certificationRequest'] - assert cr['signatureAlgorithm']['algorithm'] in alg_oids - assert cr['signatureAlgorithm']['parameters'] == encoded_null - count += 1 - - cri_spki = cr['certificationRequestInfo']['subjectPublicKeyInfo'] - assert cri_spki['algorithm']['algorithm'] in alg_oids - assert cri_spki['algorithm']['parameters'] == encoded_null - count += 1 - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - assert count == 5 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc4043.py b/tests/test_rfc4043.py deleted file mode 100644 index 0637b87..0000000 --- a/tests/test_rfc4043.py +++ /dev/null @@ -1,120 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc4043 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class PermIdCertTestCase(unittest.TestCase): - cert_pem_text = """\ -MIIDDTCCApOgAwIBAgIJAKWzVCgbsG5HMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMTEwMDA0MDIyWhcNMjAxMTA5MDA0MDIyWjBNMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 -YW1wbGUxDTALBgNVBAMTBEdhaWwwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQBoktg -/68xL+uEQaWBoHyOjw8EMLeMEng3R2H7yiEzTGoaMJgPOKvSfzB2P0paHYPL+B5y -Gc0CK5EHRujMl9ljH+Wydpk57rKBLo1ZzpWUS6anLGIkWs1sOakcgGGr7hGjggFL -MIIBRzAdBgNVHQ4EFgQU1pCNZuMzfEaJ9GGhH7RKy6Mvz+cwbwYDVR0jBGgwZoAU -8jXbNATapVXyvWkDmbBi7OIVCMGhQ6RBMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQI -DAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0GCCQDokdYG -kU/O8jAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjBCBglghkgBhvhCAQ0E -NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 -cnBvc2UuMFMGA1UdEQRMMEqgNgYIKwYBBQUHCAOgKjAoDBs4MjYyMDgtNDE3MDI4 -LTU0ODE5NS0yMTUyMzMGCSsGAQQBgaxgMIEQZ2FpbEBleGFtcGxlLmNvbTAKBggq -hkjOPQQDAwNoADBlAjBT+36Y/LPaGSu+61P7kR97M8jAjtH5DtUwrWR02ChshvYJ -x0bpZq3PJaO0WlBgFicCMQCf+67wSvjxxtjI/OAg4t8NQIJW1LcehSXizlPDc772 -/FC5OiUAxO+iFaSVMeDFsCo= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - perm_id_oid = rfc4043.id_on_permanentIdentifier - assigner_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48') - permanent_identifier_found = False - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName()) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - - for gn in extnValue: - if gn['otherName'].hasValue(): - assert gn['otherName']['type-id'] == perm_id_oid - onValue, rest = der_decode(gn['otherName']['value'], - asn1Spec=rfc4043.PermanentIdentifier()) - assert not rest - assert onValue.prettyPrint() - assert der_encode(onValue) == gn['otherName']['value'] - assert onValue['assigner'] == assigner_oid - permanent_identifier_found = True - - assert permanent_identifier_found - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - perm_id_oid = rfc4043.id_on_permanentIdentifier - assigner_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48') - permanent_identifier_found = False - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName(), - decodeOpenTypes=True) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - - for gn in extnValue: - if gn['otherName'].hasValue(): - on = gn['otherName'] - assert on['type-id'] == perm_id_oid - assert on['value']['assigner'] == assigner_oid - permanent_identifier_found = True - - assert permanent_identifier_found - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc4073.py b/tests/test_rfc4073.py index 576cc7b..34cebea 100644 --- a/tests/test_rfc4073.py +++ b/tests/test_rfc4073.py @@ -83,6 +83,8 @@ buWO3egPDL8Kf7tBhzjIKLw= return asn1Object + rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap) + rfc5652.cmsContentTypesMap.update(rfc4073.cmsContentTypesMapUpdate) layers = rfc5652.cmsContentTypesMap getNextLayer = { @@ -118,10 +120,14 @@ buWO3egPDL8Kf7tBhzjIKLw= this_layer = getNextLayer[this_layer](asn1Object) def testOpenTypes(self): + substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap) + rfc5652.cmsContentTypesMap.update(rfc4073.cmsContentTypesMapUpdate) asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.ContentInfo(), - decodeOpenTypes=True) + asn1Spec=rfc5652.ContentInfo(), + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate @@ -147,4 +153,4 @@ if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful())
\ No newline at end of file + sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc4108.py b/tests/test_rfc4108.py index 272558c..aa5dfd2 100644 --- a/tests/test_rfc4108.py +++ b/tests/test_rfc4108.py @@ -74,7 +74,7 @@ dsnhVtIdkPtfJIvcYteYJg== attribute_list.append(attr['attrType']) if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: av, rest = der_decode(attr['attrValues'][0], - asn1Spec=rfc4108.TargetHardwareIdentifiers()) + asn1Spec=rfc4108.TargetHardwareIdentifiers()) assert len(av) == 2 for oid in av: assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint() @@ -86,9 +86,12 @@ dsnhVtIdkPtfJIvcYteYJg== def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.cmsContentTypesMap.update(rfc4108.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc4108.cmsAttributesMapUpdate) asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate diff --git a/tests/test_rfc4211.py b/tests/test_rfc4211.py deleted file mode 100644 index f96cdcf..0000000 --- a/tests/test_rfc4211.py +++ /dev/null @@ -1,61 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc4211 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class CertificateReqTestCase(unittest.TestCase): - pem_text = """\ -MIIBozCCAZ8wggEFAgUAwTnj2jCByoABAqURMA8xDTALBgNVBAMTBHVzZXKmgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ6ZQ2cYbn/lFsmBOlRltbRbFQUvvE0Q -nbopOu1kC7Bmaaz7QTx8nxeiHi4m7uxCbGGxHNoGCt7EmdG8eZUBNAcHyGlXrJdm -0z3/uNEGiBHq+xB8FnFJCA5EIJ3RWFnlbu9otSITLxWK7c5+/NHmWM+yaeHD/f/h -rp01c/8qXZfZAgMBAAGpEDAOBgNVHQ8BAf8EBAMCBeAwLzASBgkrBgEFBQcFAQEM -BTExMTExMBkGCSsGAQUFBwUBAgwMc2VydmVyX21hZ2ljoYGTMA0GCSqGSIb3DQEB -BQUAA4GBAEI3KNEvTq/n1kNVhNhPkovk1AZxyJrN1u1+7Gkc4PLjWwjLOjcEVWt4 -AajUk/gkIJ6bbeO+fZlMjHfPSDKcD6AV2hN+n72QZwfzcw3icNvBG1el9EU4XfIm -xfu5YVWi81/fw8QQ6X6YGHFQkomLd7jxakVyjxSng9BhO6GpjJNF -""" - - def setUp(self): - self.asn1Spec = rfc4211.CertReqMessages() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for crm in asn1Object: - assert crm['certReq']['certTemplate']['version'] == 2 - count += 1 - - assert count == 1 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc4334.py b/tests/test_rfc4334.py deleted file mode 100644 index ff4b252..0000000 --- a/tests/test_rfc4334.py +++ /dev/null @@ -1,85 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.compat.octets import str2octs - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc4334 - -try: - import unittest2 as unittest -except ImportError: - import unittest - -class CertificateTestCase(unittest.TestCase): - cert_pem_text = """\ -MIICqzCCAjCgAwIBAgIJAKWzVCgbsG4/MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkwNzE5MTk0MjQ3WhcNMjAwNzE4MTk0MjQ3WjBjMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZp -Z2lsIFNlY3VyaXR5IExMQzEYMBYGA1UEAxMPZWFwLmV4YW1wbGUuY29tMHYwEAYH -KoZIzj0CAQYFK4EEACIDYgAEMMbnIp2BUbuyMgH9HhNHrh7VBy7ql2lBjGRSsefR -Wa7+vCWs4uviW6On4eem5YoP9/UdO7DaIL+/J9/3DJHERI17oFxn+YWiE4JwXofy -QwfSu3cncVNMqpiDjEkUGGvBo4HTMIHQMAsGA1UdDwQEAwIHgDBCBglghkgBhvhC -AQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55 -IHB1cnBvc2UuMB0GA1UdDgQWBBSDjPGr7M742rsE4oQGwBvGvllZ+zAfBgNVHSME -GDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAeBggrBgEFBQcBDQQSMBAEB0V4YW1w -bGUEBUJvZ3VzMB0GA1UdJQQWMBQGCCsGAQUFBwMOBggrBgEFBQcDDTAKBggqhkjO -PQQDAwNpADBmAjEAmCPZnnlUQOKlcOIIOgFrRCkOqO0ESs+dobYwAc2rFCBtQyP7 -C3N00xkX8WZZpiAZAjEAi1Z5+nGbJg5eJTc8fwudutN/HNwJEIS6mHds9kfcy26x -DAlVlhox680Jxy5J8Pkx -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - extn_list = [ ] - for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert der_encode(extnValue) == extn['extnValue'] - - if extn['extnID'] == rfc4334.id_pe_wlanSSID: - assert str2octs('Example') in extnValue - - if extn['extnID'] == rfc5280.id_ce_extKeyUsage: - assert rfc4334.id_kp_eapOverLAN in extnValue - assert rfc4334.id_kp_eapOverPPP in extnValue - - assert rfc4334.id_pe_wlanSSID in extn_list - assert rfc5280.id_ce_extKeyUsage in extn_list - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc4985.py b/tests/test_rfc4985.py deleted file mode 100644 index 132b12b..0000000 --- a/tests/test_rfc4985.py +++ /dev/null @@ -1,109 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc4985 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class XMPPCertificateTestCase(unittest.TestCase): - xmpp_server_cert_pem_text = """\ -MIIC6DCCAm+gAwIBAgIJAKWzVCgbsG5DMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMDI0MjMxNjA0WhcNMjAxMDIzMjMxNjA0WjBNMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xHzAdBgNVBAoTFkV4 -YW1wbGUgUHJvZHVjdHMsIEluYy4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQZzQlk -03nJRPF6+w1NxFELmQ5vJTjTRz3eu03CRtahK4Wnwd4GwbDe8NVHAEG2qTzBXFDu -p6RZugsBdf9GcEZHG42rThYYOzIYzVFnI7tQgA+nTWSWZN6eoU/EXcknhgijggEn -MIIBIzAdBgNVHQ4EFgQUkQpUMYcbUesEn5buI03POFnktJgwHwYDVR0jBBgwFoAU -8jXbNATapVXyvWkDmbBi7OIVCMEwCwYDVR0PBAQDAgeAMIGPBgNVHREEgYcwgYSg -KQYIKwYBBQUHCAegHRYbX3htcHAtY2xpZW50LmltLmV4YW1wbGUuY29toCkGCCsG -AQUFBwgHoB0WG194bXBwLXNlcnZlci5pbS5leGFtcGxlLmNvbaAcBggrBgEFBQcI -BaAQDA5pbS5leGFtcGxlLmNvbYIOaW0uZXhhbXBsZS5jb20wQgYJYIZIAYb4QgEN -BDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9yIGFueSBw -dXJwb3NlLjAKBggqhkjOPQQDAwNnADBkAjAEo4mhDGC6/R39HyNgzLseNAp36qBH -yQJ/AWsBojN0av8akeVv9IuM45yqLKdiCzcCMDCjh1lFnCvurahwp5D1j9pAZMsg -nOzhcMpnHs2U/eN0lHl/JNgnbftl6Dvnt59xdA== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName()) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - for gn in extnValue: - if gn['otherName'].hasValue(): - gn_on = gn['otherName'] - if gn_on['type-id'] == rfc4985.id_on_dnsSRV: - assert gn_on['type-id'] in rfc5280.anotherNameMap.keys() - spec = rfc5280.anotherNameMap[gn['otherName']['type-id']] - on, rest = der_decode(gn_on['value'], asn1Spec=spec) - assert not rest - assert on.prettyPrint() - assert der_encode(on) == gn_on['value'] - assert 'im.example.com' in on - count += 1 - - assert count == 2 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - for gn in extnValue: - if gn['otherName'].hasValue(): - if gn['otherName']['type-id'] == rfc4985.id_on_dnsSRV: - assert 'im.example.com' in gn['otherName']['value'] - count += 1 - - assert count == 2 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc5035.py b/tests/test_rfc5035.py index 22f0f36..b031c1b 100644 --- a/tests/test_rfc5035.py +++ b/tests/test_rfc5035.py @@ -76,8 +76,8 @@ T9yMtRLN5ZDU14y+Phzq9NKpSw/x5KyXoUKjCMc3Ru6dIW+CgcRQees+dhnvuD5U sat = sa['attrType'] sav0 = sa['attrValues'][0] - if sat in rfc5652.cmsAttributesMap.keys(): - sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) + if sat in rfc5035.ESSAttributeMap.keys(): + sav, rest = der_decode(sav0, asn1Spec=rfc5035.ESSAttributeMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 @@ -138,14 +138,16 @@ vFIgX7eIkd8= sat = sa['attrType'] sav0 = sa['attrValues'][0] - if sat in rfc5652.cmsAttributesMap.keys(): - sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) + if sat in rfc5035.ESSAttributeMap.keys(): + sav, rest = der_decode(sav0, asn1Spec=rfc5035.ESSAttributeMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 def testOpenTypes(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) + rfc5652.cmsContentTypesMap.update(rfc5035.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc5035.ESSAttributeMap) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest @@ -169,7 +171,7 @@ vFIgX7eIkd8= # automatically decode it receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']]) - assert receipt['version'] == 1 + assert receipt['version'] == rfc5035.ESSVersion().subtype(value='v1') suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc5083.py b/tests/test_rfc5083.py index 4dcfa96..a1222f9 100644 --- a/tests/test_rfc5083.py +++ b/tests/test_rfc5083.py @@ -8,8 +8,8 @@ import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5652 @@ -43,10 +43,10 @@ ur76ztut3sr4iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RM def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate class AuthEnvelopedDataOpenTypesTestCase(unittest.TestCase): @@ -73,17 +73,19 @@ IDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZIhvcNAQcB def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) + rfc5652.cmsAttributesMap.update(rfc5035.ESSAttributeMap) + rfc5652.cmsContentTypesMap.update(rfc5083.cmsContentTypesMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData authenv = asn1Object['content'] - assert authenv['version'] == 0 + assert authenv['version'] == rfc5652.CMSVersion().subtype(value='v0') for attr in authenv['unauthAttrs']: assert attr['attrType'] in rfc5652.cmsAttributesMap diff --git a/tests/test_rfc5084.py b/tests/test_rfc5084.py index e685922..8356f90 100644 --- a/tests/test_rfc5084.py +++ b/tests/test_rfc5084.py @@ -8,13 +8,11 @@ import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem -from pyasn1_modules import rfc5083 from pyasn1_modules import rfc5084 -from pyasn1_modules import rfc5652 try: import unittest2 as unittest @@ -30,10 +28,10 @@ class CCMParametersTestCase(unittest.TestCase): def testDerCodec(self): substrate = pem.readBase64fromText(self.ccm_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate class GCMParametersTestCase(unittest.TestCase): @@ -44,74 +42,10 @@ class GCMParametersTestCase(unittest.TestCase): def testDerCodec(self): substrate = pem.readBase64fromText(self.gcm_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - -class GCMOpenTypesTestCase(unittest.TestCase): - rfc8591_pem_pext = """\ -MIIHkAYLKoZIhvcNAQkQARegggd/MIIHewIBADGCAk8wggJLAgEAMDMwJjEUMBIGA1UECgwL -ZXhhbXBsZS5jb20xDjAMBgNVBAMMBUFsaWNlAgkAg/ULtwvVxA4wDQYJKoZIhvcNAQEBBQAE -ggIAdZphtN3x8a8kZoAFY15HYRD6JyPBueRUhLbTPoOH3pZ9xeDK+zVXGlahl1y1UOe+McEx -2oD7cxAkhFuruNZMrCYEBCTZMwVhyEOZlBXdZEs8rZUHL3FFE5PJnygsSIO9DMxd1UuTFGTg -Cm5V5ZLFGmjeEGJRbsfTyo52S7iseJqIN3dl743DbApu0+yuUoXKxqKdUFlEVxmhvc+Qbg/z -fiwu8PTsYiUQDMBi4cdIlju8iLjj389xQHNyndXHWD51is89GG8vpBe+IsN8mnbGtCcpqtJ/ -c65ErJhHTR7rSJSMEqQD0LPOCKIY1q9FaSSJfMXJZk9t/rPxgUEVjfw7hAkKpgOAqoZRN+Fp -nFyBl0FnnXo8kLp55tfVyNibtUpmdCPkOwt9b3jAtKtnvDQ2YqY1/llfEUnFOVDKwuC6MYwi -fm92qNlAQA/T0+ocjs6gA9zOLx+wD1zqM13hMD/L+T2OHL/WgvGb62JLrNHXuPWA8RShO4kI -lPtARKXap2S3+MX/kpSUUrNa65Y5uK1jwFFclczG+CPCIBBn6iJiQT/vOX1I97YUP4Qq6OGk -jK064Bq6o8+e5+NmIOBcygYRv6wA7vGkmPLSWbnw99qD728bBh84fC3EjItdusqGIwjzL0eS -UWXJ5eu0Z3mYhJGN1pe0R/TEB5ibiJsMLpWAr3gwggUPBgkqhkiG9w0BBwEwHgYJYIZIAWUD -BAEGMBEEDE2HVyIurFKUEX8MEgIBEICCBOD+L7PeC/BpmMOb9KlS+r+LD+49fi6FGBrs8aie -Gi7ezZQEiFYS38aYQzTYYCt3SbJQTkX1fDsGZiaw/HRiNh7sJnxWATm+XNKGoq+Wls9RhSJ4 -5Sw4GMqwpoxZjeT84UozOITk3l3fV+3XiGcCejHkp8DAKZFExd5rrjlpnnAOBX6w8NrXO4s2 -n0LrMhtBU4eB2YKhGgs5Q6wQyXtU7rc7OOwTGvxWEONzSHJ01pyvqVQZAohsZPaWLULrM/kE -GkrhG4jcaVjVPfULi7Uqo14imYhdCq5Ba4bwqI0Ot6mB27KD6LlOnVC/YmXCNIoYoWmqy1o3 -pSm9ovnLEO/dzxQjEJXYeWRje9M/sTxotM/5oZBpYMHqIwHTJbehXFgp8+oDjyTfayMYA3fT -cTH3XbGPQfnYW2U9+ka/JhcSYybM8cuDNFd1I1LIQXoJRITXtkvPUbJqm+s6DtS5yvG9I8aQ -xlT365zphS4vbQaO74ujO8bE3dynrvTTV0c318TcHpN3DY9PIt6mHXMIPDLEA4wes90zg6ia -h5XiQcLtfLaAdYwEEGlImGD8n0kOhSNgclSLMklpj5mVOs8exli3qoXlVMRJcBptSwOe0QPc -RY30spywS4zt1UDIQ0jaecGGVtUYj586nkubhAxwZkuQKWxgt6yYTpGNSKCdvd+ygfyGJRDb -Wdn6nck/EPnG1773KTHRhMrXrBPBpSlfyJ/ju3644CCFqCjFoTh4bmB63k9ejUEVkJIJuoeK -eTBaUxbCIinkK4htBkgchHP51RJp4q9jQbziD3aOhg13hO1GFQ4E/1DNIJxbEnURNp/ga8Sq -mnLY8f5Pzwhm1mSzZf+obowbQ+epISrswWyjUKKO+uJfrAVN2TS/5+X6T3U6pBWWjH6+xDng -rAJwtIdKBo0iSEwJ2eir4X8TcrSy9l8RSOiTPtqS5dF3RWSWOzkcO72fHCf/42+DLgUVX8Oe -5mUvp7QYiXXsXGezLJ8hPIrGuOEypafDv3TwFkBc2MIB0QUhk+GG1ENY3jiNcyEbovF5Lzz+ -ubvechHSb1arBuEczJzN4riM2Dc3c+r8N/2Ft6eivK7HUuYX1uAcArhunZpA8yBGLF1m+DUX -FtzWAUvfMKYPdfwGMckghF7YwLrTXd8ZhPIkHNO1KdwQKIRfgIlUPfTxRB7eNrG/Ma9a/Iwr -cI1QtkXU59uIZIw+7+FHZRWPsOjTu1Pdy+JtcSTG4dmS+DIwqpUzdu6MaBCVaOhXHwybvaSP -TfMG/nR/NxF1FI8xgydnzXZs8HtFDL9iytKnvXHx+IIz8Rahp/PK8S80vPQNIeef/JgnIhto -sID/A614LW1tB4cWdveYlD5U8T/XXInAtCY78Q9WJD+ecu87OJmlOdmjrFvitpQAo8+NGWxc -7Wl7LtgDuYel7oXFCVtI2npbA7R+K5/kzUvDCY6GTgzn1Gfamc1/Op6Ue17qd/emvhbIx+ng -3swf8TJVnCNDIXucKVA4boXSlCEhCGzfoZZYGVvm1/hrypiBtpUIKWTxLnz4AQJdZ5LGiCQJ -QU1wMyHsg6vWmNaJVhGHE6D/EnKsvJptFIkAx0wWkh35s48p7EbU8QBg//5eNru6yvLRutfd -BX7T4w681pCD+dOiom75C3UdahrfoFkNsZ2hB88+qNsEEPb/xuGu8ZzSPZhakhl2NS0= -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.rfc8591_pem_pext) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData - aed, rest = der_decode(asn1Object['content'], - asn1Spec=rfc5083.AuthEnvelopedData(), - decodeOpenTypes=True) - assert not rest - assert aed.prettyPrint() - assert der_encode(aed) == asn1Object['content'] - - assert aed['version'] == 0 - cea = aed['authEncryptedContentInfo']['contentEncryptionAlgorithm'] - assert cea['algorithm'] == rfc5084.id_aes128_GCM - assert cea['parameters']['aes-ICVlen'] == 16 + assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc5280.py b/tests/test_rfc5280.py index 9802ef9..5abff3e 100644 --- a/tests/test_rfc5280.py +++ b/tests/test_rfc5280.py @@ -6,8 +6,8 @@ # import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1.type import univ @@ -48,11 +48,11 @@ PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate class CertificateListTestCase(unittest.TestCase): @@ -74,11 +74,11 @@ vjnIhxTFoCb5vA== substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate class CertificateOpenTypeTestCase(unittest.TestCase): @@ -108,25 +108,19 @@ PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu substrate = pem.readBase64fromText(self.pem_text) - openTypesMap = { + algorithmIdentifierMapUpdate = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - openTypes=openTypesMap, - decodeOpenTypes=True) + rfc5280.algorithmIdentifierMap.update(algorithmIdentifierMapUpdate) + + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - sig_alg = asn1Object['tbsCertificate']['signature'] - assert sig_alg['parameters'] == univ.Null("") - - spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] - assert spki_alg['parameters'] == univ.Null("") + assert der_encoder.encode(asn1Object) == substrate for rdn in asn1Object['tbsCertificate']['subject']['rdnSequence']: for atv in rdn: @@ -136,6 +130,12 @@ PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu atv_ps = str(atv['value']['printableString']) assert "valicert" in atv_ps.lower() + sig_alg = asn1Object['tbsCertificate']['signature'] + assert sig_alg['parameters'] == univ.Null("") + + spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] + assert spki_alg['parameters'] == univ.Null("") + class CertificateListOpenTypeTestCase(unittest.TestCase): pem_text = """\ @@ -156,22 +156,19 @@ vjnIhxTFoCb5vA== substrate = pem.readBase64fromText(self.pem_text) - openTypesMap = { + algorithmIdentifierMapUpdate = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - openTypes=openTypesMap, - decodeOpenTypes=True) + rfc5280.algorithmIdentifierMap.update(algorithmIdentifierMapUpdate) + + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - sig_alg = asn1Object['tbsCertList']['signature'] - assert sig_alg['parameters'] == univ.Null("") + assert der_encoder.encode(asn1Object) == substrate for rdn in asn1Object['tbsCertList']['issuer']['rdnSequence']: for atv in rdn: @@ -182,32 +179,30 @@ vjnIhxTFoCb5vA== else: assert len(atv['value']['printableString']) > 9 - crl_extn_count = 0 for extn in asn1Object['tbsCertList']['crlExtensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - ev, rest = der_decode(extn['extnValue'], + ev, rest = der_decoder.decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - crl_extn_count += 1 - assert crl_extn_count == 1 + assert der_encoder.encode(ev) == extn['extnValue'] + + sig_alg = asn1Object['tbsCertList']['signature'] + assert sig_alg['parameters'] == univ.Null("") def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate - cert_extn_count = 0 for extn in asn1Object['tbsCertList']['crlExtensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - extnValue, rest = der_decode(extn['extnValue'], + extnValue, rest = der_decoder.decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert der_encode(extnValue) == extn['extnValue'] - cert_extn_count += 1 - assert cert_extn_count == 1 + assert der_encoder.encode(extnValue) == extn['extnValue'] + class ORAddressOpenTypeTestCase(unittest.TestCase): oraddress_pem_text = """\ @@ -219,14 +214,14 @@ FDASgAEBoQ0TC1N0ZXZlIEtpbGxl self.asn1Spec = rfc5280.ORAddress() def testDecodeOpenTypes(self): + substrate = pem.readBase64fromText(self.oraddress_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate ea0 = asn1Object['extension-attributes'][0] assert ea0['extension-attribute-type'] == rfc5280.common_name diff --git a/tests/test_rfc5480.py b/tests/test_rfc5480.py index fa93553..06e336d 100755 --- a/tests/test_rfc5480.py +++ b/tests/test_rfc5480.py @@ -8,12 +8,13 @@ import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5480 +from pyasn1_modules import rfc4055 try: import unittest2 as unittest @@ -50,24 +51,27 @@ Ea8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc= def testDerCodec(self): substrate = pem.readBase64fromText(self.digicert_ec_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate + assert substrate == der_encoder.encode(asn1Object) algid = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert algid['algorithm'] == rfc5480.id_ecPublicKey - param, rest = der_decode(algid['parameters'], asn1Spec=rfc5480.ECParameters()) + param, rest = der_decoder.decode(algid['parameters'], asn1Spec=rfc5480.ECParameters()) assert param.prettyPrint() assert param['namedCurve'] == rfc5480.secp384r1 def testOpenTypes(self): substrate = pem.readBase64fromText(self.digicert_ec_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, decodeOpenTypes=True) + rfc5280.algorithmIdentifierMap.update(rfc5480.algorithmIdentifierMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_alg['algorithm'] == rfc5480.id_ecPublicKey diff --git a/tests/test_rfc5652.py b/tests/test_rfc5652.py index be18914..eac4262 100644 --- a/tests/test_rfc5652.py +++ b/tests/test_rfc5652.py @@ -108,21 +108,27 @@ xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn namedtype.NamedType('Signature', univ.BitString()) ) - openTypeMap = { - # attributes + attributesMapUpdate = { univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): char.IA5String(), univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.2'): EnrollmentCSP(), univ.ObjectIdentifier('1.3.6.1.4.1.311.21.20'): ClientInformation(), - # algorithm identifier parameters + } + + rfc5652.cmsAttributesMap.update(rfc6402.cmcControlAttributesMap) + rfc5652.cmsAttributesMap.update(attributesMapUpdate) + + algorithmIdentifierMapUpdate = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } - openTypeMap.update(rfc5652.cmsAttributesMap) - openTypeMap.update(rfc6402.cmcControlAttributesMap) + rfc5280.algorithmIdentifierMap.update(algorithmIdentifierMapUpdate) + + rfc5652.cmsContentTypesMap.update(rfc6402.cmsContentTypesMapUpdate) substrate = pem.readBase64fromText(self.pem_text) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest @@ -134,7 +140,6 @@ xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn assert eci['eContentType'] == rfc6402.id_cct_PKIData pkid, rest = der_decoder.decode(eci['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']], - openTypes=openTypeMap, decodeOpenTypes=True) assert not rest assert pkid.prettyPrint() @@ -144,17 +149,17 @@ xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn cr = req['tcr']['certificationRequest'] sig_alg = cr['signatureAlgorithm'] - assert sig_alg['algorithm'] in openTypeMap.keys() + assert sig_alg['algorithm'] in rfc5280.algorithmIdentifierMap.keys() assert sig_alg['parameters'] == univ.Null("") cri = cr['certificationRequestInfo'] spki_alg = cri['subjectPublicKeyInfo']['algorithm'] - assert spki_alg['algorithm'] in openTypeMap.keys() + assert spki_alg['algorithm'] in rfc5280.algorithmIdentifierMap.keys() assert spki_alg['parameters'] == univ.Null("") attrs = cr['certificationRequestInfo']['attributes'] for attr in attrs: - assert attr['attrType'] in openTypeMap.keys() + assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() if attr['attrType'] == univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): assert attr['attrValues'][0] == "6.2.9200.2" else: diff --git a/tests/test_rfc5751.py b/tests/test_rfc5751.py deleted file mode 100644 index a89457a..0000000 --- a/tests/test_rfc5751.py +++ /dev/null @@ -1,109 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5751 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SignedMessageTestCase(unittest.TestCase): - pem_text = """\ -MIIGigYJKoZIhvcNAQcCoIIGezCCBncCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0B -BwGgHgQcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6AD -AgECAgIAyDAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3 -MDExMDQ5WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYw -ggErBgcqhkjOOAQBMIIBHgKBgQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QI -T/+U4XNIfgzW80RI0f6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJEIlZvep175 -/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXVOXYQxHi9/52whJc38uRRG7XkCZZc -835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJjjQFIkyqjn7Pm3ZS1lqTHYj -OQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0dc9KCF5LPpD4beqc -ySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGmE2HxF/wr3t -0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSmFoko -ESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhry -JKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi -9PKD5bijgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSME -GDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTO -EwHi/eOX/s0wHwYDVR0RBBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZI -zjgEAwMwADAtAhRVDKQZH0IriXEiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3i -EFJbQ169MYIDVDCCA1ACAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUr -DgMCGqCCAuowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAjBgkqhkiG9w0BCQQx -FgQUQGrsCFJ5um4WAi2eBinAIpaH3UgwOAYDKqszMTEEL1RoaXMgaXMgYSB0ZXN0 -IEdlbmVyYWwgQVNOIEF0dHJpYnV0ZSwgbnVtYmVyIDEuMD4GCyqGSIb3DQEJEAIE -MS8wLQwgQ29udGVudCBIaW50cyBEZXNjcmlwdGlvbiBCdWZmZXIGCSqGSIb3DQEH -ATBKBgkqhkiG9w0BCQ8xPTA7MAcGBSoDBAUGMDAGBioDBAUGTQQmU21pbWUgQ2Fw -YWJpbGl0aWVzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbwYLKoZIhvcNAQkQAgoxYDBe -BgUqAwQFBgQrQ29udGVudCBSZWZlcmVuY2UgQ29udGVudCBJZGVudGlmaWVyIEJ1 -ZmZlcgQoQ29udGVudCBSZWZlcmVuY2UgU2lnbmF0dXJlIFZhbHVlIEJ1ZmZlcjBz -BgsqhkiG9w0BCRACCzFkoGIwWjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDVVTIEdv -dmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQLEwNWREExEjAQBgNV -BAMTCURhaXN5IFJTQQIEClVEMzCB/AYLKoZIhvcNAQkQAgMxgewwgekwgeYEBzU3 -MzgyOTkYDzE5OTkwMzExMTA0NDMzWqGByTCBxqRhMF8xCzAJBgNVBAYTAlVTMRYw -FAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhWREEgU2l0ZTEMMAoGA1UE -CxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IERTQaRhMF8xCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhWREEgU2l0ZTEMMAoG -A1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTAJBgcqhkjOOAQDBC8w -LQIVALwzN2XE93BcF0kTqkyFyrtSkUhZAhRjlqIUi89X3rBIX2xk3YQESV8cyg== -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - smimeCapMap = { - univ.ObjectIdentifier('1.2.3.4.5.6.77'): univ.OctetString(), - } - smimeCapMap.update(rfc5751.smimeCapabilityMap) - - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode (substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] == rfc5652.id_signedData - assert asn1Object['content']['version'] == 1 - - for si in asn1Object['content']['signerInfos']: - assert si['version'] == 1 - for attr in si['signedAttrs']: - - if attr['attrType'] == rfc5751.smimeCapabilities: - for scap in attr['attrValues'][0]: - if scap['capabilityID'] in smimeCapMap.keys(): - scap_p, rest = der_decode(scap['parameters'], - asn1Spec=smimeCapMap[scap['capabilityID']]) - assert not rest - assert der_encode(scap_p) == scap['parameters'] - assert 'parameters' in scap_p.prettyPrint() - - if attr['attrType'] == rfc5751.id_aa_encrypKeyPref: - ekp_issuer_serial = attr['attrValues'][0]['issuerAndSerialNumber'] - assert ekp_issuer_serial['serialNumber'] == 173360179 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc5755.py b/tests/test_rfc5755.py deleted file mode 100644 index a41f0f9..0000000 --- a/tests/test_rfc5755.py +++ /dev/null @@ -1,190 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode -from pyasn1.compat.octets import str2octs - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5755 -from pyasn1_modules import rfc3114 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class AttributeCertificateTestCase(unittest.TestCase): - pem_text = """\ -MIIDBTCCAm4CAQEwgY+gUTBKpEgwRjEjMCEGA1UEAwwaQUNNRSBJbnRlcm1lZGlh -dGUgRUNEU0EgQ0ExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlBQ01FIEx0ZC4CAx7N -WqE6pDgwNjETMBEGA1UEAwwKQUNNRSBFQ0RTQTELMAkGA1UEBhMCRkkxEjAQBgNV -BAoMCUFDTUUgTHRkLqA9MDukOTA3MRQwEgYDVQQDDAtleGFtcGxlLmNvbTELMAkG -A1UEBhMCRkkxEjAQBgNVBAoMCUFDTUUgTHRkLjANBgkqhkiG9w0BAQsFAAIEC63K -/jAiGA8yMDE2MDEwMTEyMDAwMFoYDzIwMTYwMzAxMTIwMDAwWjCB8jA8BggrBgEF -BQcKATEwMC6GC3VybjpzZXJ2aWNlpBUwEzERMA8GA1UEAwwIdXNlcm5hbWUECHBh -c3N3b3JkMDIGCCsGAQUFBwoCMSYwJIYLdXJuOnNlcnZpY2WkFTATMREwDwYDVQQD -DAh1c2VybmFtZTA1BggrBgEFBQcKAzEpMCegGKQWMBQxEjAQBgNVBAMMCUFDTUUg -THRkLjALDAlBQ01FIEx0ZC4wIAYIKwYBBQUHCgQxFDASMBAMBmdyb3VwMQwGZ3Jv -dXAyMCUGA1UESDEeMA2hC4YJdXJuOnJvbGUxMA2hC4YJdXJuOnJvbGUyMGowHwYD -VR0jBBgwFoAUgJCMhskAsEBzvklAX8yJBOXO500wCQYDVR04BAIFADA8BgNVHTcB -Af8EMjAwMB2gCoYIdXJuOnRlc3SgD4INKi5leGFtcGxlLmNvbTAPoA2GC3Vybjph -bm90aGVyMA0GCSqGSIb3DQEBCwUAA4GBACygfTs6TkPurZQTLufcE3B1H2707OXK -sJlwRpuodR2oJbunSHZ94jcJHs5dfbzFs6vNfVLlBiDBRieX4p+4JcQ2P44bkgyi -UTJu7g1b6C1liB3vO6yH5hOZicOAaKd+c/myuGb9uJ4n6y2oLNxnk/fDzpuZUe2h -Q4eikPk4LQey -""" - - def setUp(self): - self.asn1Spec = rfc5755.AttributeCertificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - assert asn1Object['acinfo']['version'] == 1 - - count = 0 - for attr in asn1Object['acinfo']['attributes']: - assert attr['type'] in rfc5280.certificateAttributesMap.keys() - av, rest = der_decode(attr['values'][0], - asn1Spec=rfc5280.certificateAttributesMap[attr['type']]) - assert not rest - assert av.prettyPrint() - assert der_encode(av) == attr['values'][0] - count += 1 - - assert count == 5 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - assert asn1Object['acinfo']['version'] == 1 - - count = 0 - for attr in asn1Object['acinfo']['attributes']: - assert attr['type'] in rfc5280.certificateAttributesMap.keys() - count += 1 - if attr['type'] == rfc5755.id_aca_authenticationInfo: - assert attr['values'][0]['authInfo'] == str2octs('password') - - assert count == 5 - -class CertificateWithClearanceTestCase(unittest.TestCase): - cert_pem_text = """\ -MIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZIzj0EAwMw -ZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw -DgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3BjYS5leGFt -cGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGSMQswCQYD -VQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoT -B0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1lbnQxDTAL -BgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5jb20wdjAQ -BgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQgKpBispSx -XxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQQXc3zxnk -cl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m711OqFDNGR -SWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/VGWhQ6RB -MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjER -MA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTADAQH/MAsG -A1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5u -b3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAwwCgYIKwYB -BQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsqhkiG9w0B -CRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09VUkNFUyBV -U0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERlcGFydG1l -bnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/Hea3Hk8P -tTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weBdBa5WEDI -FFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2 -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - clearance_found = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5755.id_at_clearance: - assert attr['type'] in rfc5280.certificateAttributesMap.keys() - av, rest = der_decode(attr['values'][0], - asn1Spec=rfc5280.certificateAttributesMap[attr['type']]) - assert av['policyId'] == rfc3114.id_tsp_TEST_Whirlpool - for cat in av['securityCategories']: - assert cat['type'] == rfc3114.id_tsp_TEST_Whirlpool_Categories - assert cat['type'] in rfc5755.securityCategoryMap.keys() - catv, rest = der_decode(cat['value'], - asn1Spec=rfc5755.securityCategoryMap[cat['type']]) - assert u'USE ONLY' in catv[0] - clearance_found = True - - assert clearance_found - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - clearance_found = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], - decodeOpenTypes=True) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5755.id_at_clearance: - spid = rfc3114.id_tsp_TEST_Whirlpool - catid = rfc3114.id_tsp_TEST_Whirlpool_Categories - assert attr['values'][0]['policyId'] == spid - for cat in attr['values'][0]['securityCategories']: - assert cat['type'] == catid - assert u'USE ONLY' in cat['value'][0] - clearance_found = True - - assert clearance_found - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc5913.py b/tests/test_rfc5913.py deleted file mode 100644 index f140d92..0000000 --- a/tests/test_rfc5913.py +++ /dev/null @@ -1,114 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5913 -from pyasn1_modules import rfc5755 -from pyasn1_modules import rfc3114 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class ClearanceTestCase(unittest.TestCase): - cert_pem_text = """\ -MIIDhzCCAw6gAwIBAgIJAKWzVCgbsG5GMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMTAyMTg0MjE4WhcNMjAxMTAxMTg0MjE4WjBmMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 -YW1wbGUxDDAKBgNVBAsTA1BDQTEYMBYGA1UEAxMPcGNhLmV4YW1wbGUuY29tMHYw -EAYHKoZIzj0CAQYFK4EEACIDYgAEPf5vbgAqbE5dn6wbiCx4sCCcn1BKSrHmCfiW -C9QLSGVNGHifQwPt9odGXjRiQ7QwpZ2wRD6Z91v+fk85XXLE3kJQCQdPIHFUY5EM -pvS7T6u6xrmwnlVpUURPTOxfc55Oo4IBrTCCAakwHQYDVR0OBBYEFCbqJQ8LMiAo -pNdaCo3/Ldy9f1RlMG8GA1UdIwRoMGaAFPI12zQE2qVV8r1pA5mwYuziFQjBoUOk -QTA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24x -ETAPBgNVBAoMCEJvZ3VzIENBggkA6JHWBpFPzvIwDwYDVR0TAQH/BAUwAwEB/zAL -BgNVHQ8EBAMCAYYwQgYJYIZIAYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fu -bm90IGJlIHRydXN0ZWQgZm9yIGFueSBwdXJwb3NlLjAVBgNVHSAEDjAMMAoGCCsG -AQUFBw0CMAoGA1UdNgQDAgECMIGRBggrBgEFBQcBFQSBhDCBgTBZBgsqhkiG9w0B -CRAHAwMCBeAxRjBEgAsqhkiG9w0BCRAHBIE1MDMMF0xBVyBERVBBUlRNRU5UIFVT -RSBPTkxZDBhIVU1BTiBSRVNPVVJDRVMgVVNFIE9OTFkwEQYLKoZIhvcNAQkQBwID -AgTwMBEGCyqGSIb3DQEJEAcBAwIF4DAKBggqhkjOPQQDAwNnADBkAjAZSD+BVqzc -1l0fDoH3LwixjxvtddBHbJsM5yBek4U9b2yWL2KEmwV02fTgof3AjDECMCTsksmx -5f3i5DSYfe9Q1heJlEJLd1hgZmfvUYNnCU3WrdmYzyoNdNTbg7ZFMoxsXw== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - cat_value_found = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5913.id_pe_clearanceConstraints: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for c in ev: - if c['policyId'] == rfc3114.id_tsp_TEST_Whirlpool: - for sc in c['securityCategories']: - assert sc['type'] in rfc5755.securityCategoryMap.keys() - scv, rest = der_decode(sc['value'], - asn1Spec=rfc5755.securityCategoryMap[sc['type']]) - for cat in scv: - assert u'USE ONLY' in cat - cat_value_found = True - - assert cat_value_found - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - cat_value_found = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5913.id_pe_clearanceConstraints: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], - decodeOpenTypes=True) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for c in ev: - if c['policyId'] == rfc3114.id_tsp_TEST_Whirlpool: - for sc in c['securityCategories']: - assert sc['type'] in rfc5755.securityCategoryMap.keys() - for cat in sc['value']: - assert u'USE ONLY' in cat - cat_value_found = True - - assert cat_value_found - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc5914.py b/tests/test_rfc5914.py deleted file mode 100644 index 3fc5df9..0000000 --- a/tests/test_rfc5914.py +++ /dev/null @@ -1,83 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5914 -from pyasn1_modules import rfc5652 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class TrustAnchorListTestCase(unittest.TestCase): - trust_anchor_list_pem_text = """\ -MIIGGQYLKoZIhvcNAQkQASKgggYIMIIGBKGCAvYwggLyoAMCAQICAgDJMA0GCSqG -SIb3DQEBCwUAMBYxFDASBgNVBAMTC3JpcGUtbmNjLXRhMCAXDTE3MTEyODE0Mzk1 -NVoYDzIxMTcxMTI4MTQzOTU1WjAWMRQwEgYDVQQDEwtyaXBlLW5jYy10YTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANFEWEhqlM9psgbDs3ltY0OjbMTb -5SzMoVpJ755fDYgQrP0/0tl7jSkDWfsAWcSIDz1dqRQRXkAL6B/1ivNx8ANuldrI -sJvzGNpymfjpcPsJac5WdadyKY9njXCq5orfAcAQvMSJs7ghmldI5EQdBmdIaB+j -JdN7pi6a0bJ+r9MTj9PpekHNWRzBVRW9/OSEOxUEE3FSMa3XjLKMiavXjJBOg6HJ -R4RfzZUpZV7mwEkPSlFqidPjrd0Al6+C1xAjH5KZFUdk2U/r+b+ufGx1bOmcUQ9W -+lJNbkCgMh1G5/7V7z/Ja4wImxs1bFw09i9MeBHcfkHYsT4Do4t4ATMi9lcCAwEA -AaOCAV4wggFaMB0GA1UdDgQWBBToVSsf1tGk9+QExtjlaA0evBY/wzAPBgNVHRMB -Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjCBsQYIKwYBBQUHAQsEgaQwgaEwPAYI -KwYBBQUHMAqGMHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L3JpcGUt -bmNjLXRhLm1mdDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25v -dGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHMAWGIXJzeW5jOi8vcnBraS5yaXBlLm5l -dC9yZXBvc2l0b3J5LzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF -BwEHAQH/BBgwFjAJBAIAATADAwEAMAkEAgACMAMDAQAwIQYIKwYBBQUHAQgBAf8E -EjAQoA4wDDAKAgEAAgUA/////zCCAgIwggGIoAMCAQICCQDokdYGkU/O8jAKBggq -hkjOPQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcMB0hl -cm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4XDTE5MDUxNDA4NTgxMVoXDTIxMDUx -MzA4NTgxMVowPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdI -ZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IA -BPBRdlSx6I5qpZ2sKUMIxun1gUAzzstOYWKvKCnMoNT1x+pIKDvMEMimFcLAxxL3 -NVYOhK0Jty83SPDkKWMdx9/Okdhf3U/zxJlEnXDiFrAeM6xbG8zcCRiBnmd92Uvs -RqNQME4wHQYDVR0OBBYEFPI12zQE2qVV8r1pA5mwYuziFQjBMB8GA1UdIwQYMBaA -FPI12zQE2qVV8r1pA5mwYuziFQjBMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwMD -aAAwZQIwWlGNjb9NyqJSzUSdsEqDSvMZb8yFkxYCIbAVqQ9UqScUUb9tpJKGsPWw -bZsnLVvmAjEAt/ypozbUhQw4dSPpWzrn5BQ0kKbDM3DQJcBABEUBoIOol1/jYQPm -xajQuxcheFlkooIBADCB/TB2MBAGByqGSM49AgEGBSuBBAAiA2IABOIIQup32CTe -oCxkpBPOQJwjcqkCCg43PyE2uI1TFPbVkZVL85YCjXEexNjLp59e76Dmf1qSEZZT -b+vAyz+u/Vs/RyTnmgculr6oL7tXGK9xpL14Oh7oWzxrZBErzDQrjAQUo53mH/na -OU/AbuiRy5Wl2jHiCp8MFURpZ2lDZXJ0IFRydXN0IEFuY2hvcjBSMEwxCzAJBgNV -BAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0 -IEVDQyBTZWN1cmUgU2VydmVyIENBggIFIIICZW4= -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.trust_anchor_list_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] == rfc5914.id_ct_trustAnchorList - tal, rest = der_decode(asn1Object['content'], rfc5914.TrustAnchorList()) - assert not rest - assert tal.prettyPrint() - assert der_encode(tal) == asn1Object['content'] - - assert sum (1 for _ in tal) == 3 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc5916.py b/tests/test_rfc5916.py deleted file mode 100644 index 2e7ba7f..0000000 --- a/tests/test_rfc5916.py +++ /dev/null @@ -1,110 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5916 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class DeviceCertTestCase(unittest.TestCase): - cert_pem_text = """\ -MIICpzCCAiygAwIBAgIJAKWzVCgbsG5FMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMDMxMTQwMDE1WhcNMjAxMDMwMTQwMDE1WjB4MQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 -YW1wbGUxGjAYBgNVBAsTEURldmljZSBPcGVyYXRpb25zMRwwGgYDVQQDExNleDEy -MzQ1LmV4YW1wbGUuY29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE7Lje3glS2qYl -5x6N9TOlD4CbnzfFeJQfbDaCa3vexEiwE0apuAP+4L5fqOsYeZC970iNW+z3PdUs -GzkKDC2cCVy8nIxQ3mWhNQDvavT3iz5OGSwa1GjSXRFbGn2x9QjNo4G6MIG3MEIG -CWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVk -IGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFPTQN1kXEM5Rd4hNvQL5HyA+o2No -MB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAsGA1UdDwQEAwIHgDAk -BgNVHQkEHTAbMBkGCWCGSAFlAgEFRTEMBgorBgEEAYGsYDAYMAoGCCqGSM49BAMD -A2kAMGYCMQCt6AceOEIwXFKFHIV8+wTK/vgs7ZYSA6jhXUpzNtzZw1xh9NxVUhmx -pogu5Q9Vp28CMQC5YVF8dShC1tk9YImRftiVl8C6pbj//1K/+MwmR6nRk/WU+hKl -+Qsc5Goi6At471s= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - found_dev_owner = False - der_dev_own_oid = der_encode(univ.ObjectIdentifier('1.3.6.1.4.1.22112.48.24')) - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5916.id_deviceOwner: - assert attr['values'][0] == der_dev_own_oid - found_dev_owner = True - - assert found_dev_owner - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - found_dev_owner = False - dev_own_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48.24') - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], - decodeOpenTypes=True) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5916.id_deviceOwner: - assert attr['values'][0] == dev_own_oid - found_dev_owner = True - - assert found_dev_owner - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc5917.py b/tests/test_rfc5917.py deleted file mode 100644 index 459895d..0000000 --- a/tests/test_rfc5917.py +++ /dev/null @@ -1,112 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5917 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class ClearanceSponsorTestCase(unittest.TestCase): - cert_pem_text = """\ -MIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZIzj0EAwMw -ZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw -DgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3BjYS5leGFt -cGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGSMQswCQYD -VQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoT -B0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1lbnQxDTAL -BgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5jb20wdjAQ -BgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQgKpBispSx -XxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQQXc3zxnk -cl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m711OqFDNGR -SWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/VGWhQ6RB -MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjER -MA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTADAQH/MAsG -A1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5u -b3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAwwCgYIKwYB -BQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsqhkiG9w0B -CRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09VUkNFUyBV -U0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERlcGFydG1l -bnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/Hea3Hk8P -tTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weBdBa5WEDI -FFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2 -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - cs = rfc5917.DirectoryString() - cs['utf8String'] = u'Human Resources Department' - encoded_cs = der_encode(cs) - - clearance_sponsor_found = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5917.id_clearanceSponsor: - assert attr['values'][0] == encoded_cs - clearance_sponsor_found = True - - assert clearance_sponsor_found - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - clearance_sponsor_found = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], - decodeOpenTypes=True) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - - for attr in ev: - if attr['type'] == rfc5917.id_clearanceSponsor: - hrd = u'Human Resources Department' - assert attr['values'][0]['utf8String'] == hrd - clearance_sponsor_found = True - - assert clearance_sponsor_found - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc5924.py b/tests/test_rfc5924.py deleted file mode 100644 index ca623fa..0000000 --- a/tests/test_rfc5924.py +++ /dev/null @@ -1,73 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5924 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SIPDomainCertTestCase(unittest.TestCase): - cert_pem_text = """\ -MIICiTCCAg+gAwIBAgIJAKWzVCgbsG5EMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMDMwMjEwMDM0WhcNMjAxMDI5MjEwMDM0WjBsMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 -YW1wbGUxEjAQBgNVBAsTCVNJUCBQcm94eTEYMBYGA1UEAxMPc2lwLmV4YW1wbGUu -Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEcY3ckttSa6z3CfOFwZvPmZY8C9Ml -D1XOydz00+Vqifh1lydhDuulHrJaQ+QgVjG1TzlTAssD9GeABit/M98DPS/IC3wi -TsTMSyQ9/Oz4hKAw7x7lYEvufvycsZ7pJGRso4GpMIGmMEIGCWCGSAGG+EIBDQQ1 -FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVy -cG9zZS4wHQYDVR0OBBYEFEcJ8iFWmJOl3Hg/44UFgFWNbe7FMB8GA1UdIwQYMBaA -FPI12zQE2qVV8r1pA5mwYuziFQjBMAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggr -BgEFBQcDFDAKBggqhkjOPQQDAwNoADBlAjAXEPPNyXBUj40dzy+ZOqafuM3/6Fy6 -bkgiIObcQImra96X10fe6qacanrbu4uU6d8CMQCQ+BCjCnOP4dBbNC3vB0WypxLo -UwZ6TjS0Rfr+dRvlyilVjP+hPVwbyb7ZOSZR6zk= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - found_kp_sipDomain = False - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_extKeyUsage: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - assert rfc5924.id_kp_sipDomain in ev - found_kp_sipDomain = True - - assert found_kp_sipDomain - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc5934.py b/tests/test_rfc5934.py deleted file mode 100644 index 662ccf1..0000000 --- a/tests/test_rfc5934.py +++ /dev/null @@ -1,304 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Acknowledgement to Carl Wallace for the test messages. -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5934 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class TAMPStatusResponseTestCase(unittest.TestCase): - tsr_pem_text = """\ -MIIU/QYJKoZIhvcNAQcCoIIU7jCCFOoCAQMxDTALBglghkgBZQMEAgEwgg/GBgpghkgBZQIB -Ak0CoIIPtgSCD7Iwgg+uMAiDAAIEXXp3f6GCD50wgg+ZooIFFTCCBREwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDALMH2jTus/z881nG+uHQiB+xwQRX8q0DjB6rBw9if/tpM -Or8/yNgoe0s2AcCsRSXD0g4Kj4UYZBA9GhNwKm+O19yNk7NBDzghza2rwj0qBdNXETcNzYxR -+ZPjzEZJIY4UtM3LFD44zXIx7qsS8mXqNC5WXf/uY3XLbbqRNPye8/QtHL5QxELfWYj/arP6 -qGw9y1ZxcQWWu5+A5YBFWWdBsOvDrWCkgHUGF5wO9EPgmQ4b+3/1s8yygYKx/TLBuL5BpGS1 -YDpaUTCMzt5BLBlHXEkQZLl0qYdBr31uusG4ob9lMToEZ/m1u46SigBjuLHmjDhfg/9Q1Tui -XWuyEMxjAgMBAAEEFEl0uwxeunr+AlTve6DGlcYJgHCWMIID0TBbMQswCQYDVQQGEwJVUzEY -MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEW -MBQGA1UEAxMNRG9EIFJvb3QgQ0EgMqCCA3AwggJYoAMCAQICAQUwDQYJKoZIhvcNAQEFBQAw -WzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9E -MQwwCgYDVQQLEwNQS0kxFjAUBgNVBAMTDURvRCBSb290IENBIDIwHhcNMDQxMjEzMTUwMDEw -WhcNMjkxMjA1MTUwMDEwWjBbMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5t -ZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0Eg -MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAswfaNO6z/PzzWcb64dCIH7HBB -FfyrQOMHqsHD2J/+2kw6vz/I2Ch7SzYBwKxFJcPSDgqPhRhkED0aE3Aqb47X3I2Ts0EPOCHN -ravCPSoF01cRNw3NjFH5k+PMRkkhjhS0zcsUPjjNcjHuqxLyZeo0LlZd/+5jdcttupE0/J7z -9C0cvlDEQt9ZiP9qs/qobD3LVnFxBZa7n4DlgEVZZ0Gw68OtYKSAdQYXnA70Q+CZDhv7f/Wz -zLKBgrH9MsG4vkGkZLVgOlpRMIzO3kEsGUdcSRBkuXSph0GvfW66wbihv2UxOgRn+bW7jpKK -AGO4seaMOF+D/1DVO6Jda7IQzGMCAwEAAaM/MD0wHQYDVR0OBBYEFEl0uwxeunr+AlTve6DG -lcYJgHCWMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IB -AQCYkY0/ici79cBpcyk7Nay6swh2PXAJkumERCEBfRR2G+5RbB2NFTctezFp9JpEuK9GzDT6 -I8sDJxnSgyF1K+fgG5km3IRAleio0sz2WFxm7z9KlxCCHboKot1bBiudp2RO6y4BNaS0PxOt -VeTVc6hpmxHxmPIxHm9A1Ph4n46RoG9wBJBmqgYrzuF6krV94eDRluehOi3MsZ0fBUTth5nT -TRpwOcEEDOV+2fGv1yAO8SJ6JaRzmcw/pAcnlqiile2CuRbTnguHwsHyiPVi32jfx7xpUe2x -XNxUVCkPCTmarAPB2wxNrm8KehZJ8b+R0jiU0/aVLLdsyUK2jcqQjYXZooIFGDCCBRQwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp7BRyiuhLcKPaEAOEpvunNg0qOlIWvzAV -UoYFRyDPqqbNdcRkbu/xYCPLCmZArrTIaCoAUWhJN+lZMk2VvEMn6UCNOhDOFLxDGKH53szn -hXZzXhgaI1u9Px/y7Y0ZzAPRQKSPpyACTCdaeTb2ozchjgBaBhbK01WWbzEpu3IOy+JIUfLU -N6Q11m/uF7OxBqsLGYboI20xGyh4ZcXeYlK8wX3r7qBdVAT7sssrsiNUkYJM8L+6dEA7DARF -gGdcxeuiV8MafwotvX+53MGZsMgH5AyGNpQ6JS/yfeaXPBuUtJdZBsk65AvZ6un8O3M0b/3n -mOTzocKQXxz1Py7XGdN/AgMBAAEEFGyKlKJ3sYByHYF6Fqry3M5m7kXAMIID1DBbMQswCQYD -VQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNV -BAsTA1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0EgM6CCA3MwggJboAMCAQICAQEwDQYJKoZI -hvcNAQELBQAwWzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoG -A1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxFjAUBgNVBAMTDURvRCBSb290IENBIDMwHhcNMTIw -MzIwMTg0NjQxWhcNMjkxMjMwMTg0NjQxWjBbMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5T -LiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEWMBQGA1UEAxMNRG9E -IFJvb3QgQ0EgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKnsFHKK6Etwo9oQ -A4Sm+6c2DSo6Uha/MBVShgVHIM+qps11xGRu7/FgI8sKZkCutMhoKgBRaEk36VkyTZW8Qyfp -QI06EM4UvEMYofnezOeFdnNeGBojW70/H/LtjRnMA9FApI+nIAJMJ1p5NvajNyGOAFoGFsrT -VZZvMSm7cg7L4khR8tQ3pDXWb+4Xs7EGqwsZhugjbTEbKHhlxd5iUrzBfevuoF1UBPuyyyuy -I1SRgkzwv7p0QDsMBEWAZ1zF66JXwxp/Ci29f7ncwZmwyAfkDIY2lDolL/J95pc8G5S0l1kG -yTrkC9nq6fw7czRv/eeY5POhwpBfHPU/LtcZ038CAwEAAaNCMEAwHQYDVR0OBBYEFGyKlKJ3 -sYByHYF6Fqry3M5m7kXAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG -SIb3DQEBCwUAA4IBAQCfcaTAtpbSgEOgSOkfdgT5xTytZhhYY5vDtuhoioVaQmYStNLmi4h/ -h/SY9ajGCckf8Cwf7IK49KVHOMEzK99Mfpq+Cwuxyw98UCgQz4qNoum6rIbX1LGTXyKPlgW0 -Tgx1kX3T8ueUwpQUdk+PDKsQh1gyhQd1hhILXupTtArITISSH+voQYY8uvROQUrRbFhHQcOG -WvLu6fKYJ4LqLjbW+AZegvGgUpNECbrSqRlaWKOoXSBtT2T4MIcbkBNIgc3KkMcNwdSYP47y -DldoMxKOmQmx8OT2EPQ28km96qM4yFZBI4Oa36EbNXzrP0Gz9W9LOl6ub5N2mNLxmZ1FxI5y -ooIFYDCCBVwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ3HcYEBAYYEH753gQ -D/iEd3DvLW5VOxGmmVI/bfS9oZf6Nh5uREIRyFP+dYabXjcSiKJ92XEI1Ek1cc5Gz1vQWY5l -H+tCPcoO3EyQ2FRpz144siBg3YNRLt/b1Vs4kVotz5oztG+WkOV2FGJDaYQQz1RB+TXqntRa -l51eEFm94OTDWYnX3vJ5sIdrAsBZoSoAghVvaxERAFM0dD304cxWYqLkZegjsYMdWFMIsjMt -lr7lfTOeEFonc1PdXZjiSxFTWJGP6nIR7LuU8g0PUK3yFrUaACQx5RW9FwaQqiSxrN0MUh7w -i2qruPft32O0zpRov16W0ESW8fj0ejoKeRVTAgMBAAEEFKg8CZ1n9thHuqLQ/BhyVohAbZWV -MIID0jBTMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEj -MCEGA1UEAxMaVmFsaWQgRUUgQ2VydGlmaWNhdGUgVGVzdDGgggN5MIICYaADAgECAgEBMA0G -CSqGSIb3DQEBCwUAMEAxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZUZXN0IENlcnRpZmljYXRl -cyAyMDExMRAwDgYDVQQDEwdHb29kIENBMB4XDTEwMDEwMTA4MzAwMFoXDTMwMTIzMTA4MzAw -MFowUzELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlRlc3QgQ2VydGlmaWNhdGVzIDIwMTExIzAh -BgNVBAMTGlZhbGlkIEVFIENlcnRpZmljYXRlIFRlc3QxMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEA2dx3GBAQGGBB++d4EA/4hHdw7y1uVTsRpplSP230vaGX+jYebkRCEchT -/nWGm143EoiifdlxCNRJNXHORs9b0FmOZR/rQj3KDtxMkNhUac9eOLIgYN2DUS7f29VbOJFa -Lc+aM7RvlpDldhRiQ2mEEM9UQfk16p7UWpedXhBZveDkw1mJ197yebCHawLAWaEqAIIVb2sR -EQBTNHQ99OHMVmKi5GXoI7GDHVhTCLIzLZa+5X0znhBaJ3NT3V2Y4ksRU1iRj+pyEey7lPIN -D1Ct8ha1GgAkMeUVvRcGkKoksazdDFIe8Itqq7j37d9jtM6UaL9eltBElvH49Ho6CnkVUwID -AQABo2swaTAfBgNVHSMEGDAWgBRYAYQkG7wrUpRKPaUQchRR9a86yTAdBgNVHQ4EFgQUqDwJ -nWf22Ee6otD8GHJWiEBtlZUwDgYDVR0PAQH/BAQDAgTwMBcGA1UdIAQQMA4wDAYKYIZIAWUD -AgEwATANBgkqhkiG9w0BAQsFAAOCAQEAHlrZD69ipblSvLzsDGGIEwGqCg8NR6OeqbIXG/ij -2SzSjTi+O7LP1DGIz85p9I7HuXAFUcAGh8aVtPZq+jGeLcQXs+3lehlhGG6M0eQO2pttbI0G -kO4s0XlY2ITNm0HTGOL+kcZfACcUZXsS+i+9qL80ji3PF0xYWzAPLmlmRSYmIZjT85CuKYda -Tsa96Ch+D6CU5v9ctVxP3YphWQ4F0v/FacDTiUrRwuXI9MgIw/0qI0+EAFwsRC2DisI9Isc8 -YPKKeOMbRmXamY/4Y8HUeqBwpnqnEJudrH++FPBEI4dYrBAV6POgvx4lyzarAmlarv/AbrBD -ngieGTynMG6NwqFIMEYwRAYIKwYBBQUHARIBAf8ENTAzMA8GCmCGSAFlAgECTQMKAQEwDwYK -YIZIAWUCAQJNAQoBATAPBgpghkgBZQIBAk0CCgEBAQEAoIIDfTCCA3kwggJhoAMCAQICAQEw -DQYJKoZIhvcNAQELBQAwQDELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlRlc3QgQ2VydGlmaWNh -dGVzIDIwMTExEDAOBgNVBAMTB0dvb2QgQ0EwHhcNMTAwMTAxMDgzMDAwWhcNMzAxMjMxMDgz -MDAwWjBTMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEj -MCEGA1UEAxMaVmFsaWQgRUUgQ2VydGlmaWNhdGUgVGVzdDEwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQDZ3HcYEBAYYEH753gQD/iEd3DvLW5VOxGmmVI/bfS9oZf6Nh5uREIR -yFP+dYabXjcSiKJ92XEI1Ek1cc5Gz1vQWY5lH+tCPcoO3EyQ2FRpz144siBg3YNRLt/b1Vs4 -kVotz5oztG+WkOV2FGJDaYQQz1RB+TXqntRal51eEFm94OTDWYnX3vJ5sIdrAsBZoSoAghVv -axERAFM0dD304cxWYqLkZegjsYMdWFMIsjMtlr7lfTOeEFonc1PdXZjiSxFTWJGP6nIR7LuU -8g0PUK3yFrUaACQx5RW9FwaQqiSxrN0MUh7wi2qruPft32O0zpRov16W0ESW8fj0ejoKeRVT -AgMBAAGjazBpMB8GA1UdIwQYMBaAFFgBhCQbvCtSlEo9pRByFFH1rzrJMB0GA1UdDgQWBBSo -PAmdZ/bYR7qi0PwYclaIQG2VlTAOBgNVHQ8BAf8EBAMCBPAwFwYDVR0gBBAwDjAMBgpghkgB -ZQMCATABMA0GCSqGSIb3DQEBCwUAA4IBAQAeWtkPr2KluVK8vOwMYYgTAaoKDw1Ho56pshcb -+KPZLNKNOL47ss/UMYjPzmn0jse5cAVRwAaHxpW09mr6MZ4txBez7eV6GWEYbozR5A7am21s -jQaQ7izReVjYhM2bQdMY4v6Rxl8AJxRlexL6L72ovzSOLc8XTFhbMA8uaWZFJiYhmNPzkK4p -h1pOxr3oKH4PoJTm/1y1XE/dimFZDgXS/8VpwNOJStHC5cj0yAjD/SojT4QAXCxELYOKwj0i -xzxg8op44xtGZdqZj/hjwdR6oHCmeqcQm52sf74U8EQjh1isEBXo86C/HiXLNqsCaVqu/8Bu -sEOeCJ4ZPKcwbo3CMYIBiTCCAYUCAQOAFKg8CZ1n9thHuqLQ/BhyVohAbZWVMAsGCWCGSAFl -AwQCAaBMMBkGCSqGSIb3DQEJAzEMBgpghkgBZQIBAk0CMC8GCSqGSIb3DQEJBDEiBCAiPyBP -FFwHJbHgGmoz+54OEJ/ppMyfSoZmbS/nkWfxxjALBgkqhkiG9w0BAQsEggEAHllTg+TMT2ll -zVvrvRDwOwrzr6YIJSt96sLANqOXiqqnvrHDDWTdVMcRX/LccVbm9JP4sGSfGDdwbm3FqB+l -kgSBlejFgjWfF/YVK5OpaVcPGg4DB3oAOwxtn0GVQtKgGkiGQF0r5389mTHYlQzS6BVDG2Oi -sKIe4SBazrBGjnKANf9LEunpWPt15y6QCxiEKnJfPlAqiMuiIhHmXPIHi+d3sYkC+iu+5I68 -2oeLdtBWCDcGh4+DdS6Qqzkpp14MpvzBMdfD3lKcI3NRmY+GmRYaGAiEalh83vggslF7N4SS -iPxQyqz7LIQe9/5ynJV5/CPUDBL9QK2vSCOQaihWCg== -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.tsr_pem_text) - - layers = { - rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), - rfc5652.id_signedData: rfc5652.SignedData(), - rfc5934.id_ct_TAMP_statusResponse: rfc5934.TAMPStatusResponse() - } - - getNextLayer = { - rfc5652.id_ct_contentInfo: lambda x: x['contentType'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc5934.id_ct_TAMP_statusResponse: lambda x: None - } - - getNextSubstrate = { - rfc5652.id_ct_contentInfo: lambda x: x['content'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc5934.id_ct_TAMP_statusResponse: lambda x: None - } - - next_layer = rfc5652.id_ct_contentInfo - - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.tsr_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.ContentInfo(), - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - eci = asn1Object['content']['encapContentInfo'] - assert eci['eContentType'] in rfc5652.cmsContentTypesMap.keys() - assert eci['eContentType'] == rfc5934.id_ct_TAMP_statusResponse - tsr, rest = der_decode(eci['eContent'], - asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']], - decodeOpenTypes=True) - assert not rest - assert tsr.prettyPrint() - assert der_encode(tsr) == eci['eContent'] - - assert tsr['version'] == 2 - assert tsr['query']['target'] == univ.Null("") - assert tsr['query']['seqNum'] == 1568307071 - assert tsr['usesApex'] == False - - count = 0 - for tai in tsr['response']['verboseResponse']['taInfo']: - count += 1 - assert tai['taInfo']['version'] == 1 - - assert count == 3 - - -class TrustAnchorUpdateTestCase(unittest.TestCase): - tau_pem_text = """\ -MIIGgwYJKoZIhvcNAQcCoIIGdDCCBnACAQMxDTALBglghkgBZQMEAgEwggFMBgpghkgBZQIB -Ak0DoIIBPASCATgwggE0MAiDAAIEXXp3kDCCASaiggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQDALMH2jTus/z881nG+uHQiB+xwQRX8q0DjB6rBw9if/tpMOr8/yNgoe0s2AcCs -RSXD0g4Kj4UYZBA9GhNwKm+O19yNk7NBDzghza2rwj0qBdNXETcNzYxR+ZPjzEZJIY4UtM3L -FD44zXIx7qsS8mXqNC5WXf/uY3XLbbqRNPye8/QtHL5QxELfWYj/arP6qGw9y1ZxcQWWu5+A -5YBFWWdBsOvDrWCkgHUGF5wO9EPgmQ4b+3/1s8yygYKx/TLBuL5BpGS1YDpaUTCMzt5BLBlH -XEkQZLl0qYdBr31uusG4ob9lMToEZ/m1u46SigBjuLHmjDhfg/9Q1TuiXWuyEMxjAgMBAAGg -ggN9MIIDeTCCAmGgAwIBAgIBATANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJVUzEfMB0G -A1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEQMA4GA1UEAxMHR29vZCBDQTAeFw0xMDAx -MDEwODMwMDBaFw0zMDEyMzEwODMwMDBaMFMxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZUZXN0 -IENlcnRpZmljYXRlcyAyMDExMSMwIQYDVQQDExpWYWxpZCBFRSBDZXJ0aWZpY2F0ZSBUZXN0 -MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANncdxgQEBhgQfvneBAP+IR3cO8t -blU7EaaZUj9t9L2hl/o2Hm5EQhHIU/51hpteNxKIon3ZcQjUSTVxzkbPW9BZjmUf60I9yg7c -TJDYVGnPXjiyIGDdg1Eu39vVWziRWi3PmjO0b5aQ5XYUYkNphBDPVEH5Neqe1FqXnV4QWb3g -5MNZidfe8nmwh2sCwFmhKgCCFW9rEREAUzR0PfThzFZiouRl6COxgx1YUwiyMy2WvuV9M54Q -WidzU91dmOJLEVNYkY/qchHsu5TyDQ9QrfIWtRoAJDHlFb0XBpCqJLGs3QxSHvCLaqu49+3f -Y7TOlGi/XpbQRJbx+PR6Ogp5FVMCAwEAAaNrMGkwHwYDVR0jBBgwFoAUWAGEJBu8K1KUSj2l -EHIUUfWvOskwHQYDVR0OBBYEFKg8CZ1n9thHuqLQ/BhyVohAbZWVMA4GA1UdDwEB/wQEAwIE -8DAXBgNVHSAEEDAOMAwGCmCGSAFlAwIBMAEwDQYJKoZIhvcNAQELBQADggEBAB5a2Q+vYqW5 -Ury87AxhiBMBqgoPDUejnqmyFxv4o9ks0o04vjuyz9QxiM/OafSOx7lwBVHABofGlbT2avox -ni3EF7Pt5XoZYRhujNHkDtqbbWyNBpDuLNF5WNiEzZtB0xji/pHGXwAnFGV7Evovvai/NI4t -zxdMWFswDy5pZkUmJiGY0/OQrimHWk7Gvegofg+glOb/XLVcT92KYVkOBdL/xWnA04lK0cLl -yPTICMP9KiNPhABcLEQtg4rCPSLHPGDyinjjG0Zl2pmP+GPB1HqgcKZ6pxCbnax/vhTwRCOH -WKwQFejzoL8eJcs2qwJpWq7/wG6wQ54Inhk8pzBujcIxggGJMIIBhQIBA4AUqDwJnWf22Ee6 -otD8GHJWiEBtlZUwCwYJYIZIAWUDBAIBoEwwGQYJKoZIhvcNAQkDMQwGCmCGSAFlAgECTQMw -LwYJKoZIhvcNAQkEMSIEINq+nldSoCoJuEe/lhrRhfx0ArygsPJ7mCMbOFrpr1dFMAsGCSqG -SIb3DQEBCwSCAQBTeRE1DzwF2dnv2yJAOYOxNnAtTs72ZG8mv5Ad4M/9n1+MPiAykLcBslW8 -7D1KjBdwB3oxIT4sjwGh0kxKLe4G+VuvQuPwtT8MqMl3hounnFOM5nMSj1TSbfHVPs3dhEyk -Wu1gQ5g9gxLF3MpwEJGJKvhRtK17LGElJWvGPniRMChAJZJWoLjFBMe5JMzpqu2za50S1K3t -YtkTOx/2FQdVApkTY1qMQooljDiuvSvOuSDXcyAA15uIypQJvfrBNqe6Ush+j7yS5UQyTm0o -ZidB8vj4jIZT3S2gqWhtBLMUc11j+kWlXEZEigSL8WgCbAu7lqhItMwz2dy4C5aAWq8r""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.tau_pem_text) - - layers = { - rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), - rfc5652.id_signedData: rfc5652.SignedData(), - rfc5934.id_ct_TAMP_update: rfc5934.TAMPUpdate() - } - - getNextLayer = { - rfc5652.id_ct_contentInfo: lambda x: x['contentType'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc5934.id_ct_TAMP_update: lambda x: None - } - - getNextSubstrate = { - rfc5652.id_ct_contentInfo: lambda x: x['content'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc5934.id_ct_TAMP_update: lambda x: None - } - - next_layer = rfc5652.id_ct_contentInfo - - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.tau_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.ContentInfo(), - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - eci = asn1Object['content']['encapContentInfo'] - assert eci['eContentType'] in rfc5652.cmsContentTypesMap.keys() - assert eci['eContentType'] == rfc5934.id_ct_TAMP_update - tau, rest = der_decode(eci['eContent'], - asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']], - decodeOpenTypes=True) - assert not rest - assert tau.prettyPrint() - assert der_encode(tau) == eci['eContent'] - - assert tau['version'] == 2 - assert tau['msgRef']['target'] == univ.Null("") - assert tau['msgRef']['seqNum'] == 1568307088 - - count = 0 - for u in tau['updates']: - count += 1 - - assert count == 1 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc5940.py b/tests/test_rfc5940.py index 293b565..d33a1c7 100644 --- a/tests/test_rfc5940.py +++ b/tests/test_rfc5940.py @@ -81,7 +81,7 @@ ttTMEpl2prH8bbwo1g== assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], - asn1Spec=rfc5652.SignedData()) + asn1Spec=rfc5652.SignedData()) assert sd.prettyPrint() assert sd['encapContentInfo']['eContentType'] == rfc5652.id_data @@ -92,16 +92,18 @@ ttTMEpl2prH8bbwo1g== assert sd['crls'][1]['other']['otherRevInfoFormat'] == ocspr_oid ocspr, rest = der_decode(sd['crls'][1]['other']['otherRevInfo'], - asn1Spec=rfc5940.OCSPResponse()) + asn1Spec=rfc5940.OCSPResponse()) assert ocspr.prettyPrint() success = rfc2560.OCSPResponseStatus(value='successful') assert ocspr['responseStatus'] == success def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.otherRevInfoFormatMap.update(rfc5940.otherRevInfoFormatMapUpdate) asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate diff --git a/tests/test_rfc5958.py b/tests/test_rfc5958.py index a38a696..febec78 100644 --- a/tests/test_rfc5958.py +++ b/tests/test_rfc5958.py @@ -8,8 +8,8 @@ import sys -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.codec.der import decoder as der_decoder +from pyasn1.codec.der import encoder as der_encoder from pyasn1.type import univ @@ -36,7 +36,7 @@ Z9w7lshQhqowtrbLDFw4rXAxZuE= def testDerCodec(self): substrate = pem.readBase64fromText(self.priv_key_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519 @@ -44,7 +44,7 @@ Z9w7lshQhqowtrbLDFw4rXAxZuE= assert asn1Object['privateKey'].prettyPrint()[0:10] == "0x0420d4ee" assert asn1Object['publicKey'].isValue assert asn1Object['publicKey'].prettyPrint()[0:10] == "1164575857" - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate class PrivateKeyOpenTypesTestCase(unittest.TestCase): @@ -59,17 +59,19 @@ YWlyc4EhABm/RAlphM3+hUG6wWfcO5bIUIaqMLa2ywxcOK1wMWbh def testOpenTypes(self): substrate = pem.readBase64fromText(self.asymmetric_key_pkg_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, decodeOpenTypes=True) + rfc5652.cmsContentTypesMap.update(rfc5958.cmsContentTypesMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate + assert der_encoder.encode(asn1Object) == substrate assert rfc5958.id_ct_KP_aKeyPackage in rfc5652.cmsContentTypesMap.keys() oneKey = asn1Object['content'][0] assert oneKey['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519 pkcs_9_at_friendlyName = univ.ObjectIdentifier('1.2.840.113549.1.9.9.20') - assert oneKey['attributes'][0]['attrType'] == pkcs_9_at_friendlyName + assert oneKey['attributes'][0]['type'] == pkcs_9_at_friendlyName suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc5990.py b/tests/test_rfc5990.py deleted file mode 100755 index 9f7e45b..0000000 --- a/tests/test_rfc5990.py +++ /dev/null @@ -1,82 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5990 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class RSAKEMTestCase(unittest.TestCase): - pem_text = """\ -MEcGCyqGSIb3DQEJEAMOMDgwKQYHKIGMcQICBDAeMBkGCiuBBRCGSAksAQIwCwYJ -YIZIAWUDBAIBAgEQMAsGCWCGSAFlAwQBBQ== -""" - - def setUp(self): - self.asn1Spec = rfc5280.AlgorithmIdentifier() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['algorithm'] == rfc5990.id_rsa_kem - rsa_kem_p, rest = der_decode(asn1Object['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[rfc5990.id_rsa_kem]) - assert not rest - assert rsa_kem_p.prettyPrint() - assert der_encode(rsa_kem_p) == asn1Object['parameters'] - - assert rsa_kem_p['kem']['algorithm'] == rfc5990.id_kem_rsa - kem_rsa_p, rest = der_decode(rsa_kem_p['kem']['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[rfc5990.id_kem_rsa]) - assert not rest - assert kem_rsa_p.prettyPrint() - assert der_encode(kem_rsa_p) == rsa_kem_p['kem']['parameters'] - - assert kem_rsa_p['keyLength'] == 16 - assert kem_rsa_p['keyDerivationFunction']['algorithm'] == rfc5990.id_kdf_kdf3 - kdf_p, rest = der_decode(kem_rsa_p['keyDerivationFunction']['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[rfc5990.id_kdf_kdf3]) - assert not rest - assert kdf_p.prettyPrint() - assert der_encode(kdf_p) == kem_rsa_p['keyDerivationFunction']['parameters'] - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['algorithm'] == rfc5990.id_rsa_kem - assert asn1Object['parameters']['kem']['algorithm'] == rfc5990.id_kem_rsa - assert asn1Object['parameters']['kem']['parameters']['keyLength'] == 16 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6010.py b/tests/test_rfc6010.py deleted file mode 100644 index 072c1ac..0000000 --- a/tests/test_rfc6010.py +++ /dev/null @@ -1,95 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc6010 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class UnconstrainedCCCExtensionTestCase(unittest.TestCase): - unconstrained_pem_text = "MB0GCCsGAQUFBwESBBEwDzANBgsqhkiG9w0BCRABAA==" - - def setUp(self): - self.asn1Spec = rfc5280.Extension() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.unconstrained_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['extnID'] == rfc6010.id_pe_cmsContentConstraints - evalue, rest = der_decode(asn1Object['extnValue'], - asn1Spec=rfc6010.CMSContentConstraints()) - assert not rest - assert evalue.prettyPrint() - assert der_encode(evalue) == asn1Object['extnValue'] - - assert evalue[0]['contentType'] == rfc6010.id_ct_anyContentType - - -class ConstrainedCCCExtensionTestCase(unittest.TestCase): - constrained_pem_text = """\ -MIG7BggrBgEFBQcBEgSBrjCBqzA0BgsqhkiG9w0BCRABEDAlMCMGCyqGSIb3DQEJ -EAwBMRQMElZpZ2lsIFNlY3VyaXR5IExMQzAwBgpghkgBZQIBAk4CMCIwIAYLKoZI -hvcNAQkQDAsxEQwPa3RhLmV4YW1wbGUuY29tMDEGCyqGSIb3DQEJEAEZMCIwIAYL -KoZIhvcNAQkQDAsxEQwPa3RhLmV4YW1wbGUuY29tMA4GCSqGSIb3DQEHAQoBAQ== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Extension() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.constrained_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['extnID'] == rfc6010.id_pe_cmsContentConstraints - evalue, rest = der_decode(asn1Object['extnValue'], - asn1Spec=rfc6010.CMSContentConstraints()) - assert not rest - assert evalue.prettyPrint() - assert der_encode(evalue) == asn1Object['extnValue'] - - constraint_count = 0 - attribute_count = 0 - cannot_count = 0 - for ccc in evalue: - constraint_count += 1 - if ccc['canSource'] == 1: - cannot_count += 1 - if ccc['attrConstraints'].hasValue(): - for attr in ccc['attrConstraints']: - attribute_count += 1 - assert constraint_count == 4 - assert attribute_count == 3 - assert cannot_count == 1 - - def testExtensionsMap(self): - substrate = pem.readBase64fromText(self.constrained_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert asn1Object['extnID'] in rfc5280.certificateExtensionsMap.keys() - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc6019.py b/tests/test_rfc6019.py index 46cd75d..311e49f 100644 --- a/tests/test_rfc6019.py +++ b/tests/test_rfc6019.py @@ -43,6 +43,8 @@ class BinarySigningTimeTestCase(unittest.TestCase): def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.cmsAttributesMap.update(rfc6019.cmsAttributesMapUpdate) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) diff --git a/tests/test_rfc6031.py b/tests/test_rfc6031.py deleted file mode 100644 index 176285f..0000000 --- a/tests/test_rfc6031.py +++ /dev/null @@ -1,89 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6031 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SymmetricKeyPkgTestCase(unittest.TestCase): - key_pkg_pem_text = """\ -MIG7BgsqhkiG9w0BCRABGaCBqzCBqKBEMCMGCyqGSIb3DQEJEAwBMRQMElZpZ2ls -IFNlY3VyaXR5IExMQzAdBgsqhkiG9w0BCRAMAzEODAxQcmV0ZW5kIDA0OEEwYDBe -MFYwGwYLKoZIhvcNAQkQDBsxDAwKZXhhbXBsZUlEMTAVBgsqhkiG9w0BCRAMCjEG -DARIT1RQMCAGCyqGSIb3DQEJEAwLMREMD2t0YS5leGFtcGxlLmNvbQQEMTIzNA== -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.key_pkg_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap - asn1Spec = rfc5652.cmsContentTypesMap[asn1Object['contentType']] - skp, rest = der_decode(asn1Object['content'], asn1Spec=asn1Spec) - assert not rest - assert skp.prettyPrint() - assert der_encode(skp) == asn1Object['content'] - - for attr in skp['sKeyPkgAttrs']: - assert attr['attrType'] in rfc6031.sKeyPkgAttributesMap.keys() - - for osk in skp['sKeys']: - for attr in osk['sKeyAttrs']: - assert attr['attrType'] in rfc6031.sKeyAttributesMap.keys() - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.key_pkg_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap - assert asn1Object['content'].hasValue() - keypkg = asn1Object['content'] - assert keypkg['version'] == rfc6031.KeyPkgVersion().subtype(value='v1') - - for attr in keypkg['sKeyPkgAttrs']: - assert attr['attrType'] in rfc6031.sKeyPkgAttributesMap.keys() - assert attr['attrValues'][0].prettyPrint()[:2] != '0x' - # decodeOpenTypes=True did not decode if the value is shown in hex ... - if attr['attrType'] == rfc6031.id_pskc_manufacturer: - attr['attrValues'][0] == 'Vigil Security LLC' - - for osk in keypkg['sKeys']: - for attr in osk['sKeyAttrs']: - assert attr['attrType'] in rfc6031.sKeyAttributesMap.keys() - assert attr['attrValues'][0].prettyPrint()[:2] != '0x' - # decodeOpenTypes=True did not decode if the value is shown in hex ... - if attr['attrType'] == rfc6031.id_pskc_issuer: - attr['attrValues'][0] == 'kta.example.com' - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc6032.py b/tests/test_rfc6032.py deleted file mode 100644 index ad56823..0000000 --- a/tests/test_rfc6032.py +++ /dev/null @@ -1,88 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.compat.octets import str2octs - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6032 -from pyasn1_modules import rfc3565 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class EncryptedKeyPkgTestCase(unittest.TestCase): - encrypted_key_pkg_pem_text = """\ -MIIBBwYKYIZIAWUCAQJOAqCB+DCB9QIBAjCBzgYKYIZIAWUCAQJOAjAdBglghkgB -ZQMEASoEEN6HFteHMZ3DyeO35xIwWQOAgaCKTs0D0HguNzMhsLgiwG/Kw8OwX+GF -9/cZ1YVNesUTW/VsbXJcbTmFmWyfqZsM4DLBegIbrUEHQZnQRq6/NO4ricQdHApD -B/ip6RRqeN1yxMJLv1YN0zUOOIDBS2iMEjTLXZLWw3w22GN2JK7G+Lr4OH1NhMgU -ILJyh/RePmPseMwxvcJs7liEfkiSNMtDfEcpjtzA9bDe95GjhQRsiSByoR8wHQYJ -YIZIAWUCAQVCMRAEDnB0Zi1rZGMtODEyMzc0 -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - assert asn1Object['contentType'] == rfc6032.id_ct_KP_encryptedKeyPkg - - content, rest = der_decode(asn1Object['content'], rfc6032.EncryptedKeyPackage()) - assert not rest - assert content.prettyPrint() - assert der_encode(content) == asn1Object['content'] - assert content.getName() == 'encrypted' - eci = content['encrypted']['encryptedContentInfo'] - assert eci['contentType'] == rfc6032.id_ct_KP_encryptedKeyPkg - attrType = content['encrypted']['unprotectedAttrs'][0]['attrType'] - assert attrType == rfc6032.id_aa_KP_contentDecryptKeyID - - attrVal0 = content['encrypted']['unprotectedAttrs'][0]['attrValues'][0] - keyid, rest = der_decode(attrVal0, rfc6032.ContentDecryptKeyID()) - assert not rest - assert keyid.prettyPrint() - assert der_encode(keyid) == attrVal0 - assert keyid == b'ptf-kdc-812374' - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap - eci = asn1Object['content']['encrypted']['encryptedContentInfo'] - assert eci['contentType'] in rfc5652.cmsContentTypesMap - - for attr in asn1Object['content']['encrypted']['unprotectedAttrs']: - assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() - assert attr['attrValues'][0].prettyPrint()[:2] != '0x' - if attr['attrType'] == rfc6032.id_aa_KP_contentDecryptKeyID: - assert attr['attrValues'][0] == str2octs('ptf-kdc-812374') - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc6120.py b/tests/test_rfc6120.py deleted file mode 100644 index 820f7a3..0000000 --- a/tests/test_rfc6120.py +++ /dev/null @@ -1,109 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc6120 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class XMPPCertificateTestCase(unittest.TestCase): - xmpp_server_cert_pem_text = """\ -MIIC6DCCAm+gAwIBAgIJAKWzVCgbsG5DMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMDI0MjMxNjA0WhcNMjAxMDIzMjMxNjA0WjBNMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xHzAdBgNVBAoTFkV4 -YW1wbGUgUHJvZHVjdHMsIEluYy4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQZzQlk -03nJRPF6+w1NxFELmQ5vJTjTRz3eu03CRtahK4Wnwd4GwbDe8NVHAEG2qTzBXFDu -p6RZugsBdf9GcEZHG42rThYYOzIYzVFnI7tQgA+nTWSWZN6eoU/EXcknhgijggEn -MIIBIzAdBgNVHQ4EFgQUkQpUMYcbUesEn5buI03POFnktJgwHwYDVR0jBBgwFoAU -8jXbNATapVXyvWkDmbBi7OIVCMEwCwYDVR0PBAQDAgeAMIGPBgNVHREEgYcwgYSg -KQYIKwYBBQUHCAegHRYbX3htcHAtY2xpZW50LmltLmV4YW1wbGUuY29toCkGCCsG -AQUFBwgHoB0WG194bXBwLXNlcnZlci5pbS5leGFtcGxlLmNvbaAcBggrBgEFBQcI -BaAQDA5pbS5leGFtcGxlLmNvbYIOaW0uZXhhbXBsZS5jb20wQgYJYIZIAYb4QgEN -BDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9yIGFueSBw -dXJwb3NlLjAKBggqhkjOPQQDAwNnADBkAjAEo4mhDGC6/R39HyNgzLseNAp36qBH -yQJ/AWsBojN0av8akeVv9IuM45yqLKdiCzcCMDCjh1lFnCvurahwp5D1j9pAZMsg -nOzhcMpnHs2U/eN0lHl/JNgnbftl6Dvnt59xdA== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName()) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - for gn in extnValue: - if gn['otherName'].hasValue(): - gn_on = gn['otherName'] - if gn_on['type-id'] == rfc6120.id_on_xmppAddr: - assert gn_on['type-id'] in rfc5280.anotherNameMap.keys() - spec = rfc5280.anotherNameMap[gn['otherName']['type-id']] - on, rest = der_decode(gn_on['value'], asn1Spec=spec) - assert not rest - assert on.prettyPrint() - assert der_encode(on) == gn_on['value'] - assert on == u'im.example.com' - count += 1 - - assert count == 1 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - for gn in extnValue: - if gn['otherName'].hasValue(): - if gn['otherName']['type-id'] == rfc6120.id_on_xmppAddr: - assert gn['otherName']['value'] == u'im.example.com' - count += 1 - - assert count == 1 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6187.py b/tests/test_rfc6187.py deleted file mode 100644 index e821d77..0000000 --- a/tests/test_rfc6187.py +++ /dev/null @@ -1,73 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc6187 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SSHClientCertificateTestCase(unittest.TestCase): - cert_pem_text = """\ -MIICkDCCAhegAwIBAgIJAKWzVCgbsG5BMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMDI0MTgyNjA3WhcNMjAxMDIzMTgyNjA3WjB0MQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 -YW1wbGUxEDAOBgNVBAMTB0NoYXJsaWUxIjAgBgkqhkiG9w0BCQEWE2NoYXJsaWVA -ZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARfr1XPl5S0A/BwTOm4 -/rO7mGVt2Tmfr3yvYnfN/ggMvyS3RiIXSsdzcAwzeqc907Jp7Dggab0PpaOKDOxD -WoK0g6B8+kC/VMsU23mfShlb9et8qcR3A8gdU6g8uvSMahWjgakwgaYwCwYDVR0P -BAQDAgeAMB0GA1UdDgQWBBQfwm5u0GoxiDcjhDt33UJYlvMPFTAfBgNVHSMEGDAW -gBTyNds0BNqlVfK9aQOZsGLs4hUIwTATBgNVHSUEDDAKBggrBgEFBQcDFTBCBglg -hkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBm -b3IgYW55IHB1cnBvc2UuMAoGCCqGSM49BAMDA2cAMGQCMGEme38A3k8q4RGSEs2D -ThQQOQz3TBJrIW8zr92S8e8BNPkRcQDR+C72TEhL/qoPCQIwGpGaC4ERiUypETkC -voNP0ODFhhlpFo6lwVHd8Gu+6hShC2PKdAfs4QFDS9ZKgQeZ -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - ssh_eku_oids = [ - rfc6187.id_kp_secureShellClient, - rfc6187.id_kp_secureShellServer, - ] - - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_extKeyUsage: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.ExtKeyUsageSyntax()) - for oid in extnValue: - if oid in ssh_eku_oids: - count += 1 - - assert count == 1 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6210.py b/tests/test_rfc6210.py deleted file mode 100644 index a04423a..0000000 --- a/tests/test_rfc6210.py +++ /dev/null @@ -1,75 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6210 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class AuthenticatedDataTestCase(unittest.TestCase): - pem_text = """\ -MIICRQYLKoZIhvcNAQkQAQKgggI0MIICMAIBADGBwDCBvQIBADAmMBIxEDAOBgNVBAMMB0 -NhcmxSU0ECEEY0a8eAAFa8EdNuLs1dcdAwDQYJKoZIhvcNAQEBBQAEgYCH70EpEikY7deb -859YJRAWfFondQv1D4NFltw6C1ceheWnlAU0C2WEXr3LUBXZp1/PSte29FnJxu5bXCTn1g -elMm6zNlZNWNd0KadVBcaxi1n8L52tVM5sWFGJPO5cStOyAka2ucuZM6iAnCSkn1Ju7fgU -5j2g3bZ/IM8nHTcygjAKBggrBgEFBQgBAqFPBgsqhkiG9w0BCRADDQRAAQIDBAUGBwgJCg -sMDQ4PEBESEwQVFhcYGRobHB0eHyAhIiMEJSYnKCkqKywtLi8wMTIzBDU2Nzg5Ojs8PT4/ -QDArBgkqhkiG9w0BBwGgHgQcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqKBxzAYBg -kqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wOTEyMTAyMzI1MDBa -MB8GCSqGSIb3DQEJBDESBBCWaa5hG1eeg+oQK2tJ3cD5MGwGCSqGSIb3DQEJNDFfMF0wTw -YLKoZIhvcNAQkQAw0EQAECAwQFBgcICQoLDA0ODxAREhMEFRYXGBkaGxwdHh8gISIjBCUm -JygpKissLS4vMDEyMwQ1Njc4OTo7PD0+P0CiCgYIKwYBBQUIAQIEFLjUxQ9PJFzFnWraxb -EIbVbg2xql -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] == rfc5652.id_ct_authData - ad, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.AuthenticatedData()) - assert not rest - assert ad.prettyPrint() - assert der_encode(ad) == asn1Object['content'] - - assert ad['version'] == 0 - assert ad['digestAlgorithm']['algorithm'] == rfc6210.id_alg_MD5_XOR_EXPERIMENT - - mac_alg_p, rest = der_decode (ad['digestAlgorithm']['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[ad['digestAlgorithm']['algorithm']]) - assert not rest - assert mac_alg_p.prettyPrint() - assert der_encode(mac_alg_p) == ad['digestAlgorithm']['parameters'] - - assert mac_alg_p.prettyPrint()[:10] == "0x01020304" - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6211.py b/tests/test_rfc6211.py deleted file mode 100644 index 103838a..0000000 --- a/tests/test_rfc6211.py +++ /dev/null @@ -1,117 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.type import univ - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6211 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SignedMessageTestCase(unittest.TestCase): - signed_message_pem_text = """\ -MIIEyAYJKoZIhvcNAQcCoIIEuTCCBLUCAQExDTALBglghkgBZQMEAgIwUQYJKoZI -hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv -bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA -pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB -MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx -NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW -QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF -QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI -zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b -z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w -to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E -NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 -cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW -gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL -3kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae -rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggHM -MIIByAIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH -SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME -AgKggfIwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcN -MTkwNTI5MTgyMzE5WjAoBgkqhkiG9w0BCTQxGzAZMAsGCWCGSAFlAwQCAqEKBggq -hkjOPQQDAzA/BgkqhkiG9w0BCQQxMgQwtuQipP2CZx7U96rGbUT06LC5jVFYccZW -5/CaNvpcrOPiChDm2vI3m4k300z5mSZsME0GCyqGSIb3DQEJEAIBMT4wPAQgx08h -D2QnVwj1DoeRELNtdZ0PffW4BQIvcwwVc/goU6OAAQEwFTATgRFhbGljZUBleGFt -cGxlLmNvbTAKBggqhkjOPQQDAwRnMGUCMQChIMyN1nTN+LLQcYJuhWT297vSKMDK -fIUedSwWYrcSnSa1pq2s3Wue+pNBfecEjYECMGrUNu1UpWdafEJulP9Vz76qOPMa -5V/AnTEV5zkmzRle8sffN+nQ+SGkoos5zpI1kA== -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.signed_message_pem_text) - asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] == rfc5652.id_signedData - sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) - assert not rest - assert sd.prettyPrint() - assert der_encode(sd) == asn1Object['content'] - - for sa in sd['signerInfos'][0]['signedAttrs']: - sat = sa['attrType'] - sav0 = sa['attrValues'][0] - - if sat in rfc6211.id_aa_cmsAlgorithmProtect: - sav, rest = der_decode(sav0, asn1Spec=rfc6211.CMSAlgorithmProtection()) - assert not rest - assert sav.prettyPrint() - assert der_encode(sav) == sav0 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.signed_message_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() - assert asn1Object['contentType'] == rfc5652.id_signedData - - sd = asn1Object['content'] - assert sd['version'] == rfc5652.CMSVersion().subtype(value='v1') - - ect = sd['encapContentInfo']['eContentType'] - assert ect in rfc5652.cmsContentTypesMap.keys() - assert ect == rfc5652.id_data - - for sa in sd['signerInfos'][0]['signedAttrs']: - if sa['attrType'] == rfc6211.id_aa_cmsAlgorithmProtect: - assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() - - sav0 = sa['attrValues'][0] - digest_oid = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.2') - sig_oid = univ.ObjectIdentifier('1.2.840.10045.4.3.3') - assert sav0['digestAlgorithm']['algorithm'] == digest_oid - assert sav0['signatureAlgorithm']['algorithm'] == sig_oid - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6402.py b/tests/test_rfc6402.py deleted file mode 100755 index 1532b38..0000000 --- a/tests/test_rfc6402.py +++ /dev/null @@ -1,158 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import char -from pyasn1.type import namedtype -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6402 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class BackwardCompatibilityTestCase(unittest.TestCase): - pem_text = """\ -MIIEJQYJKoZIhvcNAQcCoIIEFjCCBBICAQMxCzAJBgUrDgMCGgUAMIIDAgYIKwYBBQUHDAKgggL0 -BIIC8DCCAuwweDB2AgECBgorBgEEAYI3CgoBMWUwYwIBADADAgEBMVkwVwYJKwYBBAGCNxUUMUow -SAIBBQwZcGl0dWNoYTEuZW1lYS5ocHFjb3JwLm5ldAwMRU1FQVxwaXR1Y2hhDBpDTUNSZXFHZW5l -cmF0b3IudnNob3N0LmV4ZTCCAmqgggJmAgEBMIICXzCCAcgCAQAwADCBnzANBgkqhkiG9w0BAQEF -AAOBjQAwgYkCgYEA0jm7SSSm2wyEAzuNKtFZFJKo91SrJq9wQwEhEKHDavZwMQOm1rZ2PF8NWCEb -PqrhToQ7rtiGLSZa4dF4bzgmBqQ9aoSfEX4jISt31Vy+skHidXjHHpbsjT24NPhrZgANivL7CxD6 -Ft+s7qS1gL4HRm2twQkqSwOLrE/q2QeXl2UCAwEAAaCCAR0wGgYKKwYBBAGCNw0CAzEMFgo2LjIu -OTIwMC4yMD4GCSqGSIb3DQEJDjExMC8wHQYDVR0OBBYEFMW2skn88gxhONWZQA4sWGBDb68yMA4G -A1UdDwEB/wQEAwIHgDBXBgkrBgEEAYI3FRQxSjBIAgEFDBlwaXR1Y2hhMS5lbWVhLmhwcWNvcnAu -bmV0DAxFTUVBXHBpdHVjaGEMGkNNQ1JlcUdlbmVyYXRvci52c2hvc3QuZXhlMGYGCisGAQQBgjcN -AgIxWDBWAgECHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABv -AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAwDQYJKoZIhvcNAQEFBQADgYEAJZlu -mxjtCxSOQi27jsVdd3y8NSIlzNv0b3LqmzvAly6L+CstXcnuG2MPQqPH9R7tbJonGUniBQO9sQ7C -KhYWj2gfhiEkSID82lV5chINVUFKoUlSiEhWr0tPGgvOaqdsKQcrHfzrsBbFkhDqrFSVy7Yivbnh -qYszKrOjJKiiCPMwADAAMYH5MIH2AgEDgBTFtrJJ/PIMYTjVmUAOLFhgQ2+vMjAJBgUrDgMCGgUA -oD4wFwYJKoZIhvcNAQkDMQoGCCsGAQUFBwwCMCMGCSqGSIb3DQEJBDEWBBTFTkK/OifaFjwqHiJu -xM7qXcg/VzANBgkqhkiG9w0BAQEFAASBgKfC6jOi1Wgy4xxDCQVK9+e5tktL8wE/j2cb9JSqq+aU -5UxEgXEw7q7BoYZCAzcxMRriGzakXr8aXHcgkRJ7XcFvLPUjpmGg9SOZ2sGW4zQdWAwImN/i8loc -xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn -""" - - def testDerCodec(self): - layers = { } - layers.update(rfc5652.cmsContentTypesMap) - - getNextLayer = { - rfc5652.id_ct_contentInfo: lambda x: x['contentType'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc6402.id_cct_PKIData: lambda x: None - } - - getNextSubstrate = { - rfc5652.id_ct_contentInfo: lambda x: x['content'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc6402.id_cct_PKIData: lambda x: None - } - - substrate = pem.readBase64fromText(self.pem_text) - - next_layer = rfc5652.id_ct_contentInfo - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - - def testOpenTypes(self): - class ClientInformation(univ.Sequence): - pass - - ClientInformation.componentType = namedtype.NamedTypes( - namedtype.NamedType('clientId', univ.Integer()), - namedtype.NamedType('MachineName', char.UTF8String()), - namedtype.NamedType('UserName', char.UTF8String()), - namedtype.NamedType('ProcessName', char.UTF8String()) - ) - - class EnrollmentCSP(univ.Sequence): - pass - - EnrollmentCSP.componentType = namedtype.NamedTypes( - namedtype.NamedType('KeySpec', univ.Integer()), - namedtype.NamedType('Name', char.BMPString()), - namedtype.NamedType('Signature', univ.BitString()) - ) - - openTypeMap = { - # attributes - univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): char.IA5String(), - univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.2'): EnrollmentCSP(), - univ.ObjectIdentifier('1.3.6.1.4.1.311.21.20'): ClientInformation(), - # algorithm identifier parameters - univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), - univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), - univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), - } - - openTypeMap.update(rfc5652.cmsAttributesMap) - openTypeMap.update(rfc6402.cmcControlAttributesMap) - - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.ContentInfo(), - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - eci = asn1Object['content']['encapContentInfo'] - assert eci['eContentType'] == rfc6402.id_cct_PKIData - substrate = eci['eContent'] - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc6402.PKIData(), - openTypes=openTypeMap, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for req in asn1Object['reqSequence']: - cr = req['tcr']['certificationRequest'] - - sig_alg = cr['signatureAlgorithm'] - assert sig_alg['algorithm'] in openTypeMap.keys() - assert sig_alg['parameters'] == univ.Null("") - - cri = cr['certificationRequestInfo'] - spki_alg = cri['subjectPublicKeyInfo']['algorithm'] - assert spki_alg['algorithm'] in openTypeMap.keys() - assert spki_alg['parameters'] == univ.Null("") - - attrs = cr['certificationRequestInfo']['attributes'] - for attr in attrs: - assert attr['attrType'] in openTypeMap.keys() - if attr['attrType'] == univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): - assert attr['attrValues'][0] == "6.2.9200.2" - else: - assert attr['attrValues'][0].hasValue() - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc6482.py b/tests/test_rfc6482.py deleted file mode 100644 index 731cbd9..0000000 --- a/tests/test_rfc6482.py +++ /dev/null @@ -1,119 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6482 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class RPKIROATestCase(unittest.TestCase): - roa_pem_text = """\ -MIIGvwYJKoZIhvcNAQcCoIIGsDCCBqwCAQMxDTALBglghkgBZQMEAgEwKgYLKoZIhvcNAQkQ -ARigGwQZMBcCAwDj+zAQMA4EAgABMAgwBgMEAJMcLaCCBLwwggS4MIIDoKADAgECAgIGGDAN -BgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2ZDZmYmZhOTc1M2RiOGQ4NDY0MzNkYjUzNTFk -OWE5ZWMwN2M5NmJkMB4XDTE5MDgyMDAwNDkyOVoXDTIwMDcwMTAwMDAwMFowMzExMC8GA1UE -AxMoNUI4M0REODdERTlBQzdDNkUzNEI4NzdERjUwMUEyQjEyMzBBODFCNDCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJcnDgSUtiQeelGQsTx2Ou5cgmfq6KPSEgMz/XyZrRzj -wcqUQ/DyMYHyRJK8umKZjfMu+rItoPSkE26Wi9PcSnfuY+SyS9chTAtNOGMES6MbtHjNTmBF -Xar5CFGM8teLIRHlCcScesgSR7q2eKgQ+cLiLTZnol0Mpmuf2NIs+V63Y4Hn/T7QOoudg9nU -tmsh31hUN4jIENEXFvNDovkray25rl9aqFfW+dtkoNtdJjp367nNXCdp3GdE/3z0SIqT8wnh -F67tgR22mwzex3umteQBwmM+iR28vuHL4E5jwRKBoiEgGPYqq7gbfkcoFtR3AV6QGKSK2aJU -mUi+9VheS78CAwEAAaOCAdQwggHQMB0GA1UdDgQWBBRbg92H3prHxuNLh331AaKxIwqBtDAf -BgNVHSMEGDAWgBRtb7+pdT242EZDPbU1HZqewHyWvTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF -Bw4CMFAGA1UdHwRJMEcwRaBDoEGGP3JzeW5jOi8vY2EucmcubmV0L3Jwa2kvUkduZXQtT1Uv -YlctX3FYVTl1TmhHUXoyMU5SMmFuc0I4bHIwLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB -BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYlctX3FY -VTl1TmhHUXoyMU5SMmFuc0I4bHIwLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgYoGCCsGAQUFBwEL -BH4wfDBLBggrBgEFBQcwC4Y/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9XNFBk -aDk2YXg4YmpTNGQ5OVFHaXNTTUtnYlEucm9hMC0GCCsGAQUFBzANhiFodHRwczovL2NhLnJn -Lm5ldC9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHC0w -DQYJKoZIhvcNAQELBQADggEBAKhhoJ3XtHejvG6XkFaCTxJci10gOgNvvPFWqz+CfOX2LmB0 -N3QhYjLiAZbfYSOxNReyL4bWDK/tpZgVA2VHuS8GB8fI8+nauQUiP38orVXKAbcUUxo7UkEM -HxQ5T61FtXrEZx8hgKTlsfof0G2Q+baSJzNV2MIUgHmSszL4Mx/fHUXv8b7l/5mZQbdv3cZ9 -SbODHD0iOVAzK3fmHeuA4roSOk4mBQDWNRY1Ok+xH/HMDQdoOVtbfy57TZI2W7O2uxfElKvx -fBeEc9TOaWqDz0xvmJ6bdZnmWRuvqW1475mhxi0s/I4eE2ZdaCinvrgrglBp/jpZi1jitY14 -dx+A1PMxggGqMIIBpgIBA4AUW4Pdh96ax8bjS4d99QGisSMKgbQwCwYJYIZIAWUDBAIBoGsw -GgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEYMBwGCSqGSIb3DQEJBTEPFw0xOTA4MjAwMDQ5 -MjlaMC8GCSqGSIb3DQEJBDEiBCCfuHnOmhF2iBF3JXMOnoZCJzmE+Tcf8b+zObvDUpUddzAN -BgkqhkiG9w0BAQEFAASCAQBDlJIMKCqWsFV/tQj/XvpSJUxJybG+zwjrUKm4yTKv8QEGOzOD -aIL6irSOhhXeax6Lw0P2J7x+L3jGW1we1qWslumEDTr9kTE+kN/6rZuptUhwdrXcu3p9G6gJ -mAUQtzqe2jRN1T3eSBfz1CNU3C7+jSHXOc+4Tea5mKiVddsjotYHXX0PbSCS/ZZ1yzdeES0o -KWhXhW9ogS0bwtXWVTrciSekaRpp2n/pqcVEDxWg/5NpPiDlPNrRL/9eTEHFp940RAUfhbBh -pbC2J02N0KgxUJxIJnGnpZ7rXKpG4jMiTVry7XB9bnFxCvZGBdjQW1Hagrfpl2TiVxQFvJWl -IzU1 -""" - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.roa_pem_text) - - layers = { } - layers.update(rfc5652.cmsContentTypesMap) - - getNextLayer = { - rfc5652.id_ct_contentInfo: lambda x: x['contentType'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc6482.id_ct_routeOriginAuthz: lambda x: None - } - - getNextSubstrate = { - rfc5652.id_ct_contentInfo: lambda x: x['content'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc6482.id_ct_routeOriginAuthz: lambda x: None - } - - next_layer = rfc5652.id_ct_contentInfo - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - assert asn1Object['version'] == 0 - assert asn1Object['asID'] == 58363 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.roa_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.ContentInfo(), - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - oid = asn1Object['content']['encapContentInfo']['eContentType'] - substrate = asn1Object['content']['encapContentInfo']['eContent'] - assert oid in rfc5652.cmsContentTypesMap.keys() - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.cmsContentTypesMap[oid], - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['version'] == 0 - assert asn1Object['asID'] == 58363 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6486.py b/tests/test_rfc6486.py deleted file mode 100644 index 70e9160..0000000 --- a/tests/test_rfc6486.py +++ /dev/null @@ -1,123 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc6486 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SignedManifestTestCase(unittest.TestCase): - manifest_pem_text = """\ -MIIHVAYJKoZIhvcNAQcCoIIHRTCCB0ECAQMxDTALBglghkgBZQMEAgEwgYwGCyqGSIb3DQEJ -EAEaoH0EezB5AgIK5xgPMjAxMjEwMjMyMjI2MDNaGA8yMDEyMTAyNTIyMjYwM1oGCWCGSAFl -AwQCATBGMEQWH1pYU0dCREJrTDgyVEZHSHVFNFZPWXRKUC1FNC5jcmwDIQCzTdC3GsuONsRq -RFnYf8+AJ2NnCIgmnc3O8PyfGvn18aCCBO4wggTqMIID0qADAgECAgIK5zANBgkqhkiG9w0B -AQsFADATMREwDwYDVQQDEwhBOTE5OTg4NTAeFw0xMjEwMjMyMjI2MDNaFw0xMjEwMjUyMjI2 -MDNaMBgxFjAUBgNVBAMTDTUwODcxOTdjLTIwZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQDEl4R4LiCs6zyR/IAeaRCfz0O0mXXAUKt8bmG6DXzaDYNG8dnBjbrsM1L05sb4 -2Ti4TyE1UXtwFFEwatsFQ2uRBn9gsKmDGOjW8TH1AYObmZW+hZlEN7OLSz2bmPLtxIMwiCq/ -vqmBJlMWPyCSym4iPnjzwWbJechqHSiTMOYGICF1QSW5xjJDAhRfeZG3nRY7TqfW8R2KJXeN -cKSYSGNKzv79B8GCswmwU8J8kcuryIiqb7WtcK2B6VBsROIQHGXM0UV4Zbnvv9m9Fl0SjvZJ -XyrzRjGzV2C00hM0f4jAplD9nJhAJ7nOTe8OnadrFABRga+Ge1HooeDQJGmTekLXAgMBAAGj -ggJBMIICPTAdBgNVHQ4EFgQUbcbOyNBHkRXXDaMq51jC7vOSHFUwHwYDVR0jBBgwFoAUZXSG -BDBkL82TFGHuE4VOYtJP+E4wDgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJy -c3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5ODg1LzY1RkQ0 -M0FBNUJFRjExREZBQjYxQjNFNzU1QUZFN0NGL1pYU0dCREJrTDgyVEZHSHVFNFZPWXRKUC1F -NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMu -bmV0L3JlcG9zaXRvcnkvQTNDMzhBMjRENjAzMTFEQ0FCMDhGMzE5NzlCREJFMzkvWlhTR0JE -QmtMODJURkdIdUU0Vk9ZdEpQLUU0LmNlcjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGQ -BggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcwC4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9t -ZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTg4NS82NUZENDNBQTVCRUYxMURGQUI2MUIzRTc1NUFG -RTdDRi9aWFNHQkRCa0w4MlRGR0h1RTRWT1l0SlAtRTQubWZ0MBUGCCsGAQUFBwEIAQH/BAYw -BKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsF -AAOCAQEAyBl1J+ql1O3d6JiaQEG2UAjDSKHSMVau++QcB6/yd4RuWv2KpQxk1cp+awf4Ttoh -GYakbUZQl7lJaXzbluG5siRSv6AowEWxf99iLhDx+pE1htklRfmmTE9oFpKnITAYZAUjarNC -sYGCZ00vSwRu27OdpSQbZQ7WdyDAhyHS0Sun0pkImVSqPO11gqyKV9ZCwCJUa5U/zsWDMNrj -MSZl1I3VoPs2rx997rLoiQiMqwGeoqfl7snpsL9OR/CazPmepuq3SyZNWcCrUGcGRhRdGScj -Tm2EHne1GiRHapn46HWQ3am8jumEKv5u0gLT4Mi9CyZwkDyhotGTJZmdAmN7zzGCAaowggGm -AgEDgBRtxs7I0EeRFdcNoyrnWMLu85IcVTALBglghkgBZQMEAgGgazAaBgkqhkiG9w0BCQMx -DQYLKoZIhvcNAQkQARowHAYJKoZIhvcNAQkFMQ8XDTEyMTAyMzIyMjYwNFowLwYJKoZIhvcN -AQkEMSIEIIu2XV8dT+rqQy5Cbpm3Tv5I1dwkLK8n2GesMGOr6/pEMA0GCSqGSIb3DQEBAQUA -BIIBAFsd0zkl4dIHrqZts441T+w/5/ekymDLFwftk6W+Mi35Htjvm2IHOthnKHQsK5h6dnEh -6DfNfc6tACmzLnM+UG7ve+uAhfpA+CUJIoVhpQvDH7Ntql0cD1X3d9ng484jpkVoHhbUIYNR -TyxvV4DV5EBbLYpx2HYf6wWa8TCobxUXNtw53OVA24ceavS+KvuDa0JQPFpbYUCS0UPMt/Im -mtKrWTmRUr8sYWdIQn+SStUh8iAR5rmSVr+Pe7aFbe2ju2FPf08gnIjH/SdCrJuFK8q7Z5MT -C9ijmXiajracUe+7eCluqgXRE8yRtnscWoA/9fVFz1lPwgEeNHLoaK7Sqew= -""" - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.manifest_pem_text) - - layers = { } - layers.update(rfc5652.cmsContentTypesMap) - - getNextLayer = { - rfc5652.id_ct_contentInfo: lambda x: x['contentType'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], - rfc6486.id_ct_rpkiManifest: lambda x: None - } - - getNextSubstrate = { - rfc5652.id_ct_contentInfo: lambda x: x['content'], - rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], - rfc6486.id_ct_rpkiManifest: lambda x: None - } - - next_layer = rfc5652.id_ct_contentInfo - while next_layer: - asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - substrate = getNextSubstrate[next_layer](asn1Object) - next_layer = getNextLayer[next_layer](asn1Object) - - assert asn1Object['version'] == 0 - for f in asn1Object['fileList']: - assert f['file'] == 'ZXSGBDBkL82TFGHuE4VOYtJP-E4.crl' - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.manifest_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.ContentInfo(), - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - oid = asn1Object['content']['encapContentInfo']['eContentType'] - substrate = asn1Object['content']['encapContentInfo']['eContent'] - assert oid in rfc5652.cmsContentTypesMap.keys() - asn1Object, rest = der_decode(substrate, - asn1Spec=rfc5652.cmsContentTypesMap[oid], - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['version'] == 0 - for f in asn1Object['fileList']: - assert f['file'] == 'ZXSGBDBkL82TFGHuE4VOYtJP-E4.crl' - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6487.py b/tests/test_rfc6487.py deleted file mode 100644 index f9f30a2..0000000 --- a/tests/test_rfc6487.py +++ /dev/null @@ -1,148 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc6487 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class CertificateWithManifestTestCase(unittest.TestCase): - rpki_cert_pem_text = """\ -MIIGCTCCBPGgAwIBAgICKJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkwREM1QkUx -MTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2MTU5RTc2RjgwHhcN -MTkwODA2MDQwMzIyWhcNMjAxMDMxMDAwMDAwWjBGMREwDwYDVQQDEwhBOTFEMTY5MTExMC8G -A1UEBRMoREMwNEFGMTk4Qzk3RjI1ODJGMTVBRERFRUU3QzY4MjYxMUNBREE1MTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMksR6bPbZFpxlXID/2dhYFuS11agb6ACDUFJpII -41uw65tFIPT+Y4laccnYRcWPWMTvHLyj0ggU+bc2zJCTYfmGD/GW/Q3WW0A3niBCdXDfkrp2 -DXvSTASJ5+wtVb+AE74C4Mr3UiMOXhJre1rRd5Lq7o6+TEKbVkmUrmTlbsz2Vs2F4//t5sCr -WjAVP9D5jUBGH2MInbleBP1Bwf+kIxD16OKftRb/vGLzk1UhLsbq22GGE0vZ2hnJP3CbyXkN -dLBraErzvyCnqYF7/yA0JL0KWRDwr7a9y37s8O3xOxhA/dL8hLZXllzJmoxvxHmq8D+5CjHv -2/EmH8ODGm2aAzcCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBTcBK8ZjJfyWC8Vrd7ufGgmEcra -UTAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0 -L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4 -Qjg1MlpwaXRLcGk1aFdlZHZnLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJz -eW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5 -NTIxQTRGNEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA -MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQ -S0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUHMAWGU3JzeW5jOi8v -cnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxRDE2OTEvNTBDNjkyOTI5RDI0 -MTFFNzg2MUEyMjZCQzRGOUFFMDIvMH4GCCsGAQUFBzAKhnJyc3luYzovL3Jwa2kuYXBuaWMu -bmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxNjkxLzUwQzY5MjkyOUQyNDExRTc4NjFBMjI2 -QkM0RjlBRTAyLzNBU3ZHWXlYOGxndkZhM2U3bnhvSmhISzJsRS5tZnQwMwYIKwYBBQUHMA2G -J2h0dHBzOi8vcnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB -/wQcMBowGAQCAAEwEgMEAdQI5gMEAdQI/gMEAdRcZjANBgkqhkiG9w0BAQsFAAOCAQEAGvJ+ -s7VgIZk8LDSz6uvsyX80KzZgaqMF7sMsqln0eo5KiGGBHjwvZuiDf46xbNseWW2nwAHmjLda -osCbcTGVu0JzFYBdkimgyHiq2l8yEchh5BUXr8x4CQIxwGEZEOlEp5mRa/AfHVEfDeMm7mob -eiCfyTC8q8KH9Tb/rY192kBe+n9MuRyn7TkimV5eYMdwWMyT/VSBCQzzfJ0r+S9o0rBYWH9k -HDFd3u1ztO8WGjH/LOehoO30xsm52kbxZjc4SJWubgBgxTMIWyjPHbKqCF44NwYev/6eFcOC -+KTEQ/hydcURm3YtX7EZLDtksWB2me576J8opeLsbNeNgzfJpg== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - access_methods = [ - rfc6487.id_ad_rpkiManifest, - rfc6487.id_ad_signedObject, - ] - - substrate = pem.readBase64fromText(self.rpki_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectInfoAccessSyntax()) - for ad in extnValue: - if ad['accessMethod'] in access_methods: - uri = ad['accessLocation']['uniformResourceIdentifier'] - assert 'rpki.apnic.net' in uri - count += 1 - - assert count == 1 - -class CertificateWithSignedObjectTestCase(unittest.TestCase): - rpki_cert_pem_text = """\ -MIIEuDCCA6CgAwIBAgICBhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNmQ2 -ZmJmYTk3NTNkYjhkODQ2NDMzZGI1MzUxZDlhOWVjMDdjOTZiZDAeFw0xOTA4MjAw -MDQ5MjlaFw0yMDA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVCODNERDg3REU5QUM3 -QzZFMzRCODc3REY1MDFBMkIxMjMwQTgxQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQCXJw4ElLYkHnpRkLE8djruXIJn6uij0hIDM/18ma0c48HKlEPw -8jGB8kSSvLpimY3zLvqyLaD0pBNulovT3Ep37mPkskvXIUwLTThjBEujG7R4zU5g -RV2q+QhRjPLXiyER5QnEnHrIEke6tnioEPnC4i02Z6JdDKZrn9jSLPlet2OB5/0+ -0DqLnYPZ1LZrId9YVDeIyBDRFxbzQ6L5K2stua5fWqhX1vnbZKDbXSY6d+u5zVwn -adxnRP989EiKk/MJ4Reu7YEdtpsM3sd7prXkAcJjPokdvL7hy+BOY8ESgaIhIBj2 -Kqu4G35HKBbUdwFekBikitmiVJlIvvVYXku/AgMBAAGjggHUMIIB0DAdBgNVHQ4E -FgQUW4Pdh96ax8bjS4d99QGisSMKgbQwHwYDVR0jBBgwFoAUbW+/qXU9uNhGQz21 -NR2ansB8lr0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQBgNVHR8ESTBHMEWg -Q6BBhj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL2JXLV9xWFU5dU5o -R1F6MjFOUjJhbnNCOGxyMC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAC -hkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JXLV9x -WFU5dU5oR1F6MjFOUjJhbnNCOGxyMC5jZXIwDgYDVR0PAQH/BAQDAgeAMIGKBggr -BgEFBQcBCwR+MHwwSwYIKwYBBQUHMAuGP3JzeW5jOi8vY2EucmcubmV0L3Jwa2kv -UkduZXQtT1UvVzRQZGg5NmF4OGJqUzRkOTlRR2lzU01LZ2JRLnJvYTAtBggrBgEF -BQcwDYYhaHR0cHM6Ly9jYS5yZy5uZXQvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUF -BwEHAQH/BBAwDjAMBAIAATAGAwQAkxwtMA0GCSqGSIb3DQEBCwUAA4IBAQCoYaCd -17R3o7xul5BWgk8SXItdIDoDb7zxVqs/gnzl9i5gdDd0IWIy4gGW32EjsTUXsi+G -1gyv7aWYFQNlR7kvBgfHyPPp2rkFIj9/KK1VygG3FFMaO1JBDB8UOU+tRbV6xGcf -IYCk5bH6H9BtkPm2kiczVdjCFIB5krMy+DMf3x1F7/G+5f+ZmUG3b93GfUmzgxw9 -IjlQMyt35h3rgOK6EjpOJgUA1jUWNTpPsR/xzA0HaDlbW38ue02SNluztrsXxJSr -8XwXhHPUzmlqg89Mb5iem3WZ5lkbr6lteO+ZocYtLPyOHhNmXWgop764K4JQaf46 -WYtY4rWNeHcfgNTz -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - access_methods = [ - rfc6487.id_ad_rpkiManifest, - rfc6487.id_ad_signedObject, - ] - - substrate = pem.readBase64fromText(self.rpki_cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectInfoAccessSyntax()) - for ad in extnValue: - if ad['accessMethod'] in access_methods: - uri = ad['accessLocation']['uniformResourceIdentifier'] - assert 'ca.rg.net' in uri - count += 1 - - assert count == 1 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6664.py b/tests/test_rfc6664.py deleted file mode 100644 index 38d0a54..0000000 --- a/tests/test_rfc6664.py +++ /dev/null @@ -1,109 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5480 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5751 -from pyasn1_modules import rfc6664 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SMIMECapabilitiesTestCase(unittest.TestCase): - smime_capabilities_pem_text = """\ -MIICOjAJBgUrDgMCGgUAMA0GCWCGSAFlAwQCBAUAMA0GCWCGSAFlAwQCAQUAMA0G -CWCGSAFlAwQCAgUAMA0GCWCGSAFlAwQCAwUAMBUGCSqGSIb3DQEBATAIAgIEAAIC -EAAwFQYJKoZIhvcNAQEHMAgCAgQAAgIQADAVBgkqhkiG9w0BAQowCAICBAACAhAA -MBUGByqGSM44BAGgCjAIAgIEAAICDAAwggEvBgcqhkjOPgIBoYIBIjCCAR4CgYEA -i6Ued8R33vkopJwCvy/ZZv2TtddPXPYmJK4jyFv+TDJTPqnP7XUZCqRuhCyKX10z -7SgiZs6qlSMk5gCa8shPF8NCHtps2D1OVC7yppZUJI07FoDxoEAZHImdAFvYIA/V -cGYpYOKod4kju0/e4VUBZ6Qoer5vKTh+lD/+ZKa/WSUCFQDc3W87QSZSX6ggdbeI -fzb0rsAhbwKBgCEz/o4WJPUZ4HffJfuXHIGrkPnCxFAYDRtlqueswV0Gy6LunipE -Iu3nCzYkZhMatyFNyzo+NusEsS+9isOhT8jhL93nSBZCSRBy+GfmSXlXv/3c8mtH -XTie5JOqjRdonPr4g/+VZvMkcioooNrhx/zICHrC3WZ72871/n/z9M+dMCMGByqG -SM49AgEwGAYIKoZIzj0DAQcGBSuBBAAiBgUrgQQAIzAhBgUrgQQBDTAYBggqhkjO -PQMBBwYFK4EEACIGBSuBBAAjMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAA== -""" - - def setUp(self): - self.asn1Spec = rfc5751.SMIMECapabilities() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) - asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for cap in asn1Object: - if cap['capabilityID'] in rfc5751.smimeCapabilityMap.keys(): - substrate = cap['parameters'] - cap_p, rest = der_decode (substrate, - asn1Spec=rfc5751.smimeCapabilityMap[cap['capabilityID']]) - assert not rest - assert cap_p.prettyPrint() - assert der_encode(cap_p) == substrate - count += 1 - - assert count == 8 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - parameterValue = { - rfc6664.rsaEncryption: lambda x: x['maxKeySize'], - rfc6664.id_RSAES_OAEP: lambda x: x['maxKeySize'], - rfc6664.id_RSASSA_PSS: lambda x: x['minKeySize'], - rfc6664.id_dsa: lambda x: x['keySizes']['maxKeySize'], - rfc6664.dhpublicnumber: lambda x: x['keyParams']['q'] % 1023, - rfc6664.id_ecPublicKey: lambda x: x[0]['namedCurve'], - rfc6664.id_ecMQV: lambda x: x[1]['namedCurve'], - } - - expectedValue = { - rfc6664.rsaEncryption: 4096, - rfc6664.id_RSAES_OAEP: 4096, - rfc6664.id_RSASSA_PSS: 1024, - rfc6664.id_dsa: 3072, - rfc6664.dhpublicnumber: 257, - rfc6664.id_ecPublicKey: rfc5480.secp256r1, - rfc6664.id_ecMQV: rfc5480.secp384r1, - } - - count = 0 - for cap in asn1Object: - if cap['capabilityID'] in parameterValue.keys(): - pValue = parameterValue[cap['capabilityID']](cap['parameters']) - eValue = expectedValue[cap['capabilityID']] - assert pValue == eValue - count += 1 - - assert count == 7 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6955.py b/tests/test_rfc6955.py deleted file mode 100644 index eb4d5cf..0000000 --- a/tests/test_rfc6955.py +++ /dev/null @@ -1,99 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5480 -from pyasn1_modules import rfc6402 -from pyasn1_modules import rfc6955 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class CertificationRequestTestCase(unittest.TestCase): - pem_text = """\ -MIIDPDCCArsCAQAwTjELMAkGA1UEBhMCVVMxETAPBgNVBAoTCFhFVEkgSW5jMRAw -DgYDVQQLEwdUZXN0aW5nMRowGAYDVQQDExFQS0lYIEV4YW1wbGUgVXNlcjCCAkEw -ggG2BgcqhkjOPgIBMIIBqQKBgQCUhOBFbH9pUWI+VoB8aOfFqZ6edHSU7ZCMHcTh -ShSC9dKUDBnjuRC7EbnlpfuOIVFjAoaqBrghNrZ/Nt/R1mhbeXwdWhR1H2qTdZPO -u5dyivAPI51H9tSzx/D05vYrwjLhiWe+fgau+NABa4sq9QLXtqhjlIOwGzF9Uhre -5QOFJwKBgCamMixaK9QzK1zcBodTP5AGYVA4PtK5fYEcEhDFDFPUZNGOMAcIjN0/ -Ci8s1ht/V4bQ2rtuNioY6NO8cDF6SLZOGG7dHyIG6z/q1EFp2ZveR5V6cpHSCX9J -XDsDM1HI8Tma/wTVbn6UPQO49jEVJkiVqFzeR4i0aToAp4ae2tHNAiEA6HL6lvAR -QPXy3P07XXiUsYUB5Wk3IfclubpxSvxgMPsCYQCjkQHAqG6kTaBW/Gz+H6ewzQ+U -hwwlvpd2jevlpAldq4PNgAs1Z38MjqcxmDKFOUCdEZjY3rh/hpuvjWc9tna0YS8h -4UsOaP9TPofd2HFWaEfc9yBjSzxfeHGD5nCe4pIwGgMVABzVOg0Xgm0KgXWBRhCO -PtsJ5Jg0AgE3A4GEAAKBgBNjoYUEjEaoiOv0XqiTdK79rp6WJxJlxEwHBj4Y/pS4 -qHlIvS40tkfKBDCh7DP9GgstnlDJeA+uauy1a2q+slzasp94LLl34nkrJb8uC1lK -k0v4s+yBNK6XR1LgqCmY7NGwyitveovbTo2lFX5+rzNiCZ4PEUSMwY2iEZ5T77Lo -oCEwHwYJKoZIhvcNAQkOMRIwEDAOBgNVHQ8BAf8EBAMCAwgwDAYIKwYBBQUHBgMF -AANtADBqMFIwSDELMAkGA1UEBhMCVVMxETAPBgNVBAoTCFhFVEkgSW5jMRAwDgYD -VQQLEwdUZXN0aW5nMRQwEgYDVQQDEwtSb290IERTQSBDQQIGANo5tuLLBBQtBXf+ -Xo9l9a+tyVybAsCoiClhYw== -""" - - def setUp(self): - self.asn1Spec = rfc6402.CertificationRequest() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['certificationRequestInfo']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc5480.dhpublicnumber - assert spki_a['algorithm'] in rfc5280.algorithmIdentifierMap.keys() - params, rest = der_decode(spki_a['parameters'], asn1Spec=rfc6955.DomainParameters()) - assert not rest - assert params.prettyPrint() - assert der_encode(params) == spki_a['parameters'] - assert params['validationParms']['pgenCounter'] == 55 - - sig_a = asn1Object['signatureAlgorithm'] - assert sig_a['algorithm'] == rfc6955.id_dhPop_static_sha1_hmac_sha1 - assert sig_a['algorithm'] in rfc5280.algorithmIdentifierMap.keys() - assert sig_a['parameters'] == der_encode(univ.Null("")) - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - spki_a = asn1Object['certificationRequestInfo']['subjectPublicKeyInfo']['algorithm'] - assert spki_a['algorithm'] == rfc5480.dhpublicnumber - assert spki_a['parameters']['validationParms']['pgenCounter'] == 55 - - sig_a = asn1Object['signatureAlgorithm'] - assert sig_a['algorithm'] == rfc6955.id_dhPop_static_sha1_hmac_sha1 - assert sig_a['parameters'] == univ.Null("") - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc6960.py b/tests/test_rfc6960.py deleted file mode 100644 index 33acbb9..0000000 --- a/tests/test_rfc6960.py +++ /dev/null @@ -1,169 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc4055 -from pyasn1_modules import rfc6960 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class OCSPRequestTestCase(unittest.TestCase): - ocsp_req_pem_text = """\ -MGowaDBBMD8wPTAJBgUrDgMCGgUABBS3ZrMV9C5Dko03aH13cEZeppg3wgQUkqR1LKSevoFE63n8 -isWVpesQdXMCBDXe9M+iIzAhMB8GCSsGAQUFBzABAgQSBBBjdJOiIW9EKJGELNNf/rdA -""" - - def setUp(self): - self.asn1Spec = rfc6960.OCSPRequest() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.ocsp_req_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['tbsRequest']['version'] == 0 - - count = 0 - for extn in asn1Object['tbsRequest']['requestExtensions']: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - count += 1 - - assert count == 1 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.ocsp_req_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['tbsRequest']['version'] == 0 - for req in asn1Object['tbsRequest']['requestList']: - ha = req['reqCert']['hashAlgorithm'] - assert ha['algorithm'] == rfc4055.id_sha1 - assert ha['parameters'] == univ.Null("") - - -class OCSPResponseTestCase(unittest.TestCase): - ocsp_resp_pem_text = """\ -MIIEvQoBAKCCBLYwggSyBgkrBgEFBQcwAQEEggSjMIIEnzCCAQ+hgYAwfjELMAkGA1UEBhMCQVUx -EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEV -MBMGA1UEAxMMc25tcGxhYnMuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHNubXBsYWJzLmNvbRgP -MjAxMjA0MTExNDA5MjJaMFQwUjA9MAkGBSsOAwIaBQAEFLdmsxX0LkOSjTdofXdwRl6mmDfCBBSS -pHUspJ6+gUTrefyKxZWl6xB1cwIENd70z4IAGA8yMDEyMDQxMTE0MDkyMlqhIzAhMB8GCSsGAQUF -BzABAgQSBBBjdJOiIW9EKJGELNNf/rdAMA0GCSqGSIb3DQEBBQUAA4GBADk7oRiCy4ew1u0N52QL -RFpW+tdb0NfkV2Xyu+HChKiTThZPr9ZXalIgkJ1w3BAnzhbB0JX/zq7Pf8yEz/OrQ4GGH7HyD3Vg -PkMu+J6I3A2An+bUQo99AmCbZ5/tSHtDYQMQt3iNbv1fk0yvDmh7UdKuXUNSyJdHeg27dMNy4k8A -oIIC9TCCAvEwggLtMIICVqADAgECAgEBMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAkFVMRMw -EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFTAT -BgNVBAMTDHNubXBsYWJzLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0Bzbm1wbGFicy5jb20wHhcN -MTIwNDExMTMyNTM1WhcNMTMwNDExMTMyNTM1WjB+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29t -ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRUwEwYDVQQDEwxzbm1w -bGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25tcGxhYnMuY29tMIGfMA0GCSqGSIb3DQEB -AQUAA4GNADCBiQKBgQDDDU5HOnNV8I2CojxB8ilIWRHYQuaAjnjrETMOprouDHFXnwWqQo/I3m0b -XYmocrh9kDefb+cgc7+eJKvAvBqrqXRnU38DmQU/zhypCftGGfP8xjuBZ1n23lR3hplN1yYA0J2X -SgBaAg6e8OsKf1vcX8Es09rDo8mQpt4G2zR56wIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG -+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU8Ys2dpJFLMHl -yY57D4BNmlqnEcYwHwYDVR0jBBgwFoAU8Ys2dpJFLMHlyY57D4BNmlqnEcYwDQYJKoZIhvcNAQEF -BQADgYEAWR0uFJVlQId6hVpUbgXFTpywtNitNXFiYYkRRv77McSJqLCa/c1wnuLmqcFcuRUK0oN6 -8ZJDP2HDDKe8MCZ8+sx+CF54eM8VCgN9uQ9XyE7x9XrXDd3Uw9RJVaWSIezkNKNeBE0lDM2jUjC4 -HAESdf7nebz1wtqAOXE1jWF/y8g= -""" - - def setUp(self): - self.asn1Spec = rfc6960.OCSPResponse() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.ocsp_resp_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['responseStatus'] == 0 - rb = asn1Object['responseBytes'] - assert rb['responseType'] in rfc6960.ocspResponseMap.keys() - resp, rest = der_decode(rb['response'], - asn1Spec=rfc6960.ocspResponseMap[rb['responseType']]) - assert not rest - assert resp.prettyPrint() - assert der_encode(resp) == rb['response'] - - resp['tbsResponseData']['version'] == 0 - count = 0 - for extn in resp['tbsResponseData']['responseExtensions']: - assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() - ev, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert der_encode(ev) == extn['extnValue'] - count += 1 - - assert count == 1 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.ocsp_resp_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['responseStatus'] == 0 - rb = asn1Object['responseBytes'] - assert rb['responseType'] in rfc6960.ocspResponseMap.keys() - resp, rest = der_decode(rb['response'], - asn1Spec=rfc6960.ocspResponseMap[rb['responseType']], - decodeOpenTypes=True) - assert not rest - assert resp.prettyPrint() - assert der_encode(resp) == rb['response'] - - resp['tbsResponseData']['version'] == 0 - for rdn in resp['tbsResponseData']['responderID']['byName']['rdnSequence']: - for attr in rdn: - if attr['type'] == rfc5280.id_emailAddress: - assert attr['value'] == 'info@snmplabs.com' - - for r in resp['tbsResponseData']['responses']: - ha = r['certID']['hashAlgorithm'] - assert ha['algorithm'] == rfc4055.id_sha1 - assert ha['parameters'] == univ.Null("") - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7030.py b/tests/test_rfc7030.py deleted file mode 100644 index c351922..0000000 --- a/tests/test_rfc7030.py +++ /dev/null @@ -1,91 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc7030 - -from pyasn1.type import univ - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class CSRAttrsTestCase(unittest.TestCase): - pem_text = """\ -MEEGCSqGSIb3DQEJBzASBgcqhkjOPQIBMQcGBSuBBAAiMBYGCSqGSIb3DQEJDjEJ -BgcrBgEBAQEWBggqhkjOPQQDAw== -""" - - the_oids = (univ.ObjectIdentifier('1.2.840.113549.1.9.7'), - univ.ObjectIdentifier('1.2.840.10045.4.3.3'), - ) - - the_attrTypes = (univ.ObjectIdentifier('1.2.840.10045.2.1'), - univ.ObjectIdentifier('1.2.840.113549.1.9.14'), - ) - - the_attrVals = ('1.3.132.0.34', - '1.3.6.1.1.1.1.22', - ) - - - def setUp(self): - self.asn1Spec = rfc7030.CsrAttrs() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr_or_oid in asn1Object: - if attr_or_oid.getName() == 'oid': - assert attr_or_oid['oid'] in self.the_oids - - if attr_or_oid.getName() == 'attribute': - assert attr_or_oid['attribute']['attrType'] in self.the_attrTypes - - def testOpenTypes(self): - openTypesMap = { } - openTypesMap.update(rfc5652.cmsAttributesMap) - for at in self.the_attrTypes: - openTypesMap.update({ at: univ.ObjectIdentifier(), }) - - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - openTypes=openTypesMap, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr_or_oid in asn1Object: - if attr_or_oid.getName() == 'attribute': - valString = attr_or_oid['attribute']['attrValues'][0].prettyPrint() - - if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[0]: - assert valString == self.the_attrVals[0] - - if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[1]: - assert valString == self.the_attrVals[1] - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc7191.py b/tests/test_rfc7191.py index 9352c1f..337bd44 100644 --- a/tests/test_rfc7191.py +++ b/tests/test_rfc7191.py @@ -89,6 +89,7 @@ goRV+bq4fdgOOj25JFqa80xnXGtQqjm/7NSII5SbdJk+DT7KCkSbkElkbgQ= def testOpenTypes(self): substrate = pem.readBase64fromText(self.message1_pem_text) + rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) @@ -164,6 +165,8 @@ bUcOYuCdivgxVuhlAgIxAPR9JavxziwCbVyBUWOAiKKYfglTgG3AwNmrKDj0NtXUQ9qDmGAc def testOpenTypes(self): substrate = pem.readBase64fromText(self.message2_pem_text) + rfc5652.cmsContentTypesMap.update(rfc7191.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) @@ -251,6 +254,8 @@ iNF8uKtW/lk0AjA7z2q40N0lamXkSU7ECasiWOYV1X4cWGiQwMZDKknBPDqXqB6Es6p4J+qe def testOpenTypes(self): substrate = pem.readBase64fromText(self.message3_pem_text) + rfc5652.cmsContentTypesMap.update(rfc7191.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) diff --git a/tests/test_rfc7229.py b/tests/test_rfc7229.py deleted file mode 100644 index 6d1c578..0000000 --- a/tests/test_rfc7229.py +++ /dev/null @@ -1,97 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc7229 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class CertificatePolicyTestCase(unittest.TestCase): - pem_text = """\ -MIIDJDCCAqqgAwIBAgIJAKWzVCgbsG5AMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT -AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n -dXMgQ0EwHhcNMTkxMDEzMTkwNTUzWhcNMjAxMDEyMTkwNTUzWjBTMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xJTAjBgNVBAoTHFRF -U1QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNi -AATwUXZUseiOaqWdrClDCMbp9YFAM87LTmFirygpzKDU9cfqSCg7zBDIphXCwMcS -9zVWDoStCbcvN0jw5CljHcffzpHYX91P88SZRJ1w4hawHjOsWxvM3AkYgZ5nfdlL -7EajggFcMIIBWDAdBgNVHQ4EFgQU8jXbNATapVXyvWkDmbBi7OIVCMEwbwYDVR0j -BGgwZoAU8jXbNATapVXyvWkDmbBi7OIVCMGhQ6RBMD8xCzAJBgNVBAYTAlVTMQsw -CQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0GC -CQDokdYGkU/O8jAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjBCBglghkgB -hvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3Ig -YW55IHB1cnBvc2UuMCEGA1UdIAQaMBgwCgYIKwYBBQUHDQEwCgYIKwYBBQUHDQIw -CgYDVR02BAMCAQIwNQYDVR0hBC4wLDAUBggrBgEFBQcNAQYIKwYBBQUHDQcwFAYI -KwYBBQUHDQIGCCsGAQUFBw0IMAoGCCqGSM49BAMDA2gAMGUCMHaWskjS7MKQCMcn -zEKFOV3LWK8pL57vrECJd8ywKdwBJUNw9HhvSKkfUwL6rjlLpQIxAL2QO3CNoZRP -PZs8K3IjUA5+U73pA8lpaTOPscLY22WL9pAGmyVUyEJ8lM7E+r4iDg== -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - test_oids = [ - rfc7229.id_TEST_certPolicyOne, - rfc7229.id_TEST_certPolicyTwo, - rfc7229.id_TEST_certPolicyThree, - rfc7229.id_TEST_certPolicyFour, - rfc7229.id_TEST_certPolicyFive, - rfc7229.id_TEST_certPolicySix, - rfc7229.id_TEST_certPolicySeven, - rfc7229.id_TEST_certPolicyEight, - ] - - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - count = 0 - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - s = extn['extnValue'] - ev, rest = der_decode(s, rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert ev.prettyPrint() - assert s == der_encode(ev) - - if extn['extnID'] == rfc5280.id_ce_certificatePolicies: - for pol in ev: - if pol['policyIdentifier'] in test_oids: - count += 1 - - if extn['extnID'] == rfc5280.id_ce_policyMappings: - for pmap in ev: - if pmap['issuerDomainPolicy'] in test_oids: - count += 1 - if pmap['subjectDomainPolicy'] in test_oids: - count += 1 - - assert count == 6 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7292.py b/tests/test_rfc7292.py deleted file mode 100644 index 8bebef3..0000000 --- a/tests/test_rfc7292.py +++ /dev/null @@ -1,172 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc7292 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class PKCS12TestCase(unittest.TestCase): - pfx_pem_text = """\ -MIIJ0wIBAzCCCY8GCSqGSIb3DQEHAaCCCYAEggl8MIIJeDCCBggGCSqGSIb3DQEHAaCCBfkE -ggX1MIIF8TCCBe0GCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAjuq0/+ -0pyutQICB9AEggTYZe/mYBpmkDvKsve4EwIVwo1TNv4ldyx1qHZW2Ih6qQCY+Nv1Mnv9we0z -UTl4p3tQzCPWXnrSA82IgOdotLIez4YwXrgiKhcIkSSL+2yCmAoM+qkjiAIKq+l3UJ6Xhafe -2Kg4Ek/0RkHpe6GwjTtdefkpXpZgccMEopOtKQMLJWsDM7p77x/amn6yIk2tpskKqUY/4n8Y -xEiTWcRtTthYqZQIt+q94nKLYpt0o880SVOfvdEqp5KII7cTg60GJL+n6oN6hmP0bsAMvnk9 -1f8/lFKMi9tsNU/KnUhbDVpjJwBQkhgbqBx6GdtoqSLSlYNPVM0wlntwm1JhH4ybiQ5sNzqO -7FlWC5bcYwkvOlx1gGrshY5jK/WjbA4paBpxSkgobJReirY9BeqITnvokXlub4tehHhM20Ik -42pKa3kGaHmowvzflxqE+oysW5Oa9XbZxBCfkOMJ70o4hqa+n66+E/uKcN9NbKbTo3zt3xdt -6ypOwHb74t5OcWaGx3EZsw0n0/V+WoLSpXOBwpx08+1yh7LV29aNQ0oEzVVkF6YYRQZtdIMe -s3xB2i6sjLal21ntk7iBzMJwVoi524SAZ/oW8SuDAn1c93AWWwKZLALv5V3FZ2pDiQXArcfz -DH2d5HJyNx7OlvKzNgEngwSyEC1XbjnOsZVUqGFENuDTa/brH4oEJHEkyWTyDudrz8iCEO80 -e1PE4qqJ5CllN0CSVWqz4CxGDFIQXzR6ohn8f3dR3+DAaLYvAjBVMLJjk7+nfnB2L0HpanhT -Fz9AxPPIDf5pBQQwM14l8wKjEHIyfqclupeKNokBUr1ykioPyCr3nf4Rqe0Z4EKIY4OCpW6n -hrkWHmvF7OKR+bnuSk3jnBxjSN0Ivy5q9q3fntYrhscMGGR73umfi8Z29tM1vSP9jBZvirAo -geGf/sfOI0ewRvJf/5abnNg/78Zyk8WmlAHVFzNGcM3u3vhnNpTIVRuUyVkdSmOdbzeSfmqQ -2HPCEdC9HNm25KJt1pD6v6aP3Tw7qGl+tZyps7VB2i+a+UGcwQcClcoXcPSdG7Z1gBTzSr84 -MuVPYlePuo1x+UwppSK3rM8ET6KqhGmESH5lKadvs8vdT6c407PfLcfxyAGzjH091prk2oRJ -xB3oQAYcKvkuMcM6FSLJC263Dj+pe1GGEexk1AoysYe67tK0sB66hvbd92HcyWhW8/vI2/PM -bX+OeEb7q+ugnsP+BmF/btWXn9AxfUqNWstyInKTn+XpqFViMIOG4e2xC4u/IvzG3VrTWUHF -4pspH3k7GB/EOLvtbsR0uacBFlsColJy0FaWT9rrdueU3YEiIRCC8LGi1XpUa8f5adeBKWN+ -eRTrrF4o7uoNeGlnwZ7ebnb7k18Q0GRzzzTZPoMM4L703svfE/eNYWFHLY4NDQKSYgeum365 -WAfZpHOX7YOc6oRGrGB+QuGoyikTTDO8xpcEmb8vDz4ZwHhN0PS056LNJeMoI0A/5DJb3e10 -i1txlM48sbZBuIEIeixr52nwG4LuxqXGqShKaTfOrFxHjx4kI4/dp9dN/k8TGFsLWjuIgMJI -6nRHbWrxB3F0XKXagtLLep1MDwDwAuCyiW2YC0JzRvsJViIgjDA+eiHX0O6/8xiK9dzMQpIz -TVHSEqFlhORp0DGB2zATBgkqhkiG9w0BCRUxBgQEAQAAADBXBgkqhkiG9w0BCRQxSh5IADMA -ZgA3ADEAYQBmADYANQAtADEANgA4ADcALQA0ADQANABhAC0AOQBmADQANgAtAGMAOABiAGUA -MQA5ADQAYwAzAGUAOABlMGsGCSsGAQQBgjcRATFeHlwATQBpAGMAcgBvAHMAbwBmAHQAIABF -AG4AaABhAG4AYwBlAGQAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8AdgBp -AGQAZQByACAAdgAxAC4AMDCCA2gGCSqGSIb3DQEHAaCCA1kEggNVMIIDUTCCA00GCyqGSIb3 -DQEMCgEDoIIDJTCCAyEGCiqGSIb3DQEJFgGgggMRBIIDDTCCAwkwggHxoAMCAQICEDbt9oc6 -oQinRwE1826MiBEwDQYJKoZIhvcNAQEFBQAwFDESMBAGA1UEAxMJYW5vbnltb3VzMCAXDTE2 -MDcxOTIyMDAwMVoYDzIxMTYwNjI1MjIwMDAxWjAUMRIwEAYDVQQDEwlhbm9ueW1vdXMwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8trBCTBjXXA4OgSO5nRTOU5T86ObCgc71 -J2oCuUigSddcTDzebaD0wcyAgf101hAdwMKQ9DvrK0nGvm7FAMnnUuVeATafKgshLuUTUUfK -jx4Xif4LoS0/ev4BiOI5a1MlIRZ7T5Cyjg8bvuympzMuinQ/j1RPLIV0VGU2HuDxuuP3O898 -GqZ3+F6Al5CUcwmOX9zCs91JdN/ZFZ05SXIpHQuyPSPUX5Vy8F1ZeJ8VG3nkbemfFlVkuKQq -vteL9mlT7z95rVZgGB3nUZL0tOB68eMcffA9zUksOmeTi5M6jnBcNeX2Jh9jS3YYd+IEliZm -mggQG7kPta8f+NqezL77AgMBAAGjVTBTMBUGA1UdJQQOMAwGCisGAQQBgjcKAwQwLwYDVR0R -BCgwJqAkBgorBgEEAYI3FAIDoBYMFGFub255bW91c0B3aW5kb3dzLXgAMAkGA1UdEwQCMAAw -DQYJKoZIhvcNAQEFBQADggEBALh+4qmNPzC6M8BW9/SC2ACQxxPh06GQUGx0D+GLYnp61ErZ -OtKyKdFh+uZWpu5vyYYAHCLXP7VdS/JhJy677ynAPjXiC/LAzrTNvGs74HDotD966Hiyy0Qr -ospFGiplHGRA5vXA2CiKSX+0HrVkN7rhk5PYkc6R+/cdosd+QZ8lkEa9yDWc5l//vWEbzwVy -mJf/PRf8NTkWAK6SPV7Y37j1mhkJjOH9VkRxNrd6kcihRa4u0ImXaXEsec77ER0so31DKCrP -m+rqZPj9NZSIYP3sMGJ4Bmm/n2YRdeaUzTdocfD3TRnKxs65DSgpiSq1gmtsXM7jAPs/Egrg -tbWEypgxFTATBgkqhkiG9w0BCRUxBgQEAQAAADA7MB8wBwYFKw4DAhoEFKVgj/32UdEyuQcB -rqr03dPnboinBBSU7mxdpB5LTCvorCI8Tk5OMiUzjgICB9A= -""" - - def setUp(self): - self.asn1Spec = rfc7292.PFX() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pfx_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['version'] == univ.Integer(3) - oid = asn1Object['macData']['mac']['digestAlgorithm']['algorithm'] - assert oid == univ.ObjectIdentifier('1.3.14.3.2.26') - md_hex = asn1Object['macData']['mac']['digest'].prettyPrint() - assert md_hex == '0xa5608ffdf651d132b90701aeaaf4ddd3e76e88a7' - - assert asn1Object['authSafe']['contentType'] == rfc5652.id_data - data, rest = der_decode(asn1Object['authSafe']['content'], - asn1Spec=univ.OctetString()) - assert not rest - - authsafe, rest = der_decode(data, asn1Spec=rfc7292.AuthenticatedSafe()) - assert not rest - assert authsafe.prettyPrint() - assert der_encode(authsafe) == data - - for ci in authsafe: - assert ci['contentType'] == rfc5652.id_data - data, rest = der_decode(ci['content'], asn1Spec=univ.OctetString()) - assert not rest - - sc, rest = der_decode(data, asn1Spec=rfc7292.SafeContents()) - assert not rest - assert sc.prettyPrint() - assert der_encode(sc) == data - - for sb in sc: - if sb['bagId'] in rfc7292.pkcs12BagTypeMap: - bv, rest = der_decode(sb['bagValue'], - asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']]) - assert not rest - assert bv.prettyPrint() - assert der_encode(bv) == sb['bagValue'] - - for attr in sb['bagAttributes']: - if attr['attrType'] in rfc5652.cmsAttributesMap: - av, rest = der_decode(attr['attrValues'][0], - asn1Spec=rfc5652.cmsAttributesMap[attr['attrType']]) - assert not rest - assert av.prettyPrint() - assert der_encode(av) == attr['attrValues'][0] - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pfx_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True - ) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - digest_alg = asn1Object['macData']['mac']['digestAlgorithm'] - assert not digest_alg['parameters'].hasValue() - - authsafe, rest = der_decode(asn1Object['authSafe']['content'], - asn1Spec=rfc7292.AuthenticatedSafe(), - decodeOpenTypes=True - ) - assert not rest - assert authsafe.prettyPrint() - assert der_encode(authsafe) == asn1Object['authSafe']['content'] - - for ci in authsafe: - assert ci['contentType'] == rfc5652.id_data - sc, rest = der_decode(ci['content'], - asn1Spec=rfc7292.SafeContents(), - decodeOpenTypes=True - ) - assert not rest - assert sc.prettyPrint() - assert der_encode(sc) == ci['content'] - - for sb in sc: - if sb['bagId'] == rfc7292.id_pkcs8ShroudedKeyBag: - bv = sb['bagValue'] - enc_alg = bv['encryptionAlgorithm']['algorithm'] - assert enc_alg == rfc7292.pbeWithSHAAnd3_KeyTripleDES_CBC - enc_alg_param = bv['encryptionAlgorithm']['parameters'] - assert enc_alg_param['iterations'] == 2000 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc7296.py b/tests/test_rfc7296.py index 90dc0a3..bcd28ee 100644 --- a/tests/test_rfc7296.py +++ b/tests/test_rfc7296.py @@ -161,4 +161,7 @@ m9Y= suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) + import sys + + result = unittest.TextTestRunner(verbosity=2).run(suite) + sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7508.py b/tests/test_rfc7508.py deleted file mode 100644 index 07f0d86..0000000 --- a/tests/test_rfc7508.py +++ /dev/null @@ -1,132 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.type import univ - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc7508 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class SignedMessageTestCase(unittest.TestCase): - signed_message_pem_text = """\ -MIIE/AYJKoZIhvcNAQcCoIIE7TCCBOkCAQExDTALBglghkgBZQMEAgIwUQYJKoZI -hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv -bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA -pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB -MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx -NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW -QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF -QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI -zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b -z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w -to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E -NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 -cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW -gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL -3kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae -rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggIA -MIIB/AIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH -SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME -AgKgggElMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X -DTE5MDUyOTE4MjMxOVowKAYJKoZIhvcNAQk0MRswGTALBglghkgBZQMEAgKhCgYI -KoZIzj0EAwMwMQYLKoZIhvcNAQkQAjcxIjEgCgEBMBswGRoERnJvbQwRYWxpY2VA -ZXhhbXBsZS5jb20wPwYJKoZIhvcNAQkEMTIEMLbkIqT9gmce1Peqxm1E9OiwuY1R -WHHGVufwmjb6XKzj4goQ5tryN5uJN9NM+ZkmbDBNBgsqhkiG9w0BCRACATE+MDwE -IMdPIQ9kJ1cI9Q6HkRCzbXWdD331uAUCL3MMFXP4KFOjgAEBMBUwE4ERYWxpY2VA -ZXhhbXBsZS5jb20wCgYIKoZIzj0EAwMEZzBlAjEAuZ8SebvwMRvLPn9+s3VHFUNU -bEtkkWCao1uNm5TOzphK0NbxzOsD854aC5ReKPSDAjAm1U0siLQw5p4qzGwyxDw9 -5AI5J8Mvy+icNubmfsd4ofvxdaECdhr4rvsSMwbOsFk= -""" - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.signed_message_pem_text) - asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - secure_header_field_attr_found = False - assert asn1Object['contentType'] == rfc5652.id_signedData - sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) - for sa in sd['signerInfos'][0]['signedAttrs']: - sat = sa['attrType'] - sav0 = sa['attrValues'][0] - - if sat == rfc7508.id_aa_secureHeaderFieldsIdentifier: - assert sat in rfc5652.cmsAttributesMap.keys() - sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) - assert not rest - assert sav.prettyPrint() - assert der_encode(sav) == sav0 - - from_field = rfc7508.HeaderFieldName('From') - alice_email = rfc7508.HeaderFieldValue('alice@example.com') - for shf in sav['secHeaderFields']: - if shf['field-Name'] == from_field: - assert shf['field-Value'] == alice_email - secure_header_field_attr_found = True - - assert secure_header_field_attr_found - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.signed_message_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() - assert asn1Object['contentType'] == rfc5652.id_signedData - - sd = asn1Object['content'] - assert sd['version'] == rfc5652.CMSVersion().subtype(value='v1') - - ect = sd['encapContentInfo']['eContentType'] - assert ect in rfc5652.cmsContentTypesMap.keys() - assert ect == rfc5652.id_data - - for sa in sd['signerInfos'][0]['signedAttrs']: - if sa['attrType'] == rfc7508.id_aa_secureHeaderFieldsIdentifier: - assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() - - secure_header_field_attr_found = False - for sa in sd['signerInfos'][0]['signedAttrs']: - if sa['attrType'] == rfc7508.id_aa_secureHeaderFieldsIdentifier: - assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() - from_field = rfc7508.HeaderFieldName('From') - alice_email = rfc7508.HeaderFieldValue('alice@example.com') - for shf in sa['attrValues'][0]['secHeaderFields']: - if shf['field-Name'] == from_field: - assert shf['field-Value'] == alice_email - secure_header_field_attr_found = True - - assert secure_header_field_attr_found - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7585.py b/tests/test_rfc7585.py deleted file mode 100644 index ecbd72a..0000000 --- a/tests/test_rfc7585.py +++ /dev/null @@ -1,124 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc7585 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class NAIRealmCertTestCase(unittest.TestCase): - cert_pem_text = """\ -MIIEZzCCA0+gAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx -DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF -eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk -BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTE5MTExMTE4 -MDQyMVoXDTIwMDExMDE4MDQyMVowezELMAkGA1UEBhMCRlIxDzANBgNVBAgMBlJh -ZGl1czEUMBIGA1UECgwLRXhhbXBsZSBJbmMxIzAhBgNVBAMMGkV4YW1wbGUgU2Vy -dmVyIENlcnRpZmljYXRlMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9y -ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM9HqbuyWpsTMKo739Dm -DwmQo2HUkNdQYbvsB+e7ILsw8fWa2qnsF1CoRr/1bcZqXUR1To/QbHse7xSMZH9t -F7rdlDMc7QtgdwVfn8TiL3hCg5LSE8iaBzfJUjrts/V5WOByP1DwJVM7W3Va/5dN -oOiceVeC7ThghMlwIx/wN5cy78a8fPYV2FvPR6e+U2HG35zaIv2PizYcliF/QmZG -gnw4Q9dYC1Lw/ogVBZBALlv+/MuGheb/xIuL8lu1PFZ0YbW65WLD9Cx4wvytAke7 -tKlhL/Kd4OBSeOY3OYmpxbc1gEUmFoLTlZesY2NP9Jyl5mGsIHtPdvVkh/tSBy8o -VLUCAwEAAaOB3TCB2jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK -BggrBgEFBQcDATA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vd3d3LmV4YW1wbGUu -Y29tL2V4YW1wbGVfY2EuY3JsMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYb -aHR0cDovL3d3dy5leGFtcGxlLm9yZy9vY3NwMDoGA1UdEQQzMDGCEnJhZGl1cy5l -eGFtcGxlLm9yZ6AbBggrBgEFBQcICKAPDA0qLmV4YW1wbGUuY29tMA0GCSqGSIb3 -DQEBCwUAA4IBAQBOhtH2Jpi0b0MZ8FBKTqDl44rIHL1rHG2mW/YYmRI4jZo8kFhA -yWm/T8ZpdaotJgRqbQbeXvTXIg4/JNFheyLG4yLOzS1esdMAYDD5EN9/dXE++jND -/wrfPU+QtTgzAjkgFDKuqO7gr1/vSizxLYTWLKBPRHhiQo7GGlEC6/CPb38x4mfQ -5Y9DsKCp6BEZu+LByCho/HMDzcIPCdtXRX7Fs8rtX4/zRpVIdm6D+vebuo6CwRKp -mIljfssCvZjb9YIxSVDmA/6Lapqsfsfo922kb+MTXvPrq2ynPx8LrPDrxKc8maYc -Jiw8B0yjkokwojxyRGftMT8uxNjWQVsMDbxl -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - nai_realm_oid = rfc7585.id_on_naiRealm - nai_realm_found = False - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName()) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - - for gn in extnValue: - if gn['otherName'].hasValue(): - assert gn['otherName']['type-id'] == nai_realm_oid - onValue, rest = der_decode(gn['otherName']['value'], - asn1Spec=rfc7585.NAIRealm()) - assert not rest - assert onValue.prettyPrint() - assert der_encode(onValue) == gn['otherName']['value'] - assert 'example' in onValue - nai_realm_found = True - - assert nai_realm_found - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - nai_realm_oid = rfc7585.id_on_naiRealm - nai_realm_found = False - - for extn in asn1Object['tbsCertificate']['extensions']: - if extn['extnID'] == rfc5280.id_ce_subjectAltName: - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.SubjectAltName(), - decodeOpenTypes=True) - assert not rest - assert extnValue.prettyPrint() - assert der_encode(extnValue) == extn['extnValue'] - - for gn in extnValue: - if gn['otherName'].hasValue(): - assert gn['otherName']['type-id'] == nai_realm_oid - assert 'example' in gn['otherName']['value'] - nai_realm_found = True - - assert nai_realm_found - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7633.py b/tests/test_rfc7633.py deleted file mode 100644 index de17cda..0000000 --- a/tests/test_rfc7633.py +++ /dev/null @@ -1,86 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc7633 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class TLSFeaturesExtnTestCase(unittest.TestCase): - pem_text = """\ -MIIEbTCCBBOgAwIBAgIRAO5f2N8q74GBATjTMXQCjlgwCgYIKoZIzj0EAwIwgZYx -CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV -BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQD -EzNDT01PRE8gRUNDIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2 -ZXIgQ0EwHhcNMTYwMTE1MDAwMDAwWhcNMTgwMTE0MjM1OTU5WjCBwjELMAkGA1UE -BhMCUlUxDzANBgNVBBETBjExNzY0NzEUMBIGA1UECBMLTW9zY293IENpdHkxDzAN -BgNVBAcTBk1vc2NvdzE4MDYGA1UECRMvQWthZGVtaWthIEthcGljeSBzdHJlZXQs -IGhvdXNlIDQsIGFwYXJ0bWVudCAxNjYxGDAWBgNVBAoTD0FuZHJleSBDaHVyYW5v -djETMBEGA1UECxMKSW5zdGFudFNTTDESMBAGA1UEAxMJYWRtc2VsLmVjMHYwEAYH -KoZIzj0CAQYFK4EEACIDYgAEwrPPzgBO1vDNmV0UVvYSBnys9B7LVkGLiIBbKYf2 -nNFRuJKo1gzNurI8pv4CbvqjkCX4Je/aSeYFHSCR9y82+zTwYQuJFt5LIL5f+Syp -xZ7aLH56bOiQ+QhCtIvWP4YWo4IB9TCCAfEwHwYDVR0jBBgwFoAUdr4iSO4/PvZG -A9mHGNBlfiKcC+EwHQYDVR0OBBYEFHTFQqV+H5a7+RVL+70Z6zqCbqq9MA4GA1Ud -DwEB/wQEAwIFgDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr -BgEFBQcDAjBQBgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUFBwIB -Fh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0f -BFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPRUNDT3Jn -YW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYBBQUH -AQEEfzB9MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01P -RE9FQ0NPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQG -CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wEQYIKwYBBQUHARgE -BTADAgEFMCMGA1UdEQQcMBqCCWFkbXNlbC5lY4INd3d3LmFkbXNlbC5lYzAKBggq -hkjOPQQDAgNIADBFAiAi6TXl76FTKPP1AhqtEjU5BjAj9Ju7CSKChHZSmzxeXQIh -AOQSxhs011emVxyBIXT0ZGbmBY8LFRh6eGIOCAJbkM5T -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - extn_list = [ ] - for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - if extn['extnID'] == rfc7633.id_pe_tlsfeature: - s = extn['extnValue'] - features, rest = der_decode(s, - rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert features.prettyPrint() - assert s == der_encode(features) - - assert len(features) == 1 - assert features[0] == 5 - - assert rfc7633.id_pe_tlsfeature in extn_list - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7773.py b/tests/test_rfc7773.py deleted file mode 100644 index 37765f0..0000000 --- a/tests/test_rfc7773.py +++ /dev/null @@ -1,119 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc7773 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -class AuthenticationContextExtnTestCase(unittest.TestCase): - pem_text = """\ -MIIMUjCCCzqgAwIBAgIQevDaX+wRYAlpUgjTYjCCRjANBgkqhkiG9w0BAQsFADCBuDELMAkGA1UE -BhMCU0UxNTAzBgNVBAoTLERldiBURVNUIENBIG9yZyBBQiAoTk9UIEEgUkVBTCBPUkdBTklaQVRJ -T04pMSAwHgYDVQQLExdDZW50cmFsIFNpZ25pbmcgU2VydmljZTEVMBMGA1UEBRMMQTEyMzQ1Ni03 -ODkwMTkwNwYDVQQDEzBDZW50cmFsIFNpZ25pbmcgQ0EwMDEgLSBFSUQgMi4wIERldiBURVNUIFNl -cnZpY2UwHhcNMTkxMDA5MDc0ODI2WhcNMjAxMDA5MDc0ODI2WjBgMRUwEwYDVQQFEwwxODg4MDMw -OTkzNjgxCzAJBgNVBAYTAlNFMQ0wCwYDVQQqEwRBZ2RhMRcwFQYDVQQDEw5BZ2RhIEFuZGVyc3Nv -bjESMBAGA1UEBBMJQW5kZXJzc29uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl1H -7vveI/EUaF9z6EiL/AmTHDbpLAKoWh9JJjpRlb8lU0TseYOzZp6ySiAO8St2a/HxxhrNuAAELUwZ -3oICkmxM/NeYgI7EEaLVPUwBAWfGZrRWb/+h8C6SrivWc73M/LI1A0B9tcEpUuh0CHTSVIBZsH+L -IDyKW6n3T8YeI7+0CX391I/j3iyEBNFcfDaHaFChzkPxgPg6Xh1D1JWs+mUj1rOoTLxsyusWiIQk -IkjDgFNUCpS1+NUvkTU1uFewvluxjOzRVqzYZWesOL+V/lGnyVPw4o1INEKYpOurYii2TXElTmXO -iQdIG20S96uFH6vFFJ2cPwgYjWpory/K+QIDAQABo4IIrTCCCKkwCwYDVR0PBAQDAgZAMB0GA1Ud -DgQWBBQo71oFnxX2kapLl3ZoYOylnJo01TATBgNVHSAEDDAKMAgGBgQAizABATBLBgNVHR8ERDBC -MECgPqA8hjpodHRwczovL2VpZDJjc2lnLmtvbmtpLnNlL3B1Ymxpc2gvY3JsLzE4MTRiMGFiYzEx -NGM3YmEuY3JsMIIH6wYHKoVwgUkFAQSCB94wggfaMIIH1gwraHR0cDovL2lkLmVsZWduYW1uZGVu -LnNlL2F1dGgtY29udC8xLjAvc2FjaQyCB6U8c2FjaTpTQU1MQXV0aENvbnRleHQgeG1sbnM6c2Fj -aT0iaHR0cDovL2lkLmVsZWduYW1uZGVuLnNlL2F1dGgtY29udC8xLjAvc2FjaSI+PHNhY2k6QXV0 -aENvbnRleHRJbmZvIElkZW50aXR5UHJvdmlkZXI9Imh0dHA6Ly9kZXYudGVzdC5zd2VkZW5jb25u -ZWN0LnNlL2lkcCIgQXV0aGVudGljYXRpb25JbnN0YW50PSIyMDE5LTEwLTA5VDA3OjU4OjI2LjAw -MFoiIFNlcnZpY2VJRD0iRmVkU2lnbmluZyIgQXV0aG5Db250ZXh0Q2xhc3NSZWY9Imh0dHA6Ly9p -ZC5lbGVnbmFtbmRlbi5zZS9sb2EvMS4wL2xvYTMtc2lnbWVzc2FnZSIgQXNzZXJ0aW9uUmVmPSJf -ZGM5MjM0Y2Y3Zjc5OWQwMDlmMjUwNWVhMzVlMWU0NmUiLz48c2FjaTpJZEF0dHJpYnV0ZXM+PHNh -Y2k6QXR0cmlidXRlTWFwcGluZyBUeXBlPSJyZG4iIFJlZj0iMi41LjQuNSI+PHNhbWw6QXR0cmli -dXRlIEZyaWVuZGx5TmFtZT0iU3dlZGlzaCBQZXJzb25udW1tZXIiIE5hbWU9InVybjpvaWQ6MS4y -Ljc1Mi4yOS40LjEzIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNz -ZXJ0aW9uIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4 -cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3 -dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPjE4ODgwMzA5OTM2ODwvc2FtbDpBdHRy -aWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FjaTpBdHRyaWJ1dGVNYXBwaW5nPjxzYWNp -OkF0dHJpYnV0ZU1hcHBpbmcgVHlwZT0icmRuIiBSZWY9IjIuNS40LjQyIj48c2FtbDpBdHRyaWJ1 -dGUgRnJpZW5kbHlOYW1lPSJHaXZlbiBOYW1lIiBOYW1lPSJ1cm46b2lkOjIuNS40LjQyIiB4bWxu -czpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpBdHRy -aWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5v -cmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxT -Y2hlbWEtaW5zdGFuY2UiPkFnZGE8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0 -ZT48L3NhY2k6QXR0cmlidXRlTWFwcGluZz48c2FjaTpBdHRyaWJ1dGVNYXBwaW5nIFR5cGU9InJk -biIgUmVmPSIyLjUuNC4zIj48c2FtbDpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJEaXNwbGF5IE5h -bWUiIE5hbWU9InVybjpvaWQ6Mi4xNi44NDAuMS4xMTM3MzAuMy4xLjI0MSIgeG1sbnM6c2FtbD0i -dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6QXR0cmlidXRlVmFs -dWUgeHNpOnR5cGU9InhzOnN0cmluZyIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEv -WE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWlu -c3RhbmNlIj5BZ2RhIEFuZGVyc3Nvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmli -dXRlPjwvc2FjaTpBdHRyaWJ1dGVNYXBwaW5nPjxzYWNpOkF0dHJpYnV0ZU1hcHBpbmcgVHlwZT0i -cmRuIiBSZWY9IjIuNS40LjQiPjxzYW1sOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9IlN1cm5hbWUi -IE5hbWU9InVybjpvaWQ6Mi41LjQuNCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNB -TUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmlu -ZyIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9 -Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIj5BbmRlcnNzb248L3Nh -bWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhY2k6QXR0cmlidXRlTWFwcGlu -Zz48L3NhY2k6SWRBdHRyaWJ1dGVzPjwvc2FjaTpTQU1MQXV0aENvbnRleHQ+MAkGA1UdEwQCMAAw -HwYDVR0jBBgwFoAUqKv0QPwAYcLfcD/Vy1A2deHtiqcwDQYJKoZIhvcNAQELBQADggEBAETlZOIL -NknxlMiYHCxoYypyzYuza2l3M4+YWakT0vFPgXpCk+l0dNst7h9nWvKKHCboSj+YP5dUCSsuUXhb -7xTei/F2nj7q1oCPuVJGThZqhWgF/JkqOy34hHEM5VniJiQu2W9TjzRMSOSFzRlQsHcOuXzdTkhr -CQpD1TWxYL9sCy4YoCdE4edfgBGBMujxoijl3/xJ5uI1FjhlSPVP88p8Wsi8i7GdMYuxqjZMwrt2 -PHIPgop3BNN9/BzW0cmdyNvFgcD9qR8Rv5aFBYuQbyg6fST8JdAOrbMrCST6v2U41OOXH5MC/kL6 -tAGXsYdcuQpglUngmo/FV4Z9qjIDkYQ= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - extn_list = [ ] - for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - - if extn['extnID'] == rfc7773.id_ce_authContext: - s = extn['extnValue'] - acs, rest = der_decode(s, - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert acs.prettyPrint() - assert s == der_encode(acs) - - assert u'id.elegnamnden.se' in acs[0]['contextType'] - assert u'AuthContextInfo IdentityProvider' in acs[0]['contextInfo'] - - assert rfc7773.id_ce_authContext in extn_list - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7894.py b/tests/test_rfc7894.py deleted file mode 100644 index 243b4c9..0000000 --- a/tests/test_rfc7894.py +++ /dev/null @@ -1,86 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc6402 -from pyasn1_modules import rfc7894 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class AlternativeChallengePasswordTestCase(unittest.TestCase): - otp_pem_text = """\ -MIICsjCCAZwCAQAwJDELMAkGA1UEBhMCVVMxFTATBgNVBAMTDDRUUzJWMk5MWEE2 -WjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKmF0oUj5+1rBB+pUO8X -7FPxer+1BhWOa54RTSucJmBaLx0H95qNaBCcctNDl1kcmIro/a0zMcEvj5Do29vQ -lStJdTeJ/B3X4qzOGShupxJcAhCreRZjN6Yz3T9z0zJ8OPnRvJOzcSiIzlubc9lK -Cpq4U0UsCLLfymOgL9NH4lZi96J+PFuJr0J+rTY38076U2jcPqNq5/L/d6NV9Sz2 -IVOvCK1kqP/nElJVibIQZvj9YESLUKyVAfTNxLj3+IpioOOv2dT3kB9wdi4plAVi -UFEUvED1okRrI29+LdPV1UXglOCksyJIIw+DgDtutDE5Co6QkTNURFEdKIV9Sg13 -zEECAwEAAaBLMBkGCyqGSIb3DQEJEAI4MQoTCDkwNTAzODQ2MC4GCSqGSIb3DQEJ -DjEhMB8wHQYDVR0OBBYEFBj12LVowM16Ed0D+AmoElKNYP/kMAsGCSqGSIb3DQEB -CwOCAQEAZZdDWKejs3UVfgZI3R9cMWGijmscVeZrjwFVkn7MI9pEDZ2aS1QaRYjY -1cu9j3i+LQp9LWPIW/ztYk11e/OcZp3fo8pZ+MT66n7YTWfDXNkqqA5xmI84DMEx -/cqenyzOBZWqpZGx7eyM9BtnrdeJ0r2qSc7LYU25FbIQFJJf8IvgMAXWMs50fvs2 -Gzns447x952se2ReQ3vYhXdHvYYcgAZfSJZvK+nCmhzzqowv5p15Y5S+IHpBSXTO -a1qhNW4cjdicQZUeQ2R5kiuwZ+8vHaq9jKxAEk0hBeqG6RQaxvNOBQhHtTLNGw/C -NmaF8Y2Sl/MgvC5tjs0Ck0/r3lsoLQ== -""" - - def setUp(self): - self.asn1Spec = rfc6402.CertificationRequest() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.otp_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['certificationRequestInfo']['version'] == 0 - - for attr in asn1Object['certificationRequestInfo']['attributes']: - assert attr['attrType'] in rfc6402.cmcControlAttributesMap.keys() - av, rest = der_decode(attr['attrValues'][0], - rfc6402.cmcControlAttributesMap[attr['attrType']]) - assert not rest - assert der_encode(av) == attr['attrValues'][0] - - if attr['attrType'] == rfc7894.id_aa_otpChallenge: - assert av['printableString'] == '90503846' - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.otp_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr in asn1Object['certificationRequestInfo']['attributes']: - assert attr['attrType'] in rfc6402.cmcControlAttributesMap.keys() - if attr['attrType'] == rfc7894.id_aa_otpChallenge: - assert attr['attrValues'][0]['printableString'] == '90503846' - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful())
\ No newline at end of file diff --git a/tests/test_rfc7906.py b/tests/test_rfc7906.py deleted file mode 100644 index 8e4a6ee..0000000 --- a/tests/test_rfc7906.py +++ /dev/null @@ -1,172 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc2985 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc7906 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class AttributeSetTestCase(unittest.TestCase): - attr_set_pem_text = """\ -MYIRmDAQBglghkgBZQIBDQcxA4IBATAQBglghkgBZQIBDQ0xAwoBUzAQBglghkgB -ZQIBDQ4xAwoBAjAQBglghkgBZQIBDQ8xAwoBATARBglghkgBZQIBBUIxBAQCeQYw -EgYJYIZIAWUCAQ0LMQUwAwoBATAVBglghkgBZQIBDQUxCDAGAgReAA//MBUGCyqG -SIb3DQEJEAIuMQYCBF1qowYwGQYJYIZIAWUCAQVHMQwGCisGAQQBgaxgME0wGgYJ -YIZIAWUCAQ0BMQ0wCwYJYIZIAWUDBAEtMBoGCWCGSAFlAgENDDENBgsqhkiG9w0B -CRABGTAaBglghkgBZQIBDRUxDTALBglghkgBZQMEAS0wGwYJYIZIAWUCAQ0GMQ4w -DAIEXQAAAAIEXwAP/zAdBgsqhkiG9w0BCRACKDEOMAwGCisGAQQBgaxgMDAwLQYJ -YIZIAWUCAQVGMSAwHoYcaHR0cDovL3JlcG8uZXhhbXBsZS5jb20vcGtpLzAvBglg -hkgBZQIBDQMxIjAgExFCb2d1cyBTaG9ydCBUaXRsZYEFQm9ndXOFATCHAU0wNAYJ -YIZIAWUCAQVIMScwJRMRQm9ndXMgU2hvcnQgVGl0bGUTEEZha2UgU2hvcnQgVGl0 -bGUwOAYIKwYBBQUHAQsxLDAqMCgGCCsGAQUFBzAFhhxodHRwOi8vcmVwby5leGFt -cGxlLmNvbS9wa2kvMEEGCyqGSIb3DQEJEAIEMTIwMAwjVGhlc2UgUkZDIDc5MDYg -YXR0cmlidXRlcyBhcmUgYm9ndXMGCSqGSIb3DQEHATCBggYLKoZIhvcNAQkQAgIx -czFxAgEBBgorBgEEAYGsYAEBMUwwJIAKYIZIAWUCAQgDA4EWMBQGCisGAQQBgaxg -MEkxBgIBMAIBSTAkgApghkgBZQIBCAMEgRYwFAYKKwYBBAGBrGAwRTEGAgEwAgFF -ExJCb2d1cyBQcml2YWN5IE1hcmswgYQGCWCGSAFlAgENFjF3MHUwMAYKYIZIAWUC -AQJOAjAiMCAGCyqGSIb3DQEJEAwLMREMD2t0YS5leGFtcGxlLmNvbTAxBgsqhkiG -9w0BCRABGTAiMCAGCyqGSIb3DQEJEAwLMREMD2t0YS5leGFtcGxlLmNvbTAOBgkq -hkiG9w0BBwEKAQEwgaAGCWCGSAFlAgENEDGBkjCBj6EMBgorBgEEAYGsYDAwoH8G -CWCGSAFlAgEQAARyMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UE -BxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMFQWxpY2UxIDAe -BgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMIIBvwYJYIZIAWUCAQVBMYIB -sDCCAawEFO1lDTbJmd4voc2GDuaMzYO+XJSmMIIBkqCB/jB/BglghkgBZQIBEAAE -cjBwMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24x -EDAOBgNVBAoTB0V4YW1wbGUxDjAMBgNVBAMTBUFsaWNlMSAwHgYJKoZIhvcNAQkB -FhFhbGljZUBleGFtcGxlLmNvbTB7BglghkgBZQIBEAAEbjBsMQswCQYDVQQGEwJV -UzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1w -bGUxDDAKBgNVBAMTA0JvYjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29t -MIGOMIGLBglghkgBZQIBEAAEfjB8MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkEx -EDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZpZ2lsIFNlY3VyaXR5IExMQzEX -MBUGA1UECxMOS2V5IE1hbmFnZW1lbnQxGDAWBgNVBAMTD2t0YS5leGFtcGxlLmNv -bTCCAoUGA1UEJDGCAnwwggJ4MIIB/qADAgECAgkApbNUKBuwbjswCgYIKoZIzj0E -AwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9u -MREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1MjkxNDQ1NDFaFw0yMDA1MjgxNDQ1 -NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRv -bjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMFQWxpY2UxIDAeBgkqhkiG9w0B -CQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE+M2f -By/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+bz7uYZfYQxI3dVB0YCSD6Mt3y -XFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/wto8hMKoFgkcscqIbiV7Zo4GU -MIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0 -ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMB0GA1UdDgQWBBTE -uloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAWgBTyNds0BNqlVfK9aQOZsGLs -4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL3kRhmn+PJTeKaL9sh/oQgHOY -TgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94MaerDIrQpi0IDh+v0QSAv9rMife -8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUwggSaBgNVBEYxggSRMIIEjTCCAgIw -ggGIoAMCAQICCQDokdYGkU/O8jAKBggqhkjOPQQDAzA/MQswCQYDVQQGEwJVUzEL -MAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENB -MB4XDTE5MDUxNDA4NTgxMVoXDTIxMDUxMzA4NTgxMVowPzELMAkGA1UEBhMCVVMx -CzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBD -QTB2MBAGByqGSM49AgEGBSuBBAAiA2IABPBRdlSx6I5qpZ2sKUMIxun1gUAzzstO -YWKvKCnMoNT1x+pIKDvMEMimFcLAxxL3NVYOhK0Jty83SPDkKWMdx9/Okdhf3U/z -xJlEnXDiFrAeM6xbG8zcCRiBnmd92UvsRqNQME4wHQYDVR0OBBYEFPI12zQE2qVV -8r1pA5mwYuziFQjBMB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAwG -A1UdEwQFMAMBAf8wCgYIKoZIzj0EAwMDaAAwZQIwWlGNjb9NyqJSzUSdsEqDSvMZ -b8yFkxYCIbAVqQ9UqScUUb9tpJKGsPWwbZsnLVvmAjEAt/ypozbUhQw4dSPpWzrn -5BQ0kKbDM3DQJcBABEUBoIOol1/jYQPmxajQuxcheFlkMIICgzCCAgqgAwIBAgIJ -AKWzVCgbsG49MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJW -QTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwNjEy -MTQzMTA0WhcNMjAwNjExMTQzMTA0WjB8MQswCQYDVQQGEwJVUzELMAkGA1UECBMC -VkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZpZ2lsIFNlY3VyaXR5IExM -QzEXMBUGA1UECxMOS2V5IE1hbmFnZW1lbnQxGDAWBgNVBAMTD2t0YS5leGFtcGxl -LmNvbTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJf2XsTdVLcYASKJGtWjOAIFB8sX -rsiE7G1tC+IP+iOEdJCZ+UvJ9Enx7v6dtaU4uy1FzuWCar45BVpKVK2TNWT8E7XA -TkGBTIXGN76yJ5S09FdWp+hVkIkmyCJJujXzV6OBlDCBkTALBgNVHQ8EBAMCB4Aw -QgYJYIZIAYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0 -ZWQgZm9yIGFueSBwdXJwb3NlLjAdBgNVHQ4EFgQUbZtc/QOvtbnVi/FknxpW4LWt -TQ8wHwYDVR0jBBgwFoAU8jXbNATapVXyvWkDmbBi7OIVCMEwCgYIKoZIzj0EAwMD -ZwAwZAIwBniWpO11toMsV8fLBpBjA5YGQvd3TAcSw1lNbWpArL+hje1dzQ7pxsln -kklv3CTxAjBuVebz4mN0Qkew2NK/itwlmi7i+QxPs/MSZ7YFsyTA5Z4h2GbLW+zN -3xNCC91vfpcwggSgBglghkgBZQIBDRQxggSRMYIEjTCCAgIwggGIoAMCAQICCQDo -kdYGkU/O8jAKBggqhkjOPQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkEx -EDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4XDTE5MDUxNDA4 -NTgxMVoXDTIxMDUxMzA4NTgxMVowPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB -MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABPBRdlSx6I5qpZ2sKUMIxun1gUAzzstOYWKvKCnMoNT1x+pI -KDvMEMimFcLAxxL3NVYOhK0Jty83SPDkKWMdx9/Okdhf3U/zxJlEnXDiFrAeM6xb -G8zcCRiBnmd92UvsRqNQME4wHQYDVR0OBBYEFPI12zQE2qVV8r1pA5mwYuziFQjB -MB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwMDaAAwZQIwWlGNjb9NyqJSzUSdsEqDSvMZb8yFkxYCIbAVqQ9U -qScUUb9tpJKGsPWwbZsnLVvmAjEAt/ypozbUhQw4dSPpWzrn5BQ0kKbDM3DQJcBA -BEUBoIOol1/jYQPmxajQuxcheFlkMIICgzCCAgqgAwIBAgIJAKWzVCgbsG49MAoG -CCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH -SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwNjEyMTQzMTA0WhcNMjAw -NjExMTQzMTA0WjB8MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcT -B0hlcm5kb24xGzAZBgNVBAoTElZpZ2lsIFNlY3VyaXR5IExMQzEXMBUGA1UECxMO -S2V5IE1hbmFnZW1lbnQxGDAWBgNVBAMTD2t0YS5leGFtcGxlLmNvbTB2MBAGByqG -SM49AgEGBSuBBAAiA2IABJf2XsTdVLcYASKJGtWjOAIFB8sXrsiE7G1tC+IP+iOE -dJCZ+UvJ9Enx7v6dtaU4uy1FzuWCar45BVpKVK2TNWT8E7XATkGBTIXGN76yJ5S0 -9FdWp+hVkIkmyCJJujXzV6OBlDCBkTALBgNVHQ8EBAMCB4AwQgYJYIZIAYb4QgEN -BDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9yIGFueSBw -dXJwb3NlLjAdBgNVHQ4EFgQUbZtc/QOvtbnVi/FknxpW4LWtTQ8wHwYDVR0jBBgw -FoAU8jXbNATapVXyvWkDmbBi7OIVCMEwCgYIKoZIzj0EAwMDZwAwZAIwBniWpO11 -toMsV8fLBpBjA5YGQvd3TAcSw1lNbWpArL+hje1dzQ7pxslnkklv3CTxAjBuVebz -4mN0Qkew2NK/itwlmi7i+QxPs/MSZ7YFsyTA5Z4h2GbLW+zN3xNCC91vfpc= -""" - - def setUp(self): - self.asn1Spec = rfc2985.AttributeSet() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.attr_set_pem_text) - asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr in asn1Object: - assert attr['type'] in rfc5652.cmsAttributesMap.keys() - av, rest = der_decode(attr['values'][0], - asn1Spec=rfc5652.cmsAttributesMap[attr['type']]) - assert not rest - assert av.prettyPrint() - assert der_encode(av) == attr['values'][0] - - if attr['type'] == rfc7906.id_aa_KP_contentDecryptKeyID: - assert av == univ.OctetString(hexValue='7906') - - def testOpenTypes(self): - openTypesMap = { } - openTypesMap.update(rfc5280.certificateAttributesMap) - openTypesMap.update(rfc5652.cmsAttributesMap) - - substrate = pem.readBase64fromText(self.attr_set_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - openTypes=openTypesMap, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr in asn1Object: - if attr['type'] == rfc7906.id_aa_KP_contentDecryptKeyID: - assert attr['values'][0] == univ.OctetString(hexValue='7906') - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc7914.py b/tests/test_rfc7914.py deleted file mode 100644 index 1ab8b8f..0000000 --- a/tests/test_rfc7914.py +++ /dev/null @@ -1,95 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc5958 -from pyasn1_modules import rfc7914 -from pyasn1_modules import rfc8018 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - - -# From RFC 7914, Section 13 - -class MultiprimeRSAPrivateKeyTestCase(unittest.TestCase): - pem_text = """\ -MIHiME0GCSqGSIb3DQEFDTBAMB8GCSsGAQQB2kcECzASBAVNb3VzZQIDEAAAAgEI -AgEBMB0GCWCGSAFlAwQBKgQQyYmguHMsOwzGMPoyObk/JgSBkJb47EWd5iAqJlyy -+ni5ftd6gZgOPaLQClL7mEZc2KQay0VhjZm/7MbBUNbqOAXNM6OGebXxVp6sHUAL -iBGY/Dls7B1TsWeGObE0sS1MXEpuREuloZjcsNVcNXWPlLdZtkSH6uwWzR0PyG/Z -+ZXfNodZtd/voKlvLOw5B3opGIFaLkbtLZQwMiGtl42AS89lZg== -""" - - def setUp(self): - self.asn1Spec = rfc5958.EncryptedPrivateKeyInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - ea = asn1Object['encryptionAlgorithm'] - assert ea['algorithm'] == rfc8018.id_PBES2 - assert ea['algorithm'] in rfc5280.algorithmIdentifierMap.keys() - - params, rest = der_decode(ea['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[ea['algorithm']]) - assert not rest - assert params.prettyPrint() - assert der_encode(params) == ea['parameters'] - - kdf = params['keyDerivationFunc'] - assert kdf['algorithm'] == rfc7914.id_scrypt - assert kdf['algorithm'] in rfc5280.algorithmIdentifierMap.keys() - - kdfp, rest = der_decode(kdf['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[kdf['algorithm']]) - assert not rest - assert kdfp.prettyPrint() - assert der_encode(kdfp) == kdf['parameters'] - - assert kdfp['costParameter'] == 1048576 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - ea = asn1Object['encryptionAlgorithm'] - assert ea['algorithm'] == rfc8018.id_PBES2 - - params = asn1Object['encryptionAlgorithm']['parameters'] - assert params['keyDerivationFunc']['algorithm'] == rfc7914.id_scrypt - - kdfp = params['keyDerivationFunc']['parameters'] - assert kdfp['costParameter'] == 1048576 - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8017.py b/tests/test_rfc8017.py deleted file mode 100644 index f05706e..0000000 --- a/tests/test_rfc8017.py +++ /dev/null @@ -1,124 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc8017 -from pyasn1_modules import rfc2985 - -try: - import unittest2 as unittest - -except ImportError: - import unittest - -class SMIMECapabilitiesTestCase(unittest.TestCase): - smime_capabilities_pem_text = """\ -MIIBAzA8BgkqhkiG9w0BAQcwL6APMA0GCWCGSAFlAwQCAgUAoRwwGgYJKoZIhvcN -AQEIMA0GCWCGSAFlAwQCAgUAMDwGCSqGSIb3DQEBCjAvoA8wDQYJYIZIAWUDBAIC -BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQAwDQYJKoZIhvcNAQECBQAw -DQYJKoZIhvcNAQEEBQAwDQYJKoZIhvcNAQEFBQAwDQYJKoZIhvcNAQEOBQAwDQYJ -KoZIhvcNAQELBQAwDQYJKoZIhvcNAQEMBQAwDQYJKoZIhvcNAQENBQAwDQYJKoZI -hvcNAQEPBQAwDQYJKoZIhvcNAQEQBQA= -""" - - def setUp(self): - self.asn1Spec = rfc2985.SMIMECapabilities() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for cap in asn1Object: - assert cap['algorithm'] in rfc5280.algorithmIdentifierMap.keys() - if cap['parameters'].hasValue(): - p, rest = der_decode(cap['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[cap['algorithm']]) - assert not rest - if not p == univ.Null(""): - assert p.prettyPrint() - assert der_encode(p) == cap['parameters'] - - if cap['algorithm'] == rfc8017.id_RSAES_OAEP: - assert p['hashFunc']['algorithm'] == rfc8017.id_sha384 - assert p['maskGenFunc']['algorithm'] == rfc8017.id_mgf1 - - def OpenTypesCodec(self): - substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for cap in asn1Object: - if cap['algorithm'] == rfc8017.id_RSAES_OAEP: - p = cap['parameters'] - assert p['hashFunc']['algorithm'] == rfc8017.id_sha384 - assert p['maskGenFunc']['algorithm'] == rfc8017.id_mgf1 - - -class MultiprimeRSAPrivateKeyTestCase(unittest.TestCase): - pem_text = """\ -MIIE2QIBAQKCAQEAn82EqwXasE2TFNSmZucB8LNza2mOWLHF3nxpxKXalPMDvezc -5Dq7Ytcv/k9jJL4j4jYfvR4yyZdU9iHLaD6hOINZ8E6hVpx/4c96ZUSOLzD2g+u+ -jIuoNfG+zygSBGYCS6BLCAIsZ+2wUyxYpLJknHJld9/jy+aLmmyrilhH9dH5AUiV -3NeWht/68++dMXf4ZI/gV4bMSlWhggxkz2WJJpiQdCdJatGkwNDkHmLA9X0tC6OH -SPE7qYdxG38cYS5F445SgnhDpiK7BodSqYLwgehaDjoOYdEgHVnOcpBCDI5zCJSL -b1c/z8uhrB1xxlECR44wCLcKsIIYQxaEErRJ/wIDAQABAoIBAD+Ra5L0szeqxDVn -GgKZJkZvvBwgU0WpAgMtDo3xQ/A4c2ab0IrhaiU5YJgTUGcPVArqaNm8J4vVrTBz -5QxEzbFDXwWe4cMoYh6bgB7ElKLlIUr8/kGZUfgc7kI29luEjcAIEAC2/RQHesVn -DHkL5OzqZL+4fIwckAMh0tXdflsPgZ/jgIaKca4OqKu4KGnczm3UvqtlvwisAjkx -zMyfZXOLn0vEwP2bfbhQrCVrP7n6a+CV+Kqm8NBWnbiS6x2rWemVVssNTbfXQztq -wC6ZJZCLK7plciDBWvHcS6vxdcsS9DUxuqSV6o/stCGTl1D+9tDx8Od0Eunna2B2 -wAoRHZECVgbNO1bqwfYpp5aFuySWoP+KZz8f/5ZkHjLwiNGpQcqVd4+7Ql2R4qgF -NgSoQQOZFhKtiOeLVU0HYfp6doI4waSINZdF/fJDHD6fY3AMOc/IIMDHHIzbAlYG -vKOocLXWj/2+gcyQ1XoAmrE70aIFUBLSvd7RCi8GI74zYWp5lCSvO850Z4GsWSZT -41iF13sTDDJPm3+BbzMvEu2GuACi/8/IpbUr24/FP9Cp1Rf7kwJWAgMxfoshbrNu -ebQB5laHNnT+DYhrOFVRNiNDaD2bUNSetrFidosWtD4ueHxMGENwa4BbFJ9+UrdP -fyxC6k7exM7khGjaNZczwTep1VpYtKjzP/bp9KcCVgYoj9s9HZ1FCAsNEPodjGfd -AcPTQS9mIa7wzy19B7uvFQJXPURi/p4KKBMVQ99Pp8/r9lJzxxiEf8FyPr8N7lZM -EUKkFkDrZQDhKpsrHWSNj6yRFlltAlYC7dYR8KLEWoOUATLosxQhwgypv+23r+d4 -ZdPOdDv9n8Kmj+NFy/oISFfdXzlOU4RWQtMx3hEwAabwct7vjiJEej/kmiTqco02 -17tt13VvvQ5ZXF73dDCCAQwwggEIAlYDfMpM1WNfxcLLOgkRZ+0S9OvIrEOi0ALV -SquTdi/thhCuCsK3lMD4miN9te8j16YtqEFVWXC3a6DWwIJ6m/xZ50bBwPqM8RsI -6FWhZw4Dr5VqjYXUvwJWAvapRk9SydDYri/cAtGIkUJVlspkE1emALAaSw30vmfd -hrgYLT6YGOmK3UmcNJ4NVeET275MXWF1ZOhkOGKTN6aj5wPhJaHBMnmUQrq7GwC6 -/LfUkSsCVgMCDTV9gbFW8u6TcTVW85dBIeUGxZh1T2pbU3dkGO3IOxOhzJUplH4/ -EeEs9dusHakg1ERXAg4Vo1YowPW8kuVbZ9faxeVrmuER5NcCuZzS5X/obGUw -""" - - def setUp(self): - self.asn1Spec = rfc8017.RSAPrivateKey() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8018.py b/tests/test_rfc8018.py deleted file mode 100644 index f899b54..0000000 --- a/tests/test_rfc8018.py +++ /dev/null @@ -1,56 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc8018 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class PWRITestCase(unittest.TestCase): - rfc3211_ex1_pem_text = """\ -o1MCAQCgGgYJKoZIhvcNAQUMMA0ECBI0Vnh4VjQSAgEFMCAGCyqGSIb3DQEJEAMJMBEGBSsO -AwIHBAjv5ZjvIbM9bQQQuBslZe43PKbe3KJqF4sMEA== -""" - - def setUp(self): - self.asn1Spec = rfc5652.RecipientInfo() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.rfc3211_ex1_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - alg_oid = asn1Object['pwri']['keyDerivationAlgorithm']['algorithm'] - assert alg_oid == rfc8018.id_PBKDF2 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.rfc3211_ex1_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - icount = asn1Object['pwri']['keyDerivationAlgorithm']['parameters']['iterationCount'] - assert icount == 5 - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc8209.py b/tests/test_rfc8209.py deleted file mode 100644 index 4c72f76..0000000 --- a/tests/test_rfc8209.py +++ /dev/null @@ -1,63 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc8209 - -try: - import unittest2 as unittest -except ImportError: - import unittest - -class CertificateTestCase(unittest.TestCase): - cert_pem_text = """\ -MIIBiDCCAS+gAwIBAgIEAk3WfDAKBggqhkjOPQQDAjAaMRgwFgYDVQQDDA9ST1VU -RVItMDAwMEZCRjAwHhcNMTcwMTAxMDUwMDAwWhcNMTgwNzAxMDUwMDAwWjAaMRgw -FgYDVQQDDA9ST1VURVItMDAwMEZCRjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC -AARzkbq7kqDLO+EOWbGev/shTgSpHgy6GxOafTjZD3flWqBbjmlWeOD6FpBLVdnU -9cDfxYiV7lC8T3XSBaJb02/1o2MwYTALBgNVHQ8EBAMCB4AwHQYDVR0OBBYEFKtN -kQ9VyucaIV7zyv46zEW17sFUMBMGA1UdJQQMMAoGCCsGAQUFBwMeMB4GCCsGAQUF -BwEIAQH/BA8wDaAHMAUCAwD78KECBQAwCgYIKoZIzj0EAwIDRwAwRAIgB7e0al+k -8cxoNjkDpIPsfIAC0vYInUay7Cp75pKzb7ECIACRBUqh9bAYnSck6LQi/dEc8D2x -OCRdZCk1KI3uDDgp -""" - - def setUp(self): - self.asn1Spec = rfc5280.Certificate() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.cert_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - extn_list = [ ] - for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): - extnValue, rest = der_decode(extn['extnValue'], - asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) - assert der_encode(extnValue) == extn['extnValue'] - - if extn['extnID'] == rfc5280.id_ce_extKeyUsage: - assert rfc8209.id_kp_bgpsec_router in extnValue - - assert rfc5280.id_ce_extKeyUsage in extn_list - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - unittest.TextTestRunner(verbosity=2).run(suite) diff --git a/tests/test_rfc8226.py b/tests/test_rfc8226.py index 8993ae1..69fd438 100644 --- a/tests/test_rfc8226.py +++ b/tests/test_rfc8226.py @@ -77,9 +77,7 @@ yEFWA6G95b/HbtPMTjLpPKtrOjhofc4LyVCDYhFhKzpvHh1qeA== assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate - extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decoder.decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) @@ -88,7 +86,6 @@ yEFWA6G95b/HbtPMTjLpPKtrOjhofc4LyVCDYhFhKzpvHh1qeA== if extn['extnID'] == rfc8226.id_pe_TNAuthList: assert extnValue[0]['spc'] == 'fake' - assert rfc8226.id_pe_TNAuthList in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc8358.py b/tests/test_rfc8358.py deleted file mode 100644 index bbe37e0..0000000 --- a/tests/test_rfc8358.py +++ /dev/null @@ -1,200 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc8358 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class P7STestCase(unittest.TestCase): - pem_text_list = ( -"""\ -MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDTALBglghkgBZQMEAgEwDQYLKoZIhvcNAQkQ -ARugggZ0MIIGcDCCBVigAwIBAgIRANa58hQvZ26svTWQaGtqo/YwDQYJKoZIhvcNAQELBQAw -gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT -B1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8g -UlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE1MDIx -MjAwMDAwMFoXDTIwMDIxMjIzNTk1OVowgZUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJn -aW5pYTEPMA0GA1UEBxMGUmVzdG9uMRMwEQYDVQQKEwpJRVRGIFRydXN0MRkwFwYDVQQLExBT -ZWNyZXRhcmlhdCBXZXN0MQ0wCwYDVQQDEwRJRVRGMSMwIQYJKoZIhvcNAQkBFhRpZXRmLWFj -dGlvbkBpZXRmLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMUkKtMPP1RA -FU6sxMezYJKCt4rw30RDieB8/P67TMhA6j8Um4a2Xo+CP9Ce1oMri2bwaaQPYWB4ciEL32za -0NUE0B0iCjZZl36hon6wW6mJw1NGD/AFxnKWzhkSWG6BHMoeOAzu/ye8sHu4Jp5nazpGptK7 -30SjTS3JJFU9pHwQY6JlcmwVv0j2rsT3gj92Cbj5S+U5wCSE6+mZbCC+VPFeeI1kFITwyaIm -uK9kSYHr15OXua/jrYNrHNRfqtexGKSgnUT96KkTh9TVvkMETB1WJS4WuEIP6GITvwVTp0lA -qS3oNO4SM4tgFVdYqppcvZBg52kHY9y7IdR156c99zzZDBfWBduqjs/AXa0uol0EJd7qFLUs -xEJ96XN3tPgR/Cwq18ec29pZQH6kO81Kato/RsQrj6A05TFx/J0MYE0R1MZqvIDUu55vlicb -wT2lpXMiz1szKuvjTZRR9H/IgbKPNpt/kDUSgXLYwuKBm+nBoJXgybEyJ+A4arb60d9Uiusu -UA8/h6s1rDMuTnIYMbIii4Y+KgevBWPawqk0xioilEMJ0RBaBVrDreuFlK8aYh+Jo2piruBA -QnB9ZaPmEM1HPNArJxqL6XcUJTkFxNSksOATDFV5sEoBWYIe6qv2nV2r/HWDAEaa4WH2h3o/ -kASarXk3SxPXmfjOOr1XgpKjAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSCr2yM+MX+lmF8 -6B89K3FIXsSLwDAdBgNVHQ4EFgQU7Olc92Oy6nkCvpv6jCj6qN8YPtUwDgYDVR0PAQH/BAQD -AgeAMAwGA1UdEwEB/wQCMAAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEF -BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJ -aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25h -bmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw -Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNl -Y3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w -HwYDVR0RBBgwFoEUaWV0Zi1hY3Rpb25AaWV0Zi5vcmcwDQYJKoZIhvcNAQELBQADggEBAGPm -QUKHxkEQ9vk69vIP68anHc8UsTv5powtLSXLqUw3rAoKAdoWkKjb7ZByHCuFiNk1BvTnhQPh -LAZm5dI8dYWKp3zgWVxsCXOQv2K4XbaQpIk8KKdLycHWsOq2OD4xBdhfTQqDj9EidhxaLf4B -bRUePOuWVvwNqHI6OQ9FbRllUsTsSH3XK7z9Ru/0Ub07uEzmWyrIpeFRLJUg9EqQj25pw8j7 -N9ym8ItpfEQvK4Nrzt9KnGwFDaNOUjYAvejig9iUNdOXEQKVzbq8fC25HrXPQisq8u2jrP38 -cRqzwgGHZ1bJrQa8+LPBfADZ4ZHeqlEe6IqZhS/wDSuDNCIZHtkxggKqMIICpgIBA4AU7Olc -92Oy6nkCvpv6jCj6qN8YPtUwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 -DQEJEAEbMBwGCSqGSIb3DQEJBTEPFw0xOTA2MDkxNjU3NTdaMC8GCSqGSIb3DQEJBDEiBCDx -ACvH9u26K1BdX+IPp6vguUAtA9k0lp9JMNunvXTuQzANBgkqhkiG9w0BAQEFAASCAgBY8kFl -SxQIvU4n6LaVoAV6ibHrlCqOp9KrUc9DmwXtDifsgoGfhDHb6i5k9BSHmerjTGF6mLlquPUV -Z2EHSUuVpk8rX//ki6vngq91+f+ufrzEpvO6BLc2aO/zOat0W3U2hiq3zJSLMYMNZhX484Nq -9+ImsU0S5f32ZpEXH0lFINUaZFo0eRAOZywqNuY57stjWBxTI6MA00S0+eMuWlmkMy0C2LL9 -BQvWW01/ri2UDEprAiKo2sXLcScgHimEVYHuWsrnP+sJ3XVWRsWGRW2i5qIalu2ZGmmIU/vg -bdBzQnAjCoS2xC5Kwv+cqtUiiyLI0nnuu1aKKi4hivmt1n+hSIWWgGNwTFn3S4+mYDDNSH0u -ocOr0uDFVv/SH9QPQuGh9rpSz3cd3hlA4R63Rylm46Tt6DnXiovu0mDoos68UQjIAPXWj1ES -Peeubp+wSbuqN8Rh+koZU+HK7YpsR2bB4hL0GIwMA9lQjGSCxPCt1ViRL6zAWECzQC1YgLyc -+f1Fe8pkaWUbZz+18H/rJoKsXiNWH8yhfAyk+JGTxc4qxWJ/BuF0vzSyuVEffuxIHrOMZTpO -+xfAaJVDqFjxT5yKj3dCfy6XSDZq39AeX/w26/WfH+0ALRiViAAaMHSldbawVR/W3isecDWF -tlU4NSJMLi/tTohe0QN1fjOaFryAvw== -""", -"""\ -MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDTALBglghkgBZQMEAgEwDQYLKoZIhvcNAQkQ -ARygggZ0MIIGcDCCBVigAwIBAgIRANa58hQvZ26svTWQaGtqo/YwDQYJKoZIhvcNAQELBQAw -gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT -B1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8g -UlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE1MDIx -MjAwMDAwMFoXDTIwMDIxMjIzNTk1OVowgZUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJn -aW5pYTEPMA0GA1UEBxMGUmVzdG9uMRMwEQYDVQQKEwpJRVRGIFRydXN0MRkwFwYDVQQLExBT -ZWNyZXRhcmlhdCBXZXN0MQ0wCwYDVQQDEwRJRVRGMSMwIQYJKoZIhvcNAQkBFhRpZXRmLWFj -dGlvbkBpZXRmLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMUkKtMPP1RA -FU6sxMezYJKCt4rw30RDieB8/P67TMhA6j8Um4a2Xo+CP9Ce1oMri2bwaaQPYWB4ciEL32za -0NUE0B0iCjZZl36hon6wW6mJw1NGD/AFxnKWzhkSWG6BHMoeOAzu/ye8sHu4Jp5nazpGptK7 -30SjTS3JJFU9pHwQY6JlcmwVv0j2rsT3gj92Cbj5S+U5wCSE6+mZbCC+VPFeeI1kFITwyaIm -uK9kSYHr15OXua/jrYNrHNRfqtexGKSgnUT96KkTh9TVvkMETB1WJS4WuEIP6GITvwVTp0lA -qS3oNO4SM4tgFVdYqppcvZBg52kHY9y7IdR156c99zzZDBfWBduqjs/AXa0uol0EJd7qFLUs -xEJ96XN3tPgR/Cwq18ec29pZQH6kO81Kato/RsQrj6A05TFx/J0MYE0R1MZqvIDUu55vlicb -wT2lpXMiz1szKuvjTZRR9H/IgbKPNpt/kDUSgXLYwuKBm+nBoJXgybEyJ+A4arb60d9Uiusu -UA8/h6s1rDMuTnIYMbIii4Y+KgevBWPawqk0xioilEMJ0RBaBVrDreuFlK8aYh+Jo2piruBA -QnB9ZaPmEM1HPNArJxqL6XcUJTkFxNSksOATDFV5sEoBWYIe6qv2nV2r/HWDAEaa4WH2h3o/ -kASarXk3SxPXmfjOOr1XgpKjAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSCr2yM+MX+lmF8 -6B89K3FIXsSLwDAdBgNVHQ4EFgQU7Olc92Oy6nkCvpv6jCj6qN8YPtUwDgYDVR0PAQH/BAQD -AgeAMAwGA1UdEwEB/wQCMAAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEF -BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJ -aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25h -bmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw -Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNl -Y3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w -HwYDVR0RBBgwFoEUaWV0Zi1hY3Rpb25AaWV0Zi5vcmcwDQYJKoZIhvcNAQELBQADggEBAGPm -QUKHxkEQ9vk69vIP68anHc8UsTv5powtLSXLqUw3rAoKAdoWkKjb7ZByHCuFiNk1BvTnhQPh -LAZm5dI8dYWKp3zgWVxsCXOQv2K4XbaQpIk8KKdLycHWsOq2OD4xBdhfTQqDj9EidhxaLf4B -bRUePOuWVvwNqHI6OQ9FbRllUsTsSH3XK7z9Ru/0Ub07uEzmWyrIpeFRLJUg9EqQj25pw8j7 -N9ym8ItpfEQvK4Nrzt9KnGwFDaNOUjYAvejig9iUNdOXEQKVzbq8fC25HrXPQisq8u2jrP38 -cRqzwgGHZ1bJrQa8+LPBfADZ4ZHeqlEe6IqZhS/wDSuDNCIZHtkxggKqMIICpgIBA4AU7Olc -92Oy6nkCvpv6jCj6qN8YPtUwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 -DQEJEAEcMBwGCSqGSIb3DQEJBTEPFw0xOTA2MDkxNjU3NTdaMC8GCSqGSIb3DQEJBDEiBCBg -ifxBsUb2E8RicFvqZB+NJEs1FOG4hFFU1bPqV2UwGzANBgkqhkiG9w0BAQEFAASCAgCApFAS -4+cYrnkMebrANXw7/TGn6Qx01p9fuOugQb6lcfE5CysIKGLJJogs0BXwHK4jTeJRdt/lutuz -bACg1bakABxuCiLWMu3pKCKS94qAgElYgWru+pAxPhuslz5MwAU0qFW3KnaNq3f5wXlVQ+h2 -l9spSiLhAQ+vLTLfotn6tCmUfjaaYsoNIUGg6b/2vH75QGYaXDq9YGoCrrkDbaRS4eDenSL5 -S2fBTZ5VMJE/1VQY1D5CWqt2CTfzRkNkU7mkarPy6SPvguDlqKJJnFaZJmeIYbGOpDt6KxWc -DLFD9+J6CH492QwlHxDtM94nK1oIaqdu9TTV94t0ToGezElOZZuVA2DVkov5DzrYQLI5GjMw -7iHXW1ewCaGF38DdOopqBYp7jcCCZpruKBWDq/uz40MzSBrffYTP/dg4//8Awvt/JomvTUoH -E18Pt/G2cqdw0NqOE7YEcFpsLGfikTWmGhnrcYUkt8odDDAv/vqZRt8DLkB56waQeQw0TLit -2M3gbTSHJ1KFsBM/kqHanVapGtnClkY7hYh8DVpgJymJpupkNFs8lDNbN4C42DhQ6Oz9P2qu -8a/ybEb5gMZ3fsVLvvp6LhbJfqIvYgZO2uKXeKg3eLASD5nVY/Tuhnn2plhx+weKULGys0Ov -zPKZ+N96KLerIBr3FmGByqhr3jNrBw== -""", -"""\ -MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDTALBglghkgBZQMEAgEwDQYLKoZIhvcNAQkQ -AR2gggZ0MIIGcDCCBVigAwIBAgIRANa58hQvZ26svTWQaGtqo/YwDQYJKoZIhvcNAQELBQAw -gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT -B1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8g -UlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE1MDIx -MjAwMDAwMFoXDTIwMDIxMjIzNTk1OVowgZUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJn -aW5pYTEPMA0GA1UEBxMGUmVzdG9uMRMwEQYDVQQKEwpJRVRGIFRydXN0MRkwFwYDVQQLExBT -ZWNyZXRhcmlhdCBXZXN0MQ0wCwYDVQQDEwRJRVRGMSMwIQYJKoZIhvcNAQkBFhRpZXRmLWFj -dGlvbkBpZXRmLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMUkKtMPP1RA -FU6sxMezYJKCt4rw30RDieB8/P67TMhA6j8Um4a2Xo+CP9Ce1oMri2bwaaQPYWB4ciEL32za -0NUE0B0iCjZZl36hon6wW6mJw1NGD/AFxnKWzhkSWG6BHMoeOAzu/ye8sHu4Jp5nazpGptK7 -30SjTS3JJFU9pHwQY6JlcmwVv0j2rsT3gj92Cbj5S+U5wCSE6+mZbCC+VPFeeI1kFITwyaIm -uK9kSYHr15OXua/jrYNrHNRfqtexGKSgnUT96KkTh9TVvkMETB1WJS4WuEIP6GITvwVTp0lA -qS3oNO4SM4tgFVdYqppcvZBg52kHY9y7IdR156c99zzZDBfWBduqjs/AXa0uol0EJd7qFLUs -xEJ96XN3tPgR/Cwq18ec29pZQH6kO81Kato/RsQrj6A05TFx/J0MYE0R1MZqvIDUu55vlicb -wT2lpXMiz1szKuvjTZRR9H/IgbKPNpt/kDUSgXLYwuKBm+nBoJXgybEyJ+A4arb60d9Uiusu -UA8/h6s1rDMuTnIYMbIii4Y+KgevBWPawqk0xioilEMJ0RBaBVrDreuFlK8aYh+Jo2piruBA -QnB9ZaPmEM1HPNArJxqL6XcUJTkFxNSksOATDFV5sEoBWYIe6qv2nV2r/HWDAEaa4WH2h3o/ -kASarXk3SxPXmfjOOr1XgpKjAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSCr2yM+MX+lmF8 -6B89K3FIXsSLwDAdBgNVHQ4EFgQU7Olc92Oy6nkCvpv6jCj6qN8YPtUwDgYDVR0PAQH/BAQD -AgeAMAwGA1UdEwEB/wQCMAAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEF -BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJ -aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25h -bmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw -Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNl -Y3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w -HwYDVR0RBBgwFoEUaWV0Zi1hY3Rpb25AaWV0Zi5vcmcwDQYJKoZIhvcNAQELBQADggEBAGPm -QUKHxkEQ9vk69vIP68anHc8UsTv5powtLSXLqUw3rAoKAdoWkKjb7ZByHCuFiNk1BvTnhQPh -LAZm5dI8dYWKp3zgWVxsCXOQv2K4XbaQpIk8KKdLycHWsOq2OD4xBdhfTQqDj9EidhxaLf4B -bRUePOuWVvwNqHI6OQ9FbRllUsTsSH3XK7z9Ru/0Ub07uEzmWyrIpeFRLJUg9EqQj25pw8j7 -N9ym8ItpfEQvK4Nrzt9KnGwFDaNOUjYAvejig9iUNdOXEQKVzbq8fC25HrXPQisq8u2jrP38 -cRqzwgGHZ1bJrQa8+LPBfADZ4ZHeqlEe6IqZhS/wDSuDNCIZHtkxggKqMIICpgIBA4AU7Olc -92Oy6nkCvpv6jCj6qN8YPtUwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 -DQEJEAEdMBwGCSqGSIb3DQEJBTEPFw0xOTA3MTQwMTMyMTdaMC8GCSqGSIb3DQEJBDEiBCAJ -zK6u0RRfrSQ2ebn+GOxnbovlG3Raul/1zOOGmTaIPzANBgkqhkiG9w0BAQEFAASCAgBlKYNd -euVzPDqEa13k4nQthmyJUUqjWlAVolgohXioYok8Z5BkKmkp8ANLbvkJl0hV1Al1hutTRNeF -a5ZeWyS6nAWyPFKfRSNqwWLMIi1dX+rO7Vhf15Lz944ZYsqO+O2f7rjWUJmi8/uJKD7cFDiW -uKkPMgvqyIMnnC3ya/sC1vU+0Feqr5JcIMs2AHQeNVe8hzN4T9Pthyax7gqbxTkg3Gyt7Mwy -WLZeK84oJmkl9ANeVgzq+P/cmqUaqtfkBFDSxaTag/eoYM3QfHNisr/jHCazqCh88VMgwhvk -cl6NS9hdH+aOWqQ3FE1c7VJNoQRDT7ztyKCrRJFPc4wZL8tsGkKp1lP4WcaStcbUJ65AdWPb -3CZonLY4UOBotAUpG/PObMCmWBEpr8MN0Q+kuEO2oAe9kBoFsv7MtNfyHE4CuOANRqGLRgOL -72hN8Cy0sGWYUy+2chH3i50cT8XkDV5Rz2Z5xW3SfyAuW53j2WKLFsKkZjfkZBopSJM20V4E -8pPnQQ/ByFwYPyS/xJZc24vsRxgogbrf11JU8hKVkfSsq3JXxUxe5w+Sh1XGTmO5tXDKFfyi -S+VljWVifzXaR3pmTEQPhXH4nBa4K/HYytxofDP3EMli+imil2fFBbBedZkb5CIQ/Ly3soHZ -dZlmZDkyeXJLpkNjRAsG6V82raZd9g== -""", -) - - def setUp(self): - self.asn1Spec = rfc5652.ContentInfo() - - def testDerCodec(self): - oids = [ ] - for pem_text in self.pem_text_list: - substrate = pem.readBase64fromText(pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['contentType'] == rfc5652.id_signedData - sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) - assert not rest - assert sd.prettyPrint() - assert der_encode(sd) == asn1Object['content'] - - oids.append(sd['encapContentInfo']['eContentType']) - - assert rfc8358.id_ct_asciiTextWithCRLF in oids - assert rfc8358.id_ct_pdf in oids - assert rfc8358.id_ct_xml in oids - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8360.py b/tests/test_rfc8360.py deleted file mode 100644 index 95e2c80..0000000 --- a/tests/test_rfc8360.py +++ /dev/null @@ -1,468 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc8360 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class CertExtnsTestCase(unittest.TestCase): - extns_pem_text = """\ -MIJM7TCCRkUGCCsGAQUFBwEcBIJGNzCCRjMwgkXJBAIAATCCRcEDAgACMAoDAgAF -AwQFBRwAMAoDBAMFHCgDAgEEMAoDAwINdAMDAg14AwMCDYwwCgMDAw2oAwMDDbAD -AwIN8AMEAhcTMAMEAxcTOAMEAxdTQAMEBBdTcAMEBRdp4DAMAwQDF2poAwQDF2pw -AwQEF2zQAwMAF20DBAMXbwAwDAMEBBdvEAMEBhdvADAMAwQEF29QAwQHF28AMAwD -BAYXb8ADBAMXb/ADBAUX74ADBAMX+egwDAMEARf8QgMEABf8RDAMAwQAF/xHAwQA -F/xIMAwDBAAX/EsDBAAX/EwDBAAX/E8DAwIYhAMEARjrFgMCABkwCwMDARtuAwQC -G24QMAkDAgAfAwMAH84wDAMEAx/PCAMEAx/PMDAKAwQCH888AwIFADAJAwIAJQMD -ACVuMAkDAwQlcAMCASQDBAIr4XADBAIr+6ADAwMtCAMEBS0rQAMEBS044AMEBi1B -QAMDAS1CAwQHLUuAAwMELVADAwUtgAMEAi36GDAKAwIBLgMEBi6VgDAKAwQELpXQ -AwIALgMDATEMAwMBMjwDAwAydzAJAwIAMwMDADNOAwMAM1AwCQMDATNSAwICMAME -BTSQQAMCADUwCgMDAjYkAwMANiYDAgA5AwQCPQ7gMAoDAgE+AwQGPggAMAwDBAU+ -CGADBAU+DEAwDAMEBz4MgAMEBT4YQDAMAwQHPhiAAwQGPj2AMAsDAwE+PgMEBT5E -ADAMAwQGPkRAAwQFPkTAMAoDAwA+RQMDAT5wMAsDAwA+cwMEBT51ADALAwQGPnVA -AwMAPoYwCwMEBz6HgAMDAD6KAwQGPowAMAwDBAc+jIADBAU+rQAwDAMEBj6tQAME -Bj7BAAMEBT7BgDALAwQGPsHAAwMBPugwCwMDAD7rAwQFPvAAAwQFPvBAMAwDBAc+ -8IADBAc+8QAwDAMEBT7xoAMEBz77AAMDAj78MAwDBAE/jSIDBAE/jSQDBAQ/jgAD -BAVAEMADBAVAHAADBAdAKwADBAZAQUADBAZAicADBAJA7+wDBAVA/SADBAZBEoAD -BARBEtADBAVBJ0ADBAZBY4ADBAVCT2ADBARCVEADBAZCdoADBAVCzUADBAVC1GAD -BAJC+MwwDAMEBUMWIAMEAkMWOAMEAEOePgMEBUPRgAMEBERGwAMEBkUGAAMEBEVe -QAMEBEVecAMEBUWsYAMEBkXCQDAJAwIATQMDAk3YMAwDBAVN3CADBAdQQwAwDAME -BFBDkAMEBVBHADAMAwQEUEcwAwQFUEhAMAwDBARQSHADBAVQS4AwDAMEBlBLwAME -BFBWADAMAwQFUFYgAwQGUFcAMAsDBAVQV2ADAwNQUDALAwQEUFgQAwMAUF4wDAME -BFBfEAMEBlDwgDALAwQEUPDQAwMBUPQwCwMEBFD2EAMDA1DwMAwDBARQ+BADBAZQ -+AAwDAMEBFD4UAMEBlD5ADAMAwQEUPlQAwQFUPoAMAsDBARQ+jADAwJRADALAwQG -UQRAAwMBUQgwDAMEB1EKgAMEBVEVQDAMAwQEURVwAwQGURYAMAwDBAVRFmADBARR -F8AwDAMEBVEX4AMEBlEaADAMAwQEURpQAwQFUR1AMAsDBARRHXADAwJRQDALAwMD -UUgDBAVRW8AwCwMEBFFb8AMDBlGAMAsDAwBRwQMEB1JlADALAwQGUmXAAwMHUgAw -DAMEB1KAgAMEB1KBADALAwMBUoIDBAZSlwAwCwMEBVKXYAMDAlKYMAsDAwFSngME -B1LJADALAwMBUsoDBANTjxAwCwMEBVOPIAMDAlQgMAsDAwBUJQMEBVTNQDALAwQH -VM2AAwMAVOgwDAMEB1TpgAMEBVf3gDAMAwQDV/eoAwQFV/9AMAwDBAdX/4ADBARZ -0OAwCwMDAFnRAwQEWe8gMAwDBAZZ70ADBAVb4QAwDAMEAVvhIgMEAlvrADALAwQB -W+sGAwMBXMgwCwMDAlzMAwQFXbNAAwQDXbNoAwQCXbN4MAwDBAdds4ADBABeGhow -DAMEAl4aHAMEAF4aHjAMAwQFXhogAwQCXhooAwQAXhotMAwDBAReGjADBABeGkIw -DAMEAl4aRAMEAF4aSDAMAwQBXhpKAwQCXhpQMAwDBAFeGlYDBAJeZwAwDAMEA15n -CAMEBF6+wAMEBF6+8DAMAwQHXr+AAwQGX6OAMAsDBARfo9ADAwBfqDAMAwQFX6kg -AwQCX7W4MAoDBAZftcADAgVAAwQFYAmAAwQEYH2QAwMAYoADAwNlOAMEAmfhyAME -AmfniAMEAmfxbAMEAmf7pAMEAmf8WAMEA2glIAMEAmiZVAMEAWjoJAMEBmjpQAME -Amjz2AMEAmj0CDAMAwQBa5aiAwQCa5awAwQEa6GgAwQFa7WAAwQAa79EMAkDAgBt -AwMCbegwCwMEBG3sEAMDAm3wMAkDAwBt9QMCAWwwCwMDAHHLAwQGccuAAwMBdMoD -BAJ9PkgDAwCAAAMDAIAHAwMAgBAwCgMDAIAnAwMBgCgDAwCALTAKAwMAgEEDAwSA -QAMDAYBWAwMAgF0DAwCAYgMEB4B0gAMDAIB8AwMAgH8DAwGAgjAKAwMAgIsDAwCA -jgMDAICoAwMAgLADAwGAsgMDAIDHAwMAgMwDAwCA1gMDAIDoAwMAgOoDAwCA8AMD -AIDzAwMAgPYwCgMDAIELAwMBgQwDAwCBEAMDAIEUAwMBgRoDAwCBHwMDAIFDMAoD -AwCBRQMDAIFGAwMAgUkDAwCBWDAKAwMBgWYDAwCBaAMDAIF9AwMAgYEDAwCBhAMD -AYGOAwMAgakDAwCBrzAKAwMAgbEDAwCBsjAKAwMAgbUDAwGBuAMDAIG7AwMBgcID -AwCBxwMDAIHOAwMAgdADAwGB1gMDAIHZMAoDAwCB6QMDAIHqMAoDAwSB8AMDAIHy -AwMAgfcDAwCCAAMDAYIYAwMAghwDAwCCIAMDAIIlAwMAgiswCgMDAII7AwMAgjwD -AwGCQgMDAIJJAwMAgksDAwGCTjAKAwMBglIDAwCCVAMDAYJYAwMBglwDAwCCYgMD -AIJkAwMAgmgDAwCCcAMDAIJzAwMAgngDAwCCfQMDAIKFAwMAgogwCgMDAYKKAwMB -gpQDAwCCnwMDAIKhAwQHgqSAAwMAgrQDAwCCtzAKAwMAgrkDAwCCugMDAIK8AwMA -gr4DAwGCwAMDAILGAwMAgswDAwCCzgMDAYLQAwMAgt8wCgMDAILhAwMAgvQDAwCC -9gMEA4L4MDAMAwQBgvg6AwQGgvgAMAwDBAKC+EQDBAKC+GgDAwCC+wMDAIL/AwMA -gwEDAwCDYQMDAINjAwMAg2YDAwCDbzAKAwMBg3IDAwGDdAMDAIOCAwMAg5gDAwGD -mjAKAwMAg58DAwCDoDAKAwMCg6QDAwCDpgMDAIOpMAoDAwCDrQMDAYOwAwMAg7QD -AwCDvAMDAIPNAwMAg88DAwCD0wMDAIPcAwMAg+AwCgMDAIPjAwMAg+QDAwCD5wMD -AIPqAwMAg+0DAwCD9gMDAIP7AwMAg/4wCgMDBoRAAwMAhE4DAwCEkjAKAwMAhJUD -AwCElgMDAISZAwMAhJswCgMDAISlAwMBhKgDAwCEqwMDAISwAwMAhLQwCgMDAIS5 -AwMChLgwCgMDAITDAwMAhMQDAwCExwMDAITjMAoDAwCE5QMDA4TgAwMAhPQDAwCE -/AMDAoYAAwMAhhEDAwCGEwMDAIYVAwMAhhkwCgMDAIYbAwMAhhwDAwCGHjAKAwMB -hiIDAwGGJAMDAIYvAwMAhjYwCgMDAYY6AwMBhjwDAwCGTAMDAIZRAwMAhlMwCgMD -AYZaAwMAhm4DAwCGdwMDAIaCAwMAhooDAwGGjjAKAwMAhpEDAwKGkAMDAIaXAwMA -hpswCgMDAIadAwMAhp4DAwCGqQMDAIarAwMAhrAwCgMDAIa3AwMAhrgDAwCGvAMD -AIa/AwMAhssDAwCGzjAKAwMChtQDAwCG1jAKAwMAhtsDAwCG3jAKAwMAhuEDAwKG -4AMDAIbvMAoDAwCG9QMDA4bwAwMAhvkDAwCG/wMEAodUNAMEAodUlAMDAIdaAwMA -h8QDBAeIjwAwCwMEBIiQEAMDAIiQAwMAiJQwCgMDAIibAwMBiJwDBAeInoAwCgMD -AIijAwMAiKQwCgMDAIipAwMAiKoDAwGIrAMDAIjHAwMAiMkDAwCIzgMDAIjhAwMB -iOYDAwCI8wMDAIj/AwMAiREwCgMDAIkhAwMAiSIwCgMDAIkrAwMAiSwDAwCJLwMD -AIkyMAoDAwCJNwMDAIk4AwMAiTowCgMDAok8AwMAiT4wCgMDAIlJAwMAiUoDAwCJ -XQMDAIlgAwMAiWUDAwCJaQMDAIlsAwMBiXgDAwCJgQMDAImFAwMAiYoDAwCJnAMD -AImjAwMAia4DAwCJvzAKAwMAicEDAwKJwAMDAYnMAwMAidADAwCJ1TAKAwMAidkD -AwCJ2jAKAwMAid0DAwCJ4AMDAIniAwMAifgDAwGJ+gMDAIn9MAoDAwCKAwMDAIoE -AwMAigYDAwCKDjAKAwMAihUDAwCKFjAKAwMAiiUDAwCKJgMDAYooAwMAijADAwGK -PgMDAIpCAwMAikYDAwCKUQMDAIpgAwMAimQwCgMDAYpmAwMAimgDAwCKagMDAIp8 -AwQDioCIMAoDAwCKgwMDAIqEAwMAioYwCgMDAIq7AwMGioADAwCKwzAKAwMBisYD -AwGKyAMDAIrLMAoDAwCKzQMDAIrOMAoDAwCK1wMDAIrYMAoDAwCK3QMDAIrkMAoD -AwCK5wMDAYroMAoDAwKK9AMDAIr2AwMCivgDAwCK/TAKAwMAiwEDAwCLBDAKAwMB -iwYDAwCLCDAKAwMBiwoDAwGLGDAKAwMAixsDAwCLHgMDAIstAwMAiy8DAwCLMgMD -AIs2AwMAizowCwMDAIs/AwQHi0AAAwMAi0IDAwGLSgMDAItPAwMAi1MwCgMDAItZ -AwMAi1wwCgMDBYtgAwMAi2IDAwCLZDAKAwMAi2kDAwCLeDAKAwMBi3oDAwCLfAMD -AIuAAwMAi4UDBAWLisADAwCLjQMDAIuPAwMAi5EDAwCLlQMDAIuZMAoDAwKLnAMD -AIueAwMAi6ADAwCLojAKAwMCi6QDAwCLpgMDAIuuAwMBi7IDAwCLuAMDAIu/AwMA -i94wCgMDAIxNAwMAjE4wCgMDAoxUAwMAjFYwCgMDAIxdAwMAjF4DAwCMYQMDAIxp -AwMBjJYDAwCMpAMDAIymAwMAjLUDAwCMywMDAIznMAkDAgCNAwMBjVQwCgMDAI1X -AwMBjWQDAwCNaQMDAI1sAwMAjXEDAwCNcwMDAI19AwMAjYIwCgMDAY2GAwMAjYow -CgMDAI2PAwMAjZQDAwCNowMEB42kgDAKAwMAjakDAwCNrDAKAwMAja8DAwCNsAMD -AI3AAwQAjcEUAwQCjcFsAwQBjcHWAwMAjcIDAwCNxAMDAY3IAwMAjcsDAwCN0DAL -AwMBjeIDBAON4oADBACN4oswCwMEBI3ikAMDAI3kAwMAjecDAwCN7QMDAI3xAwMB -jfQwCgMDAI35AwMAjfoDAwGN/AMDAI3/AwQDjlsIAwQDjlt4AwQDjluYAwQHjpoA -AwQDjuogAwMAjvcDAwCPKQMDAI8vMAoDAwGPMgMDAY80AwMAj0EwCwMEB49cgAMD -AY9cAwMAj2EDAwCPYzAKAwMAj3UDAwCPdgMDAI95AwMAj34wCgMDAI+BAwMAj4ID -AwCPoTAKAwMAj6MDAwCPpAMDAI+nAwMAj6kwCgMDBI+wAwMAj7QDAwCPxAMDAI/N -AwMAj9IDAwCP2QMDAY/gMAoDAwCP6QMDAI/qAwMAj+0DAwCP7wMDAI/1AwMAj/wD -AwCQAgMDAJAEAwMBkBQDAwCQGAMDAJAbAwMAkCADAwCQKTAKAwMAkCsDAwCQLAME -ApAwPAMDAJA2AwMBkDgwCgMDAJA/AwMBkEADAwCQTAMDAJBSMAsDAwKQVAMEB5BW -AAMDAJBXAwMAkF8DAwCQYgMDAJB3AwMAkHoDAwCQfAMDAJB/AwMAkJEDAwGQpAMD -AJCtMAoDAwSQsAMDAZC0AwMAkMEDAwCQyAMDAJDMAwMAkM4DBAaQ0AAwCwMEB5DQ -gAMDAZDQAwMAkPgwCQMCAJEDAwCSADAKAwMBkgIDAwCSBAMDAJITAwMAkhUDAwCS -MAMDAJIyAwMAkjQwCgMDAJI7AwMAkjwDAwGSQgMDAJJGAwQBkkdeAwMAkkgDAwCS -SwMDAJJNAwMBklADAwCSVwMEA5JY6AMDAJJaAwMAkmEwCgMDApJkAwMAkm4DAwCS -cDAKAwMAkncDAwCSeAMDAJJ8AwMAkoUDAwCSiAMDAJKMAwMBkp4wCgMDAJKhAwMA -kqIDAwCSqQMDAZKsMAoDAwCSrwMDAZKwAwMAkrMDAwCSuQMDAJK8MAoDAwCSvwMD -AJLCMAoDAwGS0gMDAZLUAwMAktgwCgMDAJLbAwMAktwDAwCS4DAKAwMAkuMDAwCS -5AMDAJLqAwMAkvEwCgMDAJL3AwMBkvgDAwCS+zAJAwMAkv0DAgCSAwMAkwcwCgMD -ApMMAwMAkw4wCgMDAJMbAwMAkx4DAwGTIAMDAZMsAwMAkzQDAwCTNgMDAJM8MAoD -AwCTQwMDAJNEAwMAk0swCgMDAJNNAwMAk04wCgMDAZNSAwMAk1QwCgMDAZNWAwMB -k1gDAwCTWzAKAwMAk10DAwCTYDAKAwMBk2IDAwCTZAMDAJNmMAoDAwCTbwMDAJNw -AwMAk3cDAwGTegMDAJN9AwMAk38DBAeTh4ADAwGTjjAKAwMAk5MDAwCTmAMDAJOc -MAoDAwCToQMDApOgAwMAk6cwCgMDAJOrAwMBk6wDAwCTrwMDAZO0AwMAk7gDAwCT -ugMDAZO8AwMAk8EDAwGTxAMDAJPJAwMAk8wDAwCT0jAKAwMAk9UDAwOT0AMDAJPc -MAoDAwKT5AMDAZPsAwMAk/MwCgMDAZP6AwMAk/wDAwGUAgMDAJQGAwMAlDYDAwCU -OAMEAJQ7cwMDAJQ8AwMAlD8DBAKUQDgDAwCURQMDAJRHAwQFlEzgAwMAlE8wCgMD -AJRRAwMClFADAwCUWAMDAZRuMAoDAwGUdgMDApR4MAoDAwCUhwMDAJSIAwMAlIoD -AwCUjAMDAJSPAwMAlJQDAwCUlwMDAJSgAwMAlKkDAwCUsAMDAJS1AwMAlLkDAwCU -uzAKAwMClMQDAwCUxgMDAJTIMAoDAwCU+wMDAZT8AwMAlQADAwCVAwMDAJUbAwMA -lTEDAwCVOwMDAJU+AwMAlVEDAwCVWgMDAJVtAwMAlX4wCgMDApWEAwMAlYYwCgMD -AJWLAwMAlYwwCgMDAZWSAwMAlZQwCgMDAJWZAwMBlZwDAwCVqgMDAJWsMAoDAwCV -sQMDAZXEMAoDAwOVyAMDAZXoMAwDBAOV6ggDBAeV6gAwCgMDAJXrAwMDlfAwCgMD -AJX5AwMClfgDAwGV/gMDAJZqAwQClmvIAwMAlnADAwCWgAMEApaBCAMDAJaEAwMA -lowwCgMDAJaRAwMAlpIDAwCWrwMDAJayAwMBlswwCgMDAJbVAwMAltYDAwCW2QMD -AJbjAwMBluwDAwCW8QMDAJb0AwMAlvsDAwCW/jAJAwIAlwMDAJdkMAsDAwGXagME -BZdqgDAMAwQGl2rAAwQEl2rgAwMAl3MDAwCXeAMDAJd/AwMAl4EDAwCXhTAKAwMA -l4cDAwCXiAMDAZecAwMAl6oDAwCXrTAKAwMAl68DAwGXsAMDAJe0MAoDAwGXtgMD -AJe4AwMAl7sDAwCXvTAKAwMAl9MDAwCX1DAJAwMDl9gDAgOQAwMAmEIDAwCYRwMD -AJhJMAoDAwCYTQMDAJhOAwMAmFEwCgMDA5hYAwMAmFowCgMDAJhdAwMAmGADAwCY -aQMDAZhyAwMAmIYDAwCYjwMDAJiWAwMAmJgDAwCZAQMDAJkFAwMAmQ8DAwCZEQMD -AJkTAwMAmVgwCgMDAplcAwMAmWIDAwCZZDAKAwMCmWwDAwCZbgMDAJlwMAsDAwOa -CAMEBJoIIAMEBpoIQAMDAZoOAwMAmiADAwCbBAMDAJstMAoDAwGbNgMDAJs4AwMA -m0IDAwCbSQMDAJtpMAoDAwCbgwMDAZuEAwMBm4gDBAabikADAwCbjAMDAJuRAwMA -m54DAwCbuQMDAJvAAwMAm8YDAwCbygMDAJvMAwMAm88wCgMDAJvRAwMAm9IDAwCb -3zAKAwMAm+MDAwCb5AMDAJvnAwMAm/UwCgMDAJv5AwMAm/oDAwCb/QMEBZv+IAMD -AJwKAwMAnA4wCgMDAJwRAwMAnBIDAwCcGQMDAJwcAwMAnCMDAwCcKwMDAZwwMAoD -AwCcMwMDAJw0AwMAnDYDAwCcOgMDAJw9AwMAnEMDAwCcUwMDAJxqMAoDAwGccgMD -AJx0AwMAnHYDAwCchQMDAJyHAwMAnJQDAwCcljAKAwMAnRcDAwGdHDAKAwMAnVMD -AwCdVAMDAJ1YAwMAnV4DAwGdYAMDAJ1jAwQDnXjgMAsDBAKdeOwDAwCdeAMDAZ18 -AwMAnYEDAwCdiAMDAJ2KAwMAnYwDAwCdkDAKAwMAnZ0DAwWdgDAKAwMAnaEDAwCd -pDAKAwMAnacDAwGdqDAKAwMAnasDAwGdrAMDAJ2xAwMBnbQDAwCdugMDAJ2+AwMA -ncEDAwCdyAMDAJ3LAwMAneQDAwCd5wMDAZ3sAwMAnfMDAwCd9wMDAJ35AwMCniQw -CgMDAJ4pAwMCnigDAwGeLjAKAwMAnjEDAwCeMgMDAJ46AwMAnjwDAwCeQAMDAZ5C -AwMAnksDAwCeWgMDAJ5cAwMAnl4DAwCeYwMDAJ5mAwMAnmkwCgMDAJ5tAwMAnm4D -AwCecAMDAJ53AwMCnnwDAwCegQMDAJ6DAwMAnoUDBASejBADBAaejEADAwCejwME -BJ6SgDAKAwMCnpQDAwCelgMDAJ6YAwMAnpwDAwCeojAKAwMBnqYDAwGeqDAKAwMC -nqwDAwGetDAKAwMBnr4DAwGexAMDAJ7YAwMAntoDAwCe3AMDAJ7fMAoDAwCe4QMD -Ap7gMAoDAwGe5gMDAJ7qMAoDAwOe+AMDAJ76MAoDAwCe/wMDAJ8AMAoDAwCfBwMD -AJ8IAwMAnwwDAwCfDwMDAJ8UAwMBnxYDAwCfGTAKAwMAnx0DAwWfAAMDAJ8iAwMA -nyYDAwCfLgMDAZ8yAwMAnzoDAwCfPAMDAJ9FAwMAn0gDAwCfUQMDAJ9UAwMAn1YD -AwGfXAMDAJ9fAwMBn2QwCgMDAJ9nAwMAn2gDAwCfawMDAJ9tAwMAn3IDBAOfdcAw -DAMEAZ91ygMEBJ91wAMDAJ96AwMAn4IDAwCfhgMEBZ+HgAMDAJ+QMAoDAwGfkgMD -AZ+UMAoDAwCflwMDAJ+YAwMAn5oDAwCfnAMDAJ+gAwMAn6IwCgMDAJ+nAwMAn6gD -AwGfqgMDAJ+tMAoDAwCfswMDAJ+0AwMAn74wCgMDAJ/BAwMCn8ADAwCfxQMDAJ/I -AwMAn80DAwCf0gMDAJ/VAwMBn9gDAwCf2wMDAJ/gAwMAn+gDAwGf7AMDAJ/vAwMA -n/EDBAOf8ggDBAaf8kADBASf8uADAwGf9DAJAwMAn/0DAgWAMAoDAwCgBQMDAKAG -AwMBoAgDBAKgE1wDBAKgE7QDBAOgFGADBAKgFGwDBASgFJADBAGgFNYDBACgFOUD -BAGgFPgDAwCgJgMDAKAoMAoDAwKgLAMDBqAAMAoDAwGgQgMDAKBEAwMBoEYDAwCg -SwMDAKBOAwMAoFADAwCgVQMDAKBcMAoDAwCgYQMDAKBkMAoDAwCgZwMDAKBoAwMA -oHIDAwCgtAMEBKDKEAMDAaDSMAoDAwCg1QMDAKDWMAoDAwOg2AMDAaDcAwMAoOQD -BAag50ADBACg7hUDBAKg7iQDBAKg7jQDBAGg7jwDBAKg7mADBASg7nAwCgMDAaEC -AwMBoQQDAwGhCAMDAKEMAwMAoREDAwChFAMDAKEXAwMAoRsDAwChHgMDAKElMAoD -AwChKQMDAKEqAwMAoTAwCgMDAqE0AwMAoTYDAwChOwMDAKE+AwMAoUMwCgMDAaFG -AwMAoUoDAwChTAMDAKFOMAoDAwChUwMDAKFcMAoDAwOhaAMDAKFqMAoDAwGhbgMD -AKFwAwMAoXQDAwChhgMDAKGTAwMAoZwDAwChngMDAKHKAwMAodoDAwCh5jAKAwMA -ofsDAwCh/AMDAKILAwQDogzIAwMAog0DAwCiFQMDAKIXMAoDAwCiGQMDAKIaAwMA -oiYDAwCiVgMDAKKFAwQHoo6AAwQBotiKAwQCotn4AwQDotpYAwQCotqwAwQDotzw -MAwDBAOi3lgDBACi3loDBAKi9DQDBAKi9cwDBAKi+MQDBAKi+tgDBAOi+yADBAKi -/8QDAwCjAQMDAKMDAwMAowUDAwCjCQMDAKMiMAoDAwGjPgMDAaN0AwMAo3cwCgMD -AqOcAwMEo6ADAwCj8jAJAwICpAMDAKQoAwMApDAwCgMDAKQ7AwMBpDwDAwCkUQME -B6RdgDAKAwMBpH4DAwSkgAMDAKSxAwMApNcDAwClTgMEBKVU0AMDAKVyAwMApcAD -AwCl2gMDAKXeAwMDpggDBAemMYADAwCmVwMDAKdRMAsDBAGnVkIDAwOnUAMDAKdi -AwQHp2SAAwMAp28DBAWnoAADAwCnqAMDAKesAwMAp8sDAwCn6QMDAKgBAwMAqIsD -BAeolQADBAGolfgDAwCouwMEAaj1xAMDBakgAwQHqZQAAwQEqgpwAwQHqhGAMAwD -BACqJcsDBACqJc4DAwCqPAMEB6plgAMEB6pmgAMEB6qFAAMDAarsAwMAqv8wCgMD -BKsQAwMBqyADBAesUIADBAOsZ1gDBAOs8QAwDAMEA6zxKAMEA6zxMAMEA6zxQAME -AqzxVAMEBKz/AAMEBKz/YAMEA6z/iAMEBKz/wAMEBKz/4AMEA6z/+AMEBq3UwAME -Aq3WyAMEA63qgAMEBK30kAMEBq35AAMEA63/kAMEBq6MAAMEB69ugDAKAwIEsAME -A7BvMDAMAwQAsG85AwQEsHOgMAwDBAOwc7gDBAewegAwCgMEBrB6wAMCALAwCgMC -AbIDBASy7kAwCgMEBbLuYAMCALIDAwC06jAKAwIAuQMEArkIYDAMAwQDuQhoAwQC -uRTYMAwDBAW5FOADBAO5HkAwDAMEArkeTAMEAbkm0DAMAwQCuSbUAwQCuVrwMAwD -BAO5WvgDBAO5ZCAwDAMEArlkLAMEALlpBjAMAwQDuWkIAwQFuZIAMAwDBAK5kiQD -BAK5qWgwDAMEBLmpcAMEBLmrwDAMAwQCuavUAwQCubAwMAwDBAO5sDgDBAS5soAw -CgMEArmylAMCAbgwCgMCArwDBAe8gwAwCwMDAryEAwQEvNGAMAwDBAO80ZgDBAa8 -1gAwCgMEBLzWUAMCALwwDAMEAsAFHAMEAMAFHgMEAMAFJAMEAMAFMgMEAMAFOzAM -AwQAwAU9AwQAwAU+AwQAwAVhAwQAwAWOAwQAwAWRAwQAwAWiAwQAwAXvAwQAwAX+ -AwQAwAwBAwQAwAwvAwQAwAw2AwQBwAxIAwQAwAxNAwQAwAxRAwQAwAxgAwQAwAxj -MAwDBAbADMADBADADMIwDAMEAMAM2QMEAMAM2jAMAwQAwAznAwQAwAzoAwQAwAzr -AwQAwAz3AwMAwA8wDAMEAMAQewMEAMAQpjAMAwQAwBC3AwQAwBDKAwQAwBLDMAwD -BALAGhwDBATAGiAwDAMEAMAaaQMEAcAabDAMAwQAwBpvAwQAwBqAMAwDBADAGoUD -BAPAGoAwDAMEAcAamgMEAcAawAMEAMAa5wMEAMAa6gMEAsAa7DAMAwQCwBx8AwQC -wByAAwQAwB8OAwQAwB8XAwQBwB8aAwQAwB8fAwQAwB8oAwQAwB8+AwQAwB9mMAwD -BAHAH6YDBALAH6gDBADAH9MDBADAH+cDBADAH/wwDAMEAMAhDwMEAMAhEAMEAMAh -JDAMAwQAwCFXAwQEwCFgMAwDBADAIXEDBADAIXIwDAMEAcAhdgMEB8AhAAMEAcAh -gjAMAwQAwCGPAwQBwCGQMAwDBADAIZMDBADAIaYwDAMEAMAhqQMEAsAhqDAMAwQE -wCGwAwQAwCG2MAwDBAbAIcADBAPAIeAwDAMEAMAh6QMEBMAh4AMEAMAh/gMEAMAi -EwMEAMAiMgMEAMAiawMEAMAidAMEAMAiszALAwMAwCMDBALAIxAwDAMEAMAjPwME -AMAjSAMEAMAjWgMEAMAjXgMEAMAjbDAMAwQBwCOCAwQBwCOEAwQAwCOKAwQAwCOS -MAwDBADAI5UDBAHAI5gDBADAI6wwDAMEAMAjtwMEAMAjwDAMAwQAwCPFAwQAwCPG -MAwDBADAI80DBATAI8ADBADAI+UwDAMEBMAj8AMEAMAj9AMEAcAj9jAKAwMCwCQD -AwDAJjAMAwQAwChFAwQAwChQAwQAwCjkMAwDBADAKWcDBADAKYgwDAMEAsApjAME -AcApkAMEAMApkzAMAwQAwCmVAwQAwCmgAwQAwCnSAwQAwCnYAwQAwCnaAwQAwCnj -AwQAwCoBMAwDBAHAKioDBATAKiADBADAKjUwDAMEAMAqPwMEAcAqQAMEAMAqVwME -AMAqYQMEAMAqZAMEAMAqZjAMAwQAwCpxAwQAwCqEAwQAwCqPMAwDBALAKrQDBAHA -KsgDBADAKv0wDAMEAcArogMEAsArqDAMAwQGwCvAAwQAwCvEAwQAwCvSAwQAwCvU -AwQAwCvqMAsDAwLALAMEAsAsQDAMAwQAwCxHAwQAwCxaMAwDBATALPADBALALPgw -DAMEAsAv9AMEAcAv+AMEAMAwHwMEAMAwawMEAMAwkQMEAMAw4AMEAMAw5wMDAMAx -AwQEwDMAMAsDAwLANAMEAMA0MgMEAMA0mDAMAwQAwDSfAwQBwDSgMAwDBADANN0D -BAXANMAwDAMEAMA0/QMEAMA0/jAMAwQAwDVnAwQAwDVoMAwDBADANh8DBADANjQw -DAMEAcA2NgMEAMA2UAMEAMA2aAMEAMA2cTAMAwQAwDZzAwQAwDZ4AwQAwDZ6MAwD -BADANn0DBADANoADBADANoQDBADANoswDAMEAMA2jQMEAcA23AMEAMA24QMEAcA2 -9AMEAMA2/gMEAMA3VAMEAMA3WQMEAMA3ZQMEAMA3aQMEAMA3bQMEAMA3cwMEAMA3 -gQMEAMA3hAMEAMA3vAMEAMA3wQMEAMA3xQMEAMA31AMEAMA39DAMAwQCwDocAwQC -wDogMAwDBADAOikDBAHAOlgDBADAOsUDBADAOtowDAMEAcA64gMEAcA65AMEAMBA -HAMEAcBALAMEAsBAZAMEAMBAfQMEAMBAyjAMAwQAwEEzAwQAwEFGMAwDBALAQVwD -BADAQV4DBADAQWAwDAMEAMBBgwMEAMBBhAMEAMBBizAMAwQEwEGQAwQAwEGSAwQA -wEGZMAwDBADAQbcDBAHAQcQwDAMEAMBB2wMEAMBB5AMDAMBCMAwDBADAQwMDBADA -QwQDBADAQycDBADAQysDBADAQy8DBADAQzIDBADAQzQDBADAQzcDBADAQzoDBADA -Q0wDBADAQ08DBADAQ1cDBADAQ14wDAMEAsBDZAMEAMBDaAMEAMBDhwMEAMBDpwME -AMBDqjAMAwQAwEO9AwQAwEPQAwQAwEPaAwQBwEPcAwQAwEPfAwQAwEP5MAsDAwLA -RAMEAsBEEAMEAMBEFzAMAwQAwEQfAwQCwEQwMAwDBALAREwDBALARGgwDAMEAMBE -lwMEAcBEmDAMAwQAwESlAwQAwESqAwQAwESuAwQAwESwAwQAwES2AwQAwES6AwQA -wETRMAwDBADARNMDBADARNgDBADARN0DBADAROADBADAROYwDAMEAcBE+gMEAMBE -/AMEAMBE/jALAwMBwEYDBAPARnAwDAMEAMBGhQMEAMBGhgMEAMBGiDAMAwQCwEaM -AwQFwEaAAwQDwEbAAwQAwEbyAwMAwEcwDAMEAMBJEwMEAMBJFDAMAwQBwEkiAwQA -wEksAwQAwEniAwQAwEnlMAwDBAHATAYDBALATCAwDAMEAMBMewMEAMBMhDAMAwQB -wEyGAwQAwEysAwQAwEywMAwDBADATPEDBADATPgDBADATQsDBAHATXIDBALATXgw -DAMEAsBNhAMEAMBNigMEAcBNjAMEAcBQFDAMAwQAwFAfAwQAwFAqAwQAwFAuAwQA -wFAzAwQAwFE7MAwDBADAUT0DBADAUT4DBADAUW0DBADAUXkDBADAUXsDBADAUaAw -DAMEAcBRtgMEAMBRuAMEAMBRwgMEAMBR5gMEAMBR6gMEAMBSeQMEAMBSfAMEAMBS -fwMEAMBSmTAMAwQAwFKdAwQAwFKeAwQAwFLWAwQBwFLcAwQAwFLxMAsDAwDAUwME -AMBTZAMEAMBTZgMEAMBToAMEAMBTpQMEAMBTyAMEAMBTygMEAMBT2AMEAMBT3zAM -AwQAwFPlAwQAwFPmAwQAwFQFAwQAwFQNAwQAwFQPAwQAwFQbAwQAwFQeAwQBwFQg -AwQAwFQ+MAwDBADAVEsDBADAVFQDBADAVFcwDAMEAcBUWgMEAsBUYDAMAwQAwFRl -AwQBwFRsMAwDBADAVH8DBADAVJwDBADAVKYDBADAVK0wDAMEBMBUsAMEBMBUwAME -AMBU1AMEAcBU3DAMAwQBwFTiAwQBwFTkMAwDBADAVPUDBAPAVPADBADAVgsDBADA -Vg4DBADAVhIDBADAVhkDBADAVhsDBADAVlkwDAMEAMBWfQMEB8BWAAMEAMBWhjAM -AwQAwFaJAwQAwFaKAwQAwFajAwQBwFamAwQAwFapAwQAwFb+AwMAwFcDBADAWAED -BADAWAQwDAMEAMBYCQMEAMBYCgMEAMBYETAMAwQAwFgXAwQAwFgYMAwDBADAWFMD -BADAWFQDBADAWFYwDAMEAMBYYQMEAMBYYgMEAMBYbAMEAMBYdgMEAMBYewMEAMBY -gAMEAMBYggMEAMBYhQMEAMBYxAMEAMBYzAMEAcBY7jAMAwQBwFj6AwQAwFj+AwMA -wFkDBAHAW4wDBADAW7EDBADAW7oDBADAW70DBADAW78DBADAW8cDBADAW8kDBADA -W9MwDAMEAcBb1gMEAcBb6DAMAwQCwFvsAwQDwFvwAwQAwFxWAwQAwFxeMAwDBAPA -XGgDBADAXGoDBAHAXGwDBADAXHQwDAMEAMBcfQMEAsBciDAMAwQAwFyNAwQBwFyY -MAwDBADAXJsDBADAXJwDBADAXNgDAwDAXQMEAMBeGAMEAMBeHDAMAwQAwF45AwQA -wF46MAwDBADAXkMDBADAXkQDBADAXkwDBADAXk4wDAMEAMBebwMEAcBedDAMAwQC -wF6cAwQCwF6gAwQAwF6sMAwDBADAXq8DBAPAXsADBADAXtQDBADAXt0DBADAXuID -BADAXukDBADAXusDBADAXu8DAwDAYgMEAMBkEjAMAwQAwGQXAwQBwGQYAwQAwGQ0 -AwQAwGQ9AwQAwGQ/AwQAwGROAwQCwGRgMAwDBAHAZGYDBAHAZIQwDAMEAMBkhwME -AMBkjAMEAMBkkAMEAMBkmgMEAMBlAQMEAMBlBAMEAMBlCAMEAMBlCwMEAMBlHAME -AMBlIgMEAMBlSzAMAwQAwGVRAwQAwGVaMAwDBADAZW8DBADAZXIDBADAZXYDBADA -ZYkwDAMEAMBloQMEAMBlqAMEAMBlqgMEAMBlsDAMAwQAwGWzAwQAwGW0AwQAwGXA -MAwDBADAZcUDBADAZcYDBADAZfwDBADAZgEwDAMEAcBmBgMEAMBmCDAMAwQAwGYR -AwQBwGZQAwQAwGZZAwQAwGZfMAwDBAHAZpIDBAHAZrADBADAZtYDBAHAZuAwDAME -AMBm4wMEAcBm5AMEAMBnAgMEAMBnBwMEAMBnDgMEAMBnFAMEAMBnFzAMAwQAwGcb -AwQAwGcoMAwDBADAZ1UDBADAZ3QwDAMEAMBniQMEAsBniAMEAMBnkwMEAMBoFwME -AcBoHDAMAwQAwGgjAwQBwGgkAwQAwGgpAwQAwGgwAwQAwGg1MAwDBADAaDcDBADA -aDoDBADAaEgDBADAaE0DBADAaFIDBADAaIwDBADAaI4DBADAaJMDBAHAaJowDAME -AMBopwMEAMBoqAMEAMBo7gMEAMBo9QMEAMBo+AMEAMBo+wMEAMBpSwMDAMBqAwQA -wGsCAwQBwGsEMAwDBADAawsDBAHAawwwDAMEAMBrMwMEAMBrZAMEAMBrbgMEAMBr -cjAMAwQBwGt6AwQBwGuAAwQAwGuEAwQAwGuoAwQAwGuuMAwDBADAa7EDBADAa7ID -BADAa7swDAMEA8BryAMEAcBr6DAMAwQAwGvrAwQAwGvsMAwDBADAbBcDBAHAbDAw -DAMEAMBsMwMEAMBsXAMEAcBsZDAMAwQAwGxrAwQAwGxsMAwDBAHAbHIDBAHAbHgw -DAMEAMBsfQMEAMBsfjAMAwQHwGyAAwQAwGyuMAwDBADAbMMDBADAbNYDBADAbOoD -BADAbO4wCwMDAMBtAwQAwG0sMAwDBAHAbS4DBADAbUowDAMEAsBtTAMEAsBtWDAM -AwQBwG1eAwQAwG1iMAwDBALAbWQDBADAbWYwDAMEAMBtaQMEA8BtcDAMAwQAwG15 -AwQBwG3wMAsDBADAbfMDAwHAbAMEAMBvIQMEAMBvJwMEAMBvLDAMAwQAwG8vAwQA -wG8wAwQAwG9YAwQAwG9lMAwDBADAb2cDBADAb2gDBAHAb3wDBADAb38DBADAb/ww -DAMEAcBwHgMEAMBwIAMEAMBwLQMEAMBwMQMEAMBwPTAMAwQBwHBGAwQEwHBAMAwD -BAHAcGIDBADAcGQDBADAcMwDBADAcM4DBADAcNAwDAMEAMBw1QMEAMBw1gMEAMBw -9wMEAMBw/jAKAwMAwHEDAwDAdgMDAMB5MAwDBADAegEDBADAeoIwDAMEAMB6jQME -AMB6kjAMAwQAwHqXAwQAwHqqAwQAwHrWMAwDBAPAetgDBADAeuowDAMEAcB67gME -AMB68gMEAMB6/jAMAwQAwHwZAwQAwHwcAwQAwHwgAwQAwHwnAwQAwHwuAwQAwHxw -MAwDBADAfHMDBADAfHQDBADAfJswDAMEAcB8qgMEAsB82AMEAMB86zAMAwQAwHzt -AwQBwHz0MAwDBADAfPcDBADAfPgwDAMEAcB8+gMEAMB8/gMDAMB9MAwDBADAfgED -BADAfkAwDAMEAMCBAQMEAcCBPAMEAMCBUAMEAMCBVwMEAMCBYgMDAMCCAwQAwIMU -MAwDBADAgxkDBADAgxoDBADAg08DBADAg1kDBADAg2ADBADAg2wDBADAg4QwDAME -AMCECQMEAsCECAMEAMCEIgMEAMCENQMEAMCENwMEAMCEYwMEAMCE7wMEAcCE9AME -AMCE/AMEAMCFDwMEAMCFHAMEAMCFIAMEAMCFJDAMAwQAwIU1AwQDwIUwAwQAwIU6 -AwQAwIVAAwQCwIVsAwQAwIV5AwQAwIWDAwQAwIX0AwMAwIYwDAMEAMCHBwMEAcCH -JAMEAMCHLjAMAwQAwIczAwQBwIc0AwQAwIc/AwQAwIdCAwQAwIdEAwQAwIdSAwQA -wIdkAwQAwIeBAwQAwIeFAwQAwIePMAwDBADAh5EDBADAh6gDBADAh68DBADAh7sD -BADAh9sDBADAh+EwDAMEAMCH5wMEAMCH6jAMAwQAwIf9AwQAwIf+AwQAwIgHAwQA -wIgJAwQBwIgSAwQAwIgXMAwDBADAiB0DBAXAiAADBAHAiCgDBADAiDEwDAMEAMCI -MwMEAMCINAMEAMCIPTAMAwQAwIhHAwQAwIhmMAwDBAHAiJoDBADAiJwwDAMEAMCK -AQMEAMCKCAMEAMCKVjAMAwQAwIppAwQBwIp0MAwDBADAipsDBADAip4DBADAircD -BADAisADBADAiswwDAMEAsCK5AMEAMCK6AMEAMCK+AMEAMCLTgMEAcCMAgMEBsCQ -ADAMAwQBwJBKAwQBwJBMAwQHwJEAAwQCwJHgAwQAwJJ1AwQAwJJ3MAwDBADAknsD -BADAkn4DBADAkoQwDAMEAcCShgMEAcCSjAMEAMCSmDAMAwQAwJKjAwQAwJKqMAwD -BALAkqwDBADAkrYDBADAkrkDBADAkrsDBADAksEDBADAkswwDAMEAMCS4wMEAMCS -5DAMAwQAwJLpAwQAwJLqAwQBwJLuAwQAwJLyAwQAwJMXAwQAwJMiAwQAwJMkAwQA -wJMqAwQCwJNMAwQAwJONAwQAwJOWAwQAwJObAwQAwJPUMAwDBADAk9cDBAHAk9gD -BADAk9sDBADAk+QDBADAk/cDBADAk/swDAMEAMCUIQMEAMCUXAMEAMCUZwMEAcCU -pjAMAwQAwJSxAwQAwJS6MAwDBAbAlMADBADAlMIwDAMEAcCUxgMEAMCU2AMEAMCU -3AMEAMCVAwMEAMCVBQMEAMCVDwMEAMCVEwMEAMCVGzAMAwQAwJUdAwQBwJUgAwQA -wJUjAwQAwJUpAwQAwJU5MAwDBADAlTsDBADAlTwwDAMEAMCVTQMEBMCVQAMEAMCV -YgMEAMCVZAMEAMCVZgMEAcCVbjAMAwQAwJV1AwQBwJV4AwQAwJV+AwQAwJXjAwQA -wJXoAwQAwJXuAwQAwJYUMAwDBAHAljoDBADAlkgwDAMEAMCWSwMEAMCWTDAMAwQB -wJZOAwQAwJZUAwQAwJZZAwQAwJZcAwQAwJZeAwQAwJZoAwQAwJZqAwQAwJZ8AwQA -wJaMAwQAwJaSMAwDBADAlrEDBADAlrgwDAMEAsCWvAMEAMCWvjAMAwQGwJbAAwQA -wJbGMAwDBADAlssDBAHAlswDBAHAltADBADAlt8wDAMEAMCW4wMEAcCW6AMEAMCW -7gMEAMCW+AMEAMCW/AMEAMCW/gMEAMCYBgMEAMCYDgMEAMCYEQMEAcCYGgMEAMCY -KgMEAMCYLDAMAwQAwJgvAwQCwJgwAwQAwJg2MAwDBADAmD0DBAbAmAADBADAmEQD -BADAmFIDBADAmGIwDAMEAMCYbwMEAMCYcAMEAMCYegMEAMCYfAMEAMCYjQMEAMCY -lwMEAMCYnAMEAcCYpgMEAMCYrgMEAsCYuAMEAMCY8QMEAMCY9DAMAwQAwJj9AwQA -wJj+AwQBwJkCAwQAwJkNAwQBwJkSAwQAwJlZAwQAwJl0AwQAwJl/AwQAwJmZAwQA -wJmmAwQAwJmoAwQAwJmrMAwDBADAma0DBADAmbYDBAHAmbwDBADAmcIDBADAmdUw -DAMEAMCbAQMEAMCbBgMEAMCchAMEAMCcogMEAMCcpwMEAMCc0gMEAMCc1QMEAMCc -2QMEAMCc4wMEAMCc7wMEAMCc+DAMAwQAwJ0BAwQCwJ0AMAwDBAPAnQgDBAHAnRAD -BADAnYEwDAMEAMCdpQMEAMCdrAMEAMCdrgMEAMCdsAMEAMCduQMEAMCduwMEAMCd -vQMEAcCfJgMEAMCfRgMEAMCfSQMEAMCfTQMEAcCfVAMEAMCfWgMEAMCfXzAMAwQA -wJ9jAwQDwJ9gAwQAwJ9pAwQBwJ9sAwQAwJ92MAwDBADAn3kDBADAn3oDBADAoAoD -BADAoA8wDAMEAMCgFQMEA8CgEAMEAMCgGwMEAMCgIQMEAMCgJQMEAMCgQQMEAMCg -QzAMAwQAwKBfAwQAwKBgAwQAwKBqMAwDBADAoG0DBADAoG4DBADAoHsDBADAoH4D -BAHAoI4DBADAoJgDBADAoJwDBADAoKADBADAoKwwDAMEAMCgsQMEAsCgsAMEAcCg -wgMEAcCg4DAMAwQAwKDnAwQBwKDoMAwDBADAoPUDBAHAoPgwDAMEAMCg+wMEAMCg -/AMEAcChBgMEAcChQAMDAMCiMAwDBAXAoyADBAXAo4ADAwLApDAMAwQAwKsBAwQB -wKsEMAwDBAfAq4ADBAPAq8ADBADArOgDBADArP0wDAMEAMCtAQMEAMCtBAMEA8Ct -gDAMAwQGwK5AAwQAwK5EAwQBwK8OAwQEwK8gAwMAwLAwDAMEBMC7EAMEAcC7GAME -AMC8CjAMAwQAwLw/AwQBwLxAAwQAwLxFAwQAwLxgAwQAwLxpAwQBwLx0MAwDBADA -vHkDBADAvHoDBADAvH0DBADAvH8DBADAvIEDBADAvIQDBADAvIgDBADAvJEwDAME -AMC8nQMEAMC8ngMEAMC8uwMEAMC8vTAMAwQAwLzpAwQBwLzsMAwDBAHAvPIDBADA -vPgDBADAvQEDBALAvQgDBADAvQ4DBADAvRcDBADAvSkwDAMEAMC9MwMEAMC9NAME -AMC9NwMEAMC9QjAMAwQAwL1FAwQAwL1GAwQAwL1JAwQAwL1MAwQAwL13AwQAwL2X -AwQAwL2aAwQAwL2dAwQAwL2gMAwDBAHAvaYDBADAvaoDBAHAvcoDBADAvfsDBADA -viwDBAHAvjoDBADAvkADBADAvkMDBADAvkUDBADAvl8wDAMEAMC+gQMEAMC+hDAM -AwQAwL6tAwQAwL6uAwQBwL62MAwDBAHAvr4DBAHAvsAwDAMEAMC+yQMEAMC+yjAM -AwQAwL7pAwQAwL7sAwQAwL7wAwQAwL7yMAwDBADAvvcDBAHAvvgDAwDAwgMEAMDD -AQMEAMDDCAMEAcDDKgMEAMDDSAMEAMDDYjAMAwQAwMNpAwQAwMNqAwQAwMNuMAwD -BALAw3QDBADAw3YwDAMEAcDDhgMEAMDDlDAMAwQAwMO3AwQAwMO4AwQAwMPDAwQA -wMPsMAwDBADAxAEDBALAxJgDBATAxxADBADAy1ADBAHAy2wDBADAy+MwDAMEAMDO -TQMEAcDOUAMEAMDOVjAMAwQBwM7eAwQAwM7iAwQAwM8OAwQAwM8fMAwDBADAz40D -BADAz44DBADAz8QDBADA50MDBADA51IwDAMEAMDuAQMEAMDuCgMEAMD1mAMEAMD1 -qQMEAMD14TAMAwQAwPcBAwQAwPcKMAwDBADA+z0DBAHA+0ADBADA++IDBADA++Yw -CgMCAMEDBADBEdYwDAMEA8ER2AMEA8ET4DAMAwQCwRPsAwQBwSmQMAwDBALBKZQD -BAbBUgAwDAMEBcFSYAMEBcFSwDAKAwMAwVMDAwDBXjAMAwQHwV+AAwQAwWwWAwQC -wWwYMAwDBADBbB0DBAHBbNQwDAMEAMFs1wMEAsFs+DALAwMAwW0DBAHBbUAwDAME -AsFtRAMEA8FuYDALAwQBwW5qAwMEwWADAwDBcTAMAwQFwXIgAwQFwXJAMAwDBAXB -cqADBAXBcwAwDAMEB8FzgAMEBcF0AAMEBsF0gAMEBsF1ADALAwQFwXVgAwMAwXYw -CwMEB8F3gAMDAcF4MAsDAwLBfAMEAMG8BjALAwQDwbwIAwMAwbwwDAMEAcG9QgME -B8G9ADAMAwQAwb2BAwQAwcIAMAwDBAHBwgYDBAXBwgADBAXBwmAwDAMEAMHCgQME -BcHCgDAMAwQGwcLAAwQBwd3YMAsDBADB3dsDAwDB4gMEBsHjQDAMAwQAweOBAwQF -wgbAMAwDBADCBuEDBAbCCQAwDAMEAcIJQgMEAcIJUDAMAwQCwglUAwQAwiO+MAwD -BAbCI8ADBAXCT0AwCwMEB8JPgAMDAMJaMAsDAwLCXAMEBcLBAAMEBsLBQDAMAwQF -wsHgAwQGwsyAMAoDAwDCzQMDAMLeMAwDBAXC32ADBAXC34AwDAMEBsLfwAMEBMMY -QDAMAwQDwxhYAwQGwxiAMAwDBAXDGOADBAHDJ9gwCwMEAsMn3AMDAMMqMAwDBAXD -KyADBALDgAAwDAMEA8OACAMEBcOmwDALAwMAw6cDBAXDp4AwDAMEBMOnsAMEBsPK -ADAMAwQFw8pgAwQDw+pwMAwDBALD6nwDBAPD6qAwDAMEAMPqqQMEAMPquDAMAwQB -w+q6AwQCw+r4MAsDAwDD6wMEBcP2ADAKAwQGw/ZAAwICwAMEAMQBAzAMAwQAxAEF -AwQAxAEGAwQCxAFAMAwDBADEAUUDBADEAUYDBALEAgQwDAMEAcQDQgMEA8QDQAME -AMQDWwMEBcQPIAMEAsYLAAMEAMYRTQMEAMYRdTAMAwQCxhG0AwQAxhG2AwQAxhYz -MAwDBADGFl0DBAHGFmAwDAMEBcYkIAMEAMYkLgMEAsYtdAMEAMYzDDAMAwQAxjOP -AwQAxjOSAwQCxjQsAwQCxjccAwQDxllYAwQAxmOUAwQAxmPeAwQFxmlgMAwDBATG -hVADBAHGhVQDBADGhYwDBADGhc4DBADGheIwDAMEAMaHiQMEAMaHigMEAMaHpwME -AMaToDAMAwQAxpSxAwQAxpSyMAwDBAHGtJYDBAHGtJgDBADGzsUwDAMEA8bOyAME -AMbOygMEB8bwgAMEAccr9gMEAccw5gMDAMc1AwQDx1jQAwQEx1sQMAwDBAPHZwgD -BADHZwwDBAXH9wADBAPH9zgDBAXH+oADBADKAE0DBATLn1ADBAPLvjgDBALMCwAD -AwDMEgMEAcwwIAMEAMzh2gMEAM3JNwMEAM3TUwMEAc3c2AMEAM6nIQMEAs6+3AME -Bc7DIAMEBc784AMEBs9ZQAMEBc+WoAMEAs+u2AMEBc+yQAMEBs+0wAMEBM+9wDAM -AwQEz+VwAwQAz+V0MAwDBAHP5XYDBADP5XgwDAMEAc/legMEB8/lAAMEAtBSSAME -BtEqwAMEBdGigAMEBdHOAAMEAdHOJgMEBNHVMAMEBdH64DAMAwQA0fvDAwQB0fvE -AwQB0fv8AwQH1AAAMAwDBAXUAKADBAHUCOQwDAMEA9QI6AMEANQI8DAMAwQB1Ajy -AwQB1Aj8MAsDAwDUCQMEBdQMwDALAwMA1A0DBAXUFoAwDAMEBtQWwAMEBtQxADAM -AwQF1DFgAwQH1DQAMAwDBAXUNKADBAbUPAAwCwMEBdQ8YAMDBtQAMAwDBAfUQIAD -BATURYAwDAMEBdRFoAMEBtRVgDAMAwQF1FXgAwQF1FhAMAwDBAfUWIADBAHUXGQw -DAMEA9RcaAMEB9RfADALAwQF1F+gAwMF1EAwDAMEBdRgIAMEBtRkADAMAwQF1GRg -AwQF1GeAMAwDBAbUZ8ADBATUdSAwDAMEBtR1QAMEBdR6wDALAwMA1HsDBAfUgQAw -CgMDAdSCAwMA1NgwDAMEB9TZgAMEBtU3ADAMAwQH1TeAAwQG1YMAMAwDBAXVg2AD -BAXViEAwDAMEB9WIgAMEBtWTADAMAwQF1ZNgAwQF1ZZAAwQF1ZaAMAwDBAXVluAD -BAbVmAAwDAMEBdWYYAMEBdWaADAMAwQF1ZpgAwQF1Z6AMAwDBAbVnsADBAHVnwww -DAMEBNWfEAMEAtWfgDAMAwQD1Z+IAwQH1awAMAwDBAXVrKADBAXVs4AwDAMEBtWz -wAMEBdW1wDALAwMB1bYDBAXVwQAwDAMEBtXBQAMEBtXUgDAKAwMA1dUDAwDV9jAM -AwQF1fcgAwQH1f8AMAoDBAXV/6ADAgHUAwQB2C58AwQA2GPeAwQE2J5gAwQE2KxA -AwQG2NWAAwQF2PGAMAoDAgDZAwQE2Q5AMAwDBAXZDmADBAXZFMAwDAMEBNkU8AME -BNkVYDAMAwQH2RWAAwQH2R0AMAwDBATZHZADBATZHcAwCwMEBdkd4AMDAtkwMAsD -AwPZOAMEBdlAQDAMAwQE2UBwAwQG2U0AMAwDBATZTVADBAbZTgAwCwMEBNlOUAMD -ANl0MAsDBATZdRADAwDZijALAwMC2YwDBAPZk7AwDAMEBtmTwAMEBNmqgDALAwQF -2aqgAwMB2bAwCwMDANmzAwQE2ceAMAoDBAXZx6ADAgHYAwQC3J7EMGQEAgACMF4D -BQAgAQAFMA0DBAEgAQYDBQEgAQf4MA0DBQAgAQf7AwQCIAEIAwQCIAEUMAwDBAEg -ARoDBAEgAUADBAEgAUYwDAMEASABSgMEASABTAMEBCABUAMEBiADAAMDBCoAMIIG -oAYIKwYBBQUHAR0EggaSMIIGjqCCBoowggaGAgEHAgEcAgIAiQICAOAwCAICAPgC -AgD7AgIBBQICAR4CAgEgAgIBJgICAXcCAgF6AgICAQICAgUwCAICAhACAgIRAgIC -IAICAikCAgIvAgICNQICAk4CAgJRAgICnTAIAgICpwICAqgwCAICArcCAgK5MAgC -AgLFAgICxgICAsgCAgLPMAgCAgL4AgIC+QICAvwCAgL+MAgCAgMGAgIDDwICAxIw -CAICAxUCAgMWMAgCAgRNAgIEsAICBLMCAgS1AgIEvTAIAgIE0gICBNMCAgTZAgIE -4AICBOUCAgTpMAgCAgTzAgIE+wICBP8CAgUKAgIFETAIAgIFEwICBR0CAgUmAgIF -PjAIAgIFSAICBUkCAgYLMAgCAgZ1AgIGdgICBn8CAgaQMAgCAgarAgIGvgICBsEC -AgbEMAgCAgbKAgIGywICBs0CAgbUAgIG2DAIAgIG2gICBtwCAgbfAgIG5DAIAgIG -6gICBusCAgbuAgIG8AICBvQCAgcpMAgCAgcrAgIHLQICBzEwCAICBzkCAgc6MAgC -Agc9AgIHPjAIAgIHVQICB28wCAICB4ECAgeDAgIHhgICB4owCAICB48CAgejMAgC -AgeoAgIHqgICB68CAgfUAgIH3DAIAgIH4AICB+EwCAICB+oCAgftAgIH9DAIAgIH -9gICB/gCAgf7AgIH/QICB/8CAggBMAgCAggJAgIIWDAIAgIIYwICCGQwCAICCH4C -AgjhMAgCAgjmAgIJSQICCUwwCAICCVMCAgm4AgIJvjAIAgIJ4QICCeICAgntMAgC -AgnyAgIJ8wICChIwCAICChkCAgo2AgIKUwICClcCAgp7AgIKzjAIAgIK1QICCwYw -CAICCw4CAgs/AgILTwICC2UCAgtpAgIL8jAIAgIMCwICDCUCAgxPMAgCAgxSAgIM -hzAIAgIMiQICDRkwCAICDVQCAg1XAgIOKAICDwMwCAICD00CAg9OAgIQNDAIAgIR -NQICEU4wCAICEWkCAhFqAgIRrDAIAgIR7AICEe0CAhNuAgIT4TAIAgIVAQICFZ8w -CAICFaECAhX/AgIXswICF8UCAhgYAgIYsAICGQwwCAICGgACAho4MAgCAho6AgIa -3jAIAgIa4AICGv8CAh+dMAgCAiAAAgIhSzAIAgIhTQICIkEwCAICIkMCAiOoMAgC -AiOqAgIj/wICLE0CAi2MAgIvDjAIAgIwAAICMKYwCAICMKgCAjELMAgCAjENAgIz -pzAIAgIzqQICM/8CAjY3MAgCAjwAAgI8JjAIAgI8KAICPHIwCAICPHQCAj1ZMAgC -Aj1bAgI9uzAIAgI9vQICPdAwCAICPdICAj3ZMAgCAj3bAgI+WzAIAgI+XQICPrkw -CAICPrsCAj9VMAgCAj9XAgI/mzAIAgI/nQICP/8CAkksAgJK6gICS7ACAkvHMAgC -AlAAAgJQAzAIAgJQBQICUXkwCAICUXsCAlG/MAgCAlHBAgJSCjAIAgJSDAICUp8w -CAICUqECAlL5MAgCAlL7AgJTFjAIAgJTGAICUx0CAlMfMAgCAlMhAgJTjjAIAgJT -kAICU8swCAICU80CAlP/AgJWXAICWGMCAlibAgJayjAIAgJgAAICYJ8wCAICYKEC -AmC0MAgCAmC2AgJg0zAIAgJg1QICYOAwCAICYOICAmECMAgCAmEEAgJhHjAIAgJh -IAICYS0wCAICYS8CAmGaMAgCAmGcAgJiSjAIAgJiTAICYqEwCAICYqMCAmMRAgJj -EzAIAgJjFQICY8YwCAICY8gCAmPfMAgCAmPhAgJj5zAIAgJj6QICY/8CAmUYMAgC -AnAAAgJwCjAIAgJwDAICcBkwCAICcBsCAnDwMAgCAnDyAgJxojAIAgJxpAICcpkC -AnKbMAgCAnKdAgJy8zAIAgJy9QICczYwCAICczgCAnNnMAgCAnNpAgJzgjAIAgJz -hAICc60wCAICc68CAnPpMAgCAnPrAgJz/zAIAgJ4AAICeK8wCAICeLECAnkDAgJ5 -BTAIAgJ5GAICeVgwCAICeVoCAnoMMAgCAnoOAgJ7gjAIAgJ7hAICe/8wCgIDAIQA -AgMAi/8wCgIDAJgAAgMAm/8wCgIDAKAAAgMApY0wCgIDAKWPAgMAr/8wCgIDALgA -AgMAy/8wCgIDANwAAgMA4/8wCgIDAOgAAgMA7/8wCgIDAPIAAgMA8/8wCgIDAPuM -AgMA++8wCgIDAwAAAgMDNZs= -""" - - def setUp(self): - self.asn1Spec = rfc5280.Extensions() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.extns_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - oids = [ ] - for extn in asn1Object: - oids.append(extn['extnID']) - extn_value, rest = der_decode(extn['extnValue'], - rfc5280.certificateExtensionsMap[extn['extnID']]) - assert not rest - assert extn_value.prettyPrint() - assert der_encode(extn_value) == extn['extnValue'] - - assert rfc8360.id_pe_ipAddrBlocks_v2 in oids - assert rfc8360.id_pe_autonomousSysIds_v2 in oids - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8398.py b/tests/test_rfc8398.py deleted file mode 100644 index 0b27d4a..0000000 --- a/tests/test_rfc8398.py +++ /dev/null @@ -1,67 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc8398 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class EAITestCase(unittest.TestCase): - pem_text = "oCAGCCsGAQUFBwgJoBQMEuiAgeW4q0BleGFtcGxlLmNvbQ==" - - def setUp(self): - self.asn1Spec = rfc5280.GeneralName() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['otherName']['type-id'] in rfc5280.anotherNameMap.keys() - assert asn1Object['otherName']['type-id'] == rfc8398.id_on_SmtpUTF8Mailbox - - eai, rest = der_decode(asn1Object['otherName']['value'], - asn1Spec=rfc5280.anotherNameMap[asn1Object['otherName']['type-id']]) - assert not rest - assert eai.prettyPrint() - assert der_encode(eai) == asn1Object['otherName']['value'] - - assert eai[0] == u'\u8001' - assert eai[1] == u'\u5E2B' - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['otherName']['type-id'] == rfc8398.id_on_SmtpUTF8Mailbox - assert asn1Object['otherName']['value'][0] == u'\u8001' - assert asn1Object['otherName']['value'][1] == u'\u5E2B' - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8419.py b/tests/test_rfc8419.py deleted file mode 100644 index ee566c5..0000000 --- a/tests/test_rfc8419.py +++ /dev/null @@ -1,128 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Created by Russ Housley -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# - -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc8419 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class Ed25519TestCase(unittest.TestCase): - alg_id_1_pem_text = "MAUGAytlcA==" - - def setUp(self): - self.asn1Spec = rfc5280.AlgorithmIdentifier() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.alg_id_1_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object['algorithm'] == rfc8419.id_Ed25519 - assert not asn1Object['parameters'].isValue - assert der_encode(asn1Object) == substrate - - -class Ed448TestCase(unittest.TestCase): - alg_id_2_pem_text = "MAUGAytlcQ==" - - def setUp(self): - self.asn1Spec = rfc5280.AlgorithmIdentifier() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.alg_id_2_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object['algorithm'] == rfc8419.id_Ed448 - assert not asn1Object['parameters'].isValue - assert der_encode(asn1Object) == substrate - - -class SHA512TestCase(unittest.TestCase): - alg_id_3_pem_text = "MAsGCWCGSAFlAwQCAw==" - - def setUp(self): - self.asn1Spec = rfc5280.AlgorithmIdentifier() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.alg_id_3_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object['algorithm'] == rfc8419.id_sha512 - assert not asn1Object['parameters'].isValue - assert der_encode(asn1Object) == substrate - - -class SHAKE256TestCase(unittest.TestCase): - alg_id_4_pem_text = "MAsGCWCGSAFlAwQCDA==" - - def setUp(self): - self.asn1Spec = rfc5280.AlgorithmIdentifier() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.alg_id_4_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object['algorithm'] == rfc8419.id_shake256 - assert not asn1Object['parameters'].isValue - assert der_encode(asn1Object) == substrate - - -class SHAKE256LENTestCase(unittest.TestCase): - alg_id_5_pem_text = "MA8GCWCGSAFlAwQCEgICAgA=" - - def setUp(self): - self.asn1Spec = rfc5280.AlgorithmIdentifier() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.alg_id_5_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object['algorithm'] == rfc8419.id_shake256_len - assert asn1Object['parameters'].isValue - assert der_encode(asn1Object) == substrate - - param, rest = der_decode(asn1Object['parameters'], - asn1Spec=rfc5280.algorithmIdentifierMap[asn1Object['algorithm']]) - assert not rest - assert param.prettyPrint() - assert der_encode(param) == asn1Object['parameters'] - assert param == 512 - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.alg_id_5_pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert asn1Object['algorithm'] == rfc8419.id_shake256_len - assert asn1Object['parameters'] == 512 - assert der_encode(asn1Object) == substrate - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8479.py b/tests/test_rfc8479.py deleted file mode 100644 index 60e0ea2..0000000 --- a/tests/test_rfc8479.py +++ /dev/null @@ -1,104 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1.type import univ - -from pyasn1_modules import pem -from pyasn1_modules import rfc4055 -from pyasn1_modules import rfc5652 -from pyasn1_modules import rfc5958 -from pyasn1_modules import rfc8479 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class ValidationParmTestCase(unittest.TestCase): - pem_text = """\ -MIIE/gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCpPwXwfhDsWA3q -jN2BWg1xfDjvZDVNfgTV/b95g304Aty3z13xPXAhHZ3ROW3pgPxTj9fiq7ZMy4Ua -gMpPK81v3pHX1uokC2KcGXbgbAq2Q8ClxSXgEJllRwDENufjEdV10gArt8NlIP0N -lota1kQUuI1DMsqc5DTIa35Nq4j1GW+KmLtP0kCrGq9fMGwjDbPEpSp9DTquEMHJ -o7kyJIjB+93ikLvBUTgbxr+jcnTLXuhA8rC8r+KXre4NPPNPRyefRcALLt/URvfA -rTvFOQfi3vIjNhBZL5FdC+FVAr5QnF3r2+cuDPbnczr4/rr81kzFGWrwyAgF5FWu -pFtB5IYDAgMBAAECggEAHZ88vGNsNdmRkfhWupGW4cKCuo+Y7re8Q/H2Jd/4Nin2 -FKvUPuloaztiSGDbVm+vejama/Nu5FEIumNJRYMeoVJcx2DDuUxO1ZB1aIEwfMct -/DWd0/JDzuCXB0Cu5GTWLhlz0zMGHXihIdQ0DtGKt++3Ncg5gy1D+cIqqJB515/z -jYdZmb0Wqmz7H3DisuxvnhiCAOuNrjcDau80hpMA9TQlb+XKNGHIBgKpJe6lnB0P -MsS/AjDiDoEpP9GG9mv9+96rAga4Nos6avYlwWwbC6d+hHIWvWEWsmrDfcJlm2gN -tjvG8omj00t5dAt7qGhfOoNDGr5tvJVo/g96O/0I8QKBgQDdzytVRulo9aKVdAYW -/Nj04thtnRaqsTyFH+7ibEVwNIUuld/Bp6NnuGrY+K1siX8+zA9f8mKxuXXV9KK4 -O89Ypw9js2BxM7VYO9Gmp6e1RY3Rrd8w7pG7/KqoPWXkuixTay9eybrJMWu3TT36 -q7NheNmBHqcFmSQQuUwEmvp3MQKBgQDDVaisMJkc/sIyQh3XrlfzmMLK+GlPDucD -w5e50fHl8Q5PmTcP20zVLhTevffCqeItSyeAno94Xdzc9vZ/rt69410kJEHyBO9L -CmhtYz94wvSdRhbqf4VzAl2WU184sIYiIZDGsnGScgIYvo6v6mITjRhc8AMdYoPR -rL6xp6frcwKBgFi1+avCj6mFzD+fxqu89nyCmXLFiAI+nmjTy7PM/7yPlNB76qDG -Dil2bW1Xj+y/1R9ld6S1CVnxRbqLe+TZLuVS82m5nRHJT3b5fbD8jquGJOE+e+xT -DgA0XoCpBa6D8yRt0uVDIyxCUsVd5DL0JusN7VehzcUEaZMyuL+CyDeRAoGBAImB -qH6mq3Kc6Komnwlw4ttJ436sxr1vuTKOIyYdZBNB0Zg5PGi+MWU0zl5LDroLi3vl -FwbVGBxcvxkSBU63FHhKMQw7Ne0gii+iQQcYQdtKKpb4ezNS1+exd55WTIcExTgL -tvYZMhgsh8tRgfLWpXor7kWmdBrgeflFiOxZIL1/AoGAeBP7sdE+gzsh8jqFnVRj -7nOg+YllJAlWsf7cTH4pLIy2Eo9D+cNjhL9LK6RaAd7PSZ1adm8HfaROA2cfCm84 -RI4c7Ue0G+N6LZiFvC0Bfi5SaPVAExXOty8UqjOCoZavSaXBPuNcTXZuzswcgbxI -G5/kaJNHoEcdlVsPsYWKRNKgPzA9BgorBgEEAZIIEggBMS8wLQYJYIZIAWUDBAIC -BCCK9DKMh7687DHjA7j1U37/y2qR2UcITZmjaYI7NvAUYg== -""" - - def setUp(self): - self.asn1Spec = rfc5958.OneAsymmetricKey() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr in asn1Object['attributes']: - assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() - if attr['attrType'] == rfc8479.id_attr_validation_parameters: - av, rest = der_decode(attr['attrValues'][0], - asn1Spec=rfc5652.cmsAttributesMap[attr['attrType']]) - assert not rest - assert av.prettyPrint() - assert der_encode(av) == attr['attrValues'][0] - - assert av['hashAlg'] == rfc4055.id_sha384 - seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462') - assert av['seed'] == seed - - def testOpenTypes(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, - asn1Spec=self.asn1Spec, - decodeOpenTypes=True) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - for attr in asn1Object['attributes']: - assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() - if attr['attrType'] == rfc8479.id_attr_validation_parameters: - av = attr['attrValues'][0] - assert av['hashAlg'] == rfc4055.id_sha384 - seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462') - assert av['seed'] == seed - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8494.py b/tests/test_rfc8494.py deleted file mode 100644 index a2db6a0..0000000 --- a/tests/test_rfc8494.py +++ /dev/null @@ -1,55 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc8494 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class CompresssedDataTestCase(unittest.TestCase): - pem_text = """\ -MIIBNqADAgEAMIIBLaADAgEZoIIBJASCASB4nG2P0U7CQBBF3/cr5l2K3YpSF5YA -bYmbWArtQsJjKVuogd1mO0T8e0ti1IjJZB4md07OHZbWnMbqkp/qo+oW5jSCWDqL -VCSpkBveg2kSbrg/FTIWcQRpJPlLmGYQzdci5MvlA+3Rx2cyREO/KVrhCOaJFLMN -n03E6yqNIEmDheS2LHzPG0zNdqw0dn89XAnev4RsFQRRlnW+SITMWmMGf72JNAyk -oXCj0mnPHtzwSZijYuD1YVJb8FzaB/rE2n3nUtcl2Xn7pgpkkAOqBsm1vrNWtqmM -ZkC7LgmMxraFgx91y0F1wfv6mFd6AMUht41CfsbS8X9yNtdNqayjdGF2ld4z8LcV -EiIPVQPtvBuLBxjW5qx3TbXXo6vHJ1OhhLY= - -""" - - def setUp(self): - self.asn1Spec = rfc8494.CompressedData() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['compressionAlgorithm']['algorithmID-ShortForm'] == 0 - cci = asn1Object['compressedContentInfo'] - assert cci['unnamed']['contentType-ShortForm'] == 25 - assert cci['compressedContent'].prettyPrint()[:12] == '0x789c6d8fd1' - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) diff --git a/tests/test_rfc8520.py b/tests/test_rfc8520.py index 884ef09..483b81a 100644 --- a/tests/test_rfc8520.py +++ b/tests/test_rfc8520.py @@ -63,10 +63,7 @@ izaUuU1EEwgOMELjeFL62Ssvq8X+x6hZFCLygI7GNeitlblNhCXhFFurqMs= assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate - extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: - extn_list.append(extn['extnID']) - if extn['extnID'] == rfc8520.id_pe_mudsigner: mudsigner, rest = der_decode(extn['extnValue'], rfc8520.MUDsignerSyntax()) assert der_encode(mudsigner) == extn['extnValue'] @@ -85,11 +82,9 @@ izaUuU1EEwgOMELjeFL62Ssvq8X+x6hZFCLygI7GNeitlblNhCXhFFurqMs= assert mudurl[-5:] == ".json" - assert rfc8520.id_pe_mudsigner in extn_list - assert rfc8520.id_pe_mud_url in extn_list - def testExtensionsMap(self): substrate = pem.readBase64fromText(self.mud_cert_pem_text) + rfc5280.certificateExtensionsMap.update(rfc8520.certificateExtensionsMapUpdate) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() diff --git a/tests/test_rfc8649.py b/tests/test_rfc8649.py deleted file mode 100644 index e7ca72b..0000000 --- a/tests/test_rfc8649.py +++ /dev/null @@ -1,64 +0,0 @@ -# -# This file is part of pyasn1-modules software. -# -# Copyright (c) 2019, Vigil Security, LLC -# License: http://snmplabs.com/pyasn1/license.html -# -import sys - -from pyasn1.codec.der.decoder import decode as der_decode -from pyasn1.codec.der.encoder import encode as der_encode - -from pyasn1_modules import pem -from pyasn1_modules import rfc4055 -from pyasn1_modules import rfc5280 -from pyasn1_modules import rfc8649 - -try: - import unittest2 as unittest -except ImportError: - import unittest - - -class RootCertificateExtnTestCase(unittest.TestCase): - extn_pem_text = """\ -MGEGCisGAQQBg5IbAgEEUzBRMA0GCWCGSAFlAwQCAwUABEBxId+rK+WVDLOda2Yk -FFRbqQAztXhs91j/RxHjYJIv/3gleQg3Qix/yQy2rIg3xysjCvHWw8AuYOGVh/sL -GANG -""" - - def setUp(self): - self.asn1Spec = rfc5280.Extension() - - def testDerCodec(self): - substrate = pem.readBase64fromText(self.extn_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - assert asn1Object.prettyPrint() - assert der_encode(asn1Object) == substrate - - assert asn1Object['extnID'] == rfc8649.id_ce_hashOfRootKey - hashed_root_key, rest = der_decode(asn1Object['extnValue'], - rfc8649.HashedRootKey()) - assert not rest - assert hashed_root_key.prettyPrint() - assert der_encode(hashed_root_key) == asn1Object['extnValue'] - - assert hashed_root_key['hashAlg']['algorithm'] == rfc4055.id_sha512 - - def testExtensionsMap(self): - substrate = pem.readBase64fromText(self.extn_pem_text) - asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) - assert not rest - - assert asn1Object['extnID'] == rfc8649.id_ce_hashOfRootKey - assert asn1Object['extnID'] in rfc5280.certificateExtensionsMap.keys() - - -suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) - -if __name__ == '__main__': - import sys - - result = unittest.TextTestRunner(verbosity=2).run(suite) - sys.exit(not result.wasSuccessful()) |