Add support for RFC 8479 (#71)

Added support for RFC 8479
author: Russ Housley <housley@vigilsec.com> 2019-10-04 17:36:33 -0400
committer: Ilya Etingof <etingof@gmail.com> 2019-10-04 23:36:33 +0200
commit: c8f7dce25078099e00f75a3351a6294294624687 (patch)
tree: 2e8e356a992dbc964ca9afae596ad36ab1382c0f
parent: fe4e942cddbf9b5d788fe2fa34f5a3ac6a0a46ac (diff)
download: pyasn1-modules-c8f7dce25078099e00f75a3351a6294294624687.tar.gz
4 files changed, 151 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index fb53d21..881296e 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -38,6 +38,7 @@ Revision 0.2.7, released XX-09-2019
   X.509 Certificates
 - Added RFC8419 providing Edwards-Curve Digital Signature Algorithm
   (EdDSA) Signatures in the CMS
+- Added RFC8479 providing Storing Validation Parameters in PKCS#8
 
 Revision 0.2.6, released 31-07-2019
 -----------------------------------
diff --git a/pyasn1_modules/rfc8479.py b/pyasn1_modules/rfc8479.py
new file mode 100644
index 0000000..57f78b6
--- /dev/null
+++ b/pyasn1_modules/rfc8479.py
@@ -0,0 +1,45 @@
+#
+# This file is part of pyasn1-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+#
+# Copyright (c) 2019, Vigil Security, LLC
+# License: http://snmplabs.com/pyasn1/license.html
+#
+# Storing Validation Parameters in PKCS#8
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc8479.txt
+#
+
+from pyasn1.type import namedtype
+from pyasn1.type import univ
+
+from pyasn1_modules import rfc5652
+
+
+id_attr_validation_parameters = univ.ObjectIdentifier('1.3.6.1.4.1.2312.18.8.1')
+
+
+class ValidationParams(univ.Sequence):
+    pass
+
+ValidationParams.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('hashAlg', univ.ObjectIdentifier()),
+    namedtype.NamedType('seed', univ.OctetString())
+)
+
+
+at_validation_parameters = rfc5652.Attribute()
+at_validation_parameters['attrType'] = id_attr_validation_parameters
+at_validation_parameters['attrValues'][0] = ValidationParams()
+
+
+# Map of Attribute Type OIDs to Attributes added to the
+# ones that are in rfc5652.py
+
+_cmsAttributesMapUpdate = {
+    id_attr_validation_parameters: ValidationParams(),
+}
+
+rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
diff --git a/tests/__main__.py b/tests/__main__.py
index 251aca6..a266c7f 100644
--- a/tests/__main__.py
+++ b/tests/__main__.py
@@ -66,6 +66,7 @@ suite = unittest.TestLoader().loadTestsFromNames(
      'tests.test_rfc8410.suite',
      'tests.test_rfc8418.suite',
      'tests.test_rfc8419.suite',
+     'tests.test_rfc8479.suite',
      'tests.test_rfc8494.suite',
      'tests.test_rfc8520.suite',
      'tests.test_rfc8619.suite',
diff --git a/tests/test_rfc8479.py b/tests/test_rfc8479.py
new file mode 100644
index 0000000..60e0ea2
--- /dev/null
+++ b/tests/test_rfc8479.py
@@ -0,0 +1,104 @@
+#
+# This file is part of pyasn1-modules software.
+#
+# Copyright (c) 2019, Vigil Security, LLC
+# License: http://snmplabs.com/pyasn1/license.html
+#
+import sys
+
+from pyasn1.codec.der.decoder import decode as der_decode
+from pyasn1.codec.der.encoder import encode as der_encode
+
+from pyasn1.type import univ
+
+from pyasn1_modules import pem
+from pyasn1_modules import rfc4055
+from pyasn1_modules import rfc5652
+from pyasn1_modules import rfc5958
+from pyasn1_modules import rfc8479
+
+try:
+    import unittest2 as unittest
+except ImportError:
+    import unittest
+
+
+class ValidationParmTestCase(unittest.TestCase):
+    pem_text = """\
+MIIE/gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCpPwXwfhDsWA3q
+jN2BWg1xfDjvZDVNfgTV/b95g304Aty3z13xPXAhHZ3ROW3pgPxTj9fiq7ZMy4Ua
+gMpPK81v3pHX1uokC2KcGXbgbAq2Q8ClxSXgEJllRwDENufjEdV10gArt8NlIP0N
+lota1kQUuI1DMsqc5DTIa35Nq4j1GW+KmLtP0kCrGq9fMGwjDbPEpSp9DTquEMHJ
+o7kyJIjB+93ikLvBUTgbxr+jcnTLXuhA8rC8r+KXre4NPPNPRyefRcALLt/URvfA
+rTvFOQfi3vIjNhBZL5FdC+FVAr5QnF3r2+cuDPbnczr4/rr81kzFGWrwyAgF5FWu
+pFtB5IYDAgMBAAECggEAHZ88vGNsNdmRkfhWupGW4cKCuo+Y7re8Q/H2Jd/4Nin2
+FKvUPuloaztiSGDbVm+vejama/Nu5FEIumNJRYMeoVJcx2DDuUxO1ZB1aIEwfMct
+/DWd0/JDzuCXB0Cu5GTWLhlz0zMGHXihIdQ0DtGKt++3Ncg5gy1D+cIqqJB515/z
+jYdZmb0Wqmz7H3DisuxvnhiCAOuNrjcDau80hpMA9TQlb+XKNGHIBgKpJe6lnB0P
+MsS/AjDiDoEpP9GG9mv9+96rAga4Nos6avYlwWwbC6d+hHIWvWEWsmrDfcJlm2gN
+tjvG8omj00t5dAt7qGhfOoNDGr5tvJVo/g96O/0I8QKBgQDdzytVRulo9aKVdAYW
+/Nj04thtnRaqsTyFH+7ibEVwNIUuld/Bp6NnuGrY+K1siX8+zA9f8mKxuXXV9KK4
+O89Ypw9js2BxM7VYO9Gmp6e1RY3Rrd8w7pG7/KqoPWXkuixTay9eybrJMWu3TT36
+q7NheNmBHqcFmSQQuUwEmvp3MQKBgQDDVaisMJkc/sIyQh3XrlfzmMLK+GlPDucD
+w5e50fHl8Q5PmTcP20zVLhTevffCqeItSyeAno94Xdzc9vZ/rt69410kJEHyBO9L
+CmhtYz94wvSdRhbqf4VzAl2WU184sIYiIZDGsnGScgIYvo6v6mITjRhc8AMdYoPR
+rL6xp6frcwKBgFi1+avCj6mFzD+fxqu89nyCmXLFiAI+nmjTy7PM/7yPlNB76qDG
+Dil2bW1Xj+y/1R9ld6S1CVnxRbqLe+TZLuVS82m5nRHJT3b5fbD8jquGJOE+e+xT
+DgA0XoCpBa6D8yRt0uVDIyxCUsVd5DL0JusN7VehzcUEaZMyuL+CyDeRAoGBAImB
+qH6mq3Kc6Komnwlw4ttJ436sxr1vuTKOIyYdZBNB0Zg5PGi+MWU0zl5LDroLi3vl
+FwbVGBxcvxkSBU63FHhKMQw7Ne0gii+iQQcYQdtKKpb4ezNS1+exd55WTIcExTgL
+tvYZMhgsh8tRgfLWpXor7kWmdBrgeflFiOxZIL1/AoGAeBP7sdE+gzsh8jqFnVRj
+7nOg+YllJAlWsf7cTH4pLIy2Eo9D+cNjhL9LK6RaAd7PSZ1adm8HfaROA2cfCm84
+RI4c7Ue0G+N6LZiFvC0Bfi5SaPVAExXOty8UqjOCoZavSaXBPuNcTXZuzswcgbxI
+G5/kaJNHoEcdlVsPsYWKRNKgPzA9BgorBgEEAZIIEggBMS8wLQYJYIZIAWUDBAIC
+BCCK9DKMh7687DHjA7j1U37/y2qR2UcITZmjaYI7NvAUYg==
+"""
+
+    def setUp(self):
+        self.asn1Spec = rfc5958.OneAsymmetricKey()
+
+    def testDerCodec(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+        asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        for attr in asn1Object['attributes']:
+            assert attr['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if attr['attrType'] == rfc8479.id_attr_validation_parameters:
+                av, rest = der_decode(attr['attrValues'][0],
+                    asn1Spec=rfc5652.cmsAttributesMap[attr['attrType']])
+                assert not rest
+                assert av.prettyPrint()
+                assert der_encode(av) == attr['attrValues'][0]
+
+                assert av['hashAlg'] == rfc4055.id_sha384
+                seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462')
+                assert av['seed'] == seed
+
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+        asn1Object, rest = der_decode(substrate,
+            asn1Spec=self.asn1Spec,
+            decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        for attr in asn1Object['attributes']:
+            assert attr['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if attr['attrType'] == rfc8479.id_attr_validation_parameters:
+                av = attr['attrValues'][0]
+                assert av['hashAlg'] == rfc4055.id_sha384
+                seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462')
+                assert av['seed'] == seed
+
+
+suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
+
+if __name__ == '__main__':
+    import sys
+
+    result = unittest.TextTestRunner(verbosity=2).run(suite)
+    sys.exit(not result.wasSuccessful())
author	Russ Housley <housley@vigilsec.com>	2019-10-04 17:36:33 -0400
committer	Ilya Etingof <etingof@gmail.com>	2019-10-04 23:36:33 +0200
commit	c8f7dce25078099e00f75a3351a6294294624687 (patch)
tree	2e8e356a992dbc964ca9afae596ad36ab1382c0f
parent	fe4e942cddbf9b5d788fe2fa34f5a3ac6a0a46ac (diff)
download	pyasn1-modules-c8f7dce25078099e00f75a3351a6294294624687.tar.gz