diff options
| author | Russ Housley <housley@vigilsec.com> | 2019-09-23 16:57:41 -0400 |
|---|---|---|
| committer | Ilya Etingof <etingof@gmail.com> | 2019-09-23 22:57:41 +0200 |
| commit | 38da5f02063131f6149f3e0fc798a304a41d7831 (patch) | |
| tree | 5ed3c6cc744bebe6517a6dd5f946a3709aabd5a7 | |
| parent | 3c6eb1928887dbb19aea72e36a256002fe3b07d1 (diff) | |
| download | pyasn1-modules-38da5f02063131f6149f3e0fc798a304a41d7831.tar.gz | |
Add support for RFC 6210 (#65)
| -rw-r--r-- | CHANGES.txt | 1 | ||||
| -rw-r--r-- | pyasn1_modules/rfc6210.py | 42 | ||||
| -rw-r--r-- | tests/__main__.py | 1 | ||||
| -rw-r--r-- | tests/test_rfc6210.py | 75 |
4 files changed, 119 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index f7ad85c..bf7e8ad 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -29,6 +29,7 @@ Revision 0.2.7, released XX-09-2019 - Added RFC5990 providing RSA-KEM Key Transport Algorithm in the CMS - Fixed malformed `rfc4210.RevRepContent` data structure layout - Added RFC5934 providing Trust Anchor Management Protocol (TAMP) +- Added RFC6210 providing Experiment for Hash Functions with Parameters Revision 0.2.6, released 31-07-2019 ----------------------------------- diff --git a/pyasn1_modules/rfc6210.py b/pyasn1_modules/rfc6210.py new file mode 100644 index 0000000..28587b9 --- /dev/null +++ b/pyasn1_modules/rfc6210.py @@ -0,0 +1,42 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Experiment for Hash Functions with Parameters in the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6210.txt +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +id_alg_MD5_XOR_EXPERIMENT = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.13') + + +class MD5_XOR_EXPERIMENT(univ.OctetString): + pass + +MD5_XOR_EXPERIMENT.subtypeSpec = constraint.ValueSizeConstraint(64, 64) + + +mda_xor_md5_EXPERIMENT = rfc5280.AlgorithmIdentifier() +mda_xor_md5_EXPERIMENT['algorithm'] = id_alg_MD5_XOR_EXPERIMENT +mda_xor_md5_EXPERIMENT['parameters'] = MD5_XOR_EXPERIMENT() + + +# Map of Algorithm Identifier OIDs to Parameters added to the +# ones that are in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + id_alg_MD5_XOR_EXPERIMENT: MD5_XOR_EXPERIMENT(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/tests/__main__.py b/tests/__main__.py index c85b6d4..7ee3fb7 100644 --- a/tests/__main__.py +++ b/tests/__main__.py @@ -50,6 +50,7 @@ suite = unittest.TestLoader().loadTestsFromNames( 'tests.test_rfc6019.suite', 'tests.test_rfc6031.suite', 'tests.test_rfc6032.suite', + 'tests.test_rfc6210.suite', 'tests.test_rfc6211.suite', 'tests.test_rfc7030.suite', 'tests.test_rfc7191.suite', diff --git a/tests/test_rfc6210.py b/tests/test_rfc6210.py new file mode 100644 index 0000000..a04423a --- /dev/null +++ b/tests/test_rfc6210.py @@ -0,0 +1,75 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# + +import sys + +from pyasn1.codec.der.decoder import decode as der_decode +from pyasn1.codec.der.encoder import encode as der_encode + +from pyasn1_modules import pem +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc6210 + +try: + import unittest2 as unittest +except ImportError: + import unittest + + +class AuthenticatedDataTestCase(unittest.TestCase): + pem_text = """\ +MIICRQYLKoZIhvcNAQkQAQKgggI0MIICMAIBADGBwDCBvQIBADAmMBIxEDAOBgNVBAMMB0 +NhcmxSU0ECEEY0a8eAAFa8EdNuLs1dcdAwDQYJKoZIhvcNAQEBBQAEgYCH70EpEikY7deb +859YJRAWfFondQv1D4NFltw6C1ceheWnlAU0C2WEXr3LUBXZp1/PSte29FnJxu5bXCTn1g +elMm6zNlZNWNd0KadVBcaxi1n8L52tVM5sWFGJPO5cStOyAka2ucuZM6iAnCSkn1Ju7fgU +5j2g3bZ/IM8nHTcygjAKBggrBgEFBQgBAqFPBgsqhkiG9w0BCRADDQRAAQIDBAUGBwgJCg +sMDQ4PEBESEwQVFhcYGRobHB0eHyAhIiMEJSYnKCkqKywtLi8wMTIzBDU2Nzg5Ojs8PT4/ +QDArBgkqhkiG9w0BBwGgHgQcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqKBxzAYBg +kqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wOTEyMTAyMzI1MDBa +MB8GCSqGSIb3DQEJBDESBBCWaa5hG1eeg+oQK2tJ3cD5MGwGCSqGSIb3DQEJNDFfMF0wTw +YLKoZIhvcNAQkQAw0EQAECAwQFBgcICQoLDA0ODxAREhMEFRYXGBkaGxwdHh8gISIjBCUm +JygpKissLS4vMDEyMwQ1Njc4OTo7PD0+P0CiCgYIKwYBBQUIAQIEFLjUxQ9PJFzFnWraxb +EIbVbg2xql +""" + + def setUp(self): + self.asn1Spec = rfc5652.ContentInfo() + + def testDerCodec(self): + substrate = pem.readBase64fromText(self.pem_text) + asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc5652.id_ct_authData + ad, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.AuthenticatedData()) + assert not rest + assert ad.prettyPrint() + assert der_encode(ad) == asn1Object['content'] + + assert ad['version'] == 0 + assert ad['digestAlgorithm']['algorithm'] == rfc6210.id_alg_MD5_XOR_EXPERIMENT + + mac_alg_p, rest = der_decode (ad['digestAlgorithm']['parameters'], + asn1Spec=rfc5280.algorithmIdentifierMap[ad['digestAlgorithm']['algorithm']]) + assert not rest + assert mac_alg_p.prettyPrint() + assert der_encode(mac_alg_p) == ad['digestAlgorithm']['parameters'] + + assert mac_alg_p.prettyPrint()[:10] == "0x01020304" + + +suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) + +if __name__ == '__main__': + import sys + + result = unittest.TextTestRunner(verbosity=2).run(suite) + sys.exit(not result.wasSuccessful()) |