diff options
author | Russ Housley <housley@vigilsec.com> | 2019-10-04 17:36:33 -0400 |
---|---|---|
committer | Ilya Etingof <etingof@gmail.com> | 2019-10-04 23:36:33 +0200 |
commit | c8f7dce25078099e00f75a3351a6294294624687 (patch) | |
tree | 2e8e356a992dbc964ca9afae596ad36ab1382c0f | |
parent | fe4e942cddbf9b5d788fe2fa34f5a3ac6a0a46ac (diff) | |
download | pyasn1-modules-c8f7dce25078099e00f75a3351a6294294624687.tar.gz |
Add support for RFC 8479 (#71)
Added support for RFC 8479
-rw-r--r-- | CHANGES.txt | 1 | ||||
-rw-r--r-- | pyasn1_modules/rfc8479.py | 45 | ||||
-rw-r--r-- | tests/__main__.py | 1 | ||||
-rw-r--r-- | tests/test_rfc8479.py | 104 |
4 files changed, 151 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index fb53d21..881296e 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -38,6 +38,7 @@ Revision 0.2.7, released XX-09-2019 X.509 Certificates - Added RFC8419 providing Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the CMS +- Added RFC8479 providing Storing Validation Parameters in PKCS#8 Revision 0.2.6, released 31-07-2019 ----------------------------------- diff --git a/pyasn1_modules/rfc8479.py b/pyasn1_modules/rfc8479.py new file mode 100644 index 0000000..57f78b6 --- /dev/null +++ b/pyasn1_modules/rfc8479.py @@ -0,0 +1,45 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Storing Validation Parameters in PKCS#8 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8479.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + + +id_attr_validation_parameters = univ.ObjectIdentifier('1.3.6.1.4.1.2312.18.8.1') + + +class ValidationParams(univ.Sequence): + pass + +ValidationParams.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', univ.ObjectIdentifier()), + namedtype.NamedType('seed', univ.OctetString()) +) + + +at_validation_parameters = rfc5652.Attribute() +at_validation_parameters['attrType'] = id_attr_validation_parameters +at_validation_parameters['attrValues'][0] = ValidationParams() + + +# Map of Attribute Type OIDs to Attributes added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_attr_validation_parameters: ValidationParams(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/tests/__main__.py b/tests/__main__.py index 251aca6..a266c7f 100644 --- a/tests/__main__.py +++ b/tests/__main__.py @@ -66,6 +66,7 @@ suite = unittest.TestLoader().loadTestsFromNames( 'tests.test_rfc8410.suite', 'tests.test_rfc8418.suite', 'tests.test_rfc8419.suite', + 'tests.test_rfc8479.suite', 'tests.test_rfc8494.suite', 'tests.test_rfc8520.suite', 'tests.test_rfc8619.suite', diff --git a/tests/test_rfc8479.py b/tests/test_rfc8479.py new file mode 100644 index 0000000..60e0ea2 --- /dev/null +++ b/tests/test_rfc8479.py @@ -0,0 +1,104 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +import sys + +from pyasn1.codec.der.decoder import decode as der_decode +from pyasn1.codec.der.encoder import encode as der_encode + +from pyasn1.type import univ + +from pyasn1_modules import pem +from pyasn1_modules import rfc4055 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5958 +from pyasn1_modules import rfc8479 + +try: + import unittest2 as unittest +except ImportError: + import unittest + + +class ValidationParmTestCase(unittest.TestCase): + pem_text = """\ +MIIE/gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCpPwXwfhDsWA3q +jN2BWg1xfDjvZDVNfgTV/b95g304Aty3z13xPXAhHZ3ROW3pgPxTj9fiq7ZMy4Ua +gMpPK81v3pHX1uokC2KcGXbgbAq2Q8ClxSXgEJllRwDENufjEdV10gArt8NlIP0N +lota1kQUuI1DMsqc5DTIa35Nq4j1GW+KmLtP0kCrGq9fMGwjDbPEpSp9DTquEMHJ +o7kyJIjB+93ikLvBUTgbxr+jcnTLXuhA8rC8r+KXre4NPPNPRyefRcALLt/URvfA +rTvFOQfi3vIjNhBZL5FdC+FVAr5QnF3r2+cuDPbnczr4/rr81kzFGWrwyAgF5FWu +pFtB5IYDAgMBAAECggEAHZ88vGNsNdmRkfhWupGW4cKCuo+Y7re8Q/H2Jd/4Nin2 +FKvUPuloaztiSGDbVm+vejama/Nu5FEIumNJRYMeoVJcx2DDuUxO1ZB1aIEwfMct +/DWd0/JDzuCXB0Cu5GTWLhlz0zMGHXihIdQ0DtGKt++3Ncg5gy1D+cIqqJB515/z +jYdZmb0Wqmz7H3DisuxvnhiCAOuNrjcDau80hpMA9TQlb+XKNGHIBgKpJe6lnB0P +MsS/AjDiDoEpP9GG9mv9+96rAga4Nos6avYlwWwbC6d+hHIWvWEWsmrDfcJlm2gN +tjvG8omj00t5dAt7qGhfOoNDGr5tvJVo/g96O/0I8QKBgQDdzytVRulo9aKVdAYW +/Nj04thtnRaqsTyFH+7ibEVwNIUuld/Bp6NnuGrY+K1siX8+zA9f8mKxuXXV9KK4 +O89Ypw9js2BxM7VYO9Gmp6e1RY3Rrd8w7pG7/KqoPWXkuixTay9eybrJMWu3TT36 +q7NheNmBHqcFmSQQuUwEmvp3MQKBgQDDVaisMJkc/sIyQh3XrlfzmMLK+GlPDucD +w5e50fHl8Q5PmTcP20zVLhTevffCqeItSyeAno94Xdzc9vZ/rt69410kJEHyBO9L +CmhtYz94wvSdRhbqf4VzAl2WU184sIYiIZDGsnGScgIYvo6v6mITjRhc8AMdYoPR +rL6xp6frcwKBgFi1+avCj6mFzD+fxqu89nyCmXLFiAI+nmjTy7PM/7yPlNB76qDG +Dil2bW1Xj+y/1R9ld6S1CVnxRbqLe+TZLuVS82m5nRHJT3b5fbD8jquGJOE+e+xT +DgA0XoCpBa6D8yRt0uVDIyxCUsVd5DL0JusN7VehzcUEaZMyuL+CyDeRAoGBAImB +qH6mq3Kc6Komnwlw4ttJ436sxr1vuTKOIyYdZBNB0Zg5PGi+MWU0zl5LDroLi3vl +FwbVGBxcvxkSBU63FHhKMQw7Ne0gii+iQQcYQdtKKpb4ezNS1+exd55WTIcExTgL +tvYZMhgsh8tRgfLWpXor7kWmdBrgeflFiOxZIL1/AoGAeBP7sdE+gzsh8jqFnVRj +7nOg+YllJAlWsf7cTH4pLIy2Eo9D+cNjhL9LK6RaAd7PSZ1adm8HfaROA2cfCm84 +RI4c7Ue0G+N6LZiFvC0Bfi5SaPVAExXOty8UqjOCoZavSaXBPuNcTXZuzswcgbxI +G5/kaJNHoEcdlVsPsYWKRNKgPzA9BgorBgEEAZIIEggBMS8wLQYJYIZIAWUDBAIC +BCCK9DKMh7687DHjA7j1U37/y2qR2UcITZmjaYI7NvAUYg== +""" + + def setUp(self): + self.asn1Spec = rfc5958.OneAsymmetricKey() + + def testDerCodec(self): + substrate = pem.readBase64fromText(self.pem_text) + asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + for attr in asn1Object['attributes']: + assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() + if attr['attrType'] == rfc8479.id_attr_validation_parameters: + av, rest = der_decode(attr['attrValues'][0], + asn1Spec=rfc5652.cmsAttributesMap[attr['attrType']]) + assert not rest + assert av.prettyPrint() + assert der_encode(av) == attr['attrValues'][0] + + assert av['hashAlg'] == rfc4055.id_sha384 + seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462') + assert av['seed'] == seed + + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.pem_text) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + for attr in asn1Object['attributes']: + assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() + if attr['attrType'] == rfc8479.id_attr_validation_parameters: + av = attr['attrValues'][0] + assert av['hashAlg'] == rfc4055.id_sha384 + seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462') + assert av['seed'] == seed + + +suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) + +if __name__ == '__main__': + import sys + + result = unittest.TextTestRunner(verbosity=2).run(suite) + sys.exit(not result.wasSuccessful()) |