diff options
author | Russ Housley <housley@vigilsec.com> | 2019-07-20 06:58:55 -0400 |
---|---|---|
committer | Ilya Etingof <etingof@gmail.com> | 2019-07-20 12:58:55 +0200 |
commit | 23608be1bc0ce8a4ac5fbaba92af905c88ea4ab6 (patch) | |
tree | 67be142d26a66e2a874502f60c3e97d0059bd769 /tests | |
parent | 06f5be85d5229cffeb24f9ae622df665d7ae506b (diff) | |
download | pyasn1-modules-23608be1bc0ce8a4ac5fbaba92af905c88ea4ab6.tar.gz |
Added maps for use with openType (#53)
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/test_rfc2634.py | 84 | ||||
-rw-r--r-- | tests/test_rfc3274.py | 16 | ||||
-rwxr-xr-x[-rw-r--r--] | tests/test_rfc3709.py | 20 | ||||
-rw-r--r-- | tests/test_rfc3779.py | 16 | ||||
-rw-r--r-- | tests/test_rfc4073.py | 43 | ||||
-rw-r--r-- | tests/test_rfc4108.py | 66 | ||||
-rwxr-xr-x | tests/test_rfc5035.py | 29 | ||||
-rwxr-xr-x[-rw-r--r--] | tests/test_rfc5083.py | 48 | ||||
-rw-r--r-- | tests/test_rfc5940.py | 50 | ||||
-rw-r--r-- | tests/test_rfc5958.py | 30 | ||||
-rw-r--r-- | tests/test_rfc6019.py | 17 | ||||
-rwxr-xr-x | tests/test_rfc7191.py | 92 | ||||
-rwxr-xr-x[-rw-r--r--] | tests/test_rfc8226.py | 38 | ||||
-rw-r--r-- | tests/test_rfc8520.py | 14 |
14 files changed, 496 insertions, 67 deletions
diff --git a/tests/test_rfc2634.py b/tests/test_rfc2634.py index 9b52f99..c024173 100755 --- a/tests/test_rfc2634.py +++ b/tests/test_rfc2634.py @@ -82,33 +82,33 @@ mNTr0mjYeUWRe/15IsWNx+kuFcLDr71DFHvMFY5M3sdfMA== class SignedReceiptTestCase(unittest.TestCase): signed_receipt_pem_text = """\ -MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyqG -SIb3DQEJ EAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkRC -zbXWdD331uAUCL3MM FXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzmo -18WwkFrEYH3EMsvpXEIGqsFTFN 6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZyb -2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H /oSgggJ3MIICczCCAfqgAwIBAgIJ -AKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJ -WQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0Ew HhcNMTkwNT -I5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE C -BMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgNVB -AMTA0Jv YjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKoZI -zj0CAQYFK4EEACID YgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXtIF -AuIJcZVlkLn/xbywkcMLHK/O+ w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM2a -YpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsG A1UdDwQEAwIHgDBCBglghkgBhvhCA -Q0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUg dHJ1c3RlZCBmb3IgYW55 -IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIa pTAfBgNVHSM -EGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV bo -S6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBwsCMD -fRweYz 3Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6fj36 -zGCAYkwggGFAgEB MEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYD -VQQHDAdIZXJuZG9uMREwDwYD VQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsGCWC -GSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMx DQYLKoZIhvcNAQkQAQEwHAYJKoZIhv -cNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcN AQkEMSIEIGb9Hm2kCnM0C -YNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIF MTIEMBZzeHVj -a7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK Bgg -qhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbolrop -BdPJ6 jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS7hYR -i6U0JKZmWbbuS8 vFIgX7eIkd8= +MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyq +GSIb3DQEJEAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkR +CzbXWdD331uAUCL3MMFXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzm +o18WwkFrEYH3EMsvpXEIGqsFTFN6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZy +b2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H/oSgggJ3MIICczCCAfqgAwIBAgI +JAKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDA +JWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwN +TI5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE +CBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgN +VBAMTA0JvYjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKo +ZIzj0CAQYFK4EEACIDYgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXt +IFAuIJcZVlkLn/xbywkcMLHK/O+w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM +2aYpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvh +CAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW +55IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIapTAfBgNVH +SMEGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV +boS6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBws +CMDfRweYz3Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6f +j36zGCAYkwggGFAgEBMEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwD +gYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsG +CWCGSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQEwHAYJKoZ +IhvcNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcNAQkEMSIEIGb9Hm2kCn +M0CYNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIFMTIEMBZze +HVja7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK +BggqhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbo +lropBdPJ6jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS +7hYRi6U0JKZmWbbuS8vFIgX7eIkd8= """ def setUp(self): @@ -133,6 +133,7 @@ i6U0JKZmWbbuS8 vFIgX7eIkd8= assert not rest assert receipt.prettyPrint() assert der_encode(receipt) == sd['encapContentInfo']['eContent'] + assert receipt['version'] == rfc2634.ESSVersion().subtype(value='v1') for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] @@ -144,6 +145,35 @@ i6U0JKZmWbbuS8 vFIgX7eIkd8= assert sav.prettyPrint() assert der_encode(sav) == sav0 + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.signed_receipt_pem_text) + rfc5652.cmsContentTypesMap.update(rfc2634.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() + assert asn1Object['contentType'] == rfc5652.id_signedData + + sd = asn1Object['content'] + assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3') + assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys() + assert sd['encapContentInfo']['eContentType'] == rfc2634.id_ct_receipt + + for sa in sd['signerInfos'][0]['signedAttrs']: + assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() + if sa['attrType'] == rfc2634.id_aa_msgSigDigest: + sa['attrValues'][0].prettyPrint()[:10] == '0x167378' + + # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot + # automatically decode it + receipt, rest = der_decode(sd['encapContentInfo']['eContent'], + asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']]) + assert receipt['version'] == rfc2634.ESSVersion().subtype(value='v1') + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc3274.py b/tests/test_rfc3274.py index fbf44a2..516884a 100644 --- a/tests/test_rfc3274.py +++ b/tests/test_rfc3274.py @@ -55,6 +55,22 @@ XQ7u2qbaKFtZ7V96NH8ApkUFkg== assert cd['compressionAlgorithm']['algorithm'] == rfc3274.id_alg_zlibCompress assert cd['encapContentInfo']['eContentType'] == rfc5652.id_data + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.compressed_data_pem_text) + + rfc5652.cmsContentTypesMap.update(rfc3274.cmsContentTypesMapUpdate) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc3274.id_ct_compressedData + cd = asn1Object['content'] + assert cd['compressionAlgorithm']['algorithm'] == rfc3274.id_alg_zlibCompress + assert cd['encapContentInfo']['eContentType'] == rfc5652.id_data + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': diff --git a/tests/test_rfc3709.py b/tests/test_rfc3709.py index dbe1edf..7d9b54f 100644..100755 --- a/tests/test_rfc3709.py +++ b/tests/test_rfc3709.py @@ -60,9 +60,23 @@ Pj22pmfmQi5w21UljqoTj/+lQLkU3wfy5BdVKBwI0GfEA+YL3ctSzPNqAA== assert not rest assert logotype.prettyPrint() assert der_encoder.encode(logotype) == s - assert logotype['subjectLogo']['direct']['image'][0]['imageDetails']['mediaType'] == "image/png" - assert logotype['subjectLogo']['direct']['image'][0]['imageDetails']['logotypeURI'][ - 0] == "http://www.vigilsec.com/vigilsec_logo.png" + ids = logotype['subjectLogo']['direct']['image'][0]['imageDetails'] + assert ids['mediaType'] == "image/png" + assert ids['logotypeURI'][0] == "http://www.vigilsec.com/vigilsec_logo.png" + + def testExtensionsMap(self): + substrate = pem.readBase64fromText(self.pem_text) + rfc5280.certificateExtensionsMap.update(rfc3709.certificateExtensionsMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) + assert not rest + assert asn1Object.prettyPrint() + assert der_encoder.encode(asn1Object) == substrate + + for extn in asn1Object['tbsCertificate']['extensions']: + if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): + extnValue, rest = der_decoder.decode(extn['extnValue'], + asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) + assert der_encoder.encode(extnValue) == extn['extnValue'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc3779.py b/tests/test_rfc3779.py index bebe06c..eb2a2df 100644 --- a/tests/test_rfc3779.py +++ b/tests/test_rfc3779.py @@ -74,6 +74,22 @@ V+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi assert as_ids.prettyPrint() assert der_encoder.encode(as_ids) == s + def testExtensionsMap(self): + substrate = pem.readBase64fromText(self.pem_text) + rfc5280.certificateExtensionsMap.update(rfc3779.certificateExtensionsMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) + assert not rest + assert asn1Object.prettyPrint() + assert der_encoder.encode(asn1Object) == substrate + + for extn in asn1Object['tbsCertificate']['extensions']: + if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks or \ + extn['extnID'] == rfc3779.id_pe_autonomousSysIds: + + extnValue, rest = der_decoder.decode(extn['extnValue'], + asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) + assert der_encoder.encode(extnValue) == extn['extnValue'] + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc4073.py b/tests/test_rfc4073.py index fc55bf5..bdc04c4 100644 --- a/tests/test_rfc4073.py +++ b/tests/test_rfc4073.py @@ -14,6 +14,7 @@ from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem +from pyasn1_modules import rfc2634 from pyasn1_modules import rfc4073 from pyasn1_modules import rfc5652 @@ -78,20 +79,13 @@ buWO3egPDL8Kf7tBhzjIKLw= if content_type == rfc4073.id_ct_contentWithAttrs: for attr in asn1Object['attrs']: - assert attr['attrType'] in attribute_list + assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() return asn1Object - attribute_list = ( - univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.4'), - univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.7'), - ) - - layers = { - rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), - rfc4073.id_ct_contentCollection: rfc4073.ContentCollection(), - rfc4073.id_ct_contentWithAttrs: rfc4073.ContentWithAttributes(), - } + rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap) + rfc5652.cmsContentTypesMap.update(rfc4073.cmsContentTypesMapUpdate) + layers = rfc5652.cmsContentTypesMap getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], @@ -125,6 +119,33 @@ buWO3egPDL8Kf7tBhzjIKLw= substrate = getNextSubstrate[this_layer](asn1Object) this_layer = getNextLayer[this_layer](asn1Object) + def testOpenTypes(self): + + substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap) + rfc5652.cmsContentTypesMap.update(rfc4073.cmsContentTypesMapUpdate) + asn1Object, rest = der_decode(substrate, + asn1Spec=rfc5652.ContentInfo(), + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc4073.id_ct_contentCollection + for ci in asn1Object['content']: + assert ci['contentType'] in rfc5652.cmsContentTypesMap.keys() + assert ci['contentType'] == rfc4073.id_ct_contentWithAttrs + next_ci = ci['content']['content'] + assert next_ci['contentType'] in rfc5652.cmsContentTypesMap.keys() + assert next_ci['contentType'] == rfc5652.id_data + assert 'Content-Type: text' in next_ci['content'] + + for attr in ci['content']['attrs']: + assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() + if attr['attrType'] == rfc2634.id_aa_contentHint: + assert 'RFC 4073' in attr['attrValues'][0]['contentDescription'] + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc4108.py b/tests/test_rfc4108.py index 49514b1..c611b0e 100644 --- a/tests/test_rfc4108.py +++ b/tests/test_rfc4108.py @@ -23,7 +23,7 @@ except ImportError: class CMSFirmwareWrapperTestCase(unittest.TestCase): pem_text = """\ -MIIEdwYJKoZIhvcNAQcCoIIEaDCCBGQCAQExDTALBglghkgBZQMEAgEwggIVBgsq +MIIEvAYJKoZIhvcNAQcCoIIErTCCBKkCAQExDTALBglghkgBZQMEAgEwggIVBgsq hkiG9w0BCRABEKCCAgQEggIA3ntqPr5kDpx+//pgWGfHCH/Ht4pbenGwXv80txyE Y0I2mT9BUGz8ILkbhD7Xz89pBS5KhEJpthxH8WREJtvS+wL4BqYLt23wjWoZy5Gt 5dPzWgaNlV/aQ5AdfAY9ljmnNYnK8D8r8ur7bQM4cKUdxry+QA0nqXHMAOSpx4Um @@ -35,18 +35,20 @@ RJNFP9vpDM8CxJIqcobC5Kuv8b0GqGfGl6ouuQKEVMfBcrupgjk3oc3KL1iVdSr1 /D9dmiFiErDB3Fzr4+8Qz0aKedNE/1uvM+dhu9qjuRdkDzZ4S7txTfk6y9pG9iyk aEeTV2kElKXblgi+Cf0Ut4f5he8rt6jveHdMo9X36YiUQVvevj2cgN7lFivEnFYV QY0xugpP7lvEFDfsi2+0ozgP8EKOLYaCUKpuvttlYJ+vdtUFEijizEZ4cx02RsXm -EesxggI1MIICMQIBA4AUnutnybladNRNLxY5ZoDoAbXLpJwwCwYJYIZIAWUDBAIB -oHgwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEQMCkGCyqGSIb3DQEJEAIkMRoG -CysGAQQBjb9BAQEqBgsrBgEEAY2/QQEBMDAvBgkqhkiG9w0BCQQxIgQgAJfvuasB -4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9YwCwYJKoZIhvcNAQELBIIBgDn0y+4B -cCX7ICovWcyWf0IxNXx7+1VlYneAZ8pMBaKu+6q7jRFZ+QsQFFbQ1yPO/3Pr2wVb -UJSJAL4QCJDurJ42LdPQIOGIV2aWq70vl6B9yt6svEdjxJ3XkopwcCBXLcB1Hp9b -6wYZzSFCujOlsABJiz2gMD6wUT4lq7RJO31LEPxx/Va4Ftp1F4okmgL8VpMemihU -atRXpIhedfli+TWEtMmoxcX3paLcU7MmJFUAwkHmb8rSRF5VBy5QWcNgzzskof0W -mCR/8bZjqR/g3VlFPyz7zOCxG/wIdZVAb4O/QP8fC0GhyHNE+NX6d+GI8RPpRyMf -5RfCCsHwbApCv8+tpFslYzwvUTIFx0y9zVrnkz/UrDjZtrKxLC0oRJlnlnKR1unm -lbolB9c2p60/mZHwQhLM5CjeYcMX3mMVJo4jqag+8o48CibW50h8y21usKaeA9b0 -9EMxfG3KaaP5mMEOZMpeGdUKQSJYweDstxlrY5ajPbeOycdMv7tRNoLpyw== +EesxggJ6MIICdgIBA4AUnutnybladNRNLxY5ZoDoAbXLpJwwCwYJYIZIAWUDBAIB +oIG8MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABEDArBgsqhkiG9w0BCRACJDEc +MBoGCysGAQQBjb9BAQEqBgsrBgEEAY2/QQEBMDAvBgkqhkiG9w0BCQQxIgQgAJfv +uasB4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9YwQAYLKoZIhvcNAQkQAikxMTAv +MAsGCWCGSAFlAwQCAQQgAJfvuasB4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9Yw +CwYJKoZIhvcNAQELBIIBgDivAlSLbMPPu+zV+pPcYpNp+A1mwVOytjMBzSo31kR/ +qEu+hVrDknAOk9IdCaDvcz612CcfNT85/KzrYvWWxOP2woU/vZj253SnndALpfNN +n3/crJjF6hKgkjUwoXebI7kuj5WCh2q5lkd6xUa+jkCw+CINcN43thtS66UsVI4d +mv02EvsS2cxPY/508uaQZ6AYAacm667bgX8xEjbzACMOeMCuvKQXWAuh3DkNk+gV +xizHDw7xZxXgMGMAnJglAeBtd3Si5ztILw9U2gKUqFn/nOgy+eW63JuU/q31/Hgg +ZATjyBznSzneTZrw8/ePoSCj7E9vBeCTUkeFbVB2tJK1iYDMblp6HUuwgYuGKXy/ +ZwKL3GvB11qg7ntdEyjdLq0xcVrht/K0d2dPo4iO4Ac7c1xbFMDAlWOt4FMPWh6O +iTh55YvT7hAJjTbB5ebgMA9QJnAczQPFnaIePnlFrkETd3YyLK4yHwnoIGo1GiW/ +dsnhVtIdkPtfJIvcYteYJg== """ def setUp(self): @@ -67,11 +69,43 @@ lbolB9c2p60/mZHwQhLM5CjeYcMX3mMVJo4jqag+8o48CibW50h8y21usKaeA9b0 assert inner['encapContentInfo']['eContentType'] == rfc4108.id_ct_firmwarePackage assert inner['encapContentInfo']['eContent'] - found_target_hardware_identifier_attribute = False + attribute_list = [ ] for attr in inner['signerInfos'][0]['signedAttrs']: + attribute_list.append(attr['attrType']) if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: - found_target_hardware_identifier_attribute = True - assert found_target_hardware_identifier_attribute + av, rest = der_decode(attr['attrValues'][0], + asn1Spec=rfc4108.TargetHardwareIdentifiers()) + assert len(av) == 2 + for oid in av: + assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint() + + assert rfc5652.id_contentType in attribute_list + assert rfc5652.id_messageDigest in attribute_list + assert rfc4108.id_aa_targetHardwareIDs in attribute_list + assert rfc4108.id_aa_fwPkgMessageDigest in attribute_list + + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.cmsContentTypesMap.update(rfc4108.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc4108.cmsAttributesMapUpdate) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc5652.id_signedData + sd_eci = asn1Object['content']['encapContentInfo'] + assert sd_eci['eContentType'] == rfc4108.id_ct_firmwarePackage + assert sd_eci['eContent'].hasValue() + + for attr in asn1Object['content']['signerInfos'][0]['signedAttrs']: + assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() + if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: + for oid in attr['attrValues'][0]: + assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint() suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc5035.py b/tests/test_rfc5035.py index 022d149..1c605bc 100755 --- a/tests/test_rfc5035.py +++ b/tests/test_rfc5035.py @@ -144,6 +144,35 @@ vFIgX7eIkd8= assert sav.prettyPrint() assert der_encode(sav) == sav0 + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.signed_receipt_pem_text) + rfc5652.cmsContentTypesMap.update(rfc5035.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc5035.ESSAttributeMap) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() + assert asn1Object['contentType'] == rfc5652.id_signedData + + sd = asn1Object['content'] + assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3') + assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys() + assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt + + for sa in sd['signerInfos'][0]['signedAttrs']: + assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() + if sa['attrType'] == rfc5035.id_aa_msgSigDigest: + sa['attrValues'][0].prettyPrint()[:10] == '0x167378' + + # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot + # automatically decode it + receipt, rest = der_decode(sd['encapContentInfo']['eContent'], + asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']]) + assert receipt['version'] == rfc5035.ESSVersion().subtype(value='v1') + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc5083.py b/tests/test_rfc5083.py index 08eabfb..5e3b47f 100644..100755 --- a/tests/test_rfc5083.py +++ b/tests/test_rfc5083.py @@ -2,7 +2,7 @@ # This file is part of pyasn1-modules software. # # Created by Russ Housley -# Copyright (c) 2018, Vigil Security, LLC +# Copyright (c) 2018, 2019 Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # @@ -12,7 +12,9 @@ from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem +from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5083 +from pyasn1_modules import rfc5035 try: import unittest2 as unittest @@ -47,6 +49,50 @@ ur76ztut3sr4iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RM assert der_encoder.encode(asn1Object) == substrate +class AuthEnvelopedDataOpenTypesTestCase(unittest.TestCase): + pem_text = """\ +MIICvQYLKoZIhvcNAQkQARegggKsMIICqAIBADGCAiekggIjBgsqhkiG9w0BCRAN +ATCCAhICAQAEE3B0Zi1rbWM6MTM2MTQxMjIxMTIwDQYLKoZIhvcNAQkQAzAwCwYJ +YIZIAWUDBAEtMIIBsDCCAawCAQKAFJ7rZ8m5WnTUTS8WOWaA6AG1y6ScMA0GCSqG +SIb3DQEBAQUABIIBgHfnHNqDbyyql2NqX6UQggelWMTjwzJJ1L2erbsj1bIAGmpI +sUijw+fX8VOS7v1C9ui2Md9NFgCfkmKLo8T/jELqrk7MpMu09G5zDgeXzJfQDFc1 +15wbrWAUU3XP7XIb6TNOc3xtq4UxA5V6jNUK2XyWKpjzOtM7gm0VWIJGVVlYu+u3 +2LQcCjRFb87kvOY/WEnjxQpCW8g+4V747Ud97dYpMub7TLJiRNZkdHnq8xEGKlXj +VHSgc10lhphe1kFGeCpfJEsqjtN7YsVzf65ri9Z+3FJ1IO4cnMDbzGhyRXkS7a0k +58/miJbSj88PvzKNSURwpu4YHMQQX/mjT2ey1SY4ihPMuxxgTdCa04L0UxaRr7xA +ucz3n2UWShelm3IIjnWRlYdXypnXvKvwCLoeh5mJwUl1JNFPCQkQ487cKRyobUyN +gXQKT4ZDHCgXciwsX5nTsom87Ixp5vqSDJ+DhXA0r/Caiu1vnY5X9GLHSkqgXkgq +gUuu0LfcsQERD8psfQQogbiuZDqJmYt1Iau/pkuGfmeeqeiM3aeQ4NZf9AFZUVWB +GArPNHrvVDA3BgkqhkiG9w0BBwEwGwYJYIZIAWUDBAEuMA4EDMr+ur76ztut3sr4 +iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RMojEwLwYLKoZIhvcNAQkQAgQx +IDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZIhvcNAQcB +""" + + def setUp(self): + self.asn1Spec = rfc5652.ContentInfo() + + def testDerCodec(self): + substrate = pem.readBase64fromText(self.pem_text) + rfc5652.cmsAttributesMap.update(rfc5035.ESSAttributeMap) + rfc5652.cmsContentTypesMap.update(rfc5083.cmsContentTypesMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encoder.encode(asn1Object) == substrate + + assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap + assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData + authenv = asn1Object['content'] + assert authenv['version'] == rfc5652.CMSVersion().subtype(value='v0') + + for attr in authenv['unauthAttrs']: + assert attr['attrType'] in rfc5652.cmsAttributesMap + if attr['attrType'] == rfc5035.id_aa_contentHint: + assert 'Watson' in attr['attrValues'][0]['contentDescription'] + + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': diff --git a/tests/test_rfc5940.py b/tests/test_rfc5940.py index f95be05..9feeedf 100644 --- a/tests/test_rfc5940.py +++ b/tests/test_rfc5940.py @@ -80,17 +80,51 @@ ttTMEpl2prH8bbwo1g== assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData - inner, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) - assert inner.prettyPrint() + sd, rest = der_decode(asn1Object['content'], + asn1Spec=rfc5652.SignedData()) + assert sd.prettyPrint() - assert inner['encapContentInfo']['eContentType'] == rfc5652.id_data - assert inner['encapContentInfo']['eContent'] - assert inner['crls'][0]['crl']['tbsCertList']['version'] == rfc5280.Version(value='v2') - assert inner['crls'][1]['other']['otherRevInfoFormat'] == rfc5940.id_ri_ocsp_response + assert sd['encapContentInfo']['eContentType'] == rfc5652.id_data + assert sd['encapContentInfo']['eContent'] + v2 = rfc5280.Version(value='v2') + assert sd['crls'][0]['crl']['tbsCertList']['version'] == v2 + ocspr_oid = rfc5940.id_ri_ocsp_response + assert sd['crls'][1]['other']['otherRevInfoFormat'] == ocspr_oid - ocspr, rest = der_decode(inner['crls'][1]['other']['otherRevInfo'], asn1Spec=rfc5940.OCSPResponse()) + ocspr, rest = der_decode(sd['crls'][1]['other']['otherRevInfo'], + asn1Spec=rfc5940.OCSPResponse()) assert ocspr.prettyPrint() - assert ocspr['responseStatus'] == rfc2560.OCSPResponseStatus(value='successful') + success = rfc2560.OCSPResponseStatus(value='successful') + assert ocspr['responseStatus'] == success + + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.otherRevInfoFormatMap.update(rfc5940.otherRevInfoFormatMapUpdate) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc5652.id_signedData + sd_eci = asn1Object['content']['encapContentInfo'] + assert sd_eci['eContentType'] == rfc5652.id_data + assert sd_eci['eContent'].hasValue() + + for ri in asn1Object['content']['crls']: + if ri.getName() == 'crl': + v2 = rfc5280.Version(value='v2') + assert ri['crl']['tbsCertList']['version'] == v2 + if ri.getName() == 'other': + ori = ri['other'] + ocspr_oid = rfc5940.id_ri_ocsp_response + assert ori['otherRevInfoFormat'] == ocspr_oid + ocspr_status = ori['otherRevInfo']['responseStatus'] + success = rfc2560.OCSPResponseStatus(value='successful') + assert ocspr_status == success + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc5958.py b/tests/test_rfc5958.py index 1abc40e..88fb4f1 100644 --- a/tests/test_rfc5958.py +++ b/tests/test_rfc5958.py @@ -11,7 +11,10 @@ import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder +from pyasn1.type import univ + from pyasn1_modules import pem +from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5958 from pyasn1_modules import rfc8410 @@ -44,6 +47,33 @@ Z9w7lshQhqowtrbLDFw4rXAxZuE= assert der_encoder.encode(asn1Object) == substrate +class PrivateKeyOpenTypesTestCase(unittest.TestCase): + asymmetric_key_pkg_pem_text = """\ +MIGEBgpghkgBZQIBAk4FoHYwdDByAgEBMAUGAytlcAQiBCDU7nLb+RNYStW22PH3 +afitOv58KMvx1Pvgl6iPRHVYQqAfMB0GCiqGSIb3DQEJCRQxDwwNQ3VyZGxlIENo +YWlyc4EhABm/RAlphM3+hUG6wWfcO5bIUIaqMLa2ywxcOK1wMWbh +""" + + def setUp(self): + self.asn1Spec = rfc5652.ContentInfo() + + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.asymmetric_key_pkg_pem_text) + rfc5652.cmsContentTypesMap.update(rfc5958.cmsContentTypesMapUpdate) + asn1Object, rest = der_decoder.decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encoder.encode(asn1Object) == substrate + + assert rfc5958.id_ct_KP_aKeyPackage in rfc5652.cmsContentTypesMap.keys() + oneKey = asn1Object['content'][0] + assert oneKey['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519 + pkcs_9_at_friendlyName = univ.ObjectIdentifier('1.2.840.113549.1.9.9.20') + assert oneKey['attributes'][0]['type'] == pkcs_9_at_friendlyName + + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': diff --git a/tests/test_rfc6019.py b/tests/test_rfc6019.py index 664da0e..f66c12c 100644 --- a/tests/test_rfc6019.py +++ b/tests/test_rfc6019.py @@ -37,9 +37,24 @@ class BinarySigningTimeTestCase(unittest.TestCase): assert der_encode(asn1Object) == substrate assert asn1Object['attrType'] == rfc6019.id_aa_binarySigningTime - bintime, rest = der_decode(asn1Object['attrValues'][0], asn1Spec=rfc6019.BinaryTime()) + bintime, rest = der_decode(asn1Object['attrValues'][0], + asn1Spec=rfc6019.BinaryTime()) assert bintime == 0x5cbf8654 + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.pem_text) + + rfc5652.cmsAttributesMap.update(rfc6019.cmsAttributesMapUpdate) + asn1Object, rest = der_decode(substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['attrType'] in rfc5652.cmsAttributesMap.keys() + assert asn1Object['attrValues'][0] == 0x5cbf8654 + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc7191.py b/tests/test_rfc7191.py index 664ead7..36103bb 100755 --- a/tests/test_rfc7191.py +++ b/tests/test_rfc7191.py @@ -11,6 +11,8 @@ import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode +from pyasn1.type import univ + from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc7191 @@ -80,6 +82,30 @@ goRV+bq4fdgOOj25JFqa80xnXGtQqjm/7NSII5SbdJk+DT7KCkSbkElkbgQ= assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 + + package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" + package_id = pem.readBase64fromText(package_id_pem_text) + assert sav['pkgID'] == package_id + + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.message1_pem_text) + rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate) + asn1Object, rest = der_decode (substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc5652.id_signedData + v3 = rfc5652.CMSVersion().subtype(value='v3') + assert asn1Object['content']['version'] == v3 + + for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']: + if sa['attrType'] == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq: + package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" + package_id = pem.readBase64fromText(package_id_pem_text) + assert sa['attrValues'][0]['pkgID'] == package_id class ReceiptTestCase(unittest.TestCase): @@ -137,6 +163,38 @@ bUcOYuCdivgxVuhlAgIxAPR9JavxziwCbVyBUWOAiKKYfglTgG3AwNmrKDj0NtXUQ9qDmGAc package_id = pem.readBase64fromText(package_id_pem_text) assert receipt['receiptOf']['pkgID'] == package_id + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.message2_pem_text) + rfc5652.cmsContentTypesMap.update(rfc7191.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate) + asn1Object, rest = der_decode (substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc5652.id_signedData + v3 = rfc5652.CMSVersion().subtype(value='v3') + assert asn1Object['content']['version'] == v3 + + for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']: + assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() + if sa['attrType'] == rfc5652.id_messageDigest: + assert '0x412598a6ae2' in sa['attrValues'][0].prettyPrint() + + ct_oid = asn1Object['content']['encapContentInfo']['eContentType'] + assert ct_oid in rfc5652.cmsContentTypesMap + assert ct_oid == rfc7191.id_ct_KP_keyPackageReceipt + + # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot + # automatically decode it + sd_eci = asn1Object['content']['encapContentInfo'] + receipt, rest = der_decode(sd_eci['eContent'], + asn1Spec=rfc5652.cmsContentTypesMap[sd_eci['eContentType']]) + package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" + package_id = pem.readBase64fromText(package_id_pem_text) + assert receipt['receiptOf']['pkgID'] == package_id class ErrorTestCase(unittest.TestCase): message3_pem_text = """\ @@ -194,6 +252,40 @@ iNF8uKtW/lk0AjA7z2q40N0lamXkSU7ECasiWOYV1X4cWGiQwMZDKknBPDqXqB6Es6p4J+qe assert kpe['errorOf']['pkgID'] == package_id assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10) + def testOpenTypes(self): + substrate = pem.readBase64fromText(self.message3_pem_text) + rfc5652.cmsContentTypesMap.update(rfc7191.cmsContentTypesMapUpdate) + rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate) + asn1Object, rest = der_decode (substrate, + asn1Spec=self.asn1Spec, + decodeOpenTypes=True) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + assert asn1Object['contentType'] == rfc5652.id_signedData + v3 = rfc5652.CMSVersion().subtype(value='v3') + assert asn1Object['content']['version'] == v3 + + for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']: + assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() + if sa['attrType'] == rfc5652.id_messageDigest: + assert '0xa05c54d4737' in sa['attrValues'][0].prettyPrint() + + ct_oid = asn1Object['content']['encapContentInfo']['eContentType'] + assert ct_oid in rfc5652.cmsContentTypesMap.keys() + assert ct_oid == rfc7191.id_ct_KP_keyPackageError + + # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot + # automatically decode it + sd_eci = asn1Object['content']['encapContentInfo'] + kpe, rest = der_decode(sd_eci['eContent'], + asn1Spec=rfc5652.cmsContentTypesMap[sd_eci['eContentType']]) + package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" + package_id = pem.readBase64fromText(package_id_pem_text) + assert kpe['errorOf']['pkgID'] == package_id + assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10) + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) diff --git a/tests/test_rfc8226.py b/tests/test_rfc8226.py index a7dc036..19e7fc7 100644..100755 --- a/tests/test_rfc8226.py +++ b/tests/test_rfc8226.py @@ -12,6 +12,7 @@ from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem +from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8226 try: @@ -48,6 +49,43 @@ class TNAuthorizationListTestCase(unittest.TestCase): assert der_encoder.encode(asn1Object) == substrate +class CertificateOpenTypesTestCase(unittest.TestCase): + cert_pem_text = """\ +MIICkTCCAhegAwIBAgIJAKWzVCgbsG4+MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n +dXMgQ0EwHhcNMTkwNzE4MTUwNzQ5WhcNMjAwNzE3MTUwNzQ5WjBxMQswCQYDVQQG +EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xKDAmBgNVBAoTH0Zh +a2UgVGVsZXBob25lIFNlcnZpY2UgUHJvdmlkZXIxGTAXBgNVBAMTEGZha2UuZXhh +bXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARLyLhnsvrS9WBY29tmN2LI +CF/wuX4ohhUy3sxO0ynCplHHojpDg+tghGzusf0aLtMDu1II915O8YK5XVL+KZJD +C82jybxWIKjjzX2qc5/O06joUttdEDzkTaD0kgbcXl6jgawwgakwCwYDVR0PBAQD +AgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0 +cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFHOI3GpDt9dWsTAZxhcj +96uyL2aIMB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMBYGCCsGAQUF +BwEaBAowCKAGFgRmYWtlMAoGCCqGSM49BAMDA2gAMGUCMQCy+qFhT7X1i18jcyIa +Jkgz/tumrPsaBA2RihkooTEr4GbqC650Z4Cwt7+x2xZq37sCMFSM6fRueLyV5StG +yEFWA6G95b/HbtPMTjLpPKtrOjhofc4LyVCDYhFhKzpvHh1qeA== +""" + + def setUp(self): + self.asn1Spec = rfc5280.Certificate() + + def testDerCodec(self): + substrate = pem.readBase64fromText(self.cert_pem_text) + asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) + assert not rest + assert asn1Object.prettyPrint() + assert der_encoder.encode(asn1Object) == substrate + + for extn in asn1Object['tbsCertificate']['extensions']: + if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): + extnValue, rest = der_decoder.decode(extn['extnValue'], + asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) + assert der_encoder.encode(extnValue) == extn['extnValue'] + + if extn['extnID'] == rfc8226.id_pe_TNAuthList: + assert extnValue[0]['spc'] == 'fake' + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': diff --git a/tests/test_rfc8520.py b/tests/test_rfc8520.py index fe1e2cf..2a58ba9 100644 --- a/tests/test_rfc8520.py +++ b/tests/test_rfc8520.py @@ -82,6 +82,20 @@ izaUuU1EEwgOMELjeFL62Ssvq8X+x6hZFCLygI7GNeitlblNhCXhFFurqMs= assert mudurl[-5:] == ".json" + def testExtensionsMap(self): + substrate = pem.readBase64fromText(self.mud_cert_pem_text) + rfc5280.certificateExtensionsMap.update(rfc8520.certificateExtensionsMapUpdate) + asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) + assert not rest + assert asn1Object.prettyPrint() + assert der_encode(asn1Object) == substrate + + for extn in asn1Object['tbsCertificate']['extensions']: + if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): + extnValue, rest = der_decode(extn['extnValue'], + asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) + assert der_encode(extnValue) == extn['extnValue'] + suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) |