Added maps for use with openType (#53)

author: Russ Housley <housley@vigilsec.com> 2019-07-20 06:58:55 -0400
committer: Ilya Etingof <etingof@gmail.com> 2019-07-20 12:58:55 +0200
commit: 23608be1bc0ce8a4ac5fbaba92af905c88ea4ab6 (patch)
tree: 67be142d26a66e2a874502f60c3e97d0059bd769 /tests
parent: 06f5be85d5229cffeb24f9ae622df665d7ae506b (diff)
download: pyasn1-modules-23608be1bc0ce8a4ac5fbaba92af905c88ea4ab6.tar.gz
14 files changed, 496 insertions, 67 deletions
diff --git a/tests/test_rfc2634.py b/tests/test_rfc2634.py
index 9b52f99..c024173 100755
--- a/tests/test_rfc2634.py
+++ b/tests/test_rfc2634.py
@@ -82,33 +82,33 @@ mNTr0mjYeUWRe/15IsWNx+kuFcLDr71DFHvMFY5M3sdfMA==
 
 class SignedReceiptTestCase(unittest.TestCase):
     signed_receipt_pem_text = """\
-MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyqG
-SIb3DQEJ EAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkRC
-zbXWdD331uAUCL3MM FXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzmo
-18WwkFrEYH3EMsvpXEIGqsFTFN 6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZyb
-2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H /oSgggJ3MIICczCCAfqgAwIBAgIJ
-AKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJ
-WQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0Ew HhcNMTkwNT
-I5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE C
-BMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgNVB
-AMTA0Jv YjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKoZI
-zj0CAQYFK4EEACID YgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXtIF
-AuIJcZVlkLn/xbywkcMLHK/O+ w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM2a
-YpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsG A1UdDwQEAwIHgDBCBglghkgBhvhCA
-Q0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUg dHJ1c3RlZCBmb3IgYW55
-IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIa pTAfBgNVHSM
-EGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV bo
-S6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBwsCMD
-fRweYz 3Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6fj36
-zGCAYkwggGFAgEB MEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYD
-VQQHDAdIZXJuZG9uMREwDwYD VQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsGCWC
-GSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMx DQYLKoZIhvcNAQkQAQEwHAYJKoZIhv
-cNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcN AQkEMSIEIGb9Hm2kCnM0C
-YNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIF MTIEMBZzeHVj
-a7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK Bgg
-qhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbolrop
-BdPJ6 jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS7hYR
-i6U0JKZmWbbuS8 vFIgX7eIkd8=
+MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyq
+GSIb3DQEJEAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkR
+CzbXWdD331uAUCL3MMFXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzm
+o18WwkFrEYH3EMsvpXEIGqsFTFN6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZy
+b2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H/oSgggJ3MIICczCCAfqgAwIBAgI
+JAKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDA
+JWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwN
+TI5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE
+CBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgN
+VBAMTA0JvYjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKo
+ZIzj0CAQYFK4EEACIDYgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXt
+IFAuIJcZVlkLn/xbywkcMLHK/O+w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM
+2aYpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvh
+CAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW
+55IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIapTAfBgNVH
+SMEGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV
+boS6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBws
+CMDfRweYz3Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6f
+j36zGCAYkwggGFAgEBMEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwD
+gYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsG
+CWCGSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQEwHAYJKoZ
+IhvcNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcNAQkEMSIEIGb9Hm2kCn
+M0CYNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIFMTIEMBZze
+HVja7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK
+BggqhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbo
+lropBdPJ6jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS
+7hYRi6U0JKZmWbbuS8vFIgX7eIkd8=
 """
 
     def setUp(self):
@@ -133,6 +133,7 @@ i6U0JKZmWbbuS8 vFIgX7eIkd8=
         assert not rest
         assert receipt.prettyPrint()
         assert der_encode(receipt) == sd['encapContentInfo']['eContent']
+        assert receipt['version'] == rfc2634.ESSVersion().subtype(value='v1')
 
         for sa in sd['signerInfos'][0]['signedAttrs']:
             sat = sa['attrType']
@@ -144,6 +145,35 @@ i6U0JKZmWbbuS8 vFIgX7eIkd8=
                 assert sav.prettyPrint()
                 assert der_encode(sav) == sav0
 
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.signed_receipt_pem_text)
+        rfc5652.cmsContentTypesMap.update(rfc2634.cmsContentTypesMapUpdate)
+        rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap)
+        asn1Object, rest = der_decode(substrate,
+            asn1Spec=self.asn1Spec, decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys()
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+
+        sd = asn1Object['content']
+        assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3')
+        assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys()
+        assert sd['encapContentInfo']['eContentType'] == rfc2634.id_ct_receipt
+
+        for sa in sd['signerInfos'][0]['signedAttrs']:
+            assert sa['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if sa['attrType'] == rfc2634.id_aa_msgSigDigest:
+                sa['attrValues'][0].prettyPrint()[:10] == '0x167378'
+
+        # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot
+        # automatically decode it 
+        receipt, rest = der_decode(sd['encapContentInfo']['eContent'],
+            asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']])
+        assert receipt['version'] == rfc2634.ESSVersion().subtype(value='v1')
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc3274.py b/tests/test_rfc3274.py
index fbf44a2..516884a 100644
--- a/tests/test_rfc3274.py
+++ b/tests/test_rfc3274.py
@@ -55,6 +55,22 @@ XQ7u2qbaKFtZ7V96NH8ApkUFkg==
         assert cd['compressionAlgorithm']['algorithm'] == rfc3274.id_alg_zlibCompress
         assert cd['encapContentInfo']['eContentType'] == rfc5652.id_data
 
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.compressed_data_pem_text)
+
+        rfc5652.cmsContentTypesMap.update(rfc3274.cmsContentTypesMapUpdate)
+        asn1Object, rest = der_decode(substrate, 
+                                      asn1Spec=self.asn1Spec,
+                                      decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc3274.id_ct_compressedData
+        cd = asn1Object['content']
+        assert cd['compressionAlgorithm']['algorithm'] == rfc3274.id_alg_zlibCompress
+        assert cd['encapContentInfo']['eContentType'] == rfc5652.id_data
+
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
 if __name__ == '__main__':
diff --git a/tests/test_rfc3709.py b/tests/test_rfc3709.py
index dbe1edf..7d9b54f 100644..100755
--- a/tests/test_rfc3709.py
+++ b/tests/test_rfc3709.py
@@ -60,9 +60,23 @@ Pj22pmfmQi5w21UljqoTj/+lQLkU3wfy5BdVKBwI0GfEA+YL3ctSzPNqAA==
                 assert not rest
                 assert logotype.prettyPrint()
                 assert der_encoder.encode(logotype) == s
-                assert logotype['subjectLogo']['direct']['image'][0]['imageDetails']['mediaType'] == "image/png"
-                assert logotype['subjectLogo']['direct']['image'][0]['imageDetails']['logotypeURI'][
-                           0] == "http://www.vigilsec.com/vigilsec_logo.png"
+                ids = logotype['subjectLogo']['direct']['image'][0]['imageDetails']
+                assert ids['mediaType'] == "image/png"
+                assert ids['logotypeURI'][0] == "http://www.vigilsec.com/vigilsec_logo.png"
+
+    def testExtensionsMap(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+        rfc5280.certificateExtensionsMap.update(rfc3709.certificateExtensionsMapUpdate)
+        asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encoder.encode(asn1Object) == substrate
+
+        for extn in asn1Object['tbsCertificate']['extensions']:
+            if extn['extnID'] in rfc5280.certificateExtensionsMap.keys():
+                extnValue, rest = der_decoder.decode(extn['extnValue'],
+                    asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']])
+                assert der_encoder.encode(extnValue) == extn['extnValue']
 
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
diff --git a/tests/test_rfc3779.py b/tests/test_rfc3779.py
index bebe06c..eb2a2df 100644
--- a/tests/test_rfc3779.py
+++ b/tests/test_rfc3779.py
@@ -74,6 +74,22 @@ V+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi
                 assert as_ids.prettyPrint()
                 assert der_encoder.encode(as_ids) == s
 
+    def testExtensionsMap(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+        rfc5280.certificateExtensionsMap.update(rfc3779.certificateExtensionsMapUpdate)
+        asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encoder.encode(asn1Object) == substrate
+
+        for extn in asn1Object['tbsCertificate']['extensions']:
+            if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks or \
+               extn['extnID'] == rfc3779.id_pe_autonomousSysIds:
+
+                extnValue, rest = der_decoder.decode(extn['extnValue'],
+                    asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']])
+                assert der_encoder.encode(extnValue) == extn['extnValue']
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc4073.py b/tests/test_rfc4073.py
index fc55bf5..bdc04c4 100644
--- a/tests/test_rfc4073.py
+++ b/tests/test_rfc4073.py
@@ -14,6 +14,7 @@ from pyasn1.codec.der.encoder import encode as der_encode
 from pyasn1.type import univ
 
 from pyasn1_modules import pem
+from pyasn1_modules import rfc2634
 from pyasn1_modules import rfc4073
 from pyasn1_modules import rfc5652
 
@@ -78,20 +79,13 @@ buWO3egPDL8Kf7tBhzjIKLw=
 
             if content_type == rfc4073.id_ct_contentWithAttrs:
                 for attr in asn1Object['attrs']:
-                    assert attr['attrType'] in attribute_list
+                    assert attr['attrType'] in rfc5652.cmsAttributesMap.keys()
     
             return asn1Object
 
-        attribute_list = (
-            univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.4'),
-            univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.7'),
-        )
-
-        layers = {
-            rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(),
-            rfc4073.id_ct_contentCollection: rfc4073.ContentCollection(),
-            rfc4073.id_ct_contentWithAttrs: rfc4073.ContentWithAttributes(),
-        }
+        rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap)
+        rfc5652.cmsContentTypesMap.update(rfc4073.cmsContentTypesMapUpdate)
+        layers = rfc5652.cmsContentTypesMap
 
         getNextLayer = {
             rfc5652.id_ct_contentInfo: lambda x: x['contentType'],
@@ -125,6 +119,33 @@ buWO3egPDL8Kf7tBhzjIKLw=
                 substrate = getNextSubstrate[this_layer](asn1Object)
                 this_layer = getNextLayer[this_layer](asn1Object)
 
+    def testOpenTypes(self):
+
+        substrate = pem.readBase64fromText(self.pem_text)
+
+        rfc5652.cmsAttributesMap.update(rfc2634.ESSAttributeMap)
+        rfc5652.cmsContentTypesMap.update(rfc4073.cmsContentTypesMapUpdate)
+        asn1Object, rest = der_decode(substrate,
+                                      asn1Spec=rfc5652.ContentInfo(),
+                                      decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc4073.id_ct_contentCollection
+        for ci in asn1Object['content']:
+            assert ci['contentType'] in rfc5652.cmsContentTypesMap.keys()
+            assert ci['contentType'] == rfc4073.id_ct_contentWithAttrs
+            next_ci = ci['content']['content']
+            assert next_ci['contentType'] in rfc5652.cmsContentTypesMap.keys()
+            assert next_ci['contentType'] == rfc5652.id_data
+            assert 'Content-Type: text' in next_ci['content']
+
+            for attr in ci['content']['attrs']:
+                assert attr['attrType'] in rfc5652.cmsAttributesMap.keys()
+                if attr['attrType'] == rfc2634.id_aa_contentHint:
+                    assert 'RFC 4073' in attr['attrValues'][0]['contentDescription']
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc4108.py b/tests/test_rfc4108.py
index 49514b1..c611b0e 100644
--- a/tests/test_rfc4108.py
+++ b/tests/test_rfc4108.py
@@ -23,7 +23,7 @@ except ImportError:
 
 class CMSFirmwareWrapperTestCase(unittest.TestCase):
     pem_text = """\
-MIIEdwYJKoZIhvcNAQcCoIIEaDCCBGQCAQExDTALBglghkgBZQMEAgEwggIVBgsq
+MIIEvAYJKoZIhvcNAQcCoIIErTCCBKkCAQExDTALBglghkgBZQMEAgEwggIVBgsq
 hkiG9w0BCRABEKCCAgQEggIA3ntqPr5kDpx+//pgWGfHCH/Ht4pbenGwXv80txyE
 Y0I2mT9BUGz8ILkbhD7Xz89pBS5KhEJpthxH8WREJtvS+wL4BqYLt23wjWoZy5Gt
 5dPzWgaNlV/aQ5AdfAY9ljmnNYnK8D8r8ur7bQM4cKUdxry+QA0nqXHMAOSpx4Um
@@ -35,18 +35,20 @@ RJNFP9vpDM8CxJIqcobC5Kuv8b0GqGfGl6ouuQKEVMfBcrupgjk3oc3KL1iVdSr1
 /D9dmiFiErDB3Fzr4+8Qz0aKedNE/1uvM+dhu9qjuRdkDzZ4S7txTfk6y9pG9iyk
 aEeTV2kElKXblgi+Cf0Ut4f5he8rt6jveHdMo9X36YiUQVvevj2cgN7lFivEnFYV
 QY0xugpP7lvEFDfsi2+0ozgP8EKOLYaCUKpuvttlYJ+vdtUFEijizEZ4cx02RsXm
-EesxggI1MIICMQIBA4AUnutnybladNRNLxY5ZoDoAbXLpJwwCwYJYIZIAWUDBAIB
-oHgwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEQMCkGCyqGSIb3DQEJEAIkMRoG
-CysGAQQBjb9BAQEqBgsrBgEEAY2/QQEBMDAvBgkqhkiG9w0BCQQxIgQgAJfvuasB
-4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9YwCwYJKoZIhvcNAQELBIIBgDn0y+4B
-cCX7ICovWcyWf0IxNXx7+1VlYneAZ8pMBaKu+6q7jRFZ+QsQFFbQ1yPO/3Pr2wVb
-UJSJAL4QCJDurJ42LdPQIOGIV2aWq70vl6B9yt6svEdjxJ3XkopwcCBXLcB1Hp9b
-6wYZzSFCujOlsABJiz2gMD6wUT4lq7RJO31LEPxx/Va4Ftp1F4okmgL8VpMemihU
-atRXpIhedfli+TWEtMmoxcX3paLcU7MmJFUAwkHmb8rSRF5VBy5QWcNgzzskof0W
-mCR/8bZjqR/g3VlFPyz7zOCxG/wIdZVAb4O/QP8fC0GhyHNE+NX6d+GI8RPpRyMf
-5RfCCsHwbApCv8+tpFslYzwvUTIFx0y9zVrnkz/UrDjZtrKxLC0oRJlnlnKR1unm
-lbolB9c2p60/mZHwQhLM5CjeYcMX3mMVJo4jqag+8o48CibW50h8y21usKaeA9b0
-9EMxfG3KaaP5mMEOZMpeGdUKQSJYweDstxlrY5ajPbeOycdMv7tRNoLpyw==
+EesxggJ6MIICdgIBA4AUnutnybladNRNLxY5ZoDoAbXLpJwwCwYJYIZIAWUDBAIB
+oIG8MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABEDArBgsqhkiG9w0BCRACJDEc
+MBoGCysGAQQBjb9BAQEqBgsrBgEEAY2/QQEBMDAvBgkqhkiG9w0BCQQxIgQgAJfv
+uasB4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9YwQAYLKoZIhvcNAQkQAikxMTAv
+MAsGCWCGSAFlAwQCAQQgAJfvuasB4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9Yw
+CwYJKoZIhvcNAQELBIIBgDivAlSLbMPPu+zV+pPcYpNp+A1mwVOytjMBzSo31kR/
+qEu+hVrDknAOk9IdCaDvcz612CcfNT85/KzrYvWWxOP2woU/vZj253SnndALpfNN
+n3/crJjF6hKgkjUwoXebI7kuj5WCh2q5lkd6xUa+jkCw+CINcN43thtS66UsVI4d
+mv02EvsS2cxPY/508uaQZ6AYAacm667bgX8xEjbzACMOeMCuvKQXWAuh3DkNk+gV
+xizHDw7xZxXgMGMAnJglAeBtd3Si5ztILw9U2gKUqFn/nOgy+eW63JuU/q31/Hgg
+ZATjyBznSzneTZrw8/ePoSCj7E9vBeCTUkeFbVB2tJK1iYDMblp6HUuwgYuGKXy/
+ZwKL3GvB11qg7ntdEyjdLq0xcVrht/K0d2dPo4iO4Ac7c1xbFMDAlWOt4FMPWh6O
+iTh55YvT7hAJjTbB5ebgMA9QJnAczQPFnaIePnlFrkETd3YyLK4yHwnoIGo1GiW/
+dsnhVtIdkPtfJIvcYteYJg==
 """
 
     def setUp(self):
@@ -67,11 +69,43 @@ lbolB9c2p60/mZHwQhLM5CjeYcMX3mMVJo4jqag+8o48CibW50h8y21usKaeA9b0
         assert inner['encapContentInfo']['eContentType'] == rfc4108.id_ct_firmwarePackage
         assert inner['encapContentInfo']['eContent']
 
-        found_target_hardware_identifier_attribute = False
+        attribute_list = [ ]
         for attr in inner['signerInfos'][0]['signedAttrs']:
+            attribute_list.append(attr['attrType'])
             if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs:
-                found_target_hardware_identifier_attribute = True
-        assert found_target_hardware_identifier_attribute
+                av, rest = der_decode(attr['attrValues'][0],
+                                      asn1Spec=rfc4108.TargetHardwareIdentifiers())
+                assert len(av) == 2
+                for oid in av:
+                    assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint()
+
+        assert rfc5652.id_contentType in attribute_list
+        assert rfc5652.id_messageDigest in attribute_list
+        assert rfc4108.id_aa_targetHardwareIDs in attribute_list
+        assert rfc4108.id_aa_fwPkgMessageDigest in attribute_list
+
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+
+        rfc5652.cmsContentTypesMap.update(rfc4108.cmsContentTypesMapUpdate)
+        rfc5652.cmsAttributesMap.update(rfc4108.cmsAttributesMapUpdate)
+        asn1Object, rest = der_decode(substrate,
+                                      asn1Spec=self.asn1Spec,
+                                      decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+        sd_eci = asn1Object['content']['encapContentInfo']
+        assert sd_eci['eContentType'] == rfc4108.id_ct_firmwarePackage
+        assert sd_eci['eContent'].hasValue()
+
+        for attr in asn1Object['content']['signerInfos'][0]['signedAttrs']:
+            assert attr['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs:
+               for oid in attr['attrValues'][0]:
+                   assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint()
 
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
diff --git a/tests/test_rfc5035.py b/tests/test_rfc5035.py
index 022d149..1c605bc 100755
--- a/tests/test_rfc5035.py
+++ b/tests/test_rfc5035.py
@@ -144,6 +144,35 @@ vFIgX7eIkd8=
                 assert sav.prettyPrint()
                 assert der_encode(sav) == sav0
 
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.signed_receipt_pem_text)
+        rfc5652.cmsContentTypesMap.update(rfc5035.cmsContentTypesMapUpdate)
+        rfc5652.cmsAttributesMap.update(rfc5035.ESSAttributeMap)
+        asn1Object, rest = der_decode(substrate,
+            asn1Spec=self.asn1Spec, decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys()
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+
+        sd = asn1Object['content']
+        assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3')
+        assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys()
+        assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt
+
+        for sa in sd['signerInfos'][0]['signedAttrs']:
+            assert sa['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if sa['attrType'] == rfc5035.id_aa_msgSigDigest:
+                sa['attrValues'][0].prettyPrint()[:10] == '0x167378'
+
+        # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot
+        # automatically decode it 
+        receipt, rest = der_decode(sd['encapContentInfo']['eContent'],
+            asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']])
+        assert receipt['version'] == rfc5035.ESSVersion().subtype(value='v1')
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc5083.py b/tests/test_rfc5083.py
index 08eabfb..5e3b47f 100644..100755
--- a/tests/test_rfc5083.py
+++ b/tests/test_rfc5083.py
@@ -2,7 +2,7 @@
 # This file is part of pyasn1-modules software.
 #
 # Created by Russ Housley
-# Copyright (c) 2018, Vigil Security, LLC
+# Copyright (c) 2018, 2019  Vigil Security, LLC
 # License: http://snmplabs.com/pyasn1/license.html
 #
 
@@ -12,7 +12,9 @@ from pyasn1.codec.der import decoder as der_decoder
 from pyasn1.codec.der import encoder as der_encoder
 
 from pyasn1_modules import pem
+from pyasn1_modules import rfc5652
 from pyasn1_modules import rfc5083
+from pyasn1_modules import rfc5035
 
 try:
     import unittest2 as unittest
@@ -47,6 +49,50 @@ ur76ztut3sr4iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RM
         assert der_encoder.encode(asn1Object) == substrate
 
 
+class AuthEnvelopedDataOpenTypesTestCase(unittest.TestCase):
+    pem_text = """\
+MIICvQYLKoZIhvcNAQkQARegggKsMIICqAIBADGCAiekggIjBgsqhkiG9w0BCRAN
+ATCCAhICAQAEE3B0Zi1rbWM6MTM2MTQxMjIxMTIwDQYLKoZIhvcNAQkQAzAwCwYJ
+YIZIAWUDBAEtMIIBsDCCAawCAQKAFJ7rZ8m5WnTUTS8WOWaA6AG1y6ScMA0GCSqG
+SIb3DQEBAQUABIIBgHfnHNqDbyyql2NqX6UQggelWMTjwzJJ1L2erbsj1bIAGmpI
+sUijw+fX8VOS7v1C9ui2Md9NFgCfkmKLo8T/jELqrk7MpMu09G5zDgeXzJfQDFc1
+15wbrWAUU3XP7XIb6TNOc3xtq4UxA5V6jNUK2XyWKpjzOtM7gm0VWIJGVVlYu+u3
+2LQcCjRFb87kvOY/WEnjxQpCW8g+4V747Ud97dYpMub7TLJiRNZkdHnq8xEGKlXj
+VHSgc10lhphe1kFGeCpfJEsqjtN7YsVzf65ri9Z+3FJ1IO4cnMDbzGhyRXkS7a0k
+58/miJbSj88PvzKNSURwpu4YHMQQX/mjT2ey1SY4ihPMuxxgTdCa04L0UxaRr7xA
+ucz3n2UWShelm3IIjnWRlYdXypnXvKvwCLoeh5mJwUl1JNFPCQkQ487cKRyobUyN
+gXQKT4ZDHCgXciwsX5nTsom87Ixp5vqSDJ+DhXA0r/Caiu1vnY5X9GLHSkqgXkgq
+gUuu0LfcsQERD8psfQQogbiuZDqJmYt1Iau/pkuGfmeeqeiM3aeQ4NZf9AFZUVWB
+GArPNHrvVDA3BgkqhkiG9w0BBwEwGwYJYIZIAWUDBAEuMA4EDMr+ur76ztut3sr4
+iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RMojEwLwYLKoZIhvcNAQkQAgQx
+IDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZIhvcNAQcB
+"""
+
+    def setUp(self):
+        self.asn1Spec = rfc5652.ContentInfo()
+
+    def testDerCodec(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+        rfc5652.cmsAttributesMap.update(rfc5035.ESSAttributeMap)
+        rfc5652.cmsContentTypesMap.update(rfc5083.cmsContentTypesMapUpdate)
+        asn1Object, rest = der_decoder.decode(substrate,
+                                              asn1Spec=self.asn1Spec,
+                                              decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encoder.encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap
+        assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData
+        authenv = asn1Object['content']
+        assert authenv['version'] == rfc5652.CMSVersion().subtype(value='v0')
+
+        for attr in authenv['unauthAttrs']:
+            assert attr['attrType'] in rfc5652.cmsAttributesMap
+            if attr['attrType'] == rfc5035.id_aa_contentHint:
+                assert 'Watson' in attr['attrValues'][0]['contentDescription']
+
+
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
 if __name__ == '__main__':
diff --git a/tests/test_rfc5940.py b/tests/test_rfc5940.py
index f95be05..9feeedf 100644
--- a/tests/test_rfc5940.py
+++ b/tests/test_rfc5940.py
@@ -80,17 +80,51 @@ ttTMEpl2prH8bbwo1g==
         assert der_encode(asn1Object) == substrate
 
         assert asn1Object['contentType'] == rfc5652.id_signedData
-        inner, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData())
-        assert inner.prettyPrint()
+        sd, rest = der_decode(asn1Object['content'],
+                              asn1Spec=rfc5652.SignedData())
+        assert sd.prettyPrint()
 
-        assert inner['encapContentInfo']['eContentType'] == rfc5652.id_data
-        assert inner['encapContentInfo']['eContent']
-        assert inner['crls'][0]['crl']['tbsCertList']['version'] == rfc5280.Version(value='v2')
-        assert inner['crls'][1]['other']['otherRevInfoFormat'] == rfc5940.id_ri_ocsp_response
+        assert sd['encapContentInfo']['eContentType'] == rfc5652.id_data
+        assert sd['encapContentInfo']['eContent']
+        v2 = rfc5280.Version(value='v2')
+        assert sd['crls'][0]['crl']['tbsCertList']['version'] == v2
+        ocspr_oid = rfc5940.id_ri_ocsp_response
+        assert sd['crls'][1]['other']['otherRevInfoFormat'] == ocspr_oid
 
-        ocspr, rest = der_decode(inner['crls'][1]['other']['otherRevInfo'], asn1Spec=rfc5940.OCSPResponse())
+        ocspr, rest = der_decode(sd['crls'][1]['other']['otherRevInfo'],
+                                 asn1Spec=rfc5940.OCSPResponse())
         assert ocspr.prettyPrint()
-        assert ocspr['responseStatus'] == rfc2560.OCSPResponseStatus(value='successful')
+        success = rfc2560.OCSPResponseStatus(value='successful')
+        assert ocspr['responseStatus'] == success
+
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+
+        rfc5652.otherRevInfoFormatMap.update(rfc5940.otherRevInfoFormatMapUpdate)
+        asn1Object, rest = der_decode(substrate,
+                                      asn1Spec=self.asn1Spec,
+                                      decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+        sd_eci = asn1Object['content']['encapContentInfo']
+        assert sd_eci['eContentType'] == rfc5652.id_data
+        assert sd_eci['eContent'].hasValue()
+
+        for ri in asn1Object['content']['crls']:
+            if ri.getName() == 'crl':
+                v2 = rfc5280.Version(value='v2')
+                assert ri['crl']['tbsCertList']['version'] == v2
+            if ri.getName() == 'other':
+                ori = ri['other']
+                ocspr_oid = rfc5940.id_ri_ocsp_response
+                assert ori['otherRevInfoFormat'] == ocspr_oid
+                ocspr_status = ori['otherRevInfo']['responseStatus']
+                success = rfc2560.OCSPResponseStatus(value='successful')
+                assert ocspr_status == success
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc5958.py b/tests/test_rfc5958.py
index 1abc40e..88fb4f1 100644
--- a/tests/test_rfc5958.py
+++ b/tests/test_rfc5958.py
@@ -11,7 +11,10 @@ import sys
 from pyasn1.codec.der import decoder as der_decoder
 from pyasn1.codec.der import encoder as der_encoder
 
+from pyasn1.type import univ
+
 from pyasn1_modules import pem
+from pyasn1_modules import rfc5652
 from pyasn1_modules import rfc5958
 from pyasn1_modules import rfc8410
 
@@ -44,6 +47,33 @@ Z9w7lshQhqowtrbLDFw4rXAxZuE=
         assert der_encoder.encode(asn1Object) == substrate
 
 
+class PrivateKeyOpenTypesTestCase(unittest.TestCase):
+    asymmetric_key_pkg_pem_text = """\
+MIGEBgpghkgBZQIBAk4FoHYwdDByAgEBMAUGAytlcAQiBCDU7nLb+RNYStW22PH3
+afitOv58KMvx1Pvgl6iPRHVYQqAfMB0GCiqGSIb3DQEJCRQxDwwNQ3VyZGxlIENo
+YWlyc4EhABm/RAlphM3+hUG6wWfcO5bIUIaqMLa2ywxcOK1wMWbh
+"""
+
+    def setUp(self):
+        self.asn1Spec = rfc5652.ContentInfo()
+
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.asymmetric_key_pkg_pem_text)
+        rfc5652.cmsContentTypesMap.update(rfc5958.cmsContentTypesMapUpdate)
+        asn1Object, rest = der_decoder.decode(substrate,
+                                              asn1Spec=self.asn1Spec,
+                                              decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encoder.encode(asn1Object) == substrate
+
+        assert rfc5958.id_ct_KP_aKeyPackage in rfc5652.cmsContentTypesMap.keys()
+        oneKey = asn1Object['content'][0]
+        assert oneKey['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519
+        pkcs_9_at_friendlyName = univ.ObjectIdentifier('1.2.840.113549.1.9.9.20')
+        assert oneKey['attributes'][0]['type'] == pkcs_9_at_friendlyName
+
+
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
 if __name__ == '__main__':
diff --git a/tests/test_rfc6019.py b/tests/test_rfc6019.py
index 664da0e..f66c12c 100644
--- a/tests/test_rfc6019.py
+++ b/tests/test_rfc6019.py
@@ -37,9 +37,24 @@ class BinarySigningTimeTestCase(unittest.TestCase):
         assert der_encode(asn1Object) == substrate
 
         assert asn1Object['attrType'] == rfc6019.id_aa_binarySigningTime
-        bintime, rest = der_decode(asn1Object['attrValues'][0], asn1Spec=rfc6019.BinaryTime())
+        bintime, rest = der_decode(asn1Object['attrValues'][0],
+                                   asn1Spec=rfc6019.BinaryTime())
         assert bintime == 0x5cbf8654
 
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.pem_text)
+        
+        rfc5652.cmsAttributesMap.update(rfc6019.cmsAttributesMapUpdate)
+        asn1Object, rest = der_decode(substrate,
+                                      asn1Spec=self.asn1Spec,
+                                      decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['attrType'] in rfc5652.cmsAttributesMap.keys()
+        assert asn1Object['attrValues'][0] == 0x5cbf8654
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc7191.py b/tests/test_rfc7191.py
index 664ead7..36103bb 100755
--- a/tests/test_rfc7191.py
+++ b/tests/test_rfc7191.py
@@ -11,6 +11,8 @@ import sys
 from pyasn1.codec.der.decoder import decode as der_decode
 from pyasn1.codec.der.encoder import encode as der_encode
 
+from pyasn1.type import univ
+
 from pyasn1_modules import pem
 from pyasn1_modules import rfc5652
 from pyasn1_modules import rfc7191
@@ -80,6 +82,30 @@ goRV+bq4fdgOOj25JFqa80xnXGtQqjm/7NSII5SbdJk+DT7KCkSbkElkbgQ=
                 assert not rest
                 assert sav.prettyPrint()
                 assert der_encode(sav) == sav0
+ 
+                package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0="
+                package_id = pem.readBase64fromText(package_id_pem_text)
+                assert sav['pkgID'] == package_id
+
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.message1_pem_text)
+        rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate)
+        asn1Object, rest = der_decode (substrate,
+                                       asn1Spec=self.asn1Spec,
+                                       decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+        v3 = rfc5652.CMSVersion().subtype(value='v3')
+        assert asn1Object['content']['version'] == v3
+
+        for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']:
+            if sa['attrType'] == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq:
+                package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0="
+                package_id = pem.readBase64fromText(package_id_pem_text)
+                assert sa['attrValues'][0]['pkgID'] == package_id
 
 
 class ReceiptTestCase(unittest.TestCase):
@@ -137,6 +163,38 @@ bUcOYuCdivgxVuhlAgIxAPR9JavxziwCbVyBUWOAiKKYfglTgG3AwNmrKDj0NtXUQ9qDmGAc
         package_id = pem.readBase64fromText(package_id_pem_text)
         assert receipt['receiptOf']['pkgID'] == package_id
 
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.message2_pem_text)
+        rfc5652.cmsContentTypesMap.update(rfc7191.cmsContentTypesMapUpdate)
+        rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate)
+        asn1Object, rest = der_decode (substrate,
+                                       asn1Spec=self.asn1Spec,
+                                       decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+        v3 = rfc5652.CMSVersion().subtype(value='v3')
+        assert asn1Object['content']['version'] == v3
+
+        for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']:
+            assert sa['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if sa['attrType'] == rfc5652.id_messageDigest:
+                assert '0x412598a6ae2' in sa['attrValues'][0].prettyPrint()
+
+        ct_oid = asn1Object['content']['encapContentInfo']['eContentType']
+        assert ct_oid in rfc5652.cmsContentTypesMap
+        assert ct_oid == rfc7191.id_ct_KP_keyPackageReceipt
+
+        # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot
+        # automatically decode it
+        sd_eci = asn1Object['content']['encapContentInfo']
+        receipt, rest = der_decode(sd_eci['eContent'],
+            asn1Spec=rfc5652.cmsContentTypesMap[sd_eci['eContentType']])
+        package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0="
+        package_id = pem.readBase64fromText(package_id_pem_text)
+        assert receipt['receiptOf']['pkgID'] == package_id
 
 class ErrorTestCase(unittest.TestCase):
     message3_pem_text = """\
@@ -194,6 +252,40 @@ iNF8uKtW/lk0AjA7z2q40N0lamXkSU7ECasiWOYV1X4cWGiQwMZDKknBPDqXqB6Es6p4J+qe
         assert kpe['errorOf']['pkgID'] == package_id
         assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10)
 
+    def testOpenTypes(self):
+        substrate = pem.readBase64fromText(self.message3_pem_text)
+        rfc5652.cmsContentTypesMap.update(rfc7191.cmsContentTypesMapUpdate)
+        rfc5652.cmsAttributesMap.update(rfc7191.cmsAttributesMapUpdate)
+        asn1Object, rest = der_decode (substrate,
+                                       asn1Spec=self.asn1Spec,
+                                       decodeOpenTypes=True)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        assert asn1Object['contentType'] == rfc5652.id_signedData
+        v3 = rfc5652.CMSVersion().subtype(value='v3')
+        assert asn1Object['content']['version'] == v3
+
+        for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']:
+            assert sa['attrType'] in rfc5652.cmsAttributesMap.keys()
+            if sa['attrType'] == rfc5652.id_messageDigest:
+                assert '0xa05c54d4737' in sa['attrValues'][0].prettyPrint()
+
+        ct_oid = asn1Object['content']['encapContentInfo']['eContentType']
+        assert ct_oid in rfc5652.cmsContentTypesMap.keys()
+        assert ct_oid == rfc7191.id_ct_KP_keyPackageError
+
+        # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot
+        # automatically decode it
+        sd_eci = asn1Object['content']['encapContentInfo']
+        kpe, rest = der_decode(sd_eci['eContent'],
+            asn1Spec=rfc5652.cmsContentTypesMap[sd_eci['eContentType']])
+        package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0="
+        package_id = pem.readBase64fromText(package_id_pem_text)
+        assert kpe['errorOf']['pkgID'] == package_id
+        assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10)
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
diff --git a/tests/test_rfc8226.py b/tests/test_rfc8226.py
index a7dc036..19e7fc7 100644..100755
--- a/tests/test_rfc8226.py
+++ b/tests/test_rfc8226.py
@@ -12,6 +12,7 @@ from pyasn1.codec.der import decoder as der_decoder
 from pyasn1.codec.der import encoder as der_encoder
 
 from pyasn1_modules import pem
+from pyasn1_modules import rfc5280
 from pyasn1_modules import rfc8226
 
 try:
@@ -48,6 +49,43 @@ class TNAuthorizationListTestCase(unittest.TestCase):
         assert der_encoder.encode(asn1Object) == substrate
 
 
+class CertificateOpenTypesTestCase(unittest.TestCase):
+    cert_pem_text = """\
+MIICkTCCAhegAwIBAgIJAKWzVCgbsG4+MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT
+AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n
+dXMgQ0EwHhcNMTkwNzE4MTUwNzQ5WhcNMjAwNzE3MTUwNzQ5WjBxMQswCQYDVQQG
+EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xKDAmBgNVBAoTH0Zh
+a2UgVGVsZXBob25lIFNlcnZpY2UgUHJvdmlkZXIxGTAXBgNVBAMTEGZha2UuZXhh
+bXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARLyLhnsvrS9WBY29tmN2LI
+CF/wuX4ohhUy3sxO0ynCplHHojpDg+tghGzusf0aLtMDu1II915O8YK5XVL+KZJD
+C82jybxWIKjjzX2qc5/O06joUttdEDzkTaD0kgbcXl6jgawwgakwCwYDVR0PBAQD
+AgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0
+cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFHOI3GpDt9dWsTAZxhcj
+96uyL2aIMB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMBYGCCsGAQUF
+BwEaBAowCKAGFgRmYWtlMAoGCCqGSM49BAMDA2gAMGUCMQCy+qFhT7X1i18jcyIa
+Jkgz/tumrPsaBA2RihkooTEr4GbqC650Z4Cwt7+x2xZq37sCMFSM6fRueLyV5StG
+yEFWA6G95b/HbtPMTjLpPKtrOjhofc4LyVCDYhFhKzpvHh1qeA==
+"""
+
+    def setUp(self):
+        self.asn1Spec = rfc5280.Certificate()
+
+    def testDerCodec(self):
+        substrate = pem.readBase64fromText(self.cert_pem_text)
+        asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encoder.encode(asn1Object) == substrate
+
+        for extn in asn1Object['tbsCertificate']['extensions']:
+            if extn['extnID'] in rfc5280.certificateExtensionsMap.keys():
+                extnValue, rest = der_decoder.decode(extn['extnValue'],
+                    asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']])
+                assert der_encoder.encode(extnValue) == extn['extnValue']
+
+                if extn['extnID'] == rfc8226.id_pe_TNAuthList:
+                    assert extnValue[0]['spc'] == 'fake'
+
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
 
 if __name__ == '__main__':
diff --git a/tests/test_rfc8520.py b/tests/test_rfc8520.py
index fe1e2cf..2a58ba9 100644
--- a/tests/test_rfc8520.py
+++ b/tests/test_rfc8520.py
@@ -82,6 +82,20 @@ izaUuU1EEwgOMELjeFL62Ssvq8X+x6hZFCLygI7GNeitlblNhCXhFFurqMs=
 
                 assert mudurl[-5:] == ".json"
 
+    def testExtensionsMap(self):
+        substrate = pem.readBase64fromText(self.mud_cert_pem_text)
+        rfc5280.certificateExtensionsMap.update(rfc8520.certificateExtensionsMapUpdate)
+        asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec)
+        assert not rest
+        assert asn1Object.prettyPrint()
+        assert der_encode(asn1Object) == substrate
+
+        for extn in asn1Object['tbsCertificate']['extensions']:
+            if extn['extnID'] in rfc5280.certificateExtensionsMap.keys():
+                extnValue, rest = der_decode(extn['extnValue'],
+                    asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']])
+                assert der_encode(extnValue) == extn['extnValue']
+
 
 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
author	Russ Housley <housley@vigilsec.com>	2019-07-20 06:58:55 -0400
committer	Ilya Etingof <etingof@gmail.com>	2019-07-20 12:58:55 +0200
commit	23608be1bc0ce8a4ac5fbaba92af905c88ea4ab6 (patch)
tree	67be142d26a66e2a874502f60c3e97d0059bd769 /tests
parent	06f5be85d5229cffeb24f9ae622df665d7ae506b (diff)
download	pyasn1-modules-23608be1bc0ce8a4ac5fbaba92af905c88ea4ab6.tar.gz