| # |
| # This file is part of pyasn1-modules software. |
| # |
| # Created by Russ Housley |
| # Copyright (c) 2019, Vigil Security, LLC |
| # License: http://snmplabs.com/pyasn1/license.html |
| # |
| |
| import sys |
| import unittest |
| |
| from pyasn1.codec.der.decoder import decode as der_decoder |
| from pyasn1.codec.der.encoder import encode as der_encoder |
| |
| from pyasn1.type import univ |
| |
| from pyasn1_modules import pem |
| from pyasn1_modules import rfc5083 |
| from pyasn1_modules import rfc5652 |
| from pyasn1_modules import rfc8696 |
| |
| |
| class KeyTransPSKTestCase(unittest.TestCase): |
| key_trans_psk_pem_text = """\ |
| MIICigYLKoZIhvcNAQkQARegggJ5MIICdQIBADGCAiekggIjBgsqhkiG9w0BCRANATCCAhIC |
| AQAEE3B0Zi1rbWM6MTM2MTQxMjIxMTIwDQYLKoZIhvcNAQkQAx0wCwYJYIZIAWUDBAEtMIIB |
| sDCCAawCAQKAFJ7rZ8m5WnTUTS8WOWaA6AG1y6ScMA0GCSqGSIb3DQEBAQUABIIBgKo/Hkhu |
| eoOdn1/cIEpt38NbEEdSC586IWcG+0l+ND9pcmQvvKvscpvFFVAjqLjvoXGatmSazr2Q4BVS |
| yWKm0JqlyVWEAhRsU7wNlD7zRAKI8+obWpU57gjEKs13D8gb1PI2YPZWajN1Ye+yHSF6h+fb |
| 7YtaQepxTGHYF0LgHaAC8cqtgwIRW8N4Gnvl0Uuz+YEZXUX0I8fvJG6MKCEFzwHvfrfPb3rW |
| B8k7BHfekRpY+793JNrjSP2lY+W0fhqBN8dALDKGqlbUCyojMQkQiD/iXSBRbZWiJ1CE92iT |
| x7Ji9irq8rhYDNoDP2vghJUaepoZgIJwPWqhoTH+KRPqHTjLnnbi/TGzEdeO5h0C9Gc0DVzs |
| 9OHvHknQ7mSxPT9xKMXGztVT+P3a9ct6TaMotpMqL9cuZxTYGpHMYNkLSUXFSadAGFrgP7QV |
| FGwC/Z/YomEzSLPgZi8HnVHsAGkJzXxmM/PJBu4dAXcKjEv/GgpmaS2B7gKHUpTyyAgdsBsy |
| 2AQo6glHJQ+mbNUlWV5Sppqq3ojvzxsPEIq+KRBgORsc31kH82tAZ+RTQjA3BgkqhkiG9w0B |
| BwEwGwYJYIZIAWUDBAEuMA4EDMr+ur76ztut3sr4iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE |
| 4BckY8RM |
| """ |
| |
| def setUp(self): |
| self.asn1Spec = rfc5652.ContentInfo() |
| |
| def testDerCodec(self): |
| substrate = pem.readBase64fromText(self.key_trans_psk_pem_text) |
| asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) |
| self.assertFalse(rest) |
| self.assertTrue(asn1Object.prettyPrint()) |
| self.assertEqual(substrate, der_encoder(asn1Object)) |
| |
| self.assertEqual( |
| rfc5083.id_ct_authEnvelopedData, asn1Object['contentType']) |
| |
| aed, rest = der_decoder( |
| asn1Object['content'], |
| asn1Spec=rfc5083.AuthEnvelopedData()) |
| |
| self.assertFalse(rest) |
| self.assertTrue(aed.prettyPrint()) |
| self.assertEqual(asn1Object['content'], der_encoder(aed)) |
| self.assertEqual(0, aed['version']) |
| |
| ri = aed['recipientInfos'][0] |
| self.assertEqual(rfc8696.id_ori_keyTransPSK, ri['ori']['oriType']) |
| |
| ktpsk, rest = der_decoder( |
| ri['ori']['oriValue'], |
| asn1Spec=rfc8696.KeyTransPSKRecipientInfo()) |
| |
| self.assertFalse(rest) |
| self.assertTrue(ktpsk.prettyPrint()) |
| self.assertEqual(ri['ori']['oriValue'], der_encoder(ktpsk)) |
| self.assertEqual(0, ktpsk['version']) |
| |
| ktri = ktpsk['ktris'][0] |
| self.assertEqual(2, ktri['version']) |
| |
| def testOtherRecipientInfoMap(self): |
| substrate = pem.readBase64fromText(self.key_trans_psk_pem_text) |
| asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) |
| self.assertFalse(rest) |
| self.assertTrue(asn1Object.prettyPrint()) |
| self.assertEqual(substrate, der_encoder(asn1Object)) |
| |
| self.assertEqual( |
| rfc5083.id_ct_authEnvelopedData, asn1Object['contentType']) |
| |
| aed, rest = der_decoder( |
| asn1Object['content'], |
| asn1Spec=rfc5083.AuthEnvelopedData()) |
| |
| self.assertFalse(rest) |
| self.assertTrue(aed.prettyPrint()) |
| self.assertEqual(asn1Object['content'], der_encoder(aed)) |
| self.assertEqual(0, aed['version']) |
| |
| ri = aed['recipientInfos'][0] |
| self.assertIn(ri['ori']['oriType'], rfc5652.otherRecipientInfoMap) |
| |
| ori, rest = der_decoder( |
| ri['ori']['oriValue'], |
| asn1Spec=rfc5652.otherRecipientInfoMap[ri['ori']['oriType']]) |
| |
| self.assertFalse(rest) |
| self.assertTrue(ori.prettyPrint()) |
| self.assertEqual(ri['ori']['oriValue'], der_encoder(ori)) |
| |
| class KeyAgreePSKTestCase(unittest.TestCase): |
| key_agree_psk_pem_text = """\ |
| MIIBRwYLKoZIhvcNAQkQARegggE2MIIBMgIBADGB5aSB4gYLKoZIhvcNAQkQDQIwgdICAQAE |
| FHB0Zi1rbWM6MjE2ODQwMTEwMTIxoFWhUzATBgYrgQQBCwEGCWCGSAFlAwQBLQM8AAQ5G0Em |
| Jk/2ks8sXY1kzbuG3Uu3ttWwQRXALFDJICjvYfr+yTpOQVkchm88FAh9MEkw4NKctokKNgps |
| MA0GCyqGSIb3DQEJEAMdMAsGCWCGSAFlAwQBLTBEMEKgFgQU6CGLmLi32Gtenr3IrrjE7NwF |
| xSkEKCKf4LReQAA+fYJE7Bt+f/ssjcoWw29XNyIlU6cSY6kr3giGamAtY/QwNwYJKoZIhvcN |
| AQcBMBsGCWCGSAFlAwQBLjAOBAzbrd7K+IjK/rq++s6ADfxtb4I+PtLSCdDG/88EDFUCYMQu |
| WylxlCbB/w== |
| """ |
| |
| def setUp(self): |
| self.asn1Spec = rfc5652.ContentInfo() |
| |
| def testDerCodec(self): |
| substrate = pem.readBase64fromText(self.key_agree_psk_pem_text) |
| asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) |
| self.assertFalse(rest) |
| self.assertTrue(asn1Object.prettyPrint()) |
| self.assertEqual(substrate, der_encoder(asn1Object)) |
| |
| self.assertEqual( |
| rfc5083.id_ct_authEnvelopedData, asn1Object['contentType']) |
| |
| aed, rest = der_decoder( |
| asn1Object['content'], |
| asn1Spec=rfc5083.AuthEnvelopedData()) |
| |
| self.assertFalse(rest) |
| self.assertTrue(aed.prettyPrint()) |
| self.assertEqual(asn1Object['content'], der_encoder(aed)) |
| self.assertEqual(0, aed['version']) |
| |
| ri = aed['recipientInfos'][0] |
| self.assertEqual(rfc8696.id_ori_keyAgreePSK, ri['ori']['oriType']) |
| |
| kapsk, rest = der_decoder( |
| ri['ori']['oriValue'], |
| asn1Spec=rfc8696.KeyAgreePSKRecipientInfo()) |
| |
| self.assertFalse(rest) |
| self.assertTrue(kapsk.prettyPrint()) |
| self.assertEqual(ri['ori']['oriValue'], der_encoder(kapsk)) |
| self.assertEqual(0, kapsk['version']) |
| |
| rek = kapsk['recipientEncryptedKeys'][0] |
| ski = rek['rid']['rKeyId']['subjectKeyIdentifier'] |
| expected_ski = univ.OctetString( |
| hexValue='e8218b98b8b7d86b5e9ebdc8aeb8c4ecdc05c529') |
| |
| self.assertEqual(expected_ski, ski) |
| |
| def testOtherRecipientInfoMap(self): |
| substrate = pem.readBase64fromText(self.key_agree_psk_pem_text) |
| asn1Object, rest = der_decoder(substrate, asn1Spec=self.asn1Spec) |
| self.assertFalse(rest) |
| self.assertTrue(asn1Object.prettyPrint()) |
| self.assertEqual(substrate, der_encoder(asn1Object)) |
| |
| self.assertEqual( |
| rfc5083.id_ct_authEnvelopedData, asn1Object['contentType']) |
| |
| aed, rest = der_decoder( |
| asn1Object['content'], |
| asn1Spec=rfc5083.AuthEnvelopedData()) |
| |
| self.assertFalse(rest) |
| self.assertTrue(aed.prettyPrint()) |
| self.assertEqual(asn1Object['content'], der_encoder(aed)) |
| self.assertEqual(0, aed['version']) |
| |
| ri = aed['recipientInfos'][0] |
| self.assertIn(ri['ori']['oriType'], rfc5652.otherRecipientInfoMap) |
| |
| ori, rest = der_decoder( |
| ri['ori']['oriValue'], |
| asn1Spec=rfc5652.otherRecipientInfoMap[ri['ori']['oriType']]) |
| |
| self.assertFalse(rest) |
| self.assertTrue(ori.prettyPrint()) |
| self.assertEqual(ri['ori']['oriValue'], der_encoder(ori)) |
| |
| |
| suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) |
| |
| if __name__ == '__main__': |
| unittest.TextTestRunner(verbosity=2).run(suite) |