1# 2# This file is part of pyasn1-modules software. 3# 4# Created by Russ Housley 5# Copyright (c) 2019, Vigil Security, LLC 6# License: http://snmplabs.com/pyasn1/license.html 7# 8 9import sys 10 11from pyasn1.codec.der.decoder import decode as der_decode 12from pyasn1.codec.der.encoder import encode as der_encode 13 14from pyasn1_modules import pem 15from pyasn1_modules import rfc5652 16from pyasn1_modules import rfc5035 17 18try: 19 import unittest2 as unittest 20except ImportError: 21 import unittest 22 23 24class SignedMessageTestCase(unittest.TestCase): 25 signed_message_pem_text = """\ 26MIIFzAYJKoZIhvcNAQcCoIIFvTCCBbkCAQExDTALBglghkgBZQMEAgIwUQYJKoZI 27hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv 28bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA 29pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB 30MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx 31NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW 32QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF 33QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI 34zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b 35z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w 36to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E 37NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 38cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW 39gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL 403kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae 41rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggLQ 42MIICzAIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH 43SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME 44AgKgggH1MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X 45DTE5MDUyOTE4MjMxOVowJQYLKoZIhvcNAQkQAgcxFgQUAbWZQYhLO5wtUgsOCGtT 464V3aNhUwLwYLKoZIhvcNAQkQAgQxIDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZI 47hvcNAQcBMDUGCyqGSIb3DQEJEAICMSYxJAIBAQYKKwYBBAGBrGABARMTQm9hZ3Vz 48IFByaXZhY3kgTWFyazA/BgkqhkiG9w0BCQQxMgQwtuQipP2CZx7U96rGbUT06LC5 49jVFYccZW5/CaNvpcrOPiChDm2vI3m4k300z5mSZsME0GCyqGSIb3DQEJEAIBMT4w 50PAQgx08hD2QnVwj1DoeRELNtdZ0PffW4BQIvcwwVc/goU6OAAQEwFTATgRFhbGlj 51ZUBleGFtcGxlLmNvbTCBmwYLKoZIhvcNAQkQAi8xgYswgYgwdjB0BCACcp04gyM2 52dTDg+0ydCwlucr6Mg8Wd3J3c9V+iLHsnZzBQMEOkQTA/MQswCQYDVQQGEwJVUzEL 53MAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENB 54AgkApbNUKBuwbjswDjAMBgorBgEEAYGsYAEBMAoGCCqGSM49BAMDBGcwZQIxAO3K 55D9YjFTKE3p383VVw/ol79WTVoMea4H1+7xn+3E1XO4oyb7qwQz0KmsGfdqWptgIw 56T9yMtRLN5ZDU14y+Phzq9NKpSw/x5KyXoUKjCMc3Ru6dIW+CgcRQees+dhnvuD5U 57""" 58 59 def setUp(self): 60 self.asn1Spec = rfc5652.ContentInfo() 61 62 def testDerCodec(self): 63 substrate = pem.readBase64fromText(self.signed_message_pem_text) 64 asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) 65 assert not rest 66 assert asn1Object.prettyPrint() 67 assert der_encode(asn1Object) == substrate 68 69 assert asn1Object['contentType'] == rfc5652.id_signedData 70 sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) 71 assert not rest 72 assert sd.prettyPrint() 73 assert der_encode(sd) == asn1Object['content'] 74 75 for sa in sd['signerInfos'][0]['signedAttrs']: 76 sat = sa['attrType'] 77 sav0 = sa['attrValues'][0] 78 79 if sat in rfc5652.cmsAttributesMap.keys(): 80 sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) 81 assert not rest 82 assert sav.prettyPrint() 83 assert der_encode(sav) == sav0 84 85 86class SignedReceiptTestCase(unittest.TestCase): 87 signed_receipt_pem_text = """\ 88MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyqGSIb3DQEJ 89EAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkRCzbXWdD331uAUCL3MM 90FXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzmo18WwkFrEYH3EMsvpXEIGqsFTFN 916NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZyb2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H 92/oSgggJ3MIICczCCAfqgAwIBAgIJAKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT 93AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0Ew 94HhcNMTkwNTI5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE 95CBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgNVBAMTA0Jv 96YjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKoZIzj0CAQYFK4EEACID 97YgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXtIFAuIJcZVlkLn/xbywkcMLHK/O+ 98w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM2aYpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsG 99A1UdDwQEAwIHgDBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUg 100dHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIa 101pTAfBgNVHSMEGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV 102boS6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBwsCMDfRweYz 1033Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6fj36zGCAYkwggGFAgEB 104MEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREwDwYD 105VQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsGCWCGSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMx 106DQYLKoZIhvcNAQkQAQEwHAYJKoZIhvcNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcN 107AQkEMSIEIGb9Hm2kCnM0CYNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIF 108MTIEMBZzeHVja7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK 109BggqhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbolropBdPJ6 110jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS7hYRi6U0JKZmWbbuS8 111vFIgX7eIkd8= 112""" 113 114 def setUp(self): 115 self.asn1Spec = rfc5652.ContentInfo() 116 117 def testDerCodec(self): 118 substrate = pem.readBase64fromText(self.signed_receipt_pem_text) 119 asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) 120 assert not rest 121 assert asn1Object.prettyPrint() 122 assert der_encode(asn1Object) == substrate 123 124 assert asn1Object['contentType'] == rfc5652.id_signedData 125 sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) 126 assert not rest 127 assert sd.prettyPrint() 128 assert der_encode(sd) == asn1Object['content'] 129 130 assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt 131 receipt, rest = der_decode(sd['encapContentInfo']['eContent'], 132 asn1Spec=rfc5035.Receipt()) 133 assert not rest 134 assert receipt.prettyPrint() 135 assert der_encode(receipt) == sd['encapContentInfo']['eContent'] 136 137 for sa in sd['signerInfos'][0]['signedAttrs']: 138 sat = sa['attrType'] 139 sav0 = sa['attrValues'][0] 140 141 if sat in rfc5652.cmsAttributesMap.keys(): 142 sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) 143 assert not rest 144 assert sav.prettyPrint() 145 assert der_encode(sav) == sav0 146 147 def testOpenTypes(self): 148 substrate = pem.readBase64fromText(self.signed_receipt_pem_text) 149 asn1Object, rest = der_decode(substrate, 150 asn1Spec=self.asn1Spec, decodeOpenTypes=True) 151 assert not rest 152 assert asn1Object.prettyPrint() 153 assert der_encode(asn1Object) == substrate 154 155 assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() 156 assert asn1Object['contentType'] == rfc5652.id_signedData 157 158 sd = asn1Object['content'] 159 assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3') 160 assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys() 161 assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt 162 163 for sa in sd['signerInfos'][0]['signedAttrs']: 164 assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() 165 if sa['attrType'] == rfc5035.id_aa_msgSigDigest: 166 sa['attrValues'][0].prettyPrint()[:10] == '0x167378' 167 168 # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot 169 # automatically decode it 170 receipt, rest = der_decode(sd['encapContentInfo']['eContent'], 171 asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']]) 172 assert receipt['version'] == 1 173 174 175suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) 176 177if __name__ == '__main__': 178 import sys 179 180 result = unittest.TextTestRunner(verbosity=2).run(suite) 181 sys.exit(not result.wasSuccessful()) 182