1#
2# This file is part of pyasn1-modules software.
3#
4# Created by Russ Housley
5# Copyright (c) 2019, Vigil Security, LLC
6# License: http://snmplabs.com/pyasn1/license.html
7#
8
9import sys
10
11from pyasn1.codec.der.decoder import decode as der_decode
12from pyasn1.codec.der.encoder import encode as der_encode
13
14from pyasn1.compat.octets import str2octs
15
16from pyasn1_modules import pem
17from pyasn1_modules import rfc5652
18from pyasn1_modules import rfc6032
19from pyasn1_modules import rfc3565
20
21try:
22    import unittest2 as unittest
23except ImportError:
24    import unittest
25
26
27class EncryptedKeyPkgTestCase(unittest.TestCase):
28    encrypted_key_pkg_pem_text = """\
29MIIBBwYKYIZIAWUCAQJOAqCB+DCB9QIBAjCBzgYKYIZIAWUCAQJOAjAdBglghkgB
30ZQMEASoEEN6HFteHMZ3DyeO35xIwWQOAgaCKTs0D0HguNzMhsLgiwG/Kw8OwX+GF
319/cZ1YVNesUTW/VsbXJcbTmFmWyfqZsM4DLBegIbrUEHQZnQRq6/NO4ricQdHApD
32B/ip6RRqeN1yxMJLv1YN0zUOOIDBS2iMEjTLXZLWw3w22GN2JK7G+Lr4OH1NhMgU
33ILJyh/RePmPseMwxvcJs7liEfkiSNMtDfEcpjtzA9bDe95GjhQRsiSByoR8wHQYJ
34YIZIAWUCAQVCMRAEDnB0Zi1rZGMtODEyMzc0
35"""
36
37    def setUp(self):
38        self.asn1Spec = rfc5652.ContentInfo()
39
40    def testDerCodec(self):
41        substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text)
42        asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec)
43        assert not rest
44        assert asn1Object.prettyPrint()
45        assert der_encode(asn1Object) == substrate
46        assert asn1Object['contentType'] == rfc6032.id_ct_KP_encryptedKeyPkg
47
48        content, rest = der_decode(asn1Object['content'], rfc6032.EncryptedKeyPackage())
49        assert not rest
50        assert content.prettyPrint()
51        assert der_encode(content) == asn1Object['content']
52        assert content.getName() == 'encrypted'
53        eci = content['encrypted']['encryptedContentInfo']
54        assert eci['contentType'] == rfc6032.id_ct_KP_encryptedKeyPkg
55        attrType = content['encrypted']['unprotectedAttrs'][0]['attrType']
56        assert attrType == rfc6032.id_aa_KP_contentDecryptKeyID
57
58        attrVal0 = content['encrypted']['unprotectedAttrs'][0]['attrValues'][0]
59        keyid, rest = der_decode(attrVal0, rfc6032.ContentDecryptKeyID())
60        assert not rest
61        assert keyid.prettyPrint()
62        assert der_encode(keyid) == attrVal0
63        assert keyid == b'ptf-kdc-812374'
64
65    def testOpenTypes(self):
66        substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text)
67        asn1Object, rest = der_decode(substrate,
68                                      asn1Spec=self.asn1Spec,
69                                      decodeOpenTypes=True)
70        assert not rest
71        assert asn1Object.prettyPrint()
72        assert der_encode(asn1Object) == substrate
73
74        assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap
75        eci = asn1Object['content']['encrypted']['encryptedContentInfo']
76        assert eci['contentType'] in rfc5652.cmsContentTypesMap
77
78        for attr in asn1Object['content']['encrypted']['unprotectedAttrs']:
79            assert attr['attrType'] in rfc5652.cmsAttributesMap.keys()
80            assert attr['attrValues'][0].prettyPrint()[:2] != '0x'
81            if attr['attrType'] == rfc6032.id_aa_KP_contentDecryptKeyID:
82                assert attr['attrValues'][0] == str2octs('ptf-kdc-812374')
83
84
85suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
86
87if __name__ == '__main__':
88    unittest.TextTestRunner(verbosity=2).run(suite)
89