1# 2# This file is part of pyasn1-modules software. 3# 4# Copyright (c) 2019, Vigil Security, LLC 5# License: http://snmplabs.com/pyasn1/license.html 6# 7import sys 8 9from pyasn1.codec.der import decoder as der_decoder 10from pyasn1.codec.der import encoder as der_encoder 11 12from pyasn1_modules import pem 13from pyasn1_modules import rfc5280 14from pyasn1_modules import rfc3779 15 16try: 17 import unittest2 as unittest 18except ImportError: 19 import unittest 20 21 22class CertificateExtnTestCase(unittest.TestCase): 23 pem_text = """\ 24MIIECjCCAvKgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAxMLcmlw 25ZS1uY2MtdGEwIBcNMTcxMTI4MTQzOTU1WhgPMjExNzExMjgxNDM5NTVaMBYxFDAS 26BgNVBAMTC3JpcGUtbmNjLXRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC 27AQEA0URYSGqUz2myBsOzeW1jQ6NsxNvlLMyhWknvnl8NiBCs/T/S2XuNKQNZ+wBZ 28xIgPPV2pFBFeQAvoH/WK83HwA26V2siwm/MY2nKZ+Olw+wlpzlZ1p3Ipj2eNcKrm 29it8BwBC8xImzuCGaV0jkRB0GZ0hoH6Ml03umLprRsn6v0xOP0+l6Qc1ZHMFVFb38 305IQ7FQQTcVIxrdeMsoyJq9eMkE6DoclHhF/NlSllXubASQ9KUWqJ0+Ot3QCXr4LX 31ECMfkpkVR2TZT+v5v658bHVs6ZxRD1b6Uk1uQKAyHUbn/tXvP8lrjAibGzVsXDT2 32L0x4Edx+QdixPgOji3gBMyL2VwIDAQABo4IBXjCCAVowHQYDVR0OBBYEFOhVKx/W 330aT35ATG2OVoDR68Fj/DMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG 34MIGxBggrBgEFBQcBCwSBpDCBoTA8BggrBgEFBQcwCoYwcnN5bmM6Ly9ycGtpLnJp 35cGUubmV0L3JlcG9zaXRvcnkvcmlwZS1uY2MtdGEubWZ0MDIGCCsGAQUFBzANhiZo 36dHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcw 37BYYhcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMBgGA1UdIAEB/wQO 38MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMAkEAgABMAMDAQAwCQQC 39AAIwAwMBADAhBggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAQACBQD/////MA0GCSqG 40SIb3DQEBCwUAA4IBAQAVgJjrZ3wFppC8Yk8D2xgzwSeWVT2vtYq96CQQsjaKb8nb 41eVz3DwcS3a7RIsevrNVGo43k3AGymg1ki+AWJjvHvJ+tSzCbn5+X6Z7AfYTf2g37 42xINVDHru0PTQUargSMBAz/MBNpFG8KThtT7WbJrK4+f/lvx0m8QOlYm2a17iXS3A 43GQJ6RHcq9ADscqGdumxmMMDjwED26bGaYdmru1hNIpwF//jVM/eRjBFoPHKFlx0k 44Ld/yoCQNmx1kW+xANx4uyWxi/DYgSV7Oynq+C60OucW+d8tIhkblh8+YfrmukJds 45V+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi 46""" 47 48 def setUp(self): 49 self.asn1Spec = rfc5280.Certificate() 50 51 def testDerCodec(self): 52 53 substrate = pem.readBase64fromText(self.pem_text) 54 55 asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) 56 57 assert not rest 58 assert asn1Object.prettyPrint() 59 assert der_encoder.encode(asn1Object) == substrate 60 61 extn_list = [ ] 62 for extn in asn1Object['tbsCertificate']['extensions']: 63 extn_list.append(extn['extnID']) 64 65 if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks: 66 s = extn['extnValue'] 67 addr_blocks, rest = der_decoder.decode(s, rfc3779.IPAddrBlocks()) 68 assert not rest 69 assert addr_blocks.prettyPrint() 70 assert der_encoder.encode(addr_blocks) == s 71 72 if extn['extnID'] == rfc3779.id_pe_autonomousSysIds: 73 s = extn['extnValue'] 74 as_ids, rest = der_decoder.decode(s, rfc3779.ASIdentifiers()) 75 assert not rest 76 assert as_ids.prettyPrint() 77 assert der_encoder.encode(as_ids) == s 78 79 assert rfc3779.id_pe_ipAddrBlocks in extn_list 80 assert rfc3779.id_pe_autonomousSysIds in extn_list 81 82 83 def testExtensionsMap(self): 84 substrate = pem.readBase64fromText(self.pem_text) 85 asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) 86 assert not rest 87 assert asn1Object.prettyPrint() 88 assert der_encoder.encode(asn1Object) == substrate 89 90 for extn in asn1Object['tbsCertificate']['extensions']: 91 if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks or \ 92 extn['extnID'] == rfc3779.id_pe_autonomousSysIds: 93 94 extnValue, rest = der_decoder.decode(extn['extnValue'], 95 asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) 96 assert der_encoder.encode(extnValue) == extn['extnValue'] 97 98 99suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) 100 101if __name__ == '__main__': 102 import sys 103 104 result = unittest.TextTestRunner(verbosity=2).run(suite) 105 sys.exit(not result.wasSuccessful()) 106