• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#
2# This file is part of pyasn1-modules software.
3#
4# Created by Russ Housley
5# Copyright (c) 2019, Vigil Security, LLC
6# License: http://snmplabs.com/pyasn1/license.html
7#
8
9import sys
10
11from pyasn1.type import univ
12
13from pyasn1.codec.der.decoder import decode as der_decode
14from pyasn1.codec.der.encoder import encode as der_encode
15
16from pyasn1_modules import pem
17from pyasn1_modules import rfc5652
18from pyasn1_modules import rfc7508
19
20try:
21    import unittest2 as unittest
22except ImportError:
23    import unittest
24
25
26class SignedMessageTestCase(unittest.TestCase):
27    signed_message_pem_text = """\
28MIIE/AYJKoZIhvcNAQcCoIIE7TCCBOkCAQExDTALBglghkgBZQMEAgIwUQYJKoZI
29hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv
30bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA
31pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB
32MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx
33NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW
34QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF
35QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI
36zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b
37z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w
38to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E
39NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1
40cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW
41gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL
423kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae
43rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggIA
44MIIB/AIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH
45SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME
46AgKgggElMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X
47DTE5MDUyOTE4MjMxOVowKAYJKoZIhvcNAQk0MRswGTALBglghkgBZQMEAgKhCgYI
48KoZIzj0EAwMwMQYLKoZIhvcNAQkQAjcxIjEgCgEBMBswGRoERnJvbQwRYWxpY2VA
49ZXhhbXBsZS5jb20wPwYJKoZIhvcNAQkEMTIEMLbkIqT9gmce1Peqxm1E9OiwuY1R
50WHHGVufwmjb6XKzj4goQ5tryN5uJN9NM+ZkmbDBNBgsqhkiG9w0BCRACATE+MDwE
51IMdPIQ9kJ1cI9Q6HkRCzbXWdD331uAUCL3MMFXP4KFOjgAEBMBUwE4ERYWxpY2VA
52ZXhhbXBsZS5jb20wCgYIKoZIzj0EAwMEZzBlAjEAuZ8SebvwMRvLPn9+s3VHFUNU
53bEtkkWCao1uNm5TOzphK0NbxzOsD854aC5ReKPSDAjAm1U0siLQw5p4qzGwyxDw9
545AI5J8Mvy+icNubmfsd4ofvxdaECdhr4rvsSMwbOsFk=
55"""
56
57    def setUp(self):
58        self.asn1Spec = rfc5652.ContentInfo()
59
60    def testDerCodec(self):
61        substrate = pem.readBase64fromText(self.signed_message_pem_text)
62        asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec)
63        assert not rest
64        assert asn1Object.prettyPrint()
65        assert der_encode(asn1Object) == substrate
66
67        secure_header_field_attr_found = False
68        assert asn1Object['contentType'] == rfc5652.id_signedData
69        sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData())
70        for sa in sd['signerInfos'][0]['signedAttrs']:
71            sat = sa['attrType']
72            sav0 = sa['attrValues'][0]
73
74            if sat == rfc7508.id_aa_secureHeaderFieldsIdentifier:
75                assert sat in rfc5652.cmsAttributesMap.keys()
76                sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat])
77                assert not rest
78                assert sav.prettyPrint()
79                assert der_encode(sav) == sav0
80
81                from_field = rfc7508.HeaderFieldName('From')
82                alice_email = rfc7508.HeaderFieldValue('alice@example.com')
83                for shf in sav['secHeaderFields']:
84                    if shf['field-Name'] == from_field:
85                        assert shf['field-Value'] == alice_email
86                        secure_header_field_attr_found = True
87
88        assert secure_header_field_attr_found
89
90    def testOpenTypes(self):
91        substrate = pem.readBase64fromText(self.signed_message_pem_text)
92        asn1Object, rest = der_decode(substrate,
93            asn1Spec=self.asn1Spec, decodeOpenTypes=True)
94        assert not rest
95        assert asn1Object.prettyPrint()
96        assert der_encode(asn1Object) == substrate
97
98        assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys()
99        assert asn1Object['contentType'] == rfc5652.id_signedData
100
101        sd = asn1Object['content']
102        assert sd['version'] == rfc5652.CMSVersion().subtype(value='v1')
103
104        ect = sd['encapContentInfo']['eContentType']
105        assert ect in rfc5652.cmsContentTypesMap.keys()
106        assert ect == rfc5652.id_data
107
108        for sa in sd['signerInfos'][0]['signedAttrs']:
109            if sa['attrType'] == rfc7508.id_aa_secureHeaderFieldsIdentifier:
110                assert sa['attrType'] in rfc5652.cmsAttributesMap.keys()
111
112                secure_header_field_attr_found = False
113                for sa in sd['signerInfos'][0]['signedAttrs']:
114                    if sa['attrType'] == rfc7508.id_aa_secureHeaderFieldsIdentifier:
115                        assert sa['attrType'] in rfc5652.cmsAttributesMap.keys()
116                        from_field = rfc7508.HeaderFieldName('From')
117                        alice_email = rfc7508.HeaderFieldValue('alice@example.com')
118                        for shf in sa['attrValues'][0]['secHeaderFields']:
119                            if shf['field-Name'] == from_field:
120                                assert shf['field-Value'] == alice_email
121                                secure_header_field_attr_found = True
122
123                assert secure_header_field_attr_found
124
125
126suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
127
128if __name__ == '__main__':
129    import sys
130
131    result = unittest.TextTestRunner(verbosity=2).run(suite)
132    sys.exit(not result.wasSuccessful())
133