1#
2# This file is part of pyasn1-modules software.
3#
4# Created by Russ Housley
5# Copyright (c) 2019, Vigil Security, LLC
6# License: http://snmplabs.com/pyasn1/license.html
7#
8
9import sys
10
11from pyasn1.codec.der.decoder import decode as der_decode
12from pyasn1.codec.der.encoder import encode as der_encode
13
14from pyasn1_modules import pem
15from pyasn1_modules import rfc5280
16from pyasn1_modules import rfc5917
17
18try:
19    import unittest2 as unittest
20except ImportError:
21    import unittest
22
23
24class ClearanceSponsorTestCase(unittest.TestCase):
25    cert_pem_text = """\
26MIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZIzj0EAwMw
27ZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw
28DgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3BjYS5leGFt
29cGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGSMQswCQYD
30VQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoT
31B0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1lbnQxDTAL
32BgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5jb20wdjAQ
33BgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQgKpBispSx
34XxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQQXc3zxnk
35cl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m711OqFDNGR
36SWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/VGWhQ6RB
37MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjER
38MA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTADAQH/MAsG
39A1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5u
40b3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAwwCgYIKwYB
41BQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsqhkiG9w0B
42CRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09VUkNFUyBV
43U0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERlcGFydG1l
44bnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/Hea3Hk8P
45tTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weBdBa5WEDI
46FFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2
47"""
48
49    def setUp(self):
50        self.asn1Spec = rfc5280.Certificate()
51
52    def testDerCodec(self):
53        substrate = pem.readBase64fromText(self.cert_pem_text)
54        asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec)
55        assert not rest
56        assert asn1Object.prettyPrint()
57        assert der_encode(asn1Object) == substrate
58
59        cs = rfc5917.DirectoryString()
60        cs['utf8String'] = u'Human Resources Department'
61        encoded_cs = der_encode(cs)
62
63        clearance_sponsor_found = False
64        for extn in asn1Object['tbsCertificate']['extensions']:
65            if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes:
66                assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys()
67                ev, rest = der_decode(extn['extnValue'],
68                    asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']])
69                assert not rest
70                assert ev.prettyPrint()
71                assert der_encode(ev) == extn['extnValue']
72
73                for attr in ev:
74                    if attr['type'] == rfc5917.id_clearanceSponsor:
75                        assert attr['values'][0] == encoded_cs
76                        clearance_sponsor_found = True
77
78        assert clearance_sponsor_found
79
80    def testOpenTypes(self):
81        substrate = pem.readBase64fromText(self.cert_pem_text)
82        asn1Object, rest = der_decode(substrate,
83            asn1Spec=self.asn1Spec,
84            decodeOpenTypes=True)
85        assert not rest
86        assert asn1Object.prettyPrint()
87        assert der_encode(asn1Object) == substrate
88
89        clearance_sponsor_found = False
90        for extn in asn1Object['tbsCertificate']['extensions']:
91            if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes:
92                assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys()
93                ev, rest = der_decode(extn['extnValue'],
94                    asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']],
95                    decodeOpenTypes=True)
96                assert not rest
97                assert ev.prettyPrint()
98                assert der_encode(ev) == extn['extnValue']
99
100                for attr in ev:
101                    if attr['type'] == rfc5917.id_clearanceSponsor:
102                        hrd = u'Human Resources Department'
103                        assert attr['values'][0]['utf8String'] == hrd
104                        clearance_sponsor_found = True
105
106        assert clearance_sponsor_found
107
108
109suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
110
111if __name__ == '__main__':
112    unittest.TextTestRunner(verbosity=2).run(suite)
113