<https://golang.org/pkg/encoding/asn1/>`__ test suite (assuming that
it's DER encoded representation is already in ``raw`` variable)::
- >>> crt, tail = Certificate().decode(raw)
+ >>> crt = Certificate().decod(raw)
>>> crt
Certificate SEQUENCE[tbsCertificate: TBSCertificate SEQUENCE[
version: [0] EXPLICIT Version INTEGER v3 OPTIONAL;
You can decode DER/BER files using command line abilities and get the
same picture as above by executing::
- % python -m pyderasn --schema tests.test_crts:Certificate path/to/file
+ $ python -m pyderasn --schema tests.test_crts:Certificate path/to/file
If there is no schema for you file, then you can try parsing it without,
but of course IMPLICIT tags will often make it impossible. But result is
good enough for the certificate above::
- % python -m pyderasn path/to/file
+ $ python -m pyderasn path/to/file
0 [1,3,1604] . >: SEQUENCE OF
4 [1,3,1453] . . >: SEQUENCE OF
8 [0,0, 5] . . . . >: [0] ANY
If you have got dictionaries with ObjectIdentifiers, like example one
from ``tests/test_crts.py``::
- some_oids = {
+ stroid2name = {
"1.2.840.113549.1.1.1": "id-rsaEncryption",
"1.2.840.113549.1.1.5": "id-sha1WithRSAEncryption",
[...]
then you can pass it to pretty printer to see human readable OIDs::
- % python -m pyderasn --oids tests.test_crts:some_oids path/to/file
+ $ python -m pyderasn --oids tests.test_crts:stroid2name path/to/file
[...]
37 [1,1, 11] . . . . . . >: SET OF
39 [1,1, 9] . . . . . . . . >: SEQUENCE OF
unique path inside the whole ASN.1 tree. You can print it out with
``--print-decode-path`` option::
- % python -m pyderasn --schema path.to:Certificate --print-decode-path path/to/file
+ $ python -m pyderasn --schema path.to:Certificate --print-decode-path path/to/file
0 [1,3,1604] Certificate SEQUENCE []
4 [1,3,1453] . tbsCertificate: TBSCertificate SEQUENCE [tbsCertificate]
10-2 [1,1, 1] . . version: [0] EXPLICIT Version INTEGER v3 OPTIONAL [tbsCertificate:version]
Now you can print only the specified tree, for example signature algorithm::
- % python -m pyderasn --schema path.to:Certificate --decode-path-only tbsCertificate:signature path/to/file
+ $ python -m pyderasn --schema path.to:Certificate --decode-path-only tbsCertificate:signature path/to/file
18 [1,1, 13] AlgorithmIdentifier SEQUENCE
20 [1,1, 9] . algorithm: OBJECT IDENTIFIER 1.2.840.113549.1.1.5
31 [0,0, 2] . parameters: [UNIV 5] ANY OPTIONAL
If you have bad DER/BER, then errors will show you where error occurred::
- % python -m pyderasn --schema tests.test_crts:Certificate path/to/bad/file
+ $ python -m pyderasn --schema tests.test_crts:Certificate path/to/bad/file
Traceback (most recent call last):
[...]
pyderasn.DecodeError: UTCTime (tbsCertificate:validity:notAfter:utcTime) (at 328) invalid UTCTime format
::
- % python -m pyderasn path/to/bad/file
+ $ python -m pyderasn path/to/bad/file
[...]
pyderasn.DecodeError: UTCTime (0:SequenceOf:4:SequenceOf:1:UTCTime) (at 328) invalid UTCTime format
tbs["validity"] = validity
spki = SubjectPublicKeyInfo()
- spki_algo_id = sign_algo_id.copy()
+ spki_algo_id = copy(sign_algo_id)
spki_algo_id["algorithm"] = ObjectIdentifier("1.2.840.113549.1.1.1")
spki["algorithm"] = spki_algo_id
spki["subjectPublicKey"] = BitString(hexdec("".join((