X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fexamples.rst;h=667f0ab90a6caf3791173e12ea8a2277a63ed01e;hb=c3cf01a26ce0105ec3417b6871c1a9fc400e4e44;hp=1d836f53549a33e3900766cea81a3dcd238c6381;hpb=2d45a224943c79e95cbd4913b44420788bc6c17d;p=pyderasn.git

diff --git a/doc/examples.rst b/doc/examples.rst
index 1d836f5..667f0ab 100644
--- a/doc/examples.rst
+++ b/doc/examples.rst
@@ -179,111 +179,14 @@ it's DER encoded representation is already in ``raw`` variable)::
 
     >>> crt, tail = Certificate().decode(raw)
     >>> crt
-    Certificate SEQUENCE[TBSCertificate SEQUENCE[[0] EXPLICIT Version
-        INTEGER v3 OPTIONAL, CertificateSerialNumber INTEGER 61595,
-        AlgorithmIdentifier SEQUENCE[OBJECT IDENTIFIER 1.2.840.113549.1.1.5...
-
-Pretty printing
----------------
-
-There is huge output. Let's pretty print it::
-
-    >>> print(pprint(crt))
-        0   [1,3,1604] Certificate SEQUENCE
-        4   [1,3,1453]  . tbsCertificate: TBSCertificate SEQUENCE
-       10-2 [1,1,   1]  . . version: [0] EXPLICIT Version INTEGER v3 OPTIONAL
-       13   [1,1,   3]  . . serialNumber: CertificateSerialNumber INTEGER 61595
-       18   [1,1,  13]  . . signature: AlgorithmIdentifier SEQUENCE
-       20   [1,1,   9]  . . . algorithm: OBJECT IDENTIFIER 1.2.840.113549.1.1.5
-       31   [0,0,   2]  . . . parameters: [UNIV 5] ANY OPTIONAL
-                        . . . . 05:00
-       33   [0,0, 278]  . . issuer: Name CHOICE rdnSequence
-       33   [1,3, 274]  . . . rdnSequence: RDNSequence SEQUENCE OF
-       37   [1,1,  11]  . . . . 0: RelativeDistinguishedName SET OF
-       39   [1,1,   9]  . . . . . 0: AttributeTypeAndValue SEQUENCE
-       41   [1,1,   3]  . . . . . . type: AttributeType OBJECT IDENTIFIER 2.5.4.6
-       46   [0,0,   4]  . . . . . . value: [UNIV 19] AttributeValue ANY
-                        . . . . . . . 13:02:45:53
-    [...]
-     1461   [1,1,  13]  . signatureAlgorithm: AlgorithmIdentifier SEQUENCE
-     1463   [1,1,   9]  . . algorithm: OBJECT IDENTIFIER 1.2.840.113549.1.1.5
-     1474   [0,0,   2]  . . parameters: [UNIV 5] ANY OPTIONAL
-                        . . . 05:00
-     1476   [1,2, 129]  . signatureValue: BIT STRING 1024 bits
-                        . . 68:EE:79:97:97:DD:3B:EF:16:6A:06:F2:14:9A:6E:CD
-                        . . 9E:12:F7:AA:83:10:BD:D1:7C:98:FA:C7:AE:D4:0E:2C
-     [...]
-
-    Trailing data: 0a
+    Certificate SEQUENCE[tbsCertificate: TBSCertificate SEQUENCE[
+        version: [0] EXPLICIT Version INTEGER v3 OPTIONAL;
+        serialNumber: CertificateSerialNumber INTEGER 61595;
+        signature: AlgorithmIdentifier SEQUENCE[OBJECT IDENTIFIER 1.2.840.113549.1.1.5...
 
-Let's parse that output, human::
+:ref:`Look here <pprint_example>` for better pretty printing.
 
-       10-2 [1,1,   1]    . . version: [0] EXPLICIT Version INTEGER v3 OPTIONAL
-       ^  ^  ^ ^    ^     ^   ^        ^            ^       ^       ^  ^
-       0  1  2 3    4     5   6        7            8       9       10 11
-
-::
-
-       20   [1,1,   9]    . . . algorithm: OBJECT IDENTIFIER 1.2.840.113549.1.1.5
-       ^     ^ ^    ^     ^     ^          ^                 ^
-       0     2 3    4     5     6          9                 10
-
-::
-
-       33   [0,0, 278]    . . issuer: Name CHOICE rdnSequence
-       ^     ^ ^    ^     ^   ^       ^    ^      ^
-       0     2 3    4     5   6       8    9      10
-
-::
-
-       52-2 [1,1,1054]-4  . . . . eContent: [0] EXPLICIT BER OCTET STRING 1046 bytes
-                       ^                                 ^   ^            ^
-                      12                                13   9            10
-
-:0:
- Offset of the object, where its DER/BER encoding begins.
- Pay attention that it does **not** include explicit tag.
-:1:
- If explicit tag exists, then this is its length (tag + encoded length).
-:2:
- Length of object's tag. For example CHOICE does not have its own tag,
- so it is zero.
-:3:
- Length of encoded length.
-:4:
- Length of encoded value.
-:5:
- Visual indentation to show the depth of object in the hierarchy.
-:6:
- Object's name inside SEQUENCE/CHOICE.
-:7:
- If either IMPLICIT or EXPLICIT tag is set, then it will be shown
- here. "IMPLICIT" is omitted.
-:8:
- Object's class name, if set. Omitted if it is just an ordinary simple
- value (like with ``algorithm`` in example above).
-:9:
- Object's ASN.1 type.
-:10:
- Object's value, if set. Can consist of multiple words (like OCTET/BIT
- STRINGs above). We see ``v3`` value in Version, because it is named.
- ``rdnSequence`` is the choice of CHOICE type.
-:11:
- Possible other flags like OPTIONAL and DEFAULT, if value equals to the
- default one, specified in the schema.
-:12:
- Only applicable to BER encoded data. If object has indefinite length
- encoding, then subtract 2 bytes EOC from its length. If object has
- explicit tag with indefinite length, then subtract another EOC bytes.
- In example above, ``eContent`` field has both indefinite field encoding
- and indefinite length explicit tag. ``BIT STRING``, ``OCTET STRING``
- (and its derivatives), ``SEQUENCE``, ``SET``, ``SEQUENCE OF``, ``SET
- OF``, ``ANY`` could have indefinite length coding.
-:13:
- Only applicable to BER encoded data. If object has BER-specific
- encoding, then ``BER`` will be shown. It does not depend on indefinite
- length encoding. ``BOOLEAN``, ``BIT STRING``, ``OCTET STRING`` (and its
- derivatives) could be BERed.
+.. _cmdline:
 
 As command line utility
 -----------------------
@@ -326,6 +229,9 @@ good enough for the certificate above::
                         . . . 9E:12:F7:AA:83:10:BD:D1:7C:98:FA:C7:AE:D4:0E:2C
     [...]
 
+Human readable OIDs
+___________________
+
 If you have got dictionaries with ObjectIdentifiers, like example one
 from ``tests/test_crts.py``::
 
@@ -355,6 +261,41 @@ then you can pass it to pretty printer to see human readable OIDs::
        79   [1,1,   9]  . . . . . . . . . . >: PrintableString PrintableString Barcelona
     [...]
 
+Decode paths
+____________
+
+Each decoded element has so-called decode path: sequence of structure
+names it is passing during the decode process. Each element has its own
+unique path inside the whole ASN.1 tree. You can print it out with
+``--print-decode-path`` option::
+
+    % python -m pyderasn --schema path.to:Certificate --print-decode-path path/to/file
+       0    [1,3,1604]  Certificate SEQUENCE []
+       4    [1,3,1453]   . tbsCertificate: TBSCertificate SEQUENCE [tbsCertificate]
+      10-2  [1,1,   1]   . . version: [0] EXPLICIT Version INTEGER v3 OPTIONAL [tbsCertificate:version]
+      13    [1,1,   3]   . . serialNumber: CertificateSerialNumber INTEGER 61595 [tbsCertificate:serialNumber]
+      18    [1,1,  13]   . . signature: AlgorithmIdentifier SEQUENCE [tbsCertificate:signature]
+      20    [1,1,   9]   . . . algorithm: OBJECT IDENTIFIER 1.2.840.113549.1.1.5 [tbsCertificate:signature:algorithm]
+      31    [0,0,   2]   . . . parameters: [UNIV 5] ANY OPTIONAL [tbsCertificate:signature:parameters]
+                         . . . . 05:00
+      33    [0,0, 278]   . . issuer: Name CHOICE rdnSequence [tbsCertificate:issuer]
+      33    [1,3, 274]   . . . rdnSequence: RDNSequence SEQUENCE OF [tbsCertificate:issuer:rdnSequence]
+      37    [1,1,  11]   . . . . 0: RelativeDistinguishedName SET OF [tbsCertificate:issuer:rdnSequence:0]
+      39    [1,1,   9]   . . . . . 0: AttributeTypeAndValue SEQUENCE [tbsCertificate:issuer:rdnSequence:0:0]
+      41    [1,1,   3]   . . . . . . type: AttributeType OBJECT IDENTIFIER 2.5.4.6 [tbsCertificate:issuer:rdnSequence:0:0:type]
+      46    [0,0,   4]   . . . . . . value: [UNIV 19] AttributeValue ANY [tbsCertificate:issuer:rdnSequence:0:0:value]
+                         . . . . . . . 13:02:45:53
+      46    [1,1,   2]   . . . . . . . DEFINED BY 2.5.4.6: CountryName PrintableString ES [tbsCertificate:issuer:rdnSequence:0:0:value:DEFINED BY 2.5.4.6]
+    [...]
+
+Now you can print only the specified tree, for example signature algorithm::
+
+    % python -m pyderasn --schema path.to:Certificate --decode-path-only tbsCertificate:signature path/to/file
+      18    [1,1,  13]  AlgorithmIdentifier SEQUENCE
+      20    [1,1,   9]   . algorithm: OBJECT IDENTIFIER 1.2.840.113549.1.1.5
+      31    [0,0,   2]   . parameters: [UNIV 5] ANY OPTIONAL
+                         . . 05:00
+
 Descriptive errors
 ------------------
 
@@ -363,13 +304,13 @@ If you have bad DER/BER, then errors will show you where error occurred::
     % python -m pyderasn --schema tests.test_crts:Certificate path/to/bad/file
     Traceback (most recent call last):
     [...]
-    pyderasn.DecodeError: UTCTime (tbsCertificate.validity.notAfter.utcTime) (at 328) invalid UTCTime format
+    pyderasn.DecodeError: UTCTime (tbsCertificate:validity:notAfter:utcTime) (at 328) invalid UTCTime format
 
 ::
 
     % python -m pyderasn path/to/bad/file
     [...]
-    pyderasn.DecodeError: UTCTime (0.SequenceOf.4.SequenceOf.1.UTCTime) (at 328) invalid UTCTime format
+    pyderasn.DecodeError: UTCTime (0:SequenceOf:4:SequenceOf:1:UTCTime) (at 328) invalid UTCTime format
 
 You can see, so called, decode path inside the structures:
 ``tbsCertificate`` -> ``validity`` -> ``notAfter`` -> ``utcTime`` and
@@ -450,13 +391,13 @@ fields automatic decoding::
 
     class AttributeTypeAndValue(Sequence):
         schema = (
-            ((("type",), AttributeType(defines=("value", {
+            ((("type",), AttributeType(defines=((("value",), {
                 id_at_countryName: PrintableString(),
                 id_at_stateOrProvinceName: PrintableString(),
                 id_at_localityName: PrintableString(),
                 id_at_organizationName: PrintableString(),
                 id_at_commonName: PrintableString(),
-            }))),),
+            }),)))),
             ("value", AttributeValue()),
         )