X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=pygost%2Ftest_pfx.py;h=c4497c916239265277a1c5ca21a74b1ec65e14e5;hb=a2b4808f6628225be99874bd5f6a0f80a514db82;hp=39b477f50945e601700ccd5abf9e44da6937b9cd;hpb=5013b980d53a9969649a59535b7566f73f11521e;p=pygost.git

diff --git a/pygost/test_pfx.py b/pygost/test_pfx.py
index 39b477f..c4497c9 100644
--- a/pygost/test_pfx.py
+++ b/pygost/test_pfx.py
@@ -1,11 +1,10 @@
 # coding: utf-8
 # PyGOST -- Pure Python GOST cryptographic functions library
-# Copyright (C) 2015-2018 Sergey Matveev <stargrave@stargrave.org>
+# Copyright (C) 2015-2020 Sergey Matveev <stargrave@stargrave.org>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
+# the Free Software Foundation, version 3 of the License.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -23,16 +22,14 @@ from unittest import TestCase
 from pygost.gost28147 import cfb_decrypt
 from pygost.gost34112012512 import GOST34112012512
 from pygost.gost34112012512 import pbkdf2 as gost34112012_pbkdf2
+from pygost.utils import hexdec
 
 
 try:
-    from pygost.asn1schemas.cms import Gost2814789Parameters
-    from pygost.asn1schemas.pfx import EncryptedData
     from pygost.asn1schemas.pfx import OctetStringSafeContents
-    from pygost.asn1schemas.pfx import PBES2Params
-    from pygost.asn1schemas.pfx import PBKDF2Params
     from pygost.asn1schemas.pfx import PFX
     from pygost.asn1schemas.pfx import PKCS8ShroudedKeyBag
+    from pygost.asn1schemas.pfx import SafeContents
 except ImportError:
     pyderasn_exists = False
 else:
@@ -86,33 +83,19 @@ G2ki9enTqos4KpUU0j9IDpl1UXiaA1YDIwUjlAp+81GkLmyt8Fw6Gt/X5JZySAY=
 
         pfx, tail = PFX().decode(self.pfx_raw)
         self.assertSequenceEqual(tail, b"")
-        octet_string_safe_contents, tail = OctetStringSafeContents().decode(
-            bytes(pfx["authSafe"]["content"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        outer_safe_contents = octet_string_safe_contents["safeContents"]
-
-        octet_string_safe_contents, tail = OctetStringSafeContents().decode(
+        _, outer_safe_contents = pfx["authSafe"]["content"].defined
+        safe_contents, tail = OctetStringSafeContents().decode(
             bytes(outer_safe_contents[0]["bagValue"]),
         )
         self.assertSequenceEqual(tail, b"")
-        safe_bag = octet_string_safe_contents["safeContents"][0]
+        safe_bag = safe_contents[0]
         shrouded_key_bag, tail = PKCS8ShroudedKeyBag().decode(
             bytes(safe_bag["bagValue"]),
         )
         self.assertSequenceEqual(tail, b"")
-        pbes2_params, tail = PBES2Params().decode(
-            bytes(shrouded_key_bag["encryptionAlgorithm"]["parameters"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        pbkdf2_params, tail = PBKDF2Params().decode(
-            bytes(pbes2_params["keyDerivationFunc"]["parameters"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        enc_scheme_params, tail = Gost2814789Parameters().decode(
-            bytes(pbes2_params["encryptionScheme"]["parameters"]),
-        )
-        self.assertSequenceEqual(tail, b"")
+        _, pbes2_params = shrouded_key_bag["encryptionAlgorithm"]["parameters"].defined
+        _, pbkdf2_params = pbes2_params["keyDerivationFunc"]["parameters"].defined
+        _, enc_scheme_params = pbes2_params["encryptionScheme"]["parameters"].defined
 
         key = gost34112012_pbkdf2(
             password=self.password.encode("utf-8"),
@@ -126,7 +109,7 @@ G2ki9enTqos4KpUU0j9IDpl1UXiaA1YDIwUjlAp+81GkLmyt8Fw6Gt/X5JZySAY=
                 key,
                 bytes(shrouded_key_bag["encryptedData"]),
                 iv=bytes(enc_scheme_params["iv"]),
-                sbox="Gost28147_tc26_ParamZ",
+                sbox="id-tc26-gost-28147-param-Z",
             ),
             private_key_info_expected,
         )
@@ -152,28 +135,11 @@ ATAMBggqhQMHAQEDAgUAA0EA9oq0Vvk8kkgIwkp0x0J5eKtia4MNTiwKAm7jgnCZIx3O98BThaTX
 
         pfx, tail = PFX().decode(self.pfx_raw)
         self.assertSequenceEqual(tail, b"")
-        octet_string_safe_contents, tail = OctetStringSafeContents().decode(
-            bytes(pfx["authSafe"]["content"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        outer_safe_contents = octet_string_safe_contents["safeContents"]
-
-        encrypted_data, tail = EncryptedData().decode(
-            bytes(outer_safe_contents[1]["bagValue"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        pbes2_params, _ = PBES2Params().decode(
-            bytes(encrypted_data["encryptedContentInfo"]["contentEncryptionAlgorithm"]["parameters"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        pbkdf2_params, tail = PBKDF2Params().decode(
-            bytes(pbes2_params["keyDerivationFunc"]["parameters"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        enc_scheme_params, tail = Gost2814789Parameters().decode(
-            bytes(pbes2_params["encryptionScheme"]["parameters"]),
-        )
-        self.assertSequenceEqual(tail, b"")
+        _, outer_safe_contents = pfx["authSafe"]["content"].defined
+        _, encrypted_data = outer_safe_contents[1]["bagValue"].defined
+        _, pbes2_params = encrypted_data["encryptedContentInfo"]["contentEncryptionAlgorithm"]["parameters"].defined
+        _, pbkdf2_params = pbes2_params["keyDerivationFunc"]["parameters"].defined
+        _, enc_scheme_params = pbes2_params["encryptionScheme"]["parameters"].defined
         key = gost34112012_pbkdf2(
             password=self.password.encode("utf-8"),
             salt=bytes(pbkdf2_params["salt"]["specified"]),
@@ -186,7 +152,7 @@ ATAMBggqhQMHAQEDAgUAA0EA9oq0Vvk8kkgIwkp0x0J5eKtia4MNTiwKAm7jgnCZIx3O98BThaTX
                 key,
                 bytes(encrypted_data["encryptedContentInfo"]["encryptedContent"]),
                 iv=bytes(enc_scheme_params["iv"]),
-                sbox="Gost28147_tc26_ParamZ",
+                sbox="id-tc26-gost-28147-param-Z",
             ),
             cert_bag_expected,
         )
@@ -194,12 +160,7 @@ ATAMBggqhQMHAQEDAgUAA0EA9oq0Vvk8kkgIwkp0x0J5eKtia4MNTiwKAm7jgnCZIx3O98BThaTX
     def test_mac(self):
         pfx, tail = PFX().decode(self.pfx_raw)
         self.assertSequenceEqual(tail, b"")
-        octet_string_safe_contents, tail = OctetStringSafeContents().decode(
-            bytes(pfx["authSafe"]["content"]),
-        )
-        self.assertSequenceEqual(tail, b"")
-        outer_safe_contents = octet_string_safe_contents["safeContents"]
-
+        _, outer_safe_contents = pfx["authSafe"]["content"].defined
         mac_data = pfx["macData"]
         mac_key = gost34112012_pbkdf2(
             password=self.password.encode('utf-8'),
@@ -211,7 +172,7 @@ ATAMBggqhQMHAQEDAgUAA0EA9oq0Vvk8kkgIwkp0x0J5eKtia4MNTiwKAm7jgnCZIx3O98BThaTX
         self.assertSequenceEqual(
             hmac_new(
                 key=mac_key,
-                msg=outer_safe_contents.encode(),
+                msg=SafeContents(outer_safe_contents).encode(),
                 digestmod=GOST34112012512,
             ).digest(),
             bytes(mac_data["mac"]["digest"]),