# coding: utf-8
# PyGOST -- Pure Python GOST cryptographic functions library
-# Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
+# Copyright (C) 2015-2021 Sergey Matveev <stargrave@stargrave.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
+# the Free Software Foundation, version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
from pygost.gost28147 import cfb_decrypt
from pygost.gost34112012512 import GOST34112012512
from pygost.gost34112012512 import pbkdf2 as gost34112012_pbkdf2
-from pygost.utils import hexdec
try:
from pygost.asn1schemas.pfx import OctetStringSafeContents
from pygost.asn1schemas.pfx import PFX
from pygost.asn1schemas.pfx import PKCS8ShroudedKeyBag
+ from pygost.asn1schemas.pfx import SafeContents
except ImportError:
pyderasn_exists = False
else:
JSg6M8RBUYpw/8ym5ou1o2nDa09M5zF3BCCpzyCQBI+rzfISeKvPV1ROfcXiYU93
mwcl1xQV2G5/fgICB9A=
""")
- password = u'Пароль для PFX'
+ password = u"Пароль для PFX"
def test_shrouded_key_bag(self):
private_key_info_expected = b64decode(b"""
pfx, tail = PFX().decode(self.pfx_raw)
self.assertSequenceEqual(tail, b"")
- _, octet_string_safe_contents = pfx["authSafe"]["content"].defined
- outer_safe_contents = octet_string_safe_contents["safeContents"]
- octet_string_safe_contents, tail = OctetStringSafeContents().decode(
+ _, outer_safe_contents = pfx["authSafe"]["content"].defined
+ safe_contents, tail = OctetStringSafeContents().decode(
bytes(outer_safe_contents[0]["bagValue"]),
)
self.assertSequenceEqual(tail, b"")
- safe_bag = octet_string_safe_contents["safeContents"][0]
+ safe_bag = safe_contents[0]
shrouded_key_bag, tail = PKCS8ShroudedKeyBag().decode(
bytes(safe_bag["bagValue"]),
)
key,
bytes(shrouded_key_bag["encryptedData"]),
iv=bytes(enc_scheme_params["iv"]),
- sbox="Gost28147_tc26_ParamZ",
+ sbox="id-tc26-gost-28147-param-Z",
),
private_key_info_expected,
)
pfx, tail = PFX().decode(self.pfx_raw)
self.assertSequenceEqual(tail, b"")
- _, octet_string_safe_contents = pfx["authSafe"]["content"].defined
- outer_safe_contents = octet_string_safe_contents["safeContents"]
+ _, outer_safe_contents = pfx["authSafe"]["content"].defined
_, encrypted_data = outer_safe_contents[1]["bagValue"].defined
_, pbes2_params = encrypted_data["encryptedContentInfo"]["contentEncryptionAlgorithm"]["parameters"].defined
_, pbkdf2_params = pbes2_params["keyDerivationFunc"]["parameters"].defined
key,
bytes(encrypted_data["encryptedContentInfo"]["encryptedContent"]),
iv=bytes(enc_scheme_params["iv"]),
- sbox="Gost28147_tc26_ParamZ",
+ sbox="id-tc26-gost-28147-param-Z",
),
cert_bag_expected,
)
def test_mac(self):
pfx, tail = PFX().decode(self.pfx_raw)
self.assertSequenceEqual(tail, b"")
- _, octet_string_safe_contents = pfx["authSafe"]["content"].defined
- outer_safe_contents = octet_string_safe_contents["safeContents"]
+ _, outer_safe_contents = pfx["authSafe"]["content"].defined
mac_data = pfx["macData"]
mac_key = gost34112012_pbkdf2(
- password=self.password.encode('utf-8'),
+ password=self.password.encode("utf-8"),
salt=bytes(mac_data["macSalt"]),
iterations=int(mac_data["iterations"]),
dklen=96,
self.assertSequenceEqual(
hmac_new(
key=mac_key,
- msg=outer_safe_contents.encode(),
+ msg=SafeContents(outer_safe_contents).encode(),
digestmod=GOST34112012512,
).digest(),
bytes(mac_data["mac"]["digest"]),