Skip to content

Commit

Permalink
Add tests for the changes in PKCS7 signing
Browse files Browse the repository at this point in the history
  • Loading branch information
facutuesca committed Feb 12, 2024
1 parent 2c1e981 commit 1f797f8
Showing 1 changed file with 52 additions and 2 deletions.
54 changes: 52 additions & 2 deletions tests/hazmat/primitives/test_pkcs7.py
Original file line number Diff line number Diff line change
Expand Up @@ -557,6 +557,50 @@ def test_sign_text(self, backend):
backend,
)

def test_smime_capabilities(self, backend):
data = b"hello world"
cert, key = _load_cert_key()
builder = (
pkcs7.PKCS7SignatureBuilder()
.set_data(data)
.add_signer(cert, key, hashes.SHA256())
)

sig_binary = builder.sign(serialization.Encoding.DER, [])

# 1.2.840.113549.1.9.15 (SMIMECapabilities) as an ASN.1 DER encoded OID
assert b"\x06\t*\x86H\x86\xf7\r\x01\t\x0f" in sig_binary

# 2.16.840.1.101.3.4.1.42 (aes256-CBC-PAD) as an ASN.1 DER encoded OID
aes256_cbc_pad_oid = b"\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x2A"
# 2.16.840.1.101.3.4.1.22 (aes192-CBC-PAD) as an ASN.1 DER encoded OID
aes192_cbc_pad_oid = b"\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x16"
# 2.16.840.1.101.3.4.1.2 (aes128-CBC-PAD) as an ASN.1 DER encoded OID
aes128_cbc_pad_oid = b"\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x02"

# Each algorithm in SMIMECapabilities should be inside its own
# SEQUENCE.
# This is encoded as SEQUENCE_IDENTIFIER + LENGTH + ALGORITHM_OID.
# This tests that each algorithm is indeed encoded inside its own
# sequence. See RFC 2633, Appendix A for more details.
sequence_identifier = b"\x30"
for oid in [
aes256_cbc_pad_oid,
aes192_cbc_pad_oid,
aes128_cbc_pad_oid,
]:
len_oid = len(oid).to_bytes(length=1, byteorder="big")
assert sequence_identifier + len_oid + oid in sig_binary

_pkcs7_verify(
serialization.Encoding.DER,
sig_binary,
None,
[cert],
[],
backend,
)

def test_sign_no_capabilities(self, backend):
data = b"hello world"
cert, key = _load_cert_key()
Expand Down Expand Up @@ -677,9 +721,15 @@ def test_rsa_pkcs_padding_options(self, pad, backend):
sig.count(b"\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x08") == 1
)
else:
# This should be a pkcs1 sha512 signature
# This should be a pkcs1 RSA signature, which uses the
# `rsaEncryption` OID (1.2.840.113549.1.1.1) no matter which
# digest algorithm is used.
# See RFC 3370 section 3.2 for more details.
# This OID appears twice, once in the certificate itself and
# another in the SignerInfo data structure in the
# `digest_encryption_algorithm` field.
assert (
sig.count(b"\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0D") == 1
sig.count(b"\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01") == 2
)
_pkcs7_verify(
serialization.Encoding.DER,
Expand Down

0 comments on commit 1f797f8

Please sign in to comment.