source: fedd/asn1_raw.py @ 8922e1b

axis_examplecompt_changesinfo-opsversion-1.30version-2.00version-3.01version-3.02
Last change on this file since 8922e1b was 6ff0b91, checked in by Ted Faber <faber@…>, 16 years ago

Reimplementation of fedd as a start in merging the codebases

  • Property mode set to 100644
File size: 5.8 KB
RevLine 
[6ff0b91]1# Read ASN.1/PEM X.509 certificates on stdin, parse each into plain text,
2# then build substrate from it
3import sys, string, base64
4from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful
5from pyasn1.codec.der import decoder, encoder
6from pyasn1 import error
7
8from M2Crypto import EVP
9
10# Would be autogenerated from ASN.1 source by a ASN.1 parser
11# X.509 spec (rfc2459)
12
13MAX = 64  # XXX ?
14
15class DirectoryString(univ.Choice):
16    componentType = namedtype.NamedTypes(
17        namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
18        namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
19        namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
20        namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
21        namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
22        namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX
23        )
24
25class AttributeValue(DirectoryString): pass
26
27class AttributeType(univ.ObjectIdentifier): pass
28
29class AttributeTypeAndValue(univ.Sequence):
30    componentType = namedtype.NamedTypes(
31        namedtype.NamedType('type', AttributeType()),
32        namedtype.NamedType('value', AttributeValue())
33        )
34
35class RelativeDistinguishedName(univ.SetOf):
36    componentType = AttributeTypeAndValue()
37
38class RDNSequence(univ.SequenceOf):
39    componentType = RelativeDistinguishedName()
40
41class Name(univ.Choice):
42    componentType = namedtype.NamedTypes(
43        namedtype.NamedType('', RDNSequence())
44        )
45                         
46class AlgorithmIdentifier(univ.Sequence):
47    componentType = namedtype.NamedTypes(
48        namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
49        namedtype.OptionalNamedType('parameters', univ.Null())
50        # XXX syntax screwed?
51#        namedtype.OptionalNamedType('parameters', univ.ObjectIdentifier())
52        )
53
54class Extension(univ.Sequence):
55    componentType = namedtype.NamedTypes(
56        namedtype.NamedType('extnID', univ.ObjectIdentifier()),
57        namedtype.DefaultedNamedType('critical', univ.Boolean('False')),
58        namedtype.NamedType('extnValue', univ.OctetString())
59        )
60
61class Extensions(univ.SequenceOf):
62    componentType = Extension()
63    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
64
65class SubjectPublicKeyInfo(univ.Sequence):
66     componentType = namedtype.NamedTypes(
67         namedtype.NamedType('algorithm', AlgorithmIdentifier()),
68         namedtype.NamedType('subjectPublicKey', univ.BitString())
69         )
70
71class UniqueIdentifier(univ.BitString): pass
72
73class Time(univ.Choice):
74    componentType = namedtype.NamedTypes(
75        namedtype.NamedType('utcTime', useful.UTCTime()),
76        namedtype.NamedType('generalTime', useful.GeneralizedTime())
77        )
78   
79class Validity(univ.Sequence):
80    componentType = namedtype.NamedTypes(
81        namedtype.NamedType('notBefore', Time()),
82        namedtype.NamedType('notAfter', Time())
83        )
84
85class CertificateSerialNumber(univ.Integer): pass
86
87class Version(univ.Integer):
88    namedValues = namedval.NamedValues(
89        ('v1', 0), ('v2', 1), ('v3', 2)
90        )
91
92class TBSCertificate(univ.Sequence):
93    componentType = namedtype.NamedTypes(
94        namedtype.DefaultedNamedType('version', Version('v1', tagSet=Version.tagSet.tagExplicitly(tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))),
95        namedtype.NamedType('serialNumber', CertificateSerialNumber()),
96        namedtype.NamedType('signature', AlgorithmIdentifier()),
97        namedtype.NamedType('issuer', Name()),
98        namedtype.NamedType('validity', Validity()),
99        namedtype.NamedType('subject', Name()),
100        namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
101        namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
102        namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
103        namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
104        )
105
106class Certificate(univ.Sequence):
107    componentType = namedtype.NamedTypes(
108        namedtype.NamedType('tbsCertificate', TBSCertificate()),
109        namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
110        namedtype.NamedType('signatureValue', univ.BitString())
111        )
112
113# end of ASN.1 data structures
114
115
116def get_bits(substrate):
117    certType = Certificate()
118    cert = decoder.decode(substrate, asn1Spec=certType)[0]
119    n = cert
120    for name in ('tbsCertificate', 'subjectPublicKeyInfo', 
121            'subjectPublicKey'):
122        n = n.getComponentByName(name)
123        if n == None: raise RuntimeException("Bad cert")
124
125    b = []
126    for i in range(0, len(n), 8):
127        v = 0
128        for j in range(0, 8):
129            v = (v << 1) + n[i+j]
130        b.append(v)
131
132    return str().join([chr(x) for x in b])
133
134
135def get_key_bits_from_file(fname):
136    stSpam, stHam, stDump = 0, 1, 2
137    state = stSpam
138
139    f = open(fname)
140
141    for certLine in f:
142        certLine = string.strip(certLine)
143        if state == stSpam:
144            if certLine == '-----BEGIN CERTIFICATE-----':
145                substrate = ""
146                state = stHam
147                continue
148        if state == stHam:
149            if certLine == '-----END CERTIFICATE-----':
150                state = stDump
151            else:
152                substrate = substrate + base64.b64decode(certLine)
153        if state == stDump:
154            f.close()
155            return get_bits(substrate)
156
157def get_key_bits_from_cert(cert):
158    return get_bits(cert.as_der())
Note: See TracBrowser for help on using the repository browser.