Qhov no yog tus qauv (ISO, ITU-T, GOST) ntawm cov lus piav qhia cov ntaub ntawv tsim qauv, nrog rau cov cai rau kev nkag siab cov ntaub ntawv no. Rau kuv, raws li tus programmer, qhov no tsuas yog lwm hom ntawv rau serializing thiab nthuav qhia cov ntaub ntawv, nrog rau JSON, XML, XDR thiab lwm yam. Nws muaj ntau heev nyob rau hauv peb lub neej niaj hnub, thiab ntau tus neeg ntsib nws: hauv xov tooj ntawm tes, xov tooj, VoIP kev sib txuas lus (UMTS, LTE, WiMAX, SS7, H.323), hauv network raws tu qauv (LDAP, SNMP, Kerberos), nyob rau hauv txhua yam uas. Kev txhawj xeeb txog kev zais zais (X.509, CMS, PKCS cov qauv), hauv daim npav rho nyiaj thiab daim ntawv hla tebchaws biometric, thiab ntau ntxiv.
Kab lus no hais txog : Python ASN.1 lub tsev qiv ntawv yog nquag siv hauv cov haujlwm ntsig txog cryptography hauv .
Feem ntau, ASN.1 tsis tsim nyog pom zoo rau cov haujlwm cryptographic: ASN.1 thiab nws cov codecs yog qhov nyuaj. Qhov no txhais tau hais tias tus lej yuav tsis yooj yim, thiab qhov no yog ib qho kev tawm tsam ntxiv. Cia li saib vulnerabilities nyob rau hauv ASN.1 cov tsev qiv ntawv. Bruce Schneier nyob rau hauv nws kuj tseem qhia tawm tsam kev siv tus qauv no vim nws qhov nyuaj: "Qhov zoo tshaj plaws-paub TLV encoding yog ASN.1, tab sis nws yog qhov nyuaj heev thiab peb txaj muag ntawm nws." Tab sis, hmoov tsis, hnub no peb muaj nyob rau hauv uas lawv nquag siv , CRL, OCSP, TSP, CMP raws tu qauv, , lus , thiab ntau tus qauv . Yog li ntawd, koj yuav tsum muaj peev xwm ua hauj lwm nrog ASN.1 yog tias koj ua dab tsi cuam tshuam nrog cryptography.
ASN.1 tuaj yeem nkag mus rau ntau txoj hauv kev / codecs:
- (Basic Encoding Txoj Cai)
- (Cov Cai Canonical Encoding)
- (Txoj cai Encoding txawv)
- (Generic String Encoding Txoj Cai)
- (JSON Encoding Cov Cai)
- LWER (Light Weight Encoding Rules)
- (Octet Encoding Cov Cai)
- (Packed Encoding Cov Cai)
- SER (Signalling tshwj xeeb encoding txoj cai)
- (XML encoding Rules)
thiab lwm tus. Tab sis hauv kev ua haujlwm cryptographic, hauv kev xyaum, ob qho yog siv: BER thiab DER. Txawm nyob rau hauv cov ntaub ntawv XML kos npe (, ) tseem yuav muaj Base64-encoded ASN.1 DER cov khoom, xws li hauv JSON-oriented raws tu qauv los ntawm Let's Encrypt. Koj tuaj yeem nkag siab zoo dua tag nrho cov codecs thiab BER / CER / DER coding cov hauv paus ntsiab lus hauv cov ntawv thiab phau ntawv: , , .
BER yog binary byte-oriented (piv txwv li PER, nrov hauv kev sib txuas lus ntawm tes - me ntsis-oriented) TLV hom. Txhua yam yog encoded li: tag (Tag), txheeb xyuas cov ntsiab lus uas yuav tsum tau encoded (tus lej, hlua, hnub, thiab lwm yam), ntev (Length) cov ntsiab lus thiab cov ntsiab lus nws tus kheej (Value). BER xaiv tau tso cai rau koj tsis qhia qhov ntev ntawm tus nqi los ntawm kev teeb tsa tus nqi tshwj xeeb ntev ntev thiab xaus qhov kawg-ntawm-Octets cov lus nrog rau qhov kawg-ntawm-Octets. Dhau li ntawm qhov ntev encoding, BER muaj ntau qhov sib txawv ntawm txoj kev nws encodes cov ntaub ntawv hom, xws li:
- INTEGER, OBJECT IDENTIFIER, BIT STRING thiab lub caij ntev yuav tsis zoo li qub (tsis tau encoded hauv daim ntawv tsawg);
- BOOLEAN muaj tseeb rau cov ntsiab lus uas tsis yog xoom;
- BIT STRING tuaj yeem muaj "ntxiv" xoom khoom;
- BIT STRING, OCTET STRING thiab tag nrho lawv cov hlua tau muab los, suav nrog hnub / sijhawm, tuaj yeem tawg mus rau qhov sib txawv-ntev chunks, qhov ntev uas tsis paub ua ntej thaum lub sijhawm (de) encoding;
- UTCTime/GeneralizedTime tej zaum yuav muaj ntau txoj hauv kev ntawm kev qhia lub sijhawm thaj tsam offset thiab "ntxiv" xoom feem ntawm vib nas this;
- DEFAULT SEQUENCE qhov tseem ceeb tej zaum yuav los yog tsis tau encoded;
- Cov npe muaj txiaj ntsig ntawm cov khoom kawg hauv BIT STRING tuaj yeem xaiv tau unencoded;
- SEQUENCE (OF) / SET (OF) tuaj yeem muaj qhov kev txiav txim ntawm cov ntsiab lus.
Vim hais tias ntawm tag nrho cov saum toj no, encoding cov ntaub ntawv kom nws zoo tib yam rau tus thawj daim ntawv yog tsis ib txwm ua tau. Yog li ntawd, ib tug subset ntawm txoj cai tau tsim: DER - nruj me ntsis tswj tsuas yog ib tug siv tau encoding txoj kev, uas yog ib qho tseem ceeb rau cryptographic ua hauj lwm qhov twg, piv txwv li, hloov ib me ntsis yuav ua rau kos npe los yog checksum invalid. DER muaj qhov tsis zoo tseem ceeb: qhov ntev ntawm tag nrho cov ntsiab lus yuav tsum tau paub ua ntej ntawm lub sijhawm encoding, uas tsis tso cai rau kwj serialization ntawm cov ntaub ntawv. CER codec tsis muaj qhov teeb meem no, zoo ib yam li lav qhov tsis pom tseeb ntawm cov ntaub ntawv. Hmoov tsis zoo (los yog nws muaj hmoo tias peb tsis muaj ntau dua decoders?), nws tsis tau nrov. Yog li ntawd, hauv kev xyaum peb ntsib ib qho "sib xyaw" siv BER thiab DER encoded cov ntaub ntawv. Txij li ob qho CER thiab DER yog ib feem ntawm BER, txhua tus BER decoder tuaj yeem ua rau lawv.
Teeb meem nrog pyasn1
Hauv kev ua haujlwm peb sau ntau Python cov kev pab cuam cuam tshuam nrog cryptography. Thiab ob peb xyoos dhau los yeej tsis muaj kev xaiv ntawm cov tsev qiv ntawv dawb: ob qho no yog cov tsev qiv ntawv qis heev uas tso cai rau koj yooj yim encode / decode, piv txwv li, tus lej thiab tus qauv header, lossis lub tsev qiv ntawv no . Peb nyob ntawm nws ntau xyoo thiab thaum xub thawj peb zoo siab heev, vim nws tso cai rau koj ua haujlwm nrog ASN.1 cov qauv xws li cov khoom siv qib siab: piv txwv li, cov khoom siv daim ntawv pov thawj X.509 tso cai rau koj nkag mus rau nws cov teb los ntawm ib phau ntawv txhais lus interface: ntawv pov thawj ["tbsCertificate"] ["serialNumber"] yuav qhia peb tus naj npawb ntawm daim ntawv pov thawj no. Ib yam li ntawd, koj tuaj yeem "sib sau" cov khoom nyuaj los ntawm kev ua haujlwm nrog lawv ua cov npe, phau ntawv txhais lus, thiab tom qab ntawd tsuas yog hu rau pyasn1.codec.der.encoder.encode muaj nuj nqi thiab tau txais ib qho kev sawv cev ntawm cov ntaub ntawv.
Txawm li cas los xij, qhov tsis txaus, teeb meem thiab kev txwv tau tshwm sim. Muaj thiab, hmoov tsis, tseem yog qhov yuam kev hauv pyasn1: thaum lub sijhawm sau ntawv, ib qho ntawm cov hom pib hauv pyasn1 yog GeneralizedTime, decoded thiab encoded.
Hauv peb cov haujlwm, kom txuag tau qhov chaw, peb feem ntau khaws cov ntaub ntawv txoj kev, offset thiab ntev hauv bytes ntawm cov khoom peb xav siv. Piv txwv li, cov ntaub ntawv kos npe tsis txaus ntseeg feem ntau yuav nyob hauv CMS SignedData ASN.1 qauv:
0 [1,3,1018] ContentInfo SEQUENCE
4 [1,1, 9] . contentType: ContentType OBJECT IDENTIFIER 1.2.840.113549.1.7.2 (id_signedData)
19-4 [0,0,1003] . content: [0] EXPLICIT [UNIV 16] ANY
19 [1,3, 999] . . DEFINED BY id_signedData: SignedData SEQUENCE
23 [1,1, 1] . . . version: CMSVersion INTEGER v3 (03)
26 [1,1, 19] . . . digestAlgorithms: DigestAlgorithmIdentifiers SET OF
[...]
47 [1,3, 769] . . . encapContentInfo: EncapsulatedContentInfo SEQUENCE
51 [1,1, 8] . . . . eContentType: ContentType OBJECT IDENTIFIER 1.3.6.1.5.5.7.12.2 (id_cct_PKIData)
65-4 [1,3, 751] . . . . eContent: [0] EXPLICIT OCTET STRING 751 bytes OPTIONAL
ТУТ СОДЕРЖИМОЕ ПОДПИСЫВАЕМОГО ФАЙЛА РАЗМЕРОМ 751 байт
820 [1,2, 199] . . . signerInfos: SignerInfos SET OF
823 [1,2, 196] . . . . 0: SignerInfo SEQUENCE
826 [1,1, 1] . . . . . version: CMSVersion INTEGER v3 (03)
829 [0,0, 22] . . . . . sid: SignerIdentifier CHOICE subjectKeyIdentifier
[...]
956 [1,1, 64] . . . . . signature: SignatureValue OCTET STRING 64 bytes
. . . . . . C1:B3:88:BA:F8:92:1C:E6:3E:41:9B:E0:D3:E9:AF:D8
. . . . . . 47:4A:8A:9D:94:5D:56:6B:F0:C1:20:38:D2:72:22:12
. . . . . . 9F:76:46:F6:51:5F:9A:8D:BF:D7:A6:9B:FD:C5:DA:D2
. . . . . . F3:6B:00:14:A4:9D:D7:B5:E1:A6:86:44:86:A7:E8:C9
thiab peb tuaj yeem tau txais daim ntawv kos npe thawj ntawm offset 65 bytes, 751 bytes ntev. pyasn1 tsis khaws cov ntaub ntawv no rau hauv nws cov khoom txiav tawm. Lub npe hu ua TLVSeeker tau sau - lub tsev qiv ntawv me me uas tso cai rau koj los txiav txim siab cov cim npe thiab cov khoom ntev, nyob rau hauv qhov kev sib txuas uas peb tau txib "mus rau lwm daim ntawv", "mus rau hauv daim ntawv" (mus rau hauv cov khoom SEQUENCE), "mus rau lub cim tom ntej", "qhia koj qhov offset thiab qhov ntev ntawm cov khoom uas peb nyob." Qhov no yog "phau ntawv" taug kev los ntawm ASN.1 DER-serialized cov ntaub ntawv. Tab sis nws tsis tuaj yeem ua haujlwm nrog BER-serialized cov ntaub ntawv li no, txij li, piv txwv li, OCTET STRING byte txoj hlua tuaj yeem nkag mus rau hauv daim ntawv ntawm ob peb chunks.
Lwm qhov tsis zoo rau peb cov haujlwm pyasn1 yog qhov tsis muaj peev xwm nkag siab los ntawm cov khoom siv txiav tawm seb puas muaj ib daim teb uas muaj nyob hauv SEQUENCE lossis tsis. Piv txwv li, yog tias tus qauv muaj Field SEQUENCE OF Smth OPTIONAL teb, ces nws tuaj yeem tsis tuaj yeem ua tiav los ntawm cov ntaub ntawv tuaj (Yeem), lossis nws tuaj yeem yog tam sim no, tab sis tsis ntev los no (dawb daim ntawv teev npe). Feem ntau, qhov no tsis tuaj yeem txiav txim siab. Thiab qhov no yog qhov tsim nyog rau kev txheeb xyuas nruj ntawm kev siv tau ntawm cov ntaub ntawv tau txais. Xav txog tias qee qhov kev lees paub yuav muab daim ntawv pov thawj nrog cov ntaub ntawv uas "tsis yog" siv tau los ntawm qhov pom ntawm ASN.1 schemes! Piv txwv li, daim ntawv pov thawj txoj cai "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı" tau dhau qhov kev tso cai txwv hauv nws daim ntawv pov thawj hauv paus txwv qhov ntev ntawm cov ntsiab lus - nws tsis tuaj yeem txiav txim siab ncaj ncees raws li lub tswv yim. DER codec xav kom lub teb uas nws tus nqi sib npaug rau DEFAULT tsis tau encoded thaum lub sij hawm kis tau tus mob - cov ntaub ntawv no tshwm sim nyob rau hauv lub neej, thiab thawj version ntawm PyDERASN txawm txhob txwm tso cai xws li invalid (los ntawm DER point of view) tus cwj pwm rau lub hom phiaj ntawm rov qab compatibility.
Lwm qhov kev txwv yog qhov tsis muaj peev xwm nrhiav tau yooj yim hauv daim ntawv twg (BER / DER) ib qho khoom tshwj xeeb tau encoded hauv cov qauv. Piv txwv li, tus qauv CMS hais tias cov lus yog BER-encoded, tab sis qhov kos npe Attrs teb, tshaj qhov uas kos npe cryptographic tsim, yuav tsum yog hauv DER. Yog tias peb txiav txim siab nrog DER, peb yuav ua tsis tiav hauv kev ua haujlwm ntawm CMS nws tus kheej; yog tias peb txiav txim siab nrog BER, peb yuav tsis paub tias daim ntawv kos npe nkag rau hauv. Raws li qhov tshwm sim, TLVSeeker (uas tsis muaj qhov sib piv hauv pyasn1) yuav tau mus nrhiav qhov chaw ntawm txhua qhov chaw kos npeAttrs, thiab sib cais, coj nws tawm ntawm tus sawv cev serialized, txiav txim siab nrog DER.
Kev muaj peev xwm ua tau raws li kev txiav txim siab los ntawm cov teb, uas tshwm sim ntau zaus, yog qhov tsim nyog rau peb. Tom qab txiav txim siab tus qauv ASN.1, peb yuav raug tso tseg nrog ntau qhov chaw uas yuav tsum tau ua tiav ntxiv raws li lub tswv yim xaiv raws li OBJECT IDENTIFIER tau teev tseg hauv cov qauv teb. Hauv Python code, qhov no txhais tau tias sau yog tias thiab tom qab ntawd hu rau tus txiav txim siab rau txhua qhov chaw.
Qhov tshwm sim ntawm PyDERASN
Ntawm Atlas, peb niaj hnub xa thaj ua rau sab saum toj thaum peb pom qee qhov teeb meem lossis txhim kho cov kev pabcuam dawb uas peb siv. Peb tau xa cov kev txhim kho rau pyasn1 ob peb zaug, tab sis pyasn1 tus lej tsis yog qhov yooj yim to taub thiab qee zaum muaj qhov tsis sib xws API hloov uas ua rau peb poob qis. Ntxiv rau, peb tau siv los sau cov ntawv xeem nrog cov kev sim tsim tawm, uas tsis yog qhov xwm txheej hauv pyasn1.
Ib hnub zoo kuv txiav txim siab tias kuv muaj txaus thiab nws yog lub sij hawm los sim sau kuv tus kheej lub tsev qiv ntawv nrog __slot__s, offsets thiab zoo nkauj blobs! Tsuas yog tsim ib qho ASN.1 codec yuav tsis txaus - peb yuav tsum tau hloov tag nrho peb cov haujlwm nyob rau hauv nws, thiab cov no yog ntau pua txhiab tus kab code uas muaj tag nrho ntawm kev ua haujlwm nrog ASN.1 cov qauv. Ntawd yog, ib qho ntawm qhov yuav tsum tau ua rau nws: yooj yim ntawm kev txhais lus ntawm tus lej pyasn1 tam sim no. Tom qab siv tag nrho kuv lub caij so, kuv tau sau lub tsev qiv ntawv no thiab pauv tag nrho cov haujlwm rau nws. Txij li thaum lawv muaj yuav luag 100% kev pab cuam nrog cov kev xeem, qhov no txhais tau hais tias lub tsev qiv ntawv tau ua haujlwm tag nrho.
PyDERASN, zoo ib yam, muaj yuav luag 100% kev kuaj xyuas. Siv cov kev xeem generative nrog lub tsev qiv ntawv zoo . Nws kuj tau ua - Kuv noj ntawm 32 lub tshuab nuclear. Txawm hais tias qhov tseeb tias peb tsis muaj Python2 code tshuav, PyDERASN tseem tuav kev sib raug zoo nrog nws thiab vim qhov no tsuas muaj. kev quav yeeb quav tshuaj. Ntxiv mus, nws yog sim tawm tsam .
Lub hauv paus ntsiab lus ntawm kev ua haujlwm nrog nws zoo ib yam li pyasn1 - ua haujlwm nrog cov khoom Python siab. Cov lus piav qhia ntawm ASN.1 schemes zoo ib yam.
class TBSCertificate(Sequence):
schema = (
("version", Version(expl=tag_ctxc(0), default="v1")),
("serialNumber", CertificateSerialNumber()),
("signature", AlgorithmIdentifier()),
("issuer", Name()),
("validity", Validity()),
("subject", Name()),
("subjectPublicKeyInfo", SubjectPublicKeyInfo()),
("issuerUniqueID", UniqueIdentifier(impl=tag_ctxp(1), optional=True)),
("subjectUniqueID", UniqueIdentifier(impl=tag_ctxp(2), optional=True)),
("extensions", Extensions(expl=tag_ctxc(3), optional=True)),
)
Txawm li cas los xij, PyDERASN muaj qee qhov zoo ib yam ntawm kev ntaus ntawv. Hauv pyasn1, yog tias ib daim teb yog hom CMSVersion (INTEGER), ces nws tuaj yeem muab int lossis INTEGER. PyDERASN nruj me ntsis kom cov khoom raug muab raws nraim CMSVersion. Ntxiv rau kev sau Python3 code, peb kuj siv , yog li peb cov haujlwm yuav tsis muaj cov lus tsis meej xws li def func (serial, cov ntsiab lus), tab sis def func (serial: CertificateSerialNumber, cov ntsiab lus: EncapsulatedContentInfo), thiab PyDERASN pab tswj cov cai no.
Nyob rau tib lub sijhawm, PyDERASN muaj kev pom zoo heev rau qhov kev ntaus ntawv no. pyasn1 tsis tau tso cai rau SubjectKeyIdentifier().subtype(implicitTag=Tag(...)) teb los muab ib qho khoom rau SubjectKeyIdentifier() (tsis muaj qhov tsim nyog IMPLICIT TAG) thiab nws yog qhov tsim nyog kom nquag luam thiab rov tsim cov khoom vim yog qhov hloov pauv IMPLICIT/EXPLICIT tag. PyDERASN nruj me ntsis saib tsuas yog lub hauv paus hom - nws yuav cia li hloov cov cim npe los ntawm cov uas twb muaj lawm ASN.1 schema ntawm cov qauv. Qhov no zoo heev simplifies daim ntawv thov code.
Yog tias qhov yuam kev tshwm sim thaum lub sij hawm txiav txim siab, tom qab ntawd hauv pyasn1 nws tsis yooj yim to taub qhov tseeb nws tshwm sim. Piv txwv li, hauv daim ntawv pov thawj Turkish twb tau hais los saum no, peb yuav tau txais qhov yuam kev hauv qab no: UTF8String (tbsCertificate:issuer:rdnSequence:3:0:value:DEFINED BY 2.5.4.10:utf8String) (ntawm 138) tsis txaus siab ciam teb: 1 ⇐ 77 ⇐ 64 Thaum sau ASN .1 cov qauv tib neeg tuaj yeem ua yuam kev, thiab qhov no ua rau nws yooj yim dua rau kev debug cov ntawv thov lossis txheeb xyuas cov teeb meem nrog lwm tus neeg cov ntaub ntawv coded.
Thawj version ntawm PyDERASN tsis txhawb BER encoding. Nws tshwm sim ntau tom qab thiab tseem tsis txhawb kev ua UTCTime / GeneralizedTime nrog rau lub sijhawm. Qhov no yuav los yav tom ntej, vim hais tias qhov project yog sau tsuas yog hauv kuv lub sijhawm dawb.
Tsis tas li ntawd, hauv thawj version tsis muaj kev ua haujlwm nrog DEFINED BY teb. Ob peb hlis tom qab no thiab pib siv zog, txo cov ntawv thov code - hauv ib qho kev txiav txim siab nws muaj peev xwm kom tau txais tag nrho cov qauv disassembled mus rau qhov tob heev. Txhawm rau ua qhov no, schema qhia qhov chaw "txhais tau" dab tsi. Piv txwv li, ib qho kev piav qhia ntawm CMS scheme:
class ContentInfo(Sequence):
schema = (
("contentType", ContentType(defines=((("content",), {
id_authenticatedData: AuthenticatedData(),
id_digestedData: DigestedData(),
id_encryptedData: EncryptedData(),
id_envelopedData: EnvelopedData(),
id_signedData: SignedData(),
}),))),
("content", Any(expl=tag_ctxc(0))),
)
hais tias yog cov ntsiab lusType muaj OID nrog tus nqi id_signedData, ces cov ntsiab lus teb (nyob rau hauv tib SEQUENCE) yuav tsum tau txiav txim siab raws li SignedData scheme. Vim li cas thiaj muaj ntau lub voj voog? Ib daim teb tuaj yeem "txhais tau" ntau qhov chaw tib lub sijhawm, ib yam li cov ntaub ntawv hauv EnvelopedData cov qauv. Cov teb tau raug txheeb xyuas los ntawm qhov hu ua decode path - nws qhia qhov tseeb qhov chaw ntawm txhua lub caij hauv txhua qhov qauv.
Koj tsis tas yuav xav lossis tsis tas yuav muaj sijhawm los ntxiv cov ntsiab lus tam sim no rau hauv daim duab. Tej zaum yuav muaj cov ntaub ntawv tshwj xeeb thaum OIDs thiab cov qauv paub tsuas yog nyob rau hauv peb qhov project thib peb. PyDERASN muab lub peev xwm los teeb tsa cov txheej txheem no thaum lub sijhawm txiav txim siab tus qauv:
ContentInfo().decode(data, ctx={"defines_by_path": ((
(
"content", DecodePathDefBy(id_signedData),
"certificates", any, "certificate", "tbsCertificate",
"extensions", any, "extnID",
),
((("extnValue",), {
id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
id_ce_basicConstraints: BasicConstraints(),
[...]
id_ru_subjectSignTool: SubjectSignTool(),
}),),
),)})
Ntawm no peb hais tias hauv CMS SignedData rau txhua daim ntawv pov thawj txuas, txiav txim siab tag nrho lawv qhov txuas ntxiv (AuthorityKeyIdentifier, BasicConstraints, SubjectSignTool, thiab lwm yam). Peb qhia los ntawm kev txiav txim siab txoj hauv kev uas lub ntsiab lus yuav tsum tau "hloov" nrog kev txhais, zoo li nws tau teev tseg hauv schema.
Thaum kawg, PyDERASN muaj peev xwm khiav ntawm rau decoding ASN.1 cov ntaub ntawv thiab muaj nplua nuj . Koj tuaj yeem txiav txim siab qhov kev txiav txim siab ASN.1, lossis koj tuaj yeem hais qhia meej meej thiab pom qee yam zoo li no:
Cov ntaub ntawv tso tawm: khoom offset, tag ntev, ntev ntev, cov ntsiab lus ntev, muaj EOC (kawg-of-octets), BER encoding attribute, indefinite-ntev encoding attribute, ntev thiab offset ntawm EXPLICIT tag (yog tias muaj), zes qhov tob ntawm cov khoom hauv cov qauv, IMPLICIT/EXPLICIT tag tus nqi, cov khoom npe raws li lub tswv yim, nws lub hauv paus ASN.1 hom, tus lej nyob rau hauv SEQUENCE / SET OF, XOV XWM tus nqi (yog tias muaj), tib neeg nyeem lub npe INTEGER / ENUMERATED / BIT STRING Raws li lub tswv yim, tus nqi ntawm txhua lub hauv paus hom , DEFAULT / OPTIONAL chij los ntawm cov tswv yim, ib qho kos npe tias cov khoom tau txiav txim siab txiav txim siab raws li DEFINED BY thiab vim OID qhov no tshwm sim, tib neeg nyeem tau OID.
Lub tshuab luam ntawv zoo nkauj yog tsim tshwj xeeb kom nws tsim ib ntu ntawm cov khoom PP uas pom pom siv cov cuab yeej sib cais. Lub screenshot qhia tau hais tias tus renderer hauv cov ntawv nyeem xim yooj yim. Kuj tseem muaj cov renderers hauv JSON/HTML hom, kom nws tuaj yeem pom nrog qhov tseem ceeb hauv ASN.1 browser, xws li hauv qhov project.
Lwm lub tsev qiv ntawv
Qhov no tsis yog lub hom phiaj, tab sis PyDERASN tau nthuav tawm qhov tseem ceeb ua pysn1. Piv txwv li, kev txiav txim siab CRL cov ntaub ntawv ntawm megabyte qhov ntau thiab tsawg tuaj yeem siv sijhawm ntev uas koj yuav tsum xav txog cov ntaub ntawv nruab nrab ntawm cov ntaub ntawv khaws cia (ceev) thiab hloov daim ntawv thov architecture. pyasn1 decodes CRL ntawm kuv lub laptop siv sijhawm ntau dua 20 feeb, thaum PyDERASN tsuas siv 28 vib nas this! Muaj ib qhov project , tsom rau kev ua haujlwm nrawm nrog cov qauv cryptographic: nws txiav txim siab (tag nrho, tsis yog tub nkeeg) tib yam CRL hauv 29 vib nas this, tab sis siv yuav luag ob zaug ntau dua RAM thaum khiav hauv Python3 (983 MiB piv rau 498), thiab hauv 3.5 zaug hauv qab Python2 (1677). piv rau 488), thaum pyasn1 noj ntau npaum li 4.3 npaug ntxiv (2093 piv rau 488).
Peb tsis tau xav txog asn1crypto, uas kuv tau hais, vim tias qhov project tseem nyob hauv nws cov me nyuam mos thiab peb tsis tau hnov txog nws. Tam sim no peb yuav tsis saib nyob rau hauv nws cov kev taw qhia ib yam, txij li thaum kuv pom tam sim ntawd tias tib GeneralizedTime tsis siv daim ntawv arbitrary, thiab thaum lub sij hawm serialization nws ntsiag to tshem tawm ib feem ntawm ib tug thib ob. Qhov no siv tau rau kev ua haujlwm nrog X.509 daim ntawv pov thawj, tab sis feem ntau nws yuav tsis ua haujlwm.
Tam sim no, PyDERASN yog qhov nruj tshaj plaws dawb Python / Mus DER decoder kuv paub. Hauv lub tsev qiv ntawv encoding/asn1 ntawm kuv tus hlub Go OBJECT IDENTIFIER thiab UTCTime/GeneralizedTime hlua. Qee zaum kev nruj tuaj yeem nkag mus rau hauv txoj kev (feem ntau yog vim rov qab sib raug zoo nrog cov ntawv thov qub uas tsis muaj leej twg yuav kho), yog li PyDERASN tuaj yeem dhau. kev kuaj xyuas tsis muaj zog.
Txoj haujlwm code sim ua kom yooj yim li sai tau. Tag nrho cov tsev qiv ntawv yog ib cov ntaub ntawv. Cov cai yog sau nrog qhov tseem ceeb ntawm kev nkag siab yooj yim, yam tsis muaj qhov tsim nyog ua tau zoo thiab DRY code. Nws tsis yog, raws li kuv twb tau hais lawm, txhawb nqa tag nrho BER kev txiav txim siab ntawm UTCTime / GeneralizedTime cov hlua, nrog rau REAL, RELATIVE OID, EXTERNAL, INSTANCE OF, EMBEDDED PDV, CHARACTER STRING cov ntaub ntawv hom. Hauv txhua qhov xwm txheej, kuv tus kheej tsis pom lub ntsiab lus ntawm kev siv lwm lub tsev qiv ntawv hauv Python.
Zoo li tag nrho kuv tej yaam num, nyiam , , , , PyDERASN yog kiag li , faib nyob rau hauv cov nqe lus , thiab muaj pub dawb download tau. Muaj cov piv txwv ntawm kev siv thiab nyob rau hauv .
, , tus tswv cuab , Python/Go developer, tus kws tshaj lij .
Tau qhov twg los: www.hab.com