ãã®èšäºã§ã¯
äžè¬ã«ãASN.1 ã¯æå·åã¿ã¹ã¯ã«æšå¥šãã䟡å€ã¯ãããŸãããASN.1 ãšãã®ã³ãŒããã¯ã¯è€éã§ãã ããã¯ãã³ãŒããåçŽã§ã¯ãªããªããåžžã«è¿œå ã®æ»æãã¯ãã«ãšãªãããšãæå³ããŸãã ã¡ãã£ãšèŠãŠãã ãã
ASN.1 ã¯ãããŸããŸãªæ¹æ³/ã³ãŒããã¯ã§ãšã³ã³ãŒãã§ããŸãã
BER (åºæ¬çãªãšã³ã³ãŒãèŠå)CER (æ£èŠã®ãšã³ã³ãŒãã£ã³ã°èŠå)DER (åºå¥ããã笊å·åèŠå)GSER (äžè¬çãªæååãšã³ã³ãŒãèŠå)JER (JSONãšã³ã³ãŒãã«ãŒã«)- LWER (軜éãšã³ã³ãŒãã£ã³ã° ã«ãŒã«)
OER (ãªã¯ããã笊å·åèŠå)FOR (ããã¯ããããšã³ã³ãŒãèŠå)- SER (ã·ã°ããªã³ã°åºæã®ãšã³ã³ãŒãã£ã³ã° ã«ãŒã«)
åŒåãã¡ (XMLãšã³ã³ãŒãã£ã³ã°èŠå)
ä»ã«ãå€æ°ã ããããæå·åã¿ã¹ã¯ã§ã¯ãå®éã«ã¯ BER ãš DER ã® XNUMX ã€ã䜿çšãããŸãã 眲åããã XML ããã¥ã¡ã³ãã§ã (
BER ã¯ããã€ããªã®ãã€ãæå (ã»ã«ã©ãŒéä¿¡ã§äžè¬ç㪠PER ãªã©ããããæå) TLV 圢åŒã§ãã åèŠçŽ ã¯æ¬¡ã®ããã«ãšã³ã³ãŒããããŸã: tag (Tag)ããšã³ã³ãŒãããèŠçŽ ã®ã¿ã€ã (æŽæ°ãæååãæ¥ä»ãªã©)ãé·ã (Length) ã³ã³ãã³ããšã³ã³ãã³ãèªäœ (Vå€)ã BER ã§ã¯ããªãã·ã§ã³ã§ãç¹å¥ãªäžå®ã®é·ãã®å€ãèšå®ããEnd-Of-Octets ã¡ãã»ãŒãžã End-Of-Octets ããŒã¯ã§çµäºããããšã«ãããé·ãã®å€ãæå®ããªãããã«ã§ããŸãã é·ãã®ãšã³ã³ãŒãã«å ããŠãBER ã«ã¯æ¬¡ã®ãããªããŒã¿åã®ãšã³ã³ãŒãæ¹æ³ã«ãå€ãã®ã°ãã€ãããããŸãã
- INTEGERãOBJECT IDENTIFIERãBIT STRINGãããã³èŠçŽ ã®é·ãã¯æ£èŠåãããªãå¯èœæ§ããããŸã (æå°åœ¢åŒã§ãšã³ã³ãŒããããªã)ã
- BOOLEAN ã¯ãŒã以å€ã®ã³ã³ãã³ãã«å¯Ÿã㊠true ã§ãã
- ãããæååã«ã¯ãäœåãªããŒã ããããå«ãŸããå ŽåããããŸãã
- ãããæååããªã¯ãããæååãããã³æ¥ä»/æå»ãå«ããããã®ãã¹ãŠã®æŽŸçæååã¿ã€ãã¯ãå¯å€é·ã®ãã£ã³ã¯ã«åå²ã§ããŸããããã®é·ã㯠(ã) ãšã³ã³ãŒãæã«äºåã«ã¯ããããŸããã
- UTCTime/GeneralizedTime ã«ã¯ãã¿ã€ã ãŸãŒã³ ãªãã»ãããšç§ã®ãè¿œå ã®ããŒã端æ°ãæå®ããããŸããŸãªæ¹æ³ãããå ŽåããããŸãã
- DEFAULT SEQUENCE å€ã¯ãšã³ã³ãŒããããå Žåãšãšã³ã³ãŒããããªãå ŽåããããŸãã
- ãªãã·ã§ã³ã§ãBIT STRING ã®æåŸã®ãããã®ååä»ãå€ããšã³ã³ãŒãããªãããšãã§ããŸãã
- SEQUENCE (OF)/SET (OF) ã«ã¯ãä»»æã®é åºã®èŠçŽ ãå«ããããšãã§ããŸãã
äžèšã®ãã¹ãŠã®çç±ã«ãããå ã®åœ¢åŒãšåäžã«ãªãããã«ããŒã¿ããšã³ã³ãŒãããããšãåžžã«å¯èœã§ãããšã¯éããŸããã ãããã£ãŠãã«ãŒã«ã®ãµãã»ãããèæ¡ãããŸããã DER - æå¹ãªãšã³ã³ãŒãæ¹åŒã XNUMX ã€ã ãå³å¯ã«èŠå¶ããŸããããã¯ãããšãã° XNUMX ããããå€æŽãããšçœ²åããã§ãã¯ãµã ãç¡å¹ã«ãªãæå·åã¿ã¹ã¯ã«ãšã£ãŠéèŠã§ãã DER ã«ã¯é倧ãªæ¬ ç¹ããããŸãããšã³ã³ãŒãæã«ãã¹ãŠã®èŠçŽ ã®é·ããäºåã«ç¥ã£ãŠããå¿ èŠããããããããŒã¿ã®ã¹ããªãŒã çŽååãã§ããŸããã CER ã³ãŒããã¯ã«ã¯ãã®æ¬ ç¹ããªããåæ§ã«ããŒã¿ã®æ確ãªè¡šçŸãä¿èšŒãããŸãã æ®å¿µãªãã (ãããã¯ãããã«è€éãªãã³ãŒãããªãã®ã幞ãã§ãããã?)ãæ®åããŸããã§ããã ãããã£ãŠãå®éã«ã¯ãBER ãš DER ã§ç¬Šå·åãããããŒã¿ããæ··åãããŠäœ¿çšãããããšã«ãªããŸãã CER ãš DER ã¯äž¡æ¹ãšã BER ã®ãµãã»ããã§ãããããã©ã® BER ãã³ãŒãã§ãããããåŠçã§ããŸãã
pyasn1 ã®åé¡
è·å Žã§ã¯ãæå·åã«é¢é£ãã Python ããã°ã©ã ãããããäœæããŠããŸãã ãããŠãæ°å¹Žåã«ã¯ãç¡æã©ã€ãã©ãªã®éžæè¢ã¯äºå®äžãããŸããã§ããããããã¯ãæŽæ°ãæ§é äœããããŒãªã©ãåçŽã«ãšã³ã³ãŒã/ãã³ãŒãã§ããéåžžã«äœã¬ãã«ã®ã©ã€ãã©ãªãããã®ã©ã€ãã©ãªã®ã©ã¡ããã§ããã
ããããæ¬ ç¹ãåé¡ãéçãæããã«ãªããŸããã pyasn1 ã«ã¯ãšã©ãŒããããæ®å¿µãªããä»ã§ããšã©ãŒããããŸãããã®èšäºã®å·çæç¹ã§ã¯ãpyasn1 ã®åºæ¬åã® XNUMX ã€ã¯ GeneralizedTime ã§ãã
ç§ãã¡ã®ãããžã§ã¯ãã§ã¯ãã¹ããŒã¹ãç¯çŽããããã«ãåç §ããããªããžã§ã¯ãã®ãã¡ã€ã« ãã¹ããªãã»ãããé·ã (ãã€ãåäœ) ã®ã¿ãä¿åããããšããããããŸãã ããšãã°ãä»»æã®çœ²åä»ããã¡ã€ã«ã¯ãCMS SignedData ASN.1 æ§é ã«é 眮ãããå¯èœæ§ãé«ããªããŸãã
0 [1,3,1018] ContentInfo SEQUENCE
4 [1,1, 9] . contentType: ContentType OBJECT IDENTIFIER 1.2.840.113549.1.7.2 (id_signedData)
19-4 [0,0,1003] . content: [0] EXPLICIT [UNIV 16] ANY
19 [1,3, 999] . . DEFINED BY id_signedData: SignedData SEQUENCE
23 [1,1, 1] . . . version: CMSVersion INTEGER v3 (03)
26 [1,1, 19] . . . digestAlgorithms: DigestAlgorithmIdentifiers SET OF
[...]
47 [1,3, 769] . . . encapContentInfo: EncapsulatedContentInfo SEQUENCE
51 [1,1, 8] . . . . eContentType: ContentType OBJECT IDENTIFIER 1.3.6.1.5.5.7.12.2 (id_cct_PKIData)
65-4 [1,3, 751] . . . . eContent: [0] EXPLICIT OCTET STRING 751 bytes OPTIONAL
ТУТ СÐÐÐÐ ÐÐÐÐÐ ÐÐÐÐÐСЫÐÐÐÐÐÐРЀÐÐÐÐ Ð ÐÐÐÐÐ ÐÐ 751 байÑ
820 [1,2, 199] . . . signerInfos: SignerInfos SET OF
823 [1,2, 196] . . . . 0: SignerInfo SEQUENCE
826 [1,1, 1] . . . . . version: CMSVersion INTEGER v3 (03)
829 [0,0, 22] . . . . . sid: SignerIdentifier CHOICE subjectKeyIdentifier
[...]
956 [1,1, 64] . . . . . signature: SignatureValue OCTET STRING 64 bytes
. . . . . . C1:B3:88:BA:F8:92:1C:E6:3E:41:9B:E0:D3:E9:AF:D8
. . . . . . 47:4A:8A:9D:94:5D:56:6B:F0:C1:20:38:D2:72:22:12
. . . . . . 9F:76:46:F6:51:5F:9A:8D:BF:D7:A6:9B:FD:C5:DA:D2
. . . . . . F3:6B:00:14:A4:9D:D7:B5:E1:A6:86:44:86:A7:E8:C9
ãããŠããªãã»ãã 65 ãã€ããé·ã 751 ãã€ãã®å ã®çœ²åä»ããã¡ã€ã«ãååŸã§ããŸãã pyasn1 ã¯ããã®æ å ±ããã³ãŒãããããªããžã§ã¯ãã«ä¿åããŸããã ãããã TLVSeeker ãäœæãããŸãããããã¯ãã¿ã°ãšãªããžã§ã¯ãã®é·ãããã³ãŒãã§ããå°ããªã©ã€ãã©ãªã§ãããã®ã€ã³ã¿ãŒãã§ã€ã¹ã§ã¯ãã次ã®ã¿ã°ã«ç§»åãããã¿ã°ã®å åŽã«ç§»åãïŒSEQUENCE ãªããžã§ã¯ãã®å åŽã«ç§»åïŒãšããã³ãã³ããå®è¡ãããŸããã ã次ã®ã¿ã°ã«ç§»åããŸããããçŸåšã®äœçœ®ã®ãªããžã§ã¯ãã®ãªãã»ãããšé·ããäŒããŸããã ããã¯ãASN.1 DER ã§ã·ãªã¢ã«åãããããŒã¿ããæåã§ããŠã©ãŒã¯ã¹ã«ãŒãããã®ã§ããã ããããããšãã°ãOCTET STRING ãã€ãæååã¯è€æ°ã®ãã£ã³ã¯ã®åœ¢åŒã§ãšã³ã³ãŒããããå¯èœæ§ãããããããã®æ¹æ³ã§ BER ã·ãªã¢ã«åãããããŒã¿ãæ±ãããšã¯äžå¯èœã§ããã
pyasn1 ã¿ã¹ã¯ã®ãã 1 ã€ã®æ¬ ç¹ã¯ããã³ãŒãããããªããžã§ã¯ãããã¯ãæå®ããããã£ãŒã«ãã SEQUENCE ã«ååšãããã©ãããç解ã§ããªãããšã§ãã ããšãã°ãæ§é äœã« Field SEQUENCE OF Smth OPTIONAL ãã£ãŒã«ããå«ãŸããå Žåãåä¿¡ããŒã¿ã«ãã®ãã£ãŒã«ãããŸã£ããååšããªãã (OPTIONAL)ãååšãããé·ãããŒã (空ã®ãªã¹ã) ã«ãªãå¯èœæ§ããããŸãã äžè¬ã«ãããã¯æ±ºå®ã§ããŸããã§ããã ãããŠãããã¯åä¿¡ããããŒã¿ã®æ£åœæ§ãå³å¯ã«æ€èšŒããããã«å¿
èŠã§ãã ããèªèšŒå±ããASN.XNUMX ã¹ããŒã ã®èŠ³ç¹ãããå®å
šã«ã¯ãæå¹ã§ã¯ãªãããŒã¿ãå«ã蚌ææžãçºè¡ãããšæ³åããŠãã ããã ããšãã°ãèªèšŒå±ãTÃRKTRUST Elektronik Sertifika Hizmet SaÄlayıcısıãã¯ãã«ãŒã蚌ææžã®èš±å®¹å¶éãè¶
ããŠããŸãã
ãã 1 ã€ã®å¶éã¯ãç¹å®ã®ãªããžã§ã¯ããæ§é å ã§ã©ã®ãããªåœ¢åŒ (BER/DER) ã§ãšã³ã³ãŒããããŠããããç°¡åã«ç¢ºèªã§ããªãããšã§ãã ããšãã°ãCMS æšæºã§ã¯ãã¡ãã»ãŒãžã¯ BER ã§ãšã³ã³ãŒããããŠãããšèŠå®ãããŠããŸãããæå·å眲åãçæããã signedAttrs ãã£ãŒã«ã㯠DER å ã«ååšããå¿ èŠããããŸãã DER ã§ãã³ãŒããããš CMS èªäœã®åŠçã«å€±æããŸãããBER ã§ãã³ãŒããããš signedAttrs ãã©ã®ãããªåœ¢åŒã§ãã£ãããããããŸããã ãã®çµæãTLVSeeker (pyasnXNUMX ã«ã¯é¡äŒŒç©ããããŸãã) ã¯ãå signedAttrs ãã£ãŒã«ãã®å Žæãæ€çŽ¢ããã·ãªã¢ã«åãããè¡šçŸããåå¥ã«åãåºããŠãDER ã§ãã³ãŒãããå¿ èŠããããŸãã
éåžžã«é »ç¹ã«çºçãã DEFINED BY ãã£ãŒã«ããèªåçã«åŠçããæ©èœã¯ãç§ãã¡ã«ãšã£ãŠéåžžã«æãŸãããã®ã§ããã ASN.1 æ§é ããã³ãŒãããåŸãæ§é ãã£ãŒã«ãã§æå®ããã OBJECT IDENTIFIER ã«åºã¥ããŠéžæãããã¹ããŒã ã«åŸã£ãŠããã«åŠçããå¿ èŠãããå€ãã® ANY ãã£ãŒã«ããæ®ãå ŽåããããŸãã Python ã³ãŒãã§ã¯ããã㯠if ãèšè¿°ããä»»æã®ãã£ãŒã«ãã®ãã³ãŒããŒãåŒã³åºãããšãæå³ããŸãã
PyDERASNã®ç»å Ž
ã¢ãã©ã¹ã§ã¯ãåé¡ãçºèŠãããã䜿çšããŠããç¡æããã°ã©ã ãæ¹åãããããå Žåã«ãå®æçã«ãããããããã«éä¿¡ããŸãã ç§ãã¡ã¯ pyasn1 ã«å¯Ÿããæ¹åãäœåºŠãæåºããŸããããpyasn1 ã®ã³ãŒãã¯ç解ãããããã®ã§ã¯ãªããäºææ§ã®ãªã API ã®å€æŽã«ãã£ãŠç§ãã¡ãæã¡ã®ããããããšããããŸããã ããã«ãç§ãã¡ã¯çæãã¹ãã䜿çšããŠãã¹ããæžãããšã«æ £ããŠããŸãããpyasn1 ã§ã¯ããã§ã¯ãããŸããã§ããã
ããæŽããæ¥ãç§ã¯ããã«ã¯ãã飜ãããšå€æãã__slot__ããªãã»ãããçŸãã衚瀺ããã BLOB ã䜿çšããŠç¬èªã®ã©ã€ãã©ãªãäœæããŠã¿ãŸããã ASN.1 ã³ãŒããã¯ãäœæããã ãã§ã¯ååã§ã¯ãããŸããããã¹ãŠã®äŸåãããžã§ã¯ãã ASN.1 ã³ãŒããã¯ã«è»¢éããå¿ èŠããããŸãããããã®ã³ãŒãã¯ãASN.1 æ§é ã§ã®äœæ¥ãæºèŒã®æ°åäžè¡ã«ãªããŸãã ã€ãŸãããã®èŠä»¶ã® 100 ã€ã¯ãçŸåšã® pyasnXNUMX ã³ãŒãã®ç¿»èš³ã®å®¹æãã§ãã äŒæããã¹ãŠè²»ãããŠããã®ã©ã€ãã©ãªãäœæãããã¹ãŠã®ãããžã§ã¯ããããã«è»¢éããŸããã ãã¹ãã§ã¯ã»ãŒ XNUMX% ã«ããŒãããŠãããããã©ã€ãã©ãªãå®å šã«åäœããŠããããšãæå³ããŸãã
PyDERASN ãåæ§ã«ãã»ãŒ 100% ã®ãã¹ã ã«ãã¬ããžãåããŠããŸãã åªããã©ã€ãã©ãªã䜿çšããçæãã¹ãã䜿çšããŸã
ãããæäœããåçã¯ãé«ã¬ãã«ã® Python ãªããžã§ã¯ããæäœãã pyasn1 ã«äŒŒãŠããŸãã ASN.1 ã¹ããŒã ã®èª¬æãåæ§ã§ãã
class TBSCertificate(Sequence):
schema = (
("version", Version(expl=tag_ctxc(0), default="v1")),
("serialNumber", CertificateSerialNumber()),
("signature", AlgorithmIdentifier()),
("issuer", Name()),
("validity", Validity()),
("subject", Name()),
("subjectPublicKeyInfo", SubjectPublicKeyInfo()),
("issuerUniqueID", UniqueIdentifier(impl=tag_ctxp(1), optional=True)),
("subjectUniqueID", UniqueIdentifier(impl=tag_ctxp(2), optional=True)),
("extensions", Extensions(expl=tag_ctxc(3), optional=True)),
)
ãã ããPyDERASN ã«ã¯åŒ·ãåä»ãã®ãããªãšããããããŸãã pyasn1 ã§ã¯ããã£ãŒã«ãã®åã CMSVersion(INTEGER) ã®å Žåãint ãŸã㯠INTEGER ãå²ãåœãŠãããšãã§ããŸããã PyDERASN ã§ã¯ãå²ãåœãŠããããªããžã§ã¯ããæ£ç¢ºã« CMSVersion ã§ããããšãå³å¯ã«èŠæ±ãããŸãã Python3 ã³ãŒããæžãããšã«å ããŠã次ã䜿çšããŸãã
åæã«ãPyDERASN ã¯ããŸãã«ãã®åæå®ã«é¢ããŠéåžžã«äŸ¿å©ãªè²æ©ãè¡ã£ãŠããŸãã pyasn1 ã§ã¯ãSubjectKeyIdentifier().subtype(implicitTag=Tag(...)) ãã£ãŒã«ãããªããžã§ã¯ãã SubjectKeyIdentifier() ã«å²ãåœãŠãããšã (å¿ èŠãª IMPLICIT TAG ãªãã§) èš±å¯ããªãã£ãã®ã§ããªããžã§ã¯ããé »ç¹ã«ã³ããŒããŠåäœæããå¿ èŠããããŸãããå€æŽããã IMPLICIT/EXPLICIT ã¿ã°ã PyDERASN ã¯åºæ¬åã®ã¿ãå³å¯ã«ç£èŠããŸããæ§é ã®æ¢åã® ASN.1 ã¹ããŒãããã¿ã°ãèªåçã«çœ®ãæããŸãã ããã«ãããã¢ããªã±ãŒã·ã§ã³ ã³ãŒããå€§å¹ ã«ç°¡çŽ åãããŸãã
ãã³ãŒãäžã«ãšã©ãŒãçºçããå Žåãpyasn1 ã§ã¯æ£ç¢ºã«ã©ãã§ãšã©ãŒãçºçããããç解ããã®ã¯ç°¡åã§ã¯ãããŸããã ããšãã°ãäžèšã§ãã§ã«èª¬æãããã«ã³ã®èšŒææžã§ã¯ã次ã®ãšã©ãŒã衚瀺ãããŸã: UTF8String (tbsCertificate:issuer:rdnSequence:3:0:value:DEFINED BY 2.5.4.10:utf8String) (at 138) unsatisfiedbounds: 1 â 77 â 64 ASN .1 æ§é ãèšè¿°ããå Žåãééããç¯ãå¯èœæ§ããããŸããããã«ãããã¢ããªã±ãŒã·ã§ã³ã®ãããã°ããçžæã®ã³ãŒãåãããããã¥ã¡ã³ãã®åé¡ã®çºèŠã容æã«ãªããŸãã
PyDERASN ã®æåã®ããŒãžã§ã³ã¯ BER ãšã³ã³ãŒãããµããŒãããŠããŸããã§ããã ããã¯ãã£ãšåŸã«ç»å ŽããŸããããã¿ã€ã ãŸãŒã³ã䜿çšãã UTCTime/GeneralizedTime ã®åŠçãââãŸã ãµããŒãããŠããŸããã ãã®ãããžã§ã¯ãã¯äž»ã«èªç±ãªæéã䜿ã£ãŠæžãããŠãããããããã¯å°æ¥çã«è¡ãããäºå®ã§ãã
ãŸããæåã®ããŒãžã§ã³ã§ã¯ DEFINED BY ãã£ãŒã«ãã¯äœ¿çšã§ããŸããã§ããã æ°ãæåŸãã
class ContentInfo(Sequence):
schema = (
("contentType", ContentType(defines=((("content",), {
id_authenticatedData: AuthenticatedData(),
id_digestedData: DigestedData(),
id_encryptedData: EncryptedData(),
id_envelopedData: EnvelopedData(),
id_signedData: SignedData(),
}),))),
("content", Any(expl=tag_ctxc(0))),
)
contentType ã«å€ id_signedData ãæ〠OID ãå«ãŸããŠããå Žåãã³ã³ãã³ã ãã£ãŒã«ã (åã SEQUENCE å ã«ãã) ã SignedData ã¹ããŒã ã«åŸã£ãŠãã³ãŒãããå¿ èŠããããšè¿°ã¹ãŠããŸãã ãªãæ¬åŒ§ãããããããã®ã§ããããïŒ EnvelopedData æ§é ã®å Žåãšåæ§ã«ããã£ãŒã«ãã¯åæã«è€æ°ã®ãã£ãŒã«ãããå®çŸ©ãã§ããŸãã å®çŸ©ããããã£ãŒã«ãã¯ããããããã³ãŒã ãã¹ã«ãã£ãŠèå¥ãããŸããããã¯ããã¹ãŠã®æ§é å ã®èŠçŽ ã®æ£ç¢ºãªäœçœ®ãæå®ããŸãã
ãããã®å®çŸ©ããã€ã¢ã°ã©ã ã«ããã«è¿œå ããããšã¯éããããŸããã®æ©äŒãåžžã«ããããã§ã¯ãããŸããã OID ãšæ§é ããµãŒãããŒã㣠ãããžã§ã¯ãã§ã®ã¿ç¥ãããŠãããã¢ããªã±ãŒã·ã§ã³åºæã®ã±ãŒã¹ãååšããå¯èœæ§ããããŸãã PyDERASN ã¯ãæ§é ã®ãã³ãŒãæã«ãããã®å®çŸ©ãçŽæ¥èšå®ããæ©èœãæäŸããŸãã
ContentInfo().decode(data, ctx={"defines_by_path": ((
(
"content", DecodePathDefBy(id_signedData),
"certificates", any, "certificate", "tbsCertificate",
"extensions", any, "extnID",
),
((("extnValue",), {
id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
id_ce_basicConstraints: BasicConstraints(),
[...]
id_ru_subjectSignTool: SubjectSignTool(),
}),),
),)})
ããã§ã¯ãæ·»ä»ããããã¹ãŠã®èšŒææžã® CMS SignedData ã§ããã®ãã¹ãŠã®æ¡åŒµå (AuthorityKeyIdentifierãBasicConstraintsãSubjectSignTool ãªã©) ããã³ãŒãããããšã瀺ããŸãã ãã³ãŒã ãã¹ãéããŠãã¹ããŒãã§æå®ãããŠãããã®ããã«ãã©ã®èŠçŽ ãå®çŸ©ã§ã眮æãããå¿ èŠããããã瀺ããŸãã
æåŸã«ãPyDERASN ã«ã¯ä»¥äžããå®è¡ããæ©èœããããŸãã
衚瀺æ
å ±ïŒãªããžã§ã¯ããªãã»ãããã¿ã°é·ãã¬ã³ã°ã¹é·ãã³ã³ãã³ãé·ãEOCïŒãªã¯ãããçµäºïŒã®æç¡ãBERãšã³ã³ãŒãå±æ§ãäžå®é·ãšã³ã³ãŒãå±æ§ãEXPLICITã¿ã°ã®é·ããšãªãã»ããïŒååšããå ŽåïŒããã¹ãã®æ·±ãæ§é å
ã®ãªããžã§ã¯ããIMPLICIT/EXPLICIT ã¿ã°å€ãã¹ããŒã ã«åŸã£ããªããžã§ã¯ãåããã®åºæ¬ ASN.1 åãSEQUENCE/SET OF å
ã®ã·ãŒã±ã³ã¹çªå·ãCHOICE å€ (ååšããå Žå)ã人éãå€èªã§ããåå INTEGER/ENUMERATED/BIT STRINGã¹ããŒã ã«ãããšãä»»æã®åºæ¬åã®å€ãã¹ããŒã ããã® DEFAULT/OPTIONAL ãã©ã°ããªããžã§ã¯ãã DEFINED BY ãšããŠèªåçã«ãã³ãŒããããããšã®å
åãããã³ã©ã® OID ãåå ã§ãã®åé¡ãçºçãããã人éãå€èªã§ãã OIDã
Pretty Printing ã·ã¹ãã ã¯ãå¥ã®æ段ã䜿çšããŠèŠèŠåãããäžé£ã® PP ãªããžã§ã¯ããçæããããã«ç¹å¥ã«èšèšãããŠããŸãã ã¹ã¯ãªãŒã³ã·ã§ããã«ã¯ãåçŽãªè²ã®ããã¹ãã§ã¬ã³ãã©ãŒã衚瀺ãããŠããŸãã JSON/HTML 圢åŒã®ã¬ã³ãã©ãããã次ã®ããã« ASN.1 ãã©ãŠã¶ã§åŒ·èª¿è¡šç€ºããŠè¡šç€ºã§ããŸãã
ãã®ä»ã®å³æžé€š
ããã¯ç®æšã§ã¯ãããŸããã§ããããPyDERASN ã¯å€§ããªææãäžããŸãã
å ã»ã©è¿°ã¹ã asn1crypto ã«ã€ããŠã¯æ€èšããŸããã§ããããªããªãããã®ãããžã§ã¯ãã¯ãŸã åæ段éã«ãããããã«ã€ããŠèããããšããªãã£ãããã§ãã åã GeneralizedTime ãä»»æã®åœ¢åŒãåã£ãŠããããã·ãªã¢ã«åäžã« 509 ç§æªæºã®éšåãé»ã£ãŠåé€ãããããšãããã«ããã£ããããç§ãã¡ã¯åœŒã®æ¹åã«ç®ãåããŸããã ããã¯ãX.XNUMX 蚌ææžã䜿çšããå Žåã«ã¯èš±å®¹ãããŸãããäžè¬çã«ã¯æ©èœããŸããã
çŸæç¹ã§ã¯ãPyDERASN ã¯ç§ãç¥ãéãæãå³å¯ãªç¡æã® Python/Go DER ãã³ãŒããŒã§ãã ç§ã®æããGoã®encoding/asn1ã©ã€ãã©ãªå
ãããžã§ã¯ãã®ã³ãŒãã¯å¯èœãªéãåçŽã«ãªãããã«åªããŸãã ã©ã€ãã©ãªå šäœã XNUMX ã€ã®ãã¡ã€ã«ã«ãªããŸãã ã³ãŒãã¯ãäžå¿ èŠãªããã©ãŒãã³ã¹ã®æé©åã DRY ã³ãŒãã䜿çšãããç解ãããããéèŠããŠæžãããŠããŸãã ãã§ã«è¿°ã¹ãããã«ãUTCTime/GeneralizedTime æååãããã³ REALãRELATIVE OIDãEXTERNALãINSTANCE OFãEMBEDDED PDVãCHARACTER STRING ããŒã¿åã®å®å šãª BER ãã³ãŒãã¯ãµããŒãããŠããŸããã ãã以å€ã®å Žåã¯ãå人çã«ã¯ Python ã§ä»ã®ã©ã€ãã©ãªã䜿çšããæå³ããããŸããã
ç§ã®ãã¹ãŠã®ãããžã§ã¯ãã®ããã«ã
åºæïŒ habr.com