diff options
| author | Russ Housley <housley@vigilsec.com> | 2019-08-28 18:06:42 -0400 |
|---|---|---|
| committer | Ilya Etingof <etingof@gmail.com> | 2019-08-29 00:06:42 +0200 |
| commit | b67a4d7d5a2f78dacb4fa211da3a342160edf901 (patch) | |
| tree | fee95923c29cd11ed17a1f8a7825e95a9ba5857c /pyasn1_modules/rfc6211.py | |
| parent | fdd5c3033d124ad159b9784e3e7fe304f777dbb8 (diff) | |
| download | pyasn1-modules-b67a4d7d5a2f78dacb4fa211da3a342160edf901.tar.gz | |
Add support for RFC 6211 and RFC 8649 (#59)
Diffstat (limited to 'pyasn1_modules/rfc6211.py')
| -rw-r--r-- | pyasn1_modules/rfc6211.py | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/pyasn1_modules/rfc6211.py b/pyasn1_modules/rfc6211.py new file mode 100644 index 0000000..3853817 --- /dev/null +++ b/pyasn1_modules/rfc6211.py @@ -0,0 +1,74 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Algorithm Identifier Protection Attribute +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6211.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + + +# Imports from RFC 5652 + +DigestAlgorithmIdentifier = rfc5652.DigestAlgorithmIdentifier + +MessageAuthenticationCodeAlgorithm = rfc5652.MessageAuthenticationCodeAlgorithm + +SignatureAlgorithmIdentifier = rfc5652.SignatureAlgorithmIdentifier + + +# CMS Algorithm Protection attribute + +id_aa_cmsAlgorithmProtect = univ.ObjectIdentifier('1.2.840.113549.1.9.52') + + +class CMSAlgorithmProtection(univ.Sequence): + pass + +CMSAlgorithmProtection.componentType = namedtype.NamedTypes( + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('signatureAlgorithm', + SignatureAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('macAlgorithm', + MessageAuthenticationCodeAlgorithm().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + +# TODO: Add constraints to implement the WITH COMPONENTS part of the ASN.1: +# +# CMSAlgorithmProtection.subtypeSpec = constraint.ConstraintsIntersection( +# constraint.WithComponentsConstraint( +# ('signatureAlgorithm', constraint.ComponentPresentConstraint()), +# ('macAlgorithm', constraint.ComponentAbsentConstraint())), +# constraint.WithComponentsConstraint( +# ('signatureAlgorithm', constraint.ComponentAbsentConstraint()), +# ('macAlgorithm', constraint.ComponentPresentConstraint())) +# ) + + +aa_cmsAlgorithmProtection = rfc5652.Attribute() +aa_cmsAlgorithmProtection['attrType'] = id_aa_cmsAlgorithmProtect +aa_cmsAlgorithmProtection['attrValues'][0] = CMSAlgorithmProtection() + + +# Map of Attribute Type OIDs to Attributes are +# added to the ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_cmsAlgorithmProtect: CMSAlgorithmProtection(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
\ No newline at end of file |