Merge branch 'devel-0.2.1'

author: Ilya Etingof <etingof@gmail.com> 2017-11-21 22:59:33 +0100
committer: Ilya Etingof <etingof@gmail.com> 2017-11-21 22:59:33 +0100
commit: bb8afab7c503f99bc61bdaeb3c075f37ace534bd (patch)
tree: 48be57e3248c63a318db61ae2cc00a346715fd5a /pyasn1_modules
parent: 620874bd43fb650b19d3c7b1a306888b7acd840a (diff)
parent: 5d61d1c03da165e4b7d082ddadf8be4462801eed (diff)
download: pyasn1-modules-bb8afab7c503f99bc61bdaeb3c075f37ace534bd.tar.gz
4 files changed, 369 insertions, 309 deletions
diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py
index ba164a2..d0c5e53 100644
--- a/pyasn1_modules/__init__.py
+++ b/pyasn1_modules/__init__.py
@@ -1,2 +1,2 @@
 # http://www.python.org/dev/peps/pep-0396/
-__version__ = '0.1.5'
+__version__ = '0.2.1'
diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py
index cf732b0..158aee7 100644
--- a/pyasn1_modules/rfc2315.py
+++ b/pyasn1_modules/rfc2315.py
@@ -25,7 +25,8 @@ class Attribute(univ.Sequence):
 class AttributeValueAssertion(univ.Sequence):
     componentType = namedtype.NamedTypes(
         namedtype.NamedType('attributeType', AttributeType()),
-        namedtype.NamedType('attributeValue', AttributeValue())
+        namedtype.NamedType('attributeValue', AttributeValue(),
+                            openType=opentype.OpenType('type', certificateAttributesMap))
     )
 
 
@@ -50,12 +51,19 @@ class EncryptedContent(univ.OctetString):
     pass
 
 
+contentTypeMap = {}
+
+
 class EncryptedContentInfo(univ.Sequence):
     componentType = namedtype.NamedTypes(
         namedtype.NamedType('contentType', ContentType()),
         namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
-        namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+        namedtype.OptionalNamedType(
+            'encryptedContent', EncryptedContent().subtype(
+                implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
+            ),
+            openType=opentype.OpenType('contentType', contentTypeMap)
+        )
     )
 
 
@@ -85,8 +93,11 @@ class Digest(univ.OctetString):
 class ContentInfo(univ.Sequence):
     componentType = namedtype.NamedTypes(
         namedtype.NamedType('contentType', ContentType()),
-        namedtype.OptionalNamedType('content', univ.Any().subtype(
-            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+        namedtype.OptionalNamedType(
+            'content',
+            univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)),
+            openType=opentype.OpenType('contentType', contentTypeMap)
+        )
     )
 
 
@@ -270,3 +281,14 @@ class SignedData(univ.Sequence):
 
 class Data(univ.OctetString):
     pass
+
+_contentTypeMapUpdate = {
+    data: Data(),
+    signedData: SignedData(),
+    envelopedData: EnvelopedData(),
+    signedAndEnvelopedData: SignedAndEnvelopedData(),
+    digestedData: DigestedData(),
+    encryptedData: EncryptedData()
+}
+
+contentTypeMap.update(_contentTypeMapUpdate)
+\ No newline at end of file
diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py
index c988c4f..6855482 100644
--- a/pyasn1_modules/rfc2459.py
+++ b/pyasn1_modules/rfc2459.py
@@ -13,7 +13,7 @@
 # Sample captures from:
 # http://wiki.wireshark.org/SampleCaptures/
 #
-from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful
+from pyasn1.type import tag, namedtype, namedval, opentype, univ, constraint, char, useful
 
 MAX = float('inf')
 
@@ -84,26 +84,6 @@ id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1')
 id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2')
 
 
-class AttributeValue(univ.Any):
-    pass
-
-
-class AttributeType(univ.ObjectIdentifier):
-    pass
-
-
-class AttributeTypeAndValue(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('type', AttributeType()),
-        namedtype.NamedType('value', AttributeValue())
-    )
-
-
-class Attribute(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('type', AttributeType()),
-        namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
-    )
 
 
 id_at = univ.ObjectIdentifier('2.5.4')
@@ -277,19 +257,6 @@ class DSAPrivateKey(univ.Sequence):
 
 # ----
 
-class RelativeDistinguishedName(univ.SetOf):
-    componentType = AttributeTypeAndValue()
-
-
-class RDNSequence(univ.SequenceOf):
-    componentType = RelativeDistinguishedName()
-
-
-class Name(univ.Choice):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('', RDNSequence())
-    )
-
 
 class DirectoryString(univ.Choice):
     componentType = namedtype.NamedTypes(
@@ -316,111 +283,6 @@ class AlgorithmIdentifier(univ.Sequence):
     )
 
 
-class Extension(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('extnID', univ.ObjectIdentifier()),
-        namedtype.DefaultedNamedType('critical', univ.Boolean('False')),
-        namedtype.NamedType('extnValue', univ.Any())
-    )
-
-
-class Extensions(univ.SequenceOf):
-    componentType = Extension()
-    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
-class SubjectPublicKeyInfo(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('algorithm', AlgorithmIdentifier()),
-        namedtype.NamedType('subjectPublicKey', univ.BitString())
-    )
-
-
-class UniqueIdentifier(univ.BitString):
-    pass
-
-
-class Time(univ.Choice):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('utcTime', useful.UTCTime()),
-        namedtype.NamedType('generalTime', useful.GeneralizedTime())
-    )
-
-
-class Validity(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('notBefore', Time()),
-        namedtype.NamedType('notAfter', Time())
-    )
-
-
-class CertificateSerialNumber(univ.Integer):
-    pass
-
-
-class Version(univ.Integer):
-    namedValues = namedval.NamedValues(
-        ('v1', 0), ('v2', 1), ('v3', 2)
-    )
-
-
-class TBSCertificate(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.DefaultedNamedType('version', Version('v1').subtype(
-            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
-        namedtype.NamedType('serialNumber', CertificateSerialNumber()),
-        namedtype.NamedType('signature', AlgorithmIdentifier()),
-        namedtype.NamedType('issuer', Name()),
-        namedtype.NamedType('validity', Validity()),
-        namedtype.NamedType('subject', Name()),
-        namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
-        namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
-        namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
-        namedtype.OptionalNamedType('extensions', Extensions().subtype(
-            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
-    )
-
-
-class Certificate(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('tbsCertificate', TBSCertificate()),
-        namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
-        namedtype.NamedType('signatureValue', univ.BitString())
-    )
-
-
-# CRL structures
-
-class RevokedCertificate(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('userCertificate', CertificateSerialNumber()),
-        namedtype.NamedType('revocationDate', Time()),
-        namedtype.OptionalNamedType('crlEntryExtensions', Extensions())
-    )
-
-
-class TBSCertList(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.OptionalNamedType('version', Version()),
-        namedtype.NamedType('signature', AlgorithmIdentifier()),
-        namedtype.NamedType('issuer', Name()),
-        namedtype.NamedType('thisUpdate', Time()),
-        namedtype.OptionalNamedType('nextUpdate', Time()),
-        namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())),
-        namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(
-            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
-    )
-
-
-class CertificateList(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('tbsCertList', TBSCertList()),
-        namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
-        namedtype.NamedType('signature', univ.BitString())
-    )
-
 
 # Algorithm OIDs and parameter structures
 
@@ -972,11 +834,6 @@ class BasicConstraints(univ.Sequence):
 id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9')
 
 
-class SubjectDirectoryAttributes(univ.SequenceOf):
-    componentType = Attribute()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
 class EDIPartyName(univ.Sequence):
     componentType = namedtype.NamedTypes(
         namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(
@@ -986,76 +843,10 @@ class EDIPartyName(univ.Sequence):
     )
 
 
-class AnotherName(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('type-id', univ.ObjectIdentifier()),
-        namedtype.NamedType('value',
-                            univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
-    )
-
-
-class GeneralName(univ.Choice):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('otherName',
-                            AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
-        namedtype.NamedType('rfc822Name',
-                            char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
-        namedtype.NamedType('dNSName',
-                            char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
-        namedtype.NamedType('x400Address',
-                            ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
-        namedtype.NamedType('directoryName',
-                            Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
-        namedtype.NamedType('ediPartyName',
-                            EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
-        namedtype.NamedType('uniformResourceIdentifier',
-                            char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
-        namedtype.NamedType('iPAddress', univ.OctetString().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
-        namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)))
-    )
-
-
-class GeneralNames(univ.SequenceOf):
-    componentType = GeneralName()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
-class AccessDescription(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('accessMethod', univ.ObjectIdentifier()),
-        namedtype.NamedType('accessLocation', GeneralName())
-    )
-
-
-class AuthorityInfoAccessSyntax(univ.SequenceOf):
-    componentType = AccessDescription()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
 
 id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27')
 
 
-class DistributionPointName(univ.Choice):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('fullName', GeneralNames().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
-        namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
-    )
-
-
-class DistributionPoint(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
-        namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
-        namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
-    )
-
 
 class BaseDistance(univ.Integer):
     subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX)
@@ -1064,56 +855,14 @@ class BaseDistance(univ.Integer):
 id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31')
 
 
-class CRLDistPointsSyntax(univ.SequenceOf):
-    componentType = DistributionPoint()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
 id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28')
 
 
-class IssuingDistributionPoint(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
-        namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
-        namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
-        namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
-        namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
-    )
-
-
-class GeneralSubtree(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.NamedType('base', GeneralName()),
-        namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
-        namedtype.OptionalNamedType('maximum', BaseDistance().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
-    )
-
-
-class GeneralSubtrees(univ.SequenceOf):
-    componentType = GeneralSubtree()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30')
 
 
-class NameConstraints(univ.Sequence):
-    componentType = namedtype.NamedTypes(
-        namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
-        namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(
-            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
-    )
-
-
 class DisplayText(univ.Choice):
     componentType = namedtype.NamedTypes(
         namedtype.NamedType('visibleString',
@@ -1232,6 +981,110 @@ class SubjectKeyIdentifier(KeyIdentifier):
     pass
 
 
+id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29')
+
+
+id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17')
+
+
+id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18')
+
+
+class AttributeValue(univ.Any):
+    pass
+
+
+class AttributeType(univ.ObjectIdentifier):
+    pass
+
+certificateAttributesMap = {}
+
+
+class AttributeTypeAndValue(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('type', AttributeType()),
+        namedtype.NamedType('value', AttributeValue(),
+                            openType=opentype.OpenType('type', certificateAttributesMap))
+    )
+
+
+class Attribute(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('type', AttributeType()),
+        namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
+    )
+
+
+class SubjectDirectoryAttributes(univ.SequenceOf):
+    componentType = Attribute()
+    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class RelativeDistinguishedName(univ.SetOf):
+    componentType = AttributeTypeAndValue()
+
+
+class RDNSequence(univ.SequenceOf):
+    componentType = RelativeDistinguishedName()
+
+
+class Name(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('', RDNSequence())
+    )
+
+class CertificateSerialNumber(univ.Integer):
+    pass
+
+
+class AnotherName(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('type-id', univ.ObjectIdentifier()),
+        namedtype.NamedType('value',
+                            univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )
+
+
+class GeneralName(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('otherName',
+                            AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('rfc822Name',
+                            char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('dNSName',
+                            char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+        namedtype.NamedType('x400Address',
+                            ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+        namedtype.NamedType('directoryName',
+                            Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
+        namedtype.NamedType('ediPartyName',
+                            EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
+        namedtype.NamedType('uniformResourceIdentifier',
+                            char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
+        namedtype.NamedType('iPAddress', univ.OctetString().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
+        namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)))
+    )
+
+
+class GeneralNames(univ.SequenceOf):
+    componentType = GeneralName()
+    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class AccessDescription(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('accessMethod', univ.ObjectIdentifier()),
+        namedtype.NamedType('accessLocation', GeneralName())
+    )
+
+
+class AuthorityInfoAccessSyntax(univ.SequenceOf):
+    componentType = AccessDescription()
+    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
 class AuthorityKeyIdentifier(univ.Sequence):
     componentType = namedtype.NamedTypes(
         namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(
@@ -1243,30 +1096,189 @@ class AuthorityKeyIdentifier(univ.Sequence):
     )
 
 
-id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29')
+class DistributionPointName(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('fullName', GeneralNames().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+    )
+
+
+class DistributionPoint(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
+    )
+
+
+class CRLDistPointsSyntax(univ.SequenceOf):
+    componentType = DistributionPoint()
+    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class IssuingDistributionPoint(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+        namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+        namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
+    )
+
+
+class GeneralSubtree(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('base', GeneralName()),
+        namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.OptionalNamedType('maximum', BaseDistance().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+    )
+
+
+class GeneralSubtrees(univ.SequenceOf):
+    componentType = GeneralSubtree()
+    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class NameConstraints(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+    )
 
 
 class CertificateIssuer(GeneralNames):
     pass
 
 
-id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17')
+class SubjectAltName(GeneralNames):
+    pass
 
 
-class SubjectAltName(GeneralNames):
+class IssuerAltName(GeneralNames):
     pass
 
 
-id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18')
+certificateExtensionsMap = {}
 
 
-class IssuerAltName(GeneralNames):
+class Extension(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('extnID', univ.ObjectIdentifier()),
+        namedtype.DefaultedNamedType('critical', univ.Boolean('False')),
+        namedtype.NamedType('extnValue', univ.OctetString(),
+                            openType=opentype.OpenType('extnID', certificateExtensionsMap))
+    )
+
+
+class Extensions(univ.SequenceOf):
+    componentType = Extension()
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class SubjectPublicKeyInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('algorithm', AlgorithmIdentifier()),
+        namedtype.NamedType('subjectPublicKey', univ.BitString())
+    )
+
+
+class UniqueIdentifier(univ.BitString):
     pass
 
 
+class Time(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('utcTime', useful.UTCTime()),
+        namedtype.NamedType('generalTime', useful.GeneralizedTime())
+    )
+
+
+class Validity(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('notBefore', Time()),
+        namedtype.NamedType('notAfter', Time())
+    )
+
+
+class Version(univ.Integer):
+    namedValues = namedval.NamedValues(
+        ('v1', 0), ('v2', 1), ('v3', 2)
+    )
+
+
+class TBSCertificate(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.DefaultedNamedType('version', Version('v1').subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('serialNumber', CertificateSerialNumber()),
+        namedtype.NamedType('signature', AlgorithmIdentifier()),
+        namedtype.NamedType('issuer', Name()),
+        namedtype.NamedType('validity', Validity()),
+        namedtype.NamedType('subject', Name()),
+        namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
+        namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+        namedtype.OptionalNamedType('extensions', Extensions().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
+    )
+
+
+class Certificate(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('tbsCertificate', TBSCertificate()),
+        namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
+        namedtype.NamedType('signatureValue', univ.BitString())
+    )
+
+# CRL structures
+
+class RevokedCertificate(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('userCertificate', CertificateSerialNumber()),
+        namedtype.NamedType('revocationDate', Time()),
+        namedtype.OptionalNamedType('crlEntryExtensions', Extensions())
+    )
+
+
+class TBSCertList(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('version', Version()),
+        namedtype.NamedType('signature', AlgorithmIdentifier()),
+        namedtype.NamedType('issuer', Name()),
+        namedtype.NamedType('thisUpdate', Time()),
+        namedtype.OptionalNamedType('nextUpdate', Time()),
+        namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())),
+        namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+    )
+
+
+class CertificateList(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('tbsCertList', TBSCertList()),
+        namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
+        namedtype.NamedType('signature', univ.BitString())
+    )
+
 # map of AttributeType -> AttributeValue
 
-certificateAttributesMap = {
+_certificateAttributesMapUpdate = {
     id_at_name: X520name(),
     id_at_surname: X520name(),
     id_at_givenName: X520name(),
@@ -1283,14 +1295,18 @@ certificateAttributesMap = {
     emailAddress: Pkcs9email(),
 }
 
+certificateAttributesMap.update(_certificateAttributesMapUpdate)
+
+
 # map of Certificate Extension OIDs to Extensions
 
-certificateExtensionsMap = {
+_certificateExtensionsMapUpdate = {
     id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
     id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(),
     id_ce_keyUsage: KeyUsage(),
     id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(),
-    id_ce_certificatePolicies: PolicyInformation(),  # could be a sequence of concat'ed objects?
+# TODO
+#    id_ce_certificatePolicies: PolicyInformation(),  # could be a sequence of concat'ed objects?
     id_ce_policyMappings: PolicyMappings(),
     id_ce_subjectAltName: SubjectAltName(),
     id_ce_issuerAltName: IssuerAltName(),
@@ -1309,3 +1325,6 @@ certificateExtensionsMap = {
     id_ce_invalidityDate: useful.GeneralizedTime(),
     id_ce_certificateIssuer: GeneralNames(),
 }
+
+certificateExtensionsMap.update(_certificateExtensionsMapUpdate)
+
diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py
index 7d3aa69..c750f28 100644
--- a/pyasn1_modules/rfc5280.py
+++ b/pyasn1_modules/rfc5280.py
@@ -16,6 +16,7 @@ from pyasn1.type import univ
 from pyasn1.type import char
 from pyasn1.type import namedtype
 from pyasn1.type import namedval
+from pyasn1.type import opentype
 from pyasn1.type import tag
 from pyasn1.type import constraint
 from pyasn1.type import useful
@@ -279,13 +280,10 @@ class CertificateSerialNumber(univ.Integer):
 
 
 class AlgorithmIdentifier(univ.Sequence):
-    pass
-
-
-AlgorithmIdentifier.componentType = namedtype.NamedTypes(
-    namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
-    namedtype.OptionalNamedType('parameters', univ.Any())
-)
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
+        namedtype.OptionalNamedType('parameters', univ.Any())
+    )
 
 
 class Time(univ.Choice):
@@ -302,14 +300,17 @@ class AttributeValue(univ.Any):
     pass
 
 
-class AttributeTypeAndValue(univ.Sequence):
-    pass
+certificateAttributesMap = {}
 
 
-AttributeTypeAndValue.componentType = namedtype.NamedTypes(
-    namedtype.NamedType('type', AttributeType()),
-    namedtype.NamedType('value', AttributeValue())
-)
+class AttributeTypeAndValue(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('type', AttributeType()),
+        namedtype.NamedType(
+            'value', AttributeValue(),
+            openType=opentype.OpenType('type', certificateAttributesMap)
+        )
+    )
 
 
 class RelativeDistinguishedName(univ.SetOf):
@@ -379,18 +380,21 @@ class PhysicalDeliveryOfficeName(PDSParameter):
 
 ub_extension_attributes = univ.Integer(256)
 
+certificateExtensionsMap = {
 
-class ExtensionAttribute(univ.Sequence):
-    pass
+}
 
 
-ExtensionAttribute.componentType = namedtype.NamedTypes(
-    namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(
-        subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(
-        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
-    namedtype.NamedType('extension-attribute-value',
-                        univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
-)
+class ExtensionAttribute(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType(
+            'extension-attribute-type',
+            univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType(
+            'extension-attribute-value',
+            univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)),
+            openType=opentype.OpenType('type', certificateExtensionsMap))
+    )
 
 id_qt = _buildOid(id_pkix, 2)
 
@@ -737,13 +741,12 @@ X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_numbe
 
 
 class Attribute(univ.Sequence):
-    pass
-
-
-Attribute.componentType = namedtype.NamedTypes(
-    namedtype.NamedType('type', AttributeType()),
-    namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue()))
-)
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('type', AttributeType()),
+        namedtype.NamedType('values',
+                            univ.SetOf(componentType=AttributeValue()),
+                            openType=opentype.OpenType('type', certificateAttributesMap))
+    )
 
 ub_common_name = univ.Integer(64)
 
@@ -1066,14 +1069,20 @@ PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes(
 )
 
 
-class AnotherName(univ.Sequence):
-    pass
+anotherNameMap = {
 
+}
 
-AnotherName.componentType = namedtype.NamedTypes(
-    namedtype.NamedType('type-id', univ.ObjectIdentifier()),
-    namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
-)
+
+class AnotherName(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('type-id', univ.ObjectIdentifier()),
+        namedtype.NamedType(
+            'value',
+            univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)),
+            openType=opentype.OpenType('type-id', anotherNameMap)
+        )
+    )
 
 
 class EDIPartyName(univ.Sequence):
@@ -1311,14 +1320,19 @@ class PolicyQualifierId(univ.ObjectIdentifier):
     pass
 
 
-class PolicyQualifierInfo(univ.Sequence):
-    pass
+policyQualifierInfoMap = {
 
+}
 
-PolicyQualifierInfo.componentType = namedtype.NamedTypes(
-    namedtype.NamedType('policyQualifierId', PolicyQualifierId()),
-    namedtype.NamedType('qualifier', univ.Any())
-)
+
+class PolicyQualifierInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('policyQualifierId', PolicyQualifierId()),
+        namedtype.NamedType(
+            'qualifier', univ.Any(),
+            openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap)
+        )
+    )
 
 
 class CertPolicyId(univ.ObjectIdentifier):
@@ -1549,7 +1563,7 @@ id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54)
 
 # map of AttributeType -> AttributeValue
 
-certificateAttributesMap = {
+_certificateAttributesMapUpdate = {
     id_at_name: X520name(),
     id_at_surname: X520name(),
     id_at_givenName: X520name(),
@@ -1569,9 +1583,12 @@ certificateAttributesMap = {
     id_emailAddress: EmailAddress(),
 }
 
+certificateAttributesMap.update(_certificateAttributesMapUpdate)
+
+
 # map of Certificate Extension OIDs to Extensions
 
-certificateExtensionsMap = {
+_certificateExtensionsMap = {
     id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
     id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(),
     id_ce_keyUsage: KeyUsage(),
@@ -1595,3 +1612,5 @@ certificateExtensionsMap = {
     id_ce_invalidityDate: useful.GeneralizedTime(),
     id_ce_certificateIssuer: GeneralNames(),
 }
+
+certificateExtensionsMap.update(_certificateExtensionsMap)
author	Ilya Etingof <etingof@gmail.com>	2017-11-21 22:59:33 +0100
committer	Ilya Etingof <etingof@gmail.com>	2017-11-21 22:59:33 +0100
commit	bb8afab7c503f99bc61bdaeb3c075f37ace534bd (patch)
tree	48be57e3248c63a318db61ae2cc00a346715fd5a /pyasn1_modules
parent	620874bd43fb650b19d3c7b1a306888b7acd840a (diff)
parent	5d61d1c03da165e4b7d082ddadf8be4462801eed (diff)
download	pyasn1-modules-bb8afab7c503f99bc61bdaeb3c075f37ace534bd.tar.gz