diff options
author | Ilya Etingof <etingof@gmail.com> | 2017-09-13 01:09:14 +0200 |
---|---|---|
committer | Ilya Etingof <etingof@gmail.com> | 2017-09-13 01:09:14 +0200 |
commit | 49d39b1e21c7d0817b4ea3e69ffb70af97fa2da2 (patch) | |
tree | f1c30b8c6fbfc167d0e9b47d35b2bc06c03a23dc /pyasn1_modules | |
parent | c513c62dd72b3afbe4fc1e7eb4856f0f9ac76954 (diff) | |
download | pyasn1-modules-49d39b1e21c7d0817b4ea3e69ffb70af97fa2da2.tar.gz |
WIP: open types support
Diffstat (limited to 'pyasn1_modules')
-rw-r--r-- | pyasn1_modules/rfc2315.py | 32 | ||||
-rw-r--r-- | pyasn1_modules/rfc2459.py | 103 | ||||
-rw-r--r-- | pyasn1_modules/rfc5280.py | 105 |
3 files changed, 144 insertions, 96 deletions
diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index cf732b0..158aee7 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -25,7 +25,8 @@ class Attribute(univ.Sequence): class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeType', AttributeType()), - namedtype.NamedType('attributeValue', AttributeValue()) + namedtype.NamedType('attributeValue', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap)) ) @@ -50,12 +51,19 @@ class EncryptedContent(univ.OctetString): pass +contentTypeMap = {} + + class EncryptedContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), - namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType( + 'encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ), + openType=opentype.OpenType('contentType', contentTypeMap) + ) ) @@ -85,8 +93,11 @@ class Digest(univ.OctetString): class ContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), - namedtype.OptionalNamedType('content', univ.Any().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType( + 'content', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)), + openType=opentype.OpenType('contentType', contentTypeMap) + ) ) @@ -270,3 +281,14 @@ class SignedData(univ.Sequence): class Data(univ.OctetString): pass + +_contentTypeMapUpdate = { + data: Data(), + signedData: SignedData(), + envelopedData: EnvelopedData(), + signedAndEnvelopedData: SignedAndEnvelopedData(), + digestedData: DigestedData(), + encryptedData: EncryptedData() +} + +contentTypeMap.update(_contentTypeMapUpdate)
\ No newline at end of file diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 5f8bcd4..6855482 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -990,26 +990,6 @@ id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') -# map of AttributeType -> AttributeValue - -certificateAttributesMap = { - id_at_name: X520name(), - id_at_surname: X520name(), - id_at_givenName: X520name(), - id_at_initials: X520name(), - id_at_generationQualifier: X520name(), - id_at_commonName: X520CommonName(), - id_at_localityName: X520LocalityName(), - id_at_stateOrProvinceName: X520StateOrProvinceName(), - id_at_organizationName: X520OrganizationName(), - id_at_organizationalUnitName: X520OrganizationalUnitName(), - id_at_title: X520Title(), - id_at_dnQualifier: X520dnQualifier(), - id_at_countryName: X520countryName(), - emailAddress: Pkcs9email(), -} - - class AttributeValue(univ.Any): pass @@ -1017,6 +997,8 @@ class AttributeValue(univ.Any): class AttributeType(univ.ObjectIdentifier): pass +certificateAttributesMap = {} + class AttributeTypeAndValue(univ.Sequence): componentType = namedtype.NamedTypes( @@ -1190,34 +1172,7 @@ class IssuerAltName(GeneralNames): pass -# map of Certificate Extension OIDs to Extensions - -certificateExtensionsMap = { - id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), - id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), - id_ce_keyUsage: KeyUsage(), - id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), -# TODO -# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? - id_ce_policyMappings: PolicyMappings(), - id_ce_subjectAltName: SubjectAltName(), - id_ce_issuerAltName: IssuerAltName(), - id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), - id_ce_basicConstraints: BasicConstraints(), - id_ce_nameConstraints: NameConstraints(), - id_ce_policyConstraints: PolicyConstraints(), - id_ce_extKeyUsage: ExtKeyUsageSyntax(), - id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), - id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), - id_ce_cRLNumber: univ.Integer(), - id_ce_deltaCRLIndicator: BaseCRLNumber(), - id_ce_issuingDistributionPoint: IssuingDistributionPoint(), - id_ce_cRLReasons: CRLReason(), - id_ce_holdInstructionCode: univ.ObjectIdentifier(), - id_ce_invalidityDate: useful.GeneralizedTime(), - id_ce_certificateIssuer: GeneralNames(), -} - +certificateExtensionsMap = {} class Extension(univ.Sequence): @@ -1321,3 +1276,55 @@ class CertificateList(univ.Sequence): namedtype.NamedType('signature', univ.BitString()) ) +# map of AttributeType -> AttributeValue + +_certificateAttributesMapUpdate = { + id_at_name: X520name(), + id_at_surname: X520name(), + id_at_givenName: X520name(), + id_at_initials: X520name(), + id_at_generationQualifier: X520name(), + id_at_commonName: X520CommonName(), + id_at_localityName: X520LocalityName(), + id_at_stateOrProvinceName: X520StateOrProvinceName(), + id_at_organizationName: X520OrganizationName(), + id_at_organizationalUnitName: X520OrganizationalUnitName(), + id_at_title: X520Title(), + id_at_dnQualifier: X520dnQualifier(), + id_at_countryName: X520countryName(), + emailAddress: Pkcs9email(), +} + +certificateAttributesMap.update(_certificateAttributesMapUpdate) + + +# map of Certificate Extension OIDs to Extensions + +_certificateExtensionsMapUpdate = { + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), + id_ce_keyUsage: KeyUsage(), + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), +# TODO +# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? + id_ce_policyMappings: PolicyMappings(), + id_ce_subjectAltName: SubjectAltName(), + id_ce_issuerAltName: IssuerAltName(), + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), + id_ce_basicConstraints: BasicConstraints(), + id_ce_nameConstraints: NameConstraints(), + id_ce_policyConstraints: PolicyConstraints(), + id_ce_extKeyUsage: ExtKeyUsageSyntax(), + id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), + id_ce_cRLNumber: univ.Integer(), + id_ce_deltaCRLIndicator: BaseCRLNumber(), + id_ce_issuingDistributionPoint: IssuingDistributionPoint(), + id_ce_cRLReasons: CRLReason(), + id_ce_holdInstructionCode: univ.ObjectIdentifier(), + id_ce_invalidityDate: useful.GeneralizedTime(), + id_ce_certificateIssuer: GeneralNames(), +} + +certificateExtensionsMap.update(_certificateExtensionsMapUpdate) + diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index 7d3aa69..c750f28 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -16,6 +16,7 @@ from pyasn1.type import univ from pyasn1.type import char from pyasn1.type import namedtype from pyasn1.type import namedval +from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import constraint from pyasn1.type import useful @@ -279,13 +280,10 @@ class CertificateSerialNumber(univ.Integer): class AlgorithmIdentifier(univ.Sequence): - pass - - -AlgorithmIdentifier.componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithm', univ.ObjectIdentifier()), - namedtype.OptionalNamedType('parameters', univ.Any()) -) + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) + ) class Time(univ.Choice): @@ -302,14 +300,17 @@ class AttributeValue(univ.Any): pass -class AttributeTypeAndValue(univ.Sequence): - pass +certificateAttributesMap = {} -AttributeTypeAndValue.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('value', AttributeValue()) -) +class AttributeTypeAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType( + 'value', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap) + ) + ) class RelativeDistinguishedName(univ.SetOf): @@ -379,18 +380,21 @@ class PhysicalDeliveryOfficeName(PDSParameter): ub_extension_attributes = univ.Integer(256) +certificateExtensionsMap = { -class ExtensionAttribute(univ.Sequence): - pass +} -ExtensionAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('extension-attribute-value', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) -) +class ExtensionAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'extension-attribute-type', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType( + 'extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)), + openType=opentype.OpenType('type', certificateExtensionsMap)) + ) id_qt = _buildOid(id_pkix, 2) @@ -737,13 +741,12 @@ X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_numbe class Attribute(univ.Sequence): - pass - - -Attribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) -) + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', + univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('type', certificateAttributesMap)) + ) ub_common_name = univ.Integer(64) @@ -1066,14 +1069,20 @@ PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( ) -class AnotherName(univ.Sequence): - pass +anotherNameMap = { +} -AnotherName.componentType = namedtype.NamedTypes( - namedtype.NamedType('type-id', univ.ObjectIdentifier()), - namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) -) + +class AnotherName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType( + 'value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('type-id', anotherNameMap) + ) + ) class EDIPartyName(univ.Sequence): @@ -1311,14 +1320,19 @@ class PolicyQualifierId(univ.ObjectIdentifier): pass -class PolicyQualifierInfo(univ.Sequence): - pass +policyQualifierInfoMap = { +} -PolicyQualifierInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('policyQualifierId', PolicyQualifierId()), - namedtype.NamedType('qualifier', univ.Any()) -) + +class PolicyQualifierInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType( + 'qualifier', univ.Any(), + openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) + ) + ) class CertPolicyId(univ.ObjectIdentifier): @@ -1549,7 +1563,7 @@ id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) # map of AttributeType -> AttributeValue -certificateAttributesMap = { +_certificateAttributesMapUpdate = { id_at_name: X520name(), id_at_surname: X520name(), id_at_givenName: X520name(), @@ -1569,9 +1583,12 @@ certificateAttributesMap = { id_emailAddress: EmailAddress(), } +certificateAttributesMap.update(_certificateAttributesMapUpdate) + + # map of Certificate Extension OIDs to Extensions -certificateExtensionsMap = { +_certificateExtensionsMap = { id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), @@ -1595,3 +1612,5 @@ certificateExtensionsMap = { id_ce_invalidityDate: useful.GeneralizedTime(), id_ce_certificateIssuer: GeneralNames(), } + +certificateExtensionsMap.update(_certificateExtensionsMap) |