aboutsummaryrefslogtreecommitdiff
path: root/pyasn1_modules/rfc4211.py
diff options
context:
space:
mode:
Diffstat (limited to 'pyasn1_modules/rfc4211.py')
-rw-r--r--pyasn1_modules/rfc4211.py396
1 files changed, 396 insertions, 0 deletions
diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py
new file mode 100644
index 0000000..9ff07f2
--- /dev/null
+++ b/pyasn1_modules/rfc4211.py
@@ -0,0 +1,396 @@
+# coding: utf-8
+#
+# This file is part of pyasn1-modules software.
+#
+# Created by Stanisław Pitucha with asn1ate tool.
+# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
+# License: http://pyasn1.sf.net/license.html
+#
+# Internet X.509 Public Key Infrastructure Certificate Request
+# Message Format (CRMF)
+#
+# ASN.1 source from:
+# http://www.ietf.org/rfc/rfc4211.txt
+#
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import tag
+from pyasn1.type import univ
+
+from pyasn1_modules import rfc3280
+from pyasn1_modules import rfc3852
+
+MAX = float('inf')
+
+
+def _buildOid(*components):
+ output = []
+ for x in tuple(components):
+ if isinstance(x, univ.ObjectIdentifier):
+ output.extend(list(x))
+ else:
+ output.append(int(x))
+
+ return univ.ObjectIdentifier(output)
+
+
+id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7)
+
+id_pkip = _buildOid(id_pkix, 5)
+
+id_regCtrl = _buildOid(id_pkip, 1)
+
+
+class SinglePubInfo(univ.Sequence):
+ pass
+
+
+SinglePubInfo.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('pubMethod', univ.Integer(
+ namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))),
+ namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName())
+)
+
+
+class UTF8Pairs(char.UTF8String):
+ pass
+
+
+class PKMACValue(univ.Sequence):
+ pass
+
+
+PKMACValue.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()),
+ namedtype.NamedType('value', univ.BitString())
+)
+
+
+class POPOSigningKeyInput(univ.Sequence):
+ pass
+
+
+POPOSigningKeyInput.componentType = namedtype.NamedTypes(
+ namedtype.NamedType(
+ 'authInfo', univ.Choice(
+ componentType=namedtype.NamedTypes(
+ namedtype.NamedType(
+ 'sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
+ ),
+ namedtype.NamedType(
+ 'publicKeyMAC', PKMACValue()
+ )
+ )
+ )
+ ),
+ namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo())
+)
+
+
+class POPOSigningKey(univ.Sequence):
+ pass
+
+
+POPOSigningKey.componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()),
+ namedtype.NamedType('signature', univ.BitString())
+)
+
+
+class Attributes(univ.SetOf):
+ pass
+
+
+Attributes.componentType = rfc3280.Attribute()
+
+
+class PrivateKeyInfo(univ.Sequence):
+ pass
+
+
+PrivateKeyInfo.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('version', univ.Integer()),
+ namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()),
+ namedtype.NamedType('privateKey', univ.OctetString()),
+ namedtype.OptionalNamedType('attributes',
+ Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+)
+
+
+class EncryptedValue(univ.Sequence):
+ pass
+
+
+EncryptedValue.componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+ namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
+ namedtype.NamedType('encValue', univ.BitString())
+)
+
+
+class EncryptedKey(univ.Choice):
+ pass
+
+
+EncryptedKey.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('encryptedValue', EncryptedValue()),
+ namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+)
+
+
+class KeyGenParameters(univ.OctetString):
+ pass
+
+
+class PKIArchiveOptions(univ.Choice):
+ pass
+
+
+PKIArchiveOptions.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('encryptedPrivKey',
+ EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('keyGenParameters',
+ KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.NamedType('archiveRemGenPrivKey',
+ univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+)
+
+id_regCtrl_authenticator = _buildOid(id_regCtrl, 2)
+
+id_regInfo = _buildOid(id_pkip, 2)
+
+id_regInfo_certReq = _buildOid(id_regInfo, 2)
+
+
+class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo):
+ pass
+
+
+class Authenticator(char.UTF8String):
+ pass
+
+
+class SubsequentMessage(univ.Integer):
+ pass
+
+
+SubsequentMessage.namedValues = namedval.NamedValues(
+ ('encrCert', 0),
+ ('challengeResp', 1)
+)
+
+
+class AttributeTypeAndValue(univ.Sequence):
+ pass
+
+
+AttributeTypeAndValue.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type', univ.ObjectIdentifier()),
+ namedtype.NamedType('value', univ.Any())
+)
+
+
+class POPOPrivKey(univ.Choice):
+ pass
+
+
+POPOPrivKey.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('thisMessage',
+ univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('subsequentMessage',
+ SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.NamedType('dhMAC',
+ univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.NamedType('agreeMAC',
+ PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
+ namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
+)
+
+
+class ProofOfPossession(univ.Choice):
+ pass
+
+
+ProofOfPossession.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('raVerified',
+ univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('signature', POPOSigningKey().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
+ namedtype.NamedType('keyEncipherment',
+ POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
+ namedtype.NamedType('keyAgreement',
+ POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
+)
+
+
+class OptionalValidity(univ.Sequence):
+ pass
+
+
+OptionalValidity.componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+)
+
+
+class CertTemplate(univ.Sequence):
+ pass
+
+
+CertTemplate.componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('version', rfc3280.Version().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
+ namedtype.OptionalNamedType('validity', OptionalValidity().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
+ namedtype.OptionalNamedType('subject', rfc3280.Name().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
+ namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
+ namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
+ namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
+ namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9)))
+)
+
+
+class Controls(univ.SequenceOf):
+ pass
+
+
+Controls.componentType = AttributeTypeAndValue()
+Controls.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+class CertRequest(univ.Sequence):
+ pass
+
+
+CertRequest.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('certReqId', univ.Integer()),
+ namedtype.NamedType('certTemplate', CertTemplate()),
+ namedtype.OptionalNamedType('controls', Controls())
+)
+
+
+class CertReqMsg(univ.Sequence):
+ pass
+
+
+CertReqMsg.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('certReq', CertRequest()),
+ namedtype.OptionalNamedType('popo', ProofOfPossession()),
+ namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()))
+)
+
+
+class CertReqMessages(univ.SequenceOf):
+ pass
+
+
+CertReqMessages.componentType = CertReqMsg()
+CertReqMessages.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+class CertReq(CertRequest):
+ pass
+
+
+id_regCtrl_pkiPublicationInfo = _buildOid(id_regCtrl, 3)
+
+
+class CertId(univ.Sequence):
+ pass
+
+
+CertId.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('issuer', rfc3280.GeneralName()),
+ namedtype.NamedType('serialNumber', univ.Integer())
+)
+
+
+class OldCertId(CertId):
+ pass
+
+
+class PKIPublicationInfo(univ.Sequence):
+ pass
+
+
+PKIPublicationInfo.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('action',
+ univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
+ namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()))
+)
+
+
+class EncKeyWithID(univ.Sequence):
+ pass
+
+
+EncKeyWithID.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('privateKey', PrivateKeyInfo()),
+ namedtype.OptionalNamedType(
+ 'identifier', univ.Choice(
+ componentType=namedtype.NamedTypes(
+ namedtype.NamedType('string', char.UTF8String()),
+ namedtype.NamedType('generalName', rfc3280.GeneralName())
+ )
+ )
+ )
+)
+
+id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6)
+
+id_regCtrl_oldCertID = _buildOid(id_regCtrl, 5)
+
+id_smime = _buildOid(1, 2, 840, 113549, 1, 9, 16)
+
+
+class PBMParameter(univ.Sequence):
+ pass
+
+
+PBMParameter.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('salt', univ.OctetString()),
+ namedtype.NamedType('owf', rfc3280.AlgorithmIdentifier()),
+ namedtype.NamedType('iterationCount', univ.Integer()),
+ namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier())
+)
+
+id_regCtrl_regToken = _buildOid(id_regCtrl, 1)
+
+id_regCtrl_pkiArchiveOptions = _buildOid(id_regCtrl, 4)
+
+id_regInfo_utf8Pairs = _buildOid(id_regInfo, 1)
+
+id_ct = _buildOid(id_smime, 1)
+
+id_ct_encKeyWithID = _buildOid(id_ct, 21)
+
+
+class RegToken(char.UTF8String):
+ pass
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 07:47:48 +0000