diff options
Diffstat (limited to 'pyasn1_modules/rfc5652.py')
| -rw-r--r-- | pyasn1_modules/rfc5652.py | 154 |
1 files changed, 90 insertions, 64 deletions
diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py index 78a389d..a2002ad 100644 --- a/pyasn1_modules/rfc5652.py +++ b/pyasn1_modules/rfc5652.py @@ -11,7 +11,6 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc5652.txt # -from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval @@ -24,7 +23,8 @@ from pyasn1_modules import rfc5280 MAX = 64 -def _OID(*components): + +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -51,10 +51,12 @@ class AttributeCertificateInfoV1(univ.Sequence): AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )) - ), + ), namedtype.NamedType('issuer', rfc5280.GeneralNames()), namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), @@ -95,7 +97,7 @@ class SignedAttributes(univ.SetOf): SignedAttributes.componentType = Attribute() -SignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +SignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class AttributeCertificateV2(rfc3281.AttributeCertificate): @@ -117,10 +119,9 @@ class UnauthAttributes(univ.SetOf): UnauthAttributes.componentType = Attribute() -UnauthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +UnauthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) -id_encryptedData = _OID(1, 2, 840, 113549, 1, 7, 6) +id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) class SignatureValue(univ.OctetString): @@ -158,7 +159,8 @@ class KeyAgreeRecipientIdentifier(univ.Choice): KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -247,10 +249,14 @@ class CertificateChoices(univ.Choice): CertificateChoices.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc5280.Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('other', OtherCertificateFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) @@ -277,7 +283,8 @@ class RevocationInfoChoice(univ.Choice): RevocationInfoChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('crl', rfc5280.CertificateList()), - namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -293,8 +300,10 @@ class OriginatorInfo(univ.Sequence): OriginatorInfo.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('certs', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('certs', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -317,7 +326,8 @@ class EncryptedContentInfo(univ.Sequence): EncryptedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), - namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -326,7 +336,7 @@ class UnprotectedAttributes(univ.SetOf): UnprotectedAttributes.componentType = Attribute() -UnprotectedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnprotectedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): @@ -366,7 +376,8 @@ class PasswordRecipientInfo(univ.Sequence): PasswordRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) @@ -378,7 +389,8 @@ class RecipientIdentifier(univ.Choice): RecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -414,8 +426,10 @@ class OriginatorIdentifierOrKey(univ.Choice): OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -425,8 +439,10 @@ class KeyAgreeRecipientInfo(univ.Sequence): KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) ) @@ -448,10 +464,14 @@ class RecipientInfo(univ.Choice): RecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('ktri', KeyTransRecipientInfo()), - namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('kekri', KEKRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('ori', OtherRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) ) @@ -460,7 +480,7 @@ class RecipientInfos(univ.SetOf): RecipientInfos.componentType = RecipientInfo() -RecipientInfos.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +RecipientInfos.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class EnvelopedData(univ.Sequence): @@ -469,10 +489,12 @@ class EnvelopedData(univ.Sequence): EnvelopedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -480,10 +502,9 @@ class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass -id_ct_contentInfo = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 6) - +id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) -id_digestedData = _OID(1, 2, 840, 113549, 1, 7, 5) +id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) class EncryptedData(univ.Sequence): @@ -493,14 +514,13 @@ class EncryptedData(univ.Sequence): EncryptedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) +id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) -id_messageDigest = _OID(1, 2, 840, 113549, 1, 9, 4) - - -id_signedData = _OID(1, 2, 840, 113549, 1, 7, 2) +id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier): @@ -512,7 +532,7 @@ class UnsignedAttributes(univ.SetOf): UnsignedAttributes.componentType = Attribute() -UnsignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnsignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class SignerIdentifier(univ.Choice): @@ -521,7 +541,8 @@ class SignerIdentifier(univ.Choice): SignerIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -533,10 +554,12 @@ SignerInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('sid', SignerIdentifier()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), - namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', SignatureValue()), - namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -567,14 +590,13 @@ class EncapsulatedContentInfo(univ.Sequence): EncapsulatedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('eContentType', ContentType()), - namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) +id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) -id_countersignature = _OID(1, 2, 840, 113549, 1, 9, 6) - - -id_data = _OID(1, 2, 840, 113549, 1, 7, 1) +id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) class MessageDigest(univ.OctetString): @@ -586,7 +608,7 @@ class AuthAttributes(univ.SetOf): AuthAttributes.componentType = Attribute() -AuthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +AuthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class Time(univ.Choice): @@ -605,18 +627,21 @@ class AuthenticatedData(univ.Sequence): AuthenticatedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), - namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), - namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('mac', MessageAuthenticationCode()), - namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) - -id_contentType = _OID(1, 2, 840, 113549, 1, 9, 3) +id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) class ExtendedCertificateOrCertificate(univ.Choice): @@ -625,7 +650,8 @@ class ExtendedCertificateOrCertificate(univ.Choice): ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc5280.Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -644,8 +670,7 @@ DigestedData.componentType = namedtype.NamedTypes( namedtype.NamedType('digest', Digest()) ) - -id_envelopedData = _OID(1, 2, 840, 113549, 1, 7, 3) +id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) class DigestAlgorithmIdentifiers(univ.SetOf): @@ -663,17 +688,18 @@ SignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), - namedtype.OptionalNamedType('certificates', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) - -id_signingTime = _OID(1, 2, 840, 113549, 1, 9, 5) +id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) class SigningTime(Time): pass -id_ct_authData = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 2) +id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) |