From 8b513895caeda00b34f662bec79238a5bf636383 Mon Sep 17 00:00:00 2001 From: elie Date: Thu, 17 Feb 2011 18:35:16 +0000 Subject: Initial revision --- pyasn1_modules/__init__.py | 0 pyasn1_modules/pem.py | 27 ++++ pyasn1_modules/rfc1157.py | 152 +++++++++++++++++++++ pyasn1_modules/rfc2251.py | 319 +++++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc2315.py | 205 +++++++++++++++++++++++++++++ pyasn1_modules/rfc2459.py | 111 ++++++++++++++++ pyasn1_modules/rfc2560.py | 171 ++++++++++++++++++++++++ 7 files changed, 985 insertions(+) create mode 100644 pyasn1_modules/__init__.py create mode 100644 pyasn1_modules/pem.py create mode 100644 pyasn1_modules/rfc1157.py create mode 100644 pyasn1_modules/rfc2251.py create mode 100644 pyasn1_modules/rfc2315.py create mode 100644 pyasn1_modules/rfc2459.py create mode 100644 pyasn1_modules/rfc2560.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py new file mode 100644 index 0000000..e1554a4 --- /dev/null +++ b/pyasn1_modules/pem.py @@ -0,0 +1,27 @@ +import base64, string + +stSpam, stHam, stDump = 0, 1, 2 + +def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', + endMarker='-----END CERTIFICATE-----'): + state = stSpam + while 1: + certLine = fileObj.readline() + if not certLine: + break + certLine = string.strip(certLine) + if state == stSpam: + if certLine == startMarker: + certLines = [] + state = stHam + continue + if state == stHam: + if certLine == endMarker: + state = stDump + else: + certLines.append(certLine) + if state == stDump: + substrate = '' + for certLine in certLines: + substrate = substrate + base64.decodestring(certLine) + return substrate diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py new file mode 100644 index 0000000..723d58d --- /dev/null +++ b/pyasn1_modules/rfc1157.py @@ -0,0 +1,152 @@ +# +# SNMP message syntax +# +# ASN.1 source from: +# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/snmp.asn +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint + +class Version(univ.Integer): + namedValues = namedval.NamedValues( + ('version-1', 0) + ) + defaultValue = 0 + +class Community(univ.OctetString): pass + +class RequestID(univ.Integer): pass +class ErrorStatus(univ.Integer): + namedValues = namedval.NamedValues( + ('noError', 0), + ('tooBig', 1), + ('noSuchName', 2), + ('badValue', 3), + ('readOnly', 4), + ('genErr', 5) + ) +class ErrorIndex(univ.Integer): pass + +class ObjectName(univ.ObjectIdentifier): pass + +class SimpleSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('number', univ.Integer()), + namedtype.NamedType('string', univ.OctetString()), + namedtype.NamedType('object', univ.ObjectIdentifier()), + namedtype.NamedType('empty', univ.Null()) + ) + +class IpAddress(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( + 4, 4 + ) +class NetworkAddress(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('internet', IpAddress()) + ) + +class Counter(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295L + ) +class Gauge(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295L + ) +class TimeTicks(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295L + ) +class Opaque(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) + ) + +class ApplicationSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('address', NetworkAddress()), + namedtype.NamedType('counter', Counter()), + namedtype.NamedType('gauge', Gauge()), + namedtype.NamedType('ticks', TimeTicks()), + namedtype.NamedType('arbitrary', Opaque()) + ) + +class ObjectSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', SimpleSyntax()), + namedtype.NamedType('application-wide', ApplicationSyntax()) + ) + +class VarBind(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('name', ObjectName()), + namedtype.NamedType('value', ObjectSyntax()) + ) +class VarBindList(univ.SequenceOf): + componentType = VarBind() + +class _RequestBase(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('request-id', RequestID()), + namedtype.NamedType('error-status', ErrorStatus()), + namedtype.NamedType('error-index', ErrorIndex()), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + +class GetRequestPDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) +class GetNextRequestPDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) +class GetResponsePDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) +class SetRequestPDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + +class TrapPDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('enterprise', univ.ObjectIdentifier()), + namedtype.NamedType('agent-addr', NetworkAddress()), + namedtype.NamedType('generic-trap', univ.Integer().clone(namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), ('authenticationFailure', 4), ('egpNeighborLoss', 5), ('enterpriseSpecific', 6)))), + namedtype.NamedType('specific-trap', univ.Integer()), + namedtype.NamedType('time-stamp', TimeTicks()), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + +class Pdus(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('get-request', GetRequestPDU()), + namedtype.NamedType('get-next-request', GetNextRequestPDU()), + namedtype.NamedType('get-response', GetResponsePDU()), + namedtype.NamedType('set-request', SetRequestPDU()), + namedtype.NamedType('trap', TrapPDU()) + ) + +class Message(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('community', Community()), + namedtype.NamedType('data', Pdus()) + ) diff --git a/pyasn1_modules/rfc2251.py b/pyasn1_modules/rfc2251.py new file mode 100644 index 0000000..3074c67 --- /dev/null +++ b/pyasn1_modules/rfc2251.py @@ -0,0 +1,319 @@ +# +# LDAP message syntax +# +# ASN.1 source from: +# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/ldap.asn +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import tag, namedtype, namedval, univ, constraint,char,useful +from pyasn1.codec.der import decoder, encoder + +maxInt = univ.Integer(2147483647) + +class LDAPString(univ.OctetString): pass +class LDAPOID(univ.OctetString): pass + +class LDAPDN(LDAPString): pass +class RelativeLDAPDN(LDAPString): pass +class AttributeType(LDAPString): pass +class AttributeDescription(LDAPString): pass + +class AttributeDescriptionList(univ.SequenceOf): + componentType = AttributeDescription() + +class AttributeValue(univ.OctetString): pass + +class AssertionValue(univ.OctetString): pass + +class AttributeValueAssertion(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('attributeDesc', AttributeDescription()), + namedtype.NamedType('assertionValue', AssertionValue()) + ) + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + +class MatchingRuleId(LDAPString): pass + +class Control(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('controlType', LDAPOID()), + namedtype.DefaultedNamedType('criticality', univ.Boolean('False')), + namedtype.OptionalNamedType('controlValue', univ.OctetString()) + ) + +class Controls(univ.SequenceOf): + componentType = Control() + +class LDAPURL(LDAPString): pass + +class Referral(univ.SequenceOf): + componentType = LDAPURL() + +class SaslCredentials(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('mechanism', LDAPString()), + namedtype.OptionalNamedType('credentials', univ.OctetString()) + ) + +class AuthenticationChoice(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('reserved-1', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('reserved-2', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('sasl', SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + +class BindRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))), + namedtype.NamedType('name', LDAPDN()), + namedtype.NamedType('authentication', AuthenticationChoice()) + ) + +class PartialAttributeList(univ.SequenceOf): + componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) + +class SearchResultEntry(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('objectName', LDAPDN()), + namedtype.NamedType('attributes', PartialAttributeList()) + ) + +class MatchingRuleAssertion(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('type', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('matchValue', AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + +class SubstringFilter(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('substrings', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))))))) + ) + +# Ugly hack to handle recursive Filter reference (up to 3-levels deep). + +class Filter3(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + +class Filter2(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('not', Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + +class Filter(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('not', Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + +# End of Filter hack + +class SearchRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('baseObject', LDAPDN()), + namedtype.NamedType('scope', univ.Enumerated(namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))), + namedtype.NamedType('derefAliases', univ.Enumerated(namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), ('derefFindingBaseObj', 2), ('derefAlways', 3)))), + namedtype.NamedType('sizeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), + namedtype.NamedType('timeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), + namedtype.NamedType('typesOnly', univ.Boolean()), + namedtype.NamedType('filter', Filter()), + namedtype.NamedType('attributes', AttributeDescriptionList()) + ) + +class UnbindRequest(univ.Null): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) + ) + +class BindResponse(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('matchedDN', LDAPDN()), + namedtype.NamedType('errorMessage', LDAPString()), + namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))) + ) + +class LDAPResult(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('matchedDN', LDAPDN()), + namedtype.NamedType('errorMessage', LDAPString()), + namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + ) + +class SearchResultReference(univ.SequenceOf): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19) + ) + componentType = LDAPURL() + +class SearchResultDone(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5) + ) + +class AttributeTypeAndValues(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + +class ModifyRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('object', LDAPDN()), + namedtype.NamedType('modification', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))), namedtype.NamedType('modification', AttributeTypeAndValues()))))) + ) + +class ModifyResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7) + ) + +class AttributeList(univ.SequenceOf): + componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) + +class AddRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('entry', LDAPDN()), + namedtype.NamedType('attributes', AttributeList()) + ) + +class AddResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9) + ) + +class DelRequest(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10) + ) + +class DelResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11) + ) + +class ModifyDNRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('entry', LDAPDN()), + namedtype.NamedType('newrdn', RelativeLDAPDN()), + namedtype.NamedType('deleteoldrdn', univ.Boolean()), + namedtype.OptionalNamedType('newSuperior', LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + + ) + +class ModifyDNResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13) + ) + +class CompareRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('entry', LDAPDN()), + namedtype.NamedType('ava', AttributeValueAssertion()) + ) + +class CompareResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15) + ) + +class AbandonRequest(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16) + ) + +class ExtendedRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('requestName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class ExtendedResponse(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('matchedDN', LDAPDN()), + namedtype.NamedType('errorMessage', LDAPString()), + namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + + namedtype.OptionalNamedType('responseName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))), + namedtype.OptionalNamedType('response', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11))) + ) + +class MessageID(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, maxInt + ) + +class LDAPMessage(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('messageID', MessageID()), + namedtype.NamedType('protocolOp', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('bindRequest', BindRequest()), namedtype.NamedType('bindResponse', BindResponse()), namedtype.NamedType('unbindRequest', UnbindRequest()), namedtype.NamedType('searchRequest', SearchRequest()), namedtype.NamedType('searchResEntry', SearchResultEntry()), namedtype.NamedType('searchResDone', SearchResultDone()), namedtype.NamedType('searchResRef', SearchResultReference()), namedtype.NamedType('modifyRequest', ModifyRequest()), namedtype.NamedType('modifyResponse', ModifyResponse()), namedtype.NamedType('addRequest', AddRequest()), namedtype.NamedType('addResponse', AddResponse()), namedtype.NamedType('delRequest', DelRequest()), namedtype.NamedType('delResponse', DelResponse()), namedtype.NamedType('modDNRequest', ModifyDNRequest()), namedtype.NamedType('modDNResponse', ModifyDNResponse()), namedtype.NamedType('compareRequest', CompareRequest()), namedtype.NamedType('compareResponse', CompareResponse()), namedtype.NamedType('abandonRequest', AbandonRequest()), namedtype.NamedType('extendedReq', ExtendedRequest()), namedtype.NamedType('extendedResp', ExtendedResponse())))), + namedtype.OptionalNamedType('controls', Controls().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py new file mode 100644 index 0000000..b2eb520 --- /dev/null +++ b/pyasn1_modules/rfc2315.py @@ -0,0 +1,205 @@ +# +# PKCS#7 message syntax +# +# ASN.1 source from: +# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/pkcs7.asn +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful +from pyasn1_modules.rfc2459 import * + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) + ) + +class AttributeValueAssertion(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('attributeType', AttributeType()), + namedtype.NamedType('attributeValue', AttributeValue()) + ) + +pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7') +data = univ.ObjectIdentifier('1.2.840.113549.1.7.1') +signedData = univ.ObjectIdentifier('1.2.840.113549.1.7.2') +envelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.3') +signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4') +digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5') +encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6') + +class ContentType(univ.ObjectIdentifier): pass + +class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass + +class EncryptedContent(univ.OctetString): pass + +class EncryptedContentInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + +class Version(univ.Integer): pass # overrides x509.Version + +class EncryptedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) + ) + +class DigestAlgorithmIdentifier(AlgorithmIdentifier): pass + +class DigestAlgorithmIdentifiers(univ.SetOf): + componentType = DigestAlgorithmIdentifier() + +class Digest(univ.OctetString): pass + +class ContentInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.OptionalNamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + +class DigestedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('contentInfo', ContentInfo()), + namedtype.NamedType('digest', Digest) + ) + +class IssuerAndSerialNumber(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('serialNumber', CertificateSerialNumber()) + ) + +class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass + +class EncryptedKey(univ.OctetString): pass + +class RecipientInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) + ) + +class RecipientInfos(univ.SetOf): + componentType = RecipientInfo() + +class Attributes(univ.SetOf): + componentType = Attribute() + +class ExtendedCertificateInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('certificate', Certificate()), + namedtype.NamedType('attributes', Attributes()) + ) + +class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass + +class Signature(univ.BitString): pass + +class ExtendedCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) + ) + +class ExtendedCertificateOrCertificate(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + +class ExtendedCertificatesAndCertificates(univ.SetOf): + componentType = ExtendedCertificateOrCertificate() + +class SerialNumber(univ.Integer): pass + +class CRLEntry(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userCertificate', SerialNumber()), + namedtype.NamedType('revocationDate', useful.UTCTime()) + ) + +class TBSCertificateRevocationList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('lastUpdate', useful.UTCTime()), + namedtype.NamedType('nextUpdate', useful.UTCTime()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry())) + ) + +class CertificateRevocationList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + +class CertificateRevocationLists(univ.SetOf): + componentType = CertificateRevocationList() + +class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass + +class EncryptedDigest(univ.OctetString): pass + +class SignerInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedDigest', EncryptedDigest()), + namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + +class SignerInfos(univ.SetOf): + componentType = SignerInfo() + +class SignedAndEnvelopedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) + ) + +class EnvelopedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) + ) + +class DigestInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('digest', Digest()) + ) + +class SignedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('contentInfo', ContentInfo()), + namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) + ) + +class Data(univ.OctetString): pass diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py new file mode 100644 index 0000000..1f9e11e --- /dev/null +++ b/pyasn1_modules/rfc2459.py @@ -0,0 +1,111 @@ +# +# X.509 message syntax +# +# ASN.1 source from: +# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful + +# Would be autogenerated from ASN.1 source by a ASN.1 parser +# X.509 spec (rfc2459) + +MAX = 64 # XXX ? + +class DirectoryString(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX + ) + +class AttributeValue(univ.Any): pass + +class AttributeType(univ.ObjectIdentifier): pass + +class AttributeTypeAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('value', AttributeValue()) + ) + +class RelativeDistinguishedName(univ.SetOf): + componentType = AttributeTypeAndValue() + +class RDNSequence(univ.SequenceOf): + componentType = RelativeDistinguishedName() + +class Name(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('', RDNSequence()) + ) + +class AlgorithmIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) + ) + +class Extension(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean('False')), + namedtype.NamedType('extnValue', univ.Any()) + ) + +class Extensions(univ.SequenceOf): + componentType = Extension() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + +class SubjectPublicKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + ) + +class UniqueIdentifier(univ.BitString): pass + +class Time(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) + ) + +class Validity(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) + ) + +class CertificateSerialNumber(univ.Integer): pass + +class Version(univ.Integer): + namedValues = namedval.NamedValues( + ('v1', 0), ('v2', 1), ('v3', 2) + ) + +class TBSCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1', tagSet=Version.tagSet.tagExplicitly(tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + +class Certificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signatureValue', univ.BitString()) + ) diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py new file mode 100644 index 0000000..0be1091 --- /dev/null +++ b/pyasn1_modules/rfc2560.py @@ -0,0 +1,171 @@ +# +# OCSP request/response syntax +# +# Derived from a minimal OCSP library (RFC2560) code written by +# Bud P. Bruegger +# Copyright: Ancitel, S.p.a, Rome, Italy +# License: BSD +# + +# +# current limitations: +# * request and response works only for a single certificate +# * only some values are parsed out of the response +# * the request does't set a nonce nor signature +# * there is no signature validation of the response +# * dates are left as strings in GeneralizedTime format -- datetime.datetime +# would be nicer +# +from pyasn1.type import tag, namedtype, namedval, univ, constraint, useful +from pyasn1_modules import rfc2459 + +# Start of OCSP module definitions + +# This should be in directory Authentication Framework (X.509) module + +class CRLReason(univ.Enumerated): + namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8), + ('privilegeWithdrawn', 9), + ('aACompromise', 10) + ) + +# end of directory Authentication Framework (X.509) module + +# This should be in PKIX Certificate Extensions module + +class GeneralName(univ.OctetString): pass + +# end of PKIX Certificate Extensions module + +id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9)) +id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1)) +id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1)) +id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2)) +id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3)) +id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4)) +id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5)) +id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6)) +id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7)) + +class AcceptableResponses(univ.SequenceOf): + componentType = univ.ObjectIdentifier() + +class ArchiveCutoff(useful.GeneralizedTime): pass + +class UnknownInfo(univ.Null): pass + +class RevokedInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('revocationTime', useful.GeneralizedTime()), + namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class CertID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('issuerNameHash', univ.OctetString()), + namedtype.NamedType('issuerKeyHash', univ.OctetString()), + namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber()) + ) + +class CertStatus(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('good', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('revoked', RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('unknown', UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +class SingleResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certID', CertID()), + namedtype.NamedType('certStatus', CertStatus()), + namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class KeyHash(univ.OctetString): pass + +class ResponderID(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('byName', rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('byKey', KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +class Version(univ.Integer): + namedValues = namedval.NamedValues(('v1', 0)) + +class ResponseData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('responderID', ResponderID()), + namedtype.NamedType('producedAt', useful.GeneralizedTime()), + namedtype.NamedType('responses', univ.SequenceOf(SingleResponse())), + namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class BasicOCSPResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsResponseData', ResponseData()), + namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()), + namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class ResponseBytes(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('responseType', univ.ObjectIdentifier()), + namedtype.NamedType('response', univ.OctetString()) + ) + +class OCSPResponseStatus(univ.Enumerated): + namedValues = namedval.NamedValues( + ('successful', 0), + ('malformedRequest', 1), + ('internalError', 2), + ('tryLater', 3), + ('undefinedStatus', 4), # should never occur + ('sigRequired', 5), + ('unauthorized', 6) + ) + +class OCSPResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('responseStatus', OCSPResponseStatus()), + namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class Request(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('reqCert', CertID()), + namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class Signature(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()), + namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class TBSRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestorName', GeneralName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('requestList', univ.SequenceOf(Request())), + namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +class OCSPRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsRequest', TBSRequest()), + namedtype.OptionalNamedType('optionalSignature', Signature().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) -- cgit v1.2.3 From 2ec945cf86db24f83b4a6ee9a7b361028e7e82b0 Mon Sep 17 00:00:00 2001 From: elie Date: Sun, 2 Oct 2011 21:14:04 +0000 Subject: got rid of long typed constants --- pyasn1_modules/rfc1157.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index 723d58d..df145b1 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -56,21 +56,21 @@ class Counter(univ.Integer): tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( - 0, 4294967295L + 0, 4294967295 ) class Gauge(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( - 0, 4294967295L + 0, 4294967295 ) class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( - 0, 4294967295L + 0, 4294967295 ) class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( -- cgit v1.2.3 From 73c9f1f91a904b0edab20163a9424a59d1fca114 Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 3 Oct 2011 14:58:06 +0000 Subject: convert read cert into bytes (py3k style) --- pyasn1_modules/pem.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index e1554a4..c2cd459 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -1,4 +1,4 @@ -import base64, string +import base64 stSpam, stHam, stDump = 0, 1, 2 @@ -9,7 +9,7 @@ def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', certLine = fileObj.readline() if not certLine: break - certLine = string.strip(certLine) + certLine = certLine.strip() if state == stSpam: if certLine == startMarker: certLines = [] @@ -19,9 +19,9 @@ def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', if certLine == endMarker: state = stDump else: - certLines.append(certLine) + certLines.append(certLine.encode()) if state == stDump: - substrate = '' + substrate = ''.encode() for certLine in certLines: substrate = substrate + base64.decodestring(certLine) return substrate -- cgit v1.2.3 From 6ea731c79d1ca26b429f5bd18f6361bf58f661b8 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 5 Oct 2011 20:14:55 +0000 Subject: use bytes and decodebytes() on py3k --- pyasn1_modules/pem.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index c2cd459..288969b 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -1,4 +1,4 @@ -import base64 +import base64, sys stSpam, stHam, stDump = 0, 1, 2 @@ -19,9 +19,16 @@ def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', if certLine == endMarker: state = stDump else: - certLines.append(certLine.encode()) + certLines.append(certLine) if state == stDump: - substrate = ''.encode() + substrate = '' for certLine in certLines: - substrate = substrate + base64.decodestring(certLine) + if sys.version_info[0] <= 2: + substrate = substrate + base64.decodestring(certLine) + else: + if not substrate: + substrate = substrate.encode() + substrate = substrate + base64.decodebytes( + certLine.encode() + ) return substrate -- cgit v1.2.3 From 68b88393e791eaacaaff5b8429ee8c8ce80a19a7 Mon Sep 17 00:00:00 2001 From: elie Date: Thu, 5 Apr 2012 21:38:37 +0000 Subject: rfc2511 added --- pyasn1_modules/rfc2511.py | 176 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 pyasn1_modules/rfc2511.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py new file mode 100644 index 0000000..d7cdf57 --- /dev/null +++ b/pyasn1_modules/rfc2511.py @@ -0,0 +1,176 @@ +# +# X.509 certificate Request Message Format (CRMF) message syntax +# +# ASN.1 source from: +# http://tools.ietf.org/html/rfc2511 +# +# Sample captures could be obtained with OpenSSL +# +from pyasn1.type import tag, namedtype, namedval, univ, constraint, char,useful +from pyasn1_modules.rfc2459 import * +from pyasn1_modules import rfc2315 + +MAX=16 + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') +id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5') +id_regCtrl = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1') +id_regCtrl_regToken = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.1') +id_regCtrl_authenticator = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.2') +id_regCtrl_pkiPublicationInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.3') +id_regCtrl_pkiArchiveOptions = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.4') +id_regCtrl_oldCertID = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.5') +id_regCtrl_protocolEncrKey = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.6') +id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2') +id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1') +id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2') + +# This should be in PKIX Certificate Extensions module + +class GeneralName(univ.OctetString): pass + +# end of PKIX Certificate Extensions module + +class UTF8Pairs(char.UTF8String): pass + +class ProtocolEncrKey(SubjectPublicKeyInfo): pass + +class CertId(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', GeneralName()), + namedtype.NamedType('serialNumber', univ.Integer()) + ) + +class OldCertId(CertId): pass + +class KeyGenParameters(univ.OctetString): pass + +class EncryptedValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('encValue', univ.BitString()) + ) + +class EncryptedKey(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedValue', EncryptedValue()), + namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + +class PKIArchiveOptions(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +class SinglePubInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('pubMethod', univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), + namedtype.OptionalNamedType('pubLocation', GeneralName()) + ) + +class PKIPublicationInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), + namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + +class Authenticator(char.UTF8String): pass +class RegToken(char.UTF8String): pass + +class SubsequentMessage(univ.Integer): + namedValues = namedval.NamedValues( + ('encrCert', 0), + ('challengeResp', 1) + ) + +class POPOPrivKey(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +class PBMParameter(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString()), + namedtype.NamedType('owf', AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', AlgorithmIdentifier()) + ) + +class PKMACValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algId', AlgorithmIdentifier()), + namedtype.NamedType('value', univ.BitString()) + ) + +class POPOSigningKeyInput(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('publicKeyMAC', PKMACValue())))), + namedtype.NamedType('publicKey', SubjectPublicKeyInfo()) + ) + +class POPOSigningKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + +class ProofOfPossession(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signature', POPOSigningKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + ) + +class Controls(univ.SequenceOf): + componentType = AttributeTypeAndValue() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +class OptionalValidity(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class CertTemplate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('validity', OptionalValidity().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), + namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + +class CertRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('certTemplate', CertTemplate()), + namedtype.OptionalNamedType('controls', Controls()) + ) + +class CertReq(CertRequest): pass + +class CertReqMsg(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReq', CertRequest()), + namedtype.OptionalNamedType('pop', ProofOfPossession()), + namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + +class CertReqMessages(univ.SequenceOf): + componentType = CertReqMsg() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) -- cgit v1.2.3 From 58fd67020ddec8b43c98099e86df94da2b7853ba Mon Sep 17 00:00:00 2001 From: elie Date: Fri, 6 Apr 2012 21:05:41 +0000 Subject: readBase64FromFile() added --- pyasn1_modules/pem.py | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index 288969b..332acc4 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -2,8 +2,7 @@ import base64, sys stSpam, stHam, stDump = 0, 1, 2 -def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', - endMarker='-----END CERTIFICATE-----'): +def readPemFromFile(fileObj, startMarker, endMarker): state = stSpam while 1: certLine = fileObj.readline() @@ -21,14 +20,15 @@ def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', else: certLines.append(certLine) if state == stDump: - substrate = '' - for certLine in certLines: - if sys.version_info[0] <= 2: - substrate = substrate + base64.decodestring(certLine) - else: - if not substrate: - substrate = substrate.encode() - substrate = substrate + base64.decodebytes( - certLine.encode() - ) - return substrate + if sys.version_info[0] <= 2: + return ''.join([ base64.decodestring(x) for x in certLines ]) + else: + return ''.encode().join([ base64.decodebytes(x.encode()) for x in certLines ]) + +def readBase64FromFile(fileObj): + if sys.version_info[0] <= 2: + return ''.join([ base64.decodestring(x) for x in fileObj.readlines() ]) + else: + return ''.encode().join( + [ base64.decodebytes(x.encode()) for x in fileObj.readlines() ] + ) -- cgit v1.2.3 From 431c3e1cb9d2c4e3a0b1658986fd520bbb9021f3 Mon Sep 17 00:00:00 2001 From: elie Date: Sat, 7 Apr 2012 14:31:00 +0000 Subject: comment --- pyasn1_modules/rfc2511.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index d7cdf57..132be13 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -1,5 +1,5 @@ # -# X.509 certificate Request Message Format (CRMF) message syntax +# X.509 certificate Request Message Format (CRMF) syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc2511 -- cgit v1.2.3 From b4930598b46435b0c9f4166911ed205cbad68aca Mon Sep 17 00:00:00 2001 From: elie Date: Sat, 7 Apr 2012 14:34:22 +0000 Subject: PKCS#10 structures and pkcs10dump.py tool added --- pyasn1_modules/rfc2314.py | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 pyasn1_modules/rfc2314.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2314.py b/pyasn1_modules/rfc2314.py new file mode 100644 index 0000000..037be0e --- /dev/null +++ b/pyasn1_modules/rfc2314.py @@ -0,0 +1,34 @@ +# +# PKCS#10 syntax +# +# ASN.1 source from: +# http://tools.ietf.org/html/rfc2314 +# +# Sample captures could be obtained with "openssl req" command +# +from pyasn1.type import tag, namedtype, namedval, univ, constraint +from pyasn1_modules.rfc2459 import * +from pyasn1_modules import rfc2251 + +class Attributes(univ.SetOf): + componentType = rfc2251.Attribute() + +class Version(univ.Integer): pass + +class CertificationRequestInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + +class Signature(univ.BitString): pass +class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass + +class CertificationRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) + ) -- cgit v1.2.3 From 2ce2fae093a8efd1f0474b0daec171fa822ebb60 Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 9 Apr 2012 12:11:22 +0000 Subject: readPemFromFile now supported a collection of markers --- pyasn1_modules/pem.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index 332acc4..5009c01 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -10,12 +10,12 @@ def readPemFromFile(fileObj, startMarker, endMarker): break certLine = certLine.strip() if state == stSpam: - if certLine == startMarker: + if certLine == startMarker or certLine in startMarker: certLines = [] state = stHam continue if state == stHam: - if certLine == endMarker: + if certLine == endMarker or certLine in endMarker: state = stDump else: certLines.append(certLine) -- cgit v1.2.3 From 8094138709c4f8f4d5b00dea27c4da937094cc57 Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 9 Apr 2012 15:03:45 +0000 Subject: initial revision --- pyasn1_modules/rfc5208.py | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 pyasn1_modules/rfc5208.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc5208.py b/pyasn1_modules/rfc5208.py new file mode 100644 index 0000000..d1d2c16 --- /dev/null +++ b/pyasn1_modules/rfc5208.py @@ -0,0 +1,39 @@ +# +# PKCS#8 syntax +# +# ASN.1 source from: +# http://tools.ietf.org/html/rfc5208 +# +# Sample captures could be obtained with "openssl pkcs8 -topk8" command +# +from pyasn1.type import tag, namedtype, namedval, univ, constraint +from pyasn1_modules.rfc2459 import * +from pyasn1_modules import rfc2251 + +class KeyEncryptionAlgorithms(AlgorithmIdentifier): pass + +class PrivateKeyAlgorithms(AlgorithmIdentifier): pass + +class EncryptedData(univ.OctetString): pass + +class EncryptedPrivateKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptionAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('encryptedData', EncryptedData()) + ) + +class PrivateKey(univ.OctetString): pass + +class Attributes(univ.SetOf): + componentType = rfc2251.Attribute() + +class Version(univ.Integer): + namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) + +class PrivateKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('privateKey', PrivateKey()), + namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) -- cgit v1.2.3 From e437420cfcdcd12bf62ce5031dbad5e9c106bfac Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 9 Apr 2012 16:40:45 +0000 Subject: typo --- pyasn1_modules/rfc2315.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index b2eb520..76bb957 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -5,7 +5,7 @@ # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/pkcs7.asn # # Sample captures from: -# http://wiki.wireshark.org/SampleCaptures/ +# openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b # from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful from pyasn1_modules.rfc2459 import * -- cgit v1.2.3 From 8369f6e10a86abc7bdff11f0242aa6f8bc209562 Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 9 Apr 2012 16:43:39 +0000 Subject: PKCS#1 implementation improved --- pyasn1_modules/rfc2437.py | 53 +++++++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc3447.py | 35 +++++++++++++++++++++++++++++++ 2 files changed, 88 insertions(+) create mode 100644 pyasn1_modules/rfc2437.py create mode 100644 pyasn1_modules/rfc3447.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py new file mode 100644 index 0000000..3abf6dc --- /dev/null +++ b/pyasn1_modules/rfc2437.py @@ -0,0 +1,53 @@ +# +# PKCS#1 syntax +# +# ASN.1 source from: +# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2.asn +# +# Sample captures could be obtained with "openssl genrsa" command +# +from pyasn1.type import tag, namedtype, namedval, univ, constraint +from pyasn1_modules.rfc2459 import AlgorithmIdentifier + +pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') +rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') +md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') +md4WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.3') +md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') +sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') +rsaOAEPEncryptionSET = univ.ObjectIdentifier('1.2.840.113549.1.1.6') +id_RSAES_OAEP = univ.ObjectIdentifier('1.2.840.113549.1.1.7') +id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8') +id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9') +id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') + +MAX = 16 + +class Version(univ.Integer): pass + +class RSAPrivateKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()), + namedtype.NamedType('privateExponent', univ.Integer()), + namedtype.NamedType('prime1', univ.Integer()), + namedtype.NamedType('prime2', univ.Integer()), + namedtype.NamedType('exponent1', univ.Integer()), + namedtype.NamedType('exponent2', univ.Integer()), + namedtype.NamedType('coefficient', univ.Integer()) + ) + +class RSAPublicKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()) + ) + +# XXX defaults not set +class RSAES_OAEP_params(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) diff --git a/pyasn1_modules/rfc3447.py b/pyasn1_modules/rfc3447.py new file mode 100644 index 0000000..96dea7f --- /dev/null +++ b/pyasn1_modules/rfc3447.py @@ -0,0 +1,35 @@ +# +# PKCS#1 syntax +# +# ASN.1 source from: +# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn +# +# Sample captures could be obtained with "openssl genrsa" command +# +from pyasn1_modules.rfc2437 import * + +class OtherPrimeInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('prime', univ.Integer()), + namedtype.NamedType('exponent', univ.Integer()), + namedtype.NamedType('coefficient', univ.Integer()) + ) + +class OtherPrimeInfos(univ.SequenceOf): + componentType = OtherPrimeInfo() + subtypeSpec = univ.SequenceOf.subtypeSpec + \ + constraint.ValueSizeConstraint(1, MAX) + +class RSAPrivateKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('two-prime', 0), ('multi', 1)))), + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()), + namedtype.NamedType('privateExponent', univ.Integer()), + namedtype.NamedType('prime1', univ.Integer()), + namedtype.NamedType('prime2', univ.Integer()), + namedtype.NamedType('exponent1', univ.Integer()), + namedtype.NamedType('exponent2', univ.Integer()), + namedtype.NamedType('coefficient', univ.Integer()), + namedtype.OptionalNamedType('otherPrimeInfos', OtherPrimeInfos()) + ) -- cgit v1.2.3 From 200a4a10fe23efa2e198644b1d93d5eae71ad6a0 Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 9 Apr 2012 16:45:19 +0000 Subject: DSAPrivateKey moved in here --- pyasn1_modules/rfc2459.py | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 1f9e11e..53c6666 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -14,6 +14,17 @@ from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful MAX = 64 # XXX ? +class DSAPrivateKey(univ.Sequence): + """PKIX compliant DSA private key structure""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('public', univ.Integer()), + namedtype.NamedType('private', univ.Integer()) + ) + class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), -- cgit v1.2.3 From 4fe8c7ae42a90ce19425a335770e5198b5bcca56 Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 9 Apr 2012 16:46:29 +0000 Subject: readPemFromFile() improved to select one of possible many PEM headers --- pyasn1_modules/pem.py | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index 5009c01..e71fb14 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -2,7 +2,14 @@ import base64, sys stSpam, stHam, stDump = 0, 1, 2 -def readPemFromFile(fileObj, startMarker, endMarker): +# The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')... +# Return is (marker-index, substrate) +def readPemFromFile(fileObj, *markers): + startMarkers = dict(map(lambda x: (x[1],x[0]), + enumerate(map(lambda x: x[0], markers)))) + stopMarkers = dict(map(lambda x: (x[1],x[0]), + enumerate(map(lambda x: x[1], markers)))) + idx = -1; substrate = '' state = stSpam while 1: certLine = fileObj.readline() @@ -10,20 +17,23 @@ def readPemFromFile(fileObj, startMarker, endMarker): break certLine = certLine.strip() if state == stSpam: - if certLine == startMarker or certLine in startMarker: + if certLine in startMarkers: certLines = [] + idx = startMarkers[certLine] state = stHam continue if state == stHam: - if certLine == endMarker or certLine in endMarker: + if certLine in stopMarkers and stopMarkers[certLine] == idx: state = stDump else: certLines.append(certLine) if state == stDump: if sys.version_info[0] <= 2: - return ''.join([ base64.decodestring(x) for x in certLines ]) + substrate = ''.join([ base64.decodestring(x) for x in certLines ]) else: - return ''.encode().join([ base64.decodebytes(x.encode()) for x in certLines ]) + substrate = ''.encode().join([ base64.decodebytes(x.encode()) for x in certLines ]) + break + return idx, substrate def readBase64FromFile(fileObj): if sys.version_info[0] <= 2: -- cgit v1.2.3 From 9c8eb1c4afaf3da758989077cb4385a76c7b074c Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 11 Apr 2012 14:23:33 +0000 Subject: use rfc2459.Attribute() instead of rfc2251.Attribute() --- pyasn1_modules/rfc2314.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2314.py b/pyasn1_modules/rfc2314.py index 037be0e..86b11fb 100644 --- a/pyasn1_modules/rfc2314.py +++ b/pyasn1_modules/rfc2314.py @@ -8,10 +8,9 @@ # from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import * -from pyasn1_modules import rfc2251 class Attributes(univ.SetOf): - componentType = rfc2251.Attribute() + componentType = Attribute() class Version(univ.Integer): pass -- cgit v1.2.3 From d9f009a4f88780145622a47b050aa6e787f2f44f Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 11 Apr 2012 14:24:36 +0000 Subject: complete PKIX1 '88 code implemented --- pyasn1_modules/rfc2459.py | 827 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 804 insertions(+), 23 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 53c6666..c5021e0 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -3,37 +3,71 @@ # # ASN.1 source from: # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn +# http://www.ietf.org/rfc/rfc2459.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful -# Would be autogenerated from ASN.1 source by a ASN.1 parser -# X.509 spec (rfc2459) - MAX = 64 # XXX ? -class DSAPrivateKey(univ.Sequence): - """PKIX compliant DSA private key structure""" - componentType = namedtype.NamedTypes( - namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), - namedtype.NamedType('p', univ.Integer()), - namedtype.NamedType('q', univ.Integer()), - namedtype.NamedType('g', univ.Integer()), - namedtype.NamedType('public', univ.Integer()), - namedtype.NamedType('private', univ.Integer()) - ) +# +# PKIX1Explicit88 +# -class DirectoryString(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX - ) +# Upper Bounds +ub_name = univ.Integer(32768) +ub_common_name = univ.Integer(64) +ub_locality_name = univ.Integer(128) +ub_state_name = univ.Integer(128) +ub_organization_name = univ.Integer(64) +ub_organizational_unit_name = univ.Integer(64) +ub_title = univ.Integer(64) +ub_match = univ.Integer(128) +ub_emailaddress_length = univ.Integer(128) +ub_common_name_length = univ.Integer(64) +ub_country_name_alpha_length = univ.Integer(2) +ub_country_name_numeric_length = univ.Integer(3) +ub_domain_defined_attributes = univ.Integer(4) +ub_domain_defined_attribute_type_length = univ.Integer(8) +ub_domain_defined_attribute_value_length = univ.Integer(128) +ub_domain_name_length = univ.Integer(16) +ub_extension_attributes = univ.Integer(256) +ub_e163_4_number_length = univ.Integer(15) +ub_e163_4_sub_address_length = univ.Integer(40) +ub_generation_qualifier_length = univ.Integer(3) +ub_given_name_length = univ.Integer(16) +ub_initials_length = univ.Integer(5) +ub_integer_options = univ.Integer(256) +ub_numeric_user_id_length = univ.Integer(32) +ub_organization_name_length = univ.Integer(64) +ub_organizational_unit_name_length = univ.Integer(32) +ub_organizational_units = univ.Integer(4) +ub_pds_name_length = univ.Integer(16) +ub_pds_parameter_length = univ.Integer(30) +ub_pds_physical_address_lines = univ.Integer(6) +ub_postal_code_length = univ.Integer(16) +ub_surname_length = univ.Integer(40) +ub_terminal_id_length = univ.Integer(24) +ub_unformatted_address_length = univ.Integer(180) +ub_x121_address_length = univ.Integer(16) + +class UniversalString(char.UniversalString): pass +class BMPString(char.BMPString): pass +class UTF8String(char.UTF8String): pass + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') +id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') +id_qt = univ.ObjectIdentifier('1.3.6.1.5.5.7.2') +id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') +id_ad = univ.ObjectIdentifier('1.3.6.1.5.5.7.48') + +id_qt_cps = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.1') +id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') + +id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') +id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') class AttributeValue(univ.Any): pass @@ -45,6 +79,125 @@ class AttributeTypeAndValue(univ.Sequence): namedtype.NamedType('value', AttributeValue()) ) +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + +id_at = univ.ObjectIdentifier('2.5.4') +id_at_name = univ.ObjectIdentifier('2.5.4.41') +id_at_sutname = univ.ObjectIdentifier('2.5.4.4') +id_at_givenName = univ.ObjectIdentifier('2.5.4.42') +id_at_initials = univ.ObjectIdentifier('2.5.4.43') +id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') + +class X520name(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) + ) + +id_at_commonName = univ.ObjectIdentifier('2.5.4.3') + +class X520CommonName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) + ) + +id_at_localityName = univ.ObjectIdentifier('2.5.4.7') + +class X520LocalityName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) + ) + +id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') + +class X520StateOrProvinceName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) + ) + +id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') + +class X520OrganizationName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) + ) + +id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') + +class X520OrganizationalUnitName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) + ) + +id_at_title = univ.ObjectIdentifier('2.5.4.12') + +class X520Title(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) + ) + +id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') + +class X520dnQualifier(char.PrintableString): pass + +id_at_countryName = univ.ObjectIdentifier('2.5.4.6') + +class X520countryName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) + +pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') + +emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') + +class Pkcs9email(char.IA5String): + subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) + +# ---- + +class DSAPrivateKey(univ.Sequence): + """PKIX compliant DSA private key structure""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('public', univ.Integer()), + namedtype.NamedType('private', univ.Integer()) + ) + +# ---- + class RelativeDistinguishedName(univ.SetOf): componentType = AttributeTypeAndValue() @@ -55,6 +208,18 @@ class Name(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('', RDNSequence()) ) + +class DirectoryString(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX + ) + +# certificate and CRL specific structures begin here class AlgorithmIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( @@ -102,7 +267,7 @@ class Version(univ.Integer): class TBSCertificate(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1', tagSet=Version.tagSet.tagExplicitly(tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))), + namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), @@ -120,3 +285,619 @@ class Certificate(univ.Sequence): namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signatureValue', univ.BitString()) ) + +# CRL structures + +class RevokedCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + ) + +class TBSCertList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), + namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + +class CertificateList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + +# Algorithm OIDs and parameter structures + +pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') +rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') +md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') +md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') +sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') +id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') + +class Dss_Sig_Value(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('r', univ.Integer()), + namedtype.NamedType('s', univ.Integer()) + ) + +dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') + +class ValidationParms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('seed', univ.BitString()), + namedtype.NamedType('pgenCounter', univ.Integer()) + ) + +class DomainParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('j', univ.Integer()), + namedtype.OptionalNamedType('validationParms', ValidationParms()) + ) + +id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') + +class Dss_Parms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()) + ) + +# x400 address syntax starts here + +teletex_domain_defined_attributes = univ.Integer(6) + +class TeletexDomainDefinedAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString()) + ) + +class TeletexDomainDefinedAttributes(univ.SequenceOf): + componentType = TeletexDomainDefinedAttribute() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + +terminal_type = univ.Integer(23) + +class TerminalType(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) + namedValues = namedval.NamedValues( + ('telex', 3), + ('teletelex', 4), + ('g3-facsimile', 5), + ('g4-facsimile', 6), + ('ia5-terminal', 7), + ('videotex', 8) + ) + +class PresentationAddress(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + ) + +extended_network_address = univ.Integer(22) + +class E163_4_address(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class ExtendedNetworkAddress(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('e163-4-address', E163_4_address()), + namedtype.NamedType('psap-address', PresentationAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class PDSParameter(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) + ) + +local_postal_attributes = univ.Integer(21) + +class LocalPostalAttributes(PDSParameter): pass + +class UniquePostalName(PDSParameter): pass + +unique_postal_name = univ.Integer(20) + +poste_restante_address = univ.Integer(19) + +class PosteRestanteAddress(PDSParameter): pass + +post_office_box_address = univ.Integer(18) + +class PostOfficeBoxAddress(PDSParameter): pass + +street_address = univ.Integer(17) + +class StreetAddress(PDSParameter): pass + +class UnformattedPostalAddress(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) + ) + +physical_delivery_office_name = univ.Integer(10) + +class PhysicalDeliveryOfficeName(PDSParameter): pass + +physical_delivery_office_number = univ.Integer(11) + +class PhysicalDeliveryOfficeNumber(PDSParameter): pass + +extension_OR_address_components = univ.Integer(12) + +class ExtensionORAddressComponents(PDSParameter): pass + +physical_delivery_personal_name = univ.Integer(13) + +class PhysicalDeliveryPersonalName(PDSParameter): pass + +physical_delivery_organization_name = univ.Integer(14) + +class PhysicalDeliveryOrganizationName(PDSParameter): pass + +extension_physical_delivery_address_components = univ.Integer(15) + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass + +unformatted_postal_address = univ.Integer(16) + +postal_code = univ.Integer(9) + +class PostalCode(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) + ) + +class PhysicalDeliveryCountryName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + ) + +class PDSName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) + +physical_delivery_country_name = univ.Integer(8) + +class TeletexOrganizationalUnitName(char.TeletexString): + subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + +pds_name = univ.Integer(7) + +teletex_organizational_unit_names = univ.Integer(5) + +class TeletexOrganizationalUnitNames(univ.SequenceOf): + componentType = TeletexOrganizationalUnitName() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) + +teletex_personal_name = univ.Integer(4) + +class TeletexPersonalName(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + +teletex_organization_name = univ.Integer(3) + +class TeletexOrganizationName(char.TeletexString): + subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) + +teletex_common_name = univ.Integer(2) + +class TeletexCommonName(char.TeletexString): + subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) + +class CommonName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) + +common_name = univ.Integer(1) + +class ExtensionAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class ExtensionAttributes(univ.SetOf): + componentType = ExtensionAttribute() + subtypeSpec = univ.SetOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) + +class BuiltInDomainDefinedAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + ) + +class BuiltInDomainDefinedAttributes(univ.SequenceOf): + componentType = BuiltInDomainDefinedAttribute() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + +class OrganizationalUnitName(char.PrintableString): + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + +class OrganizationalUnitNames(univ.SequenceOf): + componentType = OrganizationalUnitName() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) + +class PersonalName(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + +class NumericUserIdentifier(char.NumericString): + subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + +class OrganizationName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) + +class PrivateDomainName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) + ) + +class TerminalIdentifier(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) + +class X121Address(char.NumericString): + subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) + +class NetworkAddress(X121Address): pass + +class AdministrationDomainName(univ.Choice): + tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) + ) + +class CountryName(univ.Choice): + tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + ) + +class BuiltInStandardAttributes(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('country-name', CountryName()), + namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) + ) + +class ORAddress(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), + namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), + namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) + ) + +# +# PKIX1Implicit88 +# + +id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') + +class InvalidityDate(useful.GeneralizedTime): pass + +id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') +id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') +id_holdinstruction_reject = univ.ObjectIdentifier('2.2.840.10040.2.3') + +holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') + +id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') + +class HoldInstructionCode(univ.ObjectIdentifier): pass + +id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') + +class CRLReason(univ.Enumerated): + namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8) + ) + +id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') + +class CRLNumber(univ.Integer): + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) + +class BaseCRLNumber(CRLNumber): pass + +id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1.1') +id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') +id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') +id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') +id_kp_ipsecEndSystem = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.5') +id_kp_ipsecTunnel = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.6') +id_kp_ipsecUser = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.7') +id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') +id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') +id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') + +class KeyPurposeId(univ.ObjectIdentifier): pass + +class ExtKeyUsageSyntax(univ.SequenceOf): + componentType = KeyPurposeId() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +class ReasonFlags(univ.BitString): + namedValues = namedval.NamedValues( + ('unused', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6) + ) + + +class SkipCerts(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) + +id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') + +class PolicyConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + +id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') + +class BasicConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('cA', univ.Boolean(False)), + namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) + ) + +id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') + +class SubjectDirectoryAttributes(univ.SequenceOf): + componentType = Attribute() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +class EDIPartyName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +class AnotherName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + +class GeneralName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) + ) + +class GeneralNames(univ.SequenceOf): + componentType = GeneralName() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +class AccessDescription(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) + ) + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + componentType = AccessDescription() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') + +class DistributionPointName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + +class DistributionPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) +class BaseDistance(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) + +id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') + +class CRLDistPointsSyntax(univ.SequenceOf): + componentType = DistributionPoint + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) +id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') + +class IssuingDistributionPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + +class GeneralSubtree(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.NamedType('minimum', BaseDistance(0).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + +class GeneralSubtrees(univ.SequenceOf): + componentType = GeneralSubtree() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') + +class NameConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class DisplayText(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) + ) + +class NoticeReference(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) + ) + +class UserNotice(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) + ) + +class CPSuri(char.IA5String): pass + +class PolicyQualifierId(univ.ObjectIdentifier): + subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) + +class CertPolicyId(univ.ObjectIdentifier): pass + +class PolicyQualifierInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType('qualifier', univ.Any()) + ) + +id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') + +class PolicyInformation(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', CertPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + +class CertificatePolicies(univ.SequenceOf): + componentType = PolicyInformation() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') + +class PolicyMapping(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) + ) + +class PolicyMappings(univ.SequenceOf): + componentType = PolicyMapping() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') + +class PrivateKeyUsagePeriod(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + +id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') + +class KeyUsage(univ.BitString): + namedValues = namedval.NamedValues( + ('digitalSignature', 0), + ('nonRepudiation', 1), + ('keyEncipherment', 2), + ('dataEncipherment', 3), + ('keyAgreement', 4), + ('keyCertSign', 5), + ('cRLSign', 6), + ('encipherOnly', 7), + ('decipherOnly', 8) + ) + +id_ce = univ.ObjectIdentifier('2.5.29') + +id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') + +class KeyIdentifier(univ.OctetString): pass + +id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') + +class SubjectKeyIdentifier(KeyIdentifier): pass + +class AuthorityKeyIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') + +class CertificateIssuer(GeneralNames): pass + +id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') + +class SubjectAltName(GeneralNames): pass + +id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') + +class IssuerAltName(GeneralNames): pass -- cgit v1.2.3 From 569b924c66742a7ccb19225a75f80c37b1a8e208 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 11 Apr 2012 16:51:54 +0000 Subject: SNMPv1 module splitted on two --- pyasn1_modules/rfc1155.py | 73 +++++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc1157.py | 76 +++++------------------------------------------ 2 files changed, 80 insertions(+), 69 deletions(-) create mode 100644 pyasn1_modules/rfc1155.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc1155.py b/pyasn1_modules/rfc1155.py new file mode 100644 index 0000000..9e3c5cd --- /dev/null +++ b/pyasn1_modules/rfc1155.py @@ -0,0 +1,73 @@ +# +# SNMPv1 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1155.txt +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint + +class ObjectName(univ.ObjectIdentifier): pass + +class SimpleSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('number', univ.Integer()), + namedtype.NamedType('string', univ.OctetString()), + namedtype.NamedType('object', univ.ObjectIdentifier()), + namedtype.NamedType('empty', univ.Null()) + ) + +class IpAddress(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( + 4, 4 + ) +class NetworkAddress(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('internet', IpAddress()) + ) + +class Counter(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) +class Gauge(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) +class TimeTicks(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) +class Opaque(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) + ) + +class ApplicationSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('address', NetworkAddress()), + namedtype.NamedType('counter', Counter()), + namedtype.NamedType('gauge', Gauge()), + namedtype.NamedType('ticks', TimeTicks()), + namedtype.NamedType('arbitrary', Opaque()) + ) + +class ObjectSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', SimpleSyntax()), + namedtype.NamedType('application-wide', ApplicationSyntax()) + ) diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index df145b1..6a36b06 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -1,13 +1,14 @@ # -# SNMP message syntax +# SNMPv1 message syntax # # ASN.1 source from: -# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/snmp.asn +# http://www.ietf.org/rfc/rfc1157.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1_modules import rfc1155 class Version(univ.Integer): namedValues = namedval.NamedValues( @@ -29,73 +30,10 @@ class ErrorStatus(univ.Integer): ) class ErrorIndex(univ.Integer): pass -class ObjectName(univ.ObjectIdentifier): pass - -class SimpleSyntax(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('number', univ.Integer()), - namedtype.NamedType('string', univ.OctetString()), - namedtype.NamedType('object', univ.ObjectIdentifier()), - namedtype.NamedType('empty', univ.Null()) - ) - -class IpAddress(univ.OctetString): - tagSet = univ.OctetString.tagSet.tagImplicitly( - tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) - ) - subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( - 4, 4 - ) -class NetworkAddress(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('internet', IpAddress()) - ) - -class Counter(univ.Integer): - tagSet = univ.Integer.tagSet.tagImplicitly( - tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) - ) - subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( - 0, 4294967295 - ) -class Gauge(univ.Integer): - tagSet = univ.Integer.tagSet.tagImplicitly( - tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) - ) - subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( - 0, 4294967295 - ) -class TimeTicks(univ.Integer): - tagSet = univ.Integer.tagSet.tagImplicitly( - tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) - ) - subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( - 0, 4294967295 - ) -class Opaque(univ.OctetString): - tagSet = univ.OctetString.tagSet.tagImplicitly( - tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) - ) - -class ApplicationSyntax(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('address', NetworkAddress()), - namedtype.NamedType('counter', Counter()), - namedtype.NamedType('gauge', Gauge()), - namedtype.NamedType('ticks', TimeTicks()), - namedtype.NamedType('arbitrary', Opaque()) - ) - -class ObjectSyntax(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('simple', SimpleSyntax()), - namedtype.NamedType('application-wide', ApplicationSyntax()) - ) - class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('name', ObjectName()), - namedtype.NamedType('value', ObjectSyntax()) + namedtype.NamedType('name', rfc1155.ObjectName()), + namedtype.NamedType('value', rfc1155.ObjectSyntax()) ) class VarBindList(univ.SequenceOf): componentType = VarBind() @@ -128,10 +66,10 @@ class SetRequestPDU(_RequestBase): class TrapPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('enterprise', univ.ObjectIdentifier()), - namedtype.NamedType('agent-addr', NetworkAddress()), + namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()), namedtype.NamedType('generic-trap', univ.Integer().clone(namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), ('authenticationFailure', 4), ('egpNeighborLoss', 5), ('enterpriseSpecific', 6)))), namedtype.NamedType('specific-trap', univ.Integer()), - namedtype.NamedType('time-stamp', TimeTicks()), + namedtype.NamedType('time-stamp', rfc1155.TimeTicks()), namedtype.NamedType('variable-bindings', VarBindList()) ) -- cgit v1.2.3 From e2e03fcbfc5ca47b247851313bbafb0b70b22570 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 11 Apr 2012 16:53:20 +0000 Subject: initial revision --- pyasn1_modules/rfc1902.py | 105 ++++++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc1905.py | 100 +++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc3412.py | 38 +++++++++++++++++ pyasn1_modules/rfc3414.py | 17 ++++++++ 4 files changed, 260 insertions(+) create mode 100644 pyasn1_modules/rfc1902.py create mode 100644 pyasn1_modules/rfc1905.py create mode 100644 pyasn1_modules/rfc3412.py create mode 100644 pyasn1_modules/rfc3414.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc1902.py b/pyasn1_modules/rfc1902.py new file mode 100644 index 0000000..df0b0c3 --- /dev/null +++ b/pyasn1_modules/rfc1902.py @@ -0,0 +1,105 @@ +# +# SNMPv2c message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1902.txt +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint + +class Integer(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + -2147483648, 2147483647 + ) + +class Integer32(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + -2147483648, 2147483647 + ) + +class OctetString(univ.OctetString): + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueSizeConstraint( + 0, 65535 + ) + +class IpAddress(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00) + ) + subtypeSpec = univ.OctetString.subtypeSpec+constraint.ValueSizeConstraint( + 4, 4 + ) + +class Counter32(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01) + ) + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + 0, 4294967295 + ) + +class Gauge32(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) + ) + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + 0, 4294967295 + ) + +class Unsigned32(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) + ) + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + 0, 4294967295 + ) + +class TimeTicks(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03) + ) + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + 0, 4294967295 + ) + +class Opaque(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04) + ) + +class Counter64(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06) + ) + subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + 0, 18446744073709551615 + ) + +class Bits(univ.OctetString): pass + +class ObjectName(univ.ObjectIdentifier): pass + +class SimpleSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('integer-value', Integer()), + namedtype.NamedType('string-value', OctetString()), + namedtype.NamedType('objectID-value', univ.ObjectIdentifier()) + ) + +class ApplicationSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ipAddress-value', IpAddress()), + namedtype.NamedType('counter-value', Counter32()), + namedtype.NamedType('timeticks-value', TimeTicks()), + namedtype.NamedType('arbitrary-value', Opaque()), + namedtype.NamedType('big-counter-value', Counter64()), +# This conflicts with Counter32 +# namedtype.NamedType('unsigned-integer-value', Unsigned32()), + namedtype.NamedType('gauge32-value', Gauge32()) + ) # BITS misplaced? + +class ObjectSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', SimpleSyntax()), + namedtype.NamedType('application-wide', ApplicationSyntax()) + ) + diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py new file mode 100644 index 0000000..ab6528f --- /dev/null +++ b/pyasn1_modules/rfc1905.py @@ -0,0 +1,100 @@ +# +# SNMPv2c message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1905.txt +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1_modules import rfc1902 + +max_bindings = rfc1902.Integer(2147483647) + +class _BindValue(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('value', rfc1902.ObjectSyntax()), + namedtype.NamedType('unSpecified', univ.Null()), + namedtype.NamedType('noSuchObject', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('noSuchInstance', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('endOfMibView', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + +class VarBind(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('name', rfc1902.ObjectName()), + namedtype.NamedType('', _BindValue()) + ) + +class VarBindList(univ.SequenceOf): + componentType = VarBind() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint( + 0, max_bindings + ) + +class PDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('request-id', rfc1902.Integer32()), + namedtype.NamedType('error-status', univ.Integer(namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), ('notWritable', 17), ('inconsistentName', 18)))), + namedtype.NamedType('error-index', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + +class BulkPDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('request-id', rfc1902.Integer32()), + namedtype.NamedType('non-repeaters', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('max-repetitions', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + +class GetRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + +class GetNextRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + +class ResponsePDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) + +class SetRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + +class GetBulkRequestPDU(BulkPDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) + ) + +class InformRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) + ) + +class SNMPv2TrapPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) + ) + +class ReportPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) + ) + +class PDUs(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('get-request', GetRequestPDU()), + namedtype.NamedType('get-next-request', GetNextRequestPDU()), + namedtype.NamedType('get-bulk-request', GetBulkRequestPDU()), + namedtype.NamedType('response', ResponsePDU()), + namedtype.NamedType('set-request', SetRequestPDU()), + namedtype.NamedType('inform-request', InformRequestPDU()), + namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()), + namedtype.NamedType('report', ReportPDU()) + ) + diff --git a/pyasn1_modules/rfc3412.py b/pyasn1_modules/rfc3412.py new file mode 100644 index 0000000..e80ce31 --- /dev/null +++ b/pyasn1_modules/rfc3412.py @@ -0,0 +1,38 @@ +# +# SNMPv3 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3412.txt +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1_modules import rfc1905 + +class ScopedPDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contextEngineId', univ.OctetString()), + namedtype.NamedType('contextName', univ.OctetString()), + namedtype.NamedType('data', rfc1905.PDUs()) + ) + +class ScopedPduData(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('plaintext', ScopedPDU()), + namedtype.NamedType('encryptedPDU', univ.OctetString()), + ) + +class HeaderData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('msgID', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgMaxSize', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))), + namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))), + namedtype.NamedType('msgSecurityModel', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647))) + ) + +class SNMPv3Message(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('msgVersion', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgGlobalData', HeaderData()), + namedtype.NamedType('msgSecurityParameters', univ.OctetString()), + namedtype.NamedType('msgData', ScopedPduData()) + ) + diff --git a/pyasn1_modules/rfc3414.py b/pyasn1_modules/rfc3414.py new file mode 100644 index 0000000..580c88e --- /dev/null +++ b/pyasn1_modules/rfc3414.py @@ -0,0 +1,17 @@ +# +# SNMPv3 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3414.txt +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint + +class UsmSecurityParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()), + namedtype.NamedType('msgAuthoritativeEngineBoots', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgAuthoritativeEngineTime', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgUserName', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))), + namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()), + namedtype.NamedType('msgPrivacyParameters', univ.OctetString()) + ) -- cgit v1.2.3 From 785070f09615ba1f879de0c626af4f969d1ba553 Mon Sep 17 00:00:00 2001 From: elie Date: Thu, 12 Apr 2012 19:58:48 +0000 Subject: b64decode() seems to be more portable than decodebytes() --- pyasn1_modules/pem.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index e71fb14..abef3e7 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -29,16 +29,16 @@ def readPemFromFile(fileObj, *markers): certLines.append(certLine) if state == stDump: if sys.version_info[0] <= 2: - substrate = ''.join([ base64.decodestring(x) for x in certLines ]) + substrate = ''.join([ base64.b64decode(x) for x in certLines ]) else: - substrate = ''.encode().join([ base64.decodebytes(x.encode()) for x in certLines ]) + substrate = ''.encode().join([ base64.b64decode(x.encode()) for x in certLines ]) break return idx, substrate def readBase64FromFile(fileObj): if sys.version_info[0] <= 2: - return ''.join([ base64.decodestring(x) for x in fileObj.readlines() ]) + return ''.join([ base64.b64decode(x) for x in fileObj.readlines() ]) else: return ''.encode().join( - [ base64.decodebytes(x.encode()) for x in fileObj.readlines() ] + [ base64.b64decode(x.encode()) for x in fileObj.readlines() ] ) -- cgit v1.2.3 From 112d7881b9cdcbbaa42594a599637549fb336d20 Mon Sep 17 00:00:00 2001 From: elie Date: Thu, 12 Apr 2012 20:43:13 +0000 Subject: pem.readPemFromFile() re-worked to remain backward compatible with earlier versions --- pyasn1_modules/pem.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index abef3e7..d8d8158 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -4,7 +4,7 @@ stSpam, stHam, stDump = 0, 1, 2 # The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')... # Return is (marker-index, substrate) -def readPemFromFile(fileObj, *markers): +def readPemBlocksFromFile(fileObj, *markers): startMarkers = dict(map(lambda x: (x[1],x[0]), enumerate(map(lambda x: x[0], markers)))) stopMarkers = dict(map(lambda x: (x[1],x[0]), @@ -35,6 +35,13 @@ def readPemFromFile(fileObj, *markers): break return idx, substrate +# Backward compatibility routine +def readPemFromFile(fileObj, + startMarker='-----BEGIN CERTIFICATE-----', + endMarker='-----END CERTIFICATE-----'): + idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker)) + return substrate + def readBase64FromFile(fileObj): if sys.version_info[0] <= 2: return ''.join([ base64.b64decode(x) for x in fileObj.readlines() ]) -- cgit v1.2.3 From 50ede550416050b4e5e2405f349e9519cff4a471 Mon Sep 17 00:00:00 2001 From: elie Date: Thu, 3 May 2012 21:59:58 +0000 Subject: CMP structures added --- pyasn1_modules/rfc4210.py | 690 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 690 insertions(+) create mode 100644 pyasn1_modules/rfc4210.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py new file mode 100644 index 0000000..b2c898b --- /dev/null +++ b/pyasn1_modules/rfc4210.py @@ -0,0 +1,690 @@ +# +# Certificate Management Protocol structures as per RFC4210 +# +# Based on Alex Railean's work +# +from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful +from pyasn1_modules import rfc2459, rfc2511, rfc2314 + +MAX = 64 + +class KeyIdentifier(univ.OctetString): pass + +class CMPCertificate(rfc2459.Certificate): pass + +class OOBCert(CMPCertificate): pass + +class CertAnnContent(CMPCertificate): pass + +class PKIFreeText(univ.SequenceOf): + """ + PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String + """ + componentType = char.UTF8String() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +class PollRepContent(univ.SequenceOf): + """ + PollRepContent ::= SEQUENCE OF SEQUENCE { + certReqId INTEGER, + checkAfter INTEGER, -- time in seconds + reason PKIFreeText OPTIONAL + } + """ + class CertReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('checkAfter', univ.Integer()), + namedtype.OptionalNamedType('reason', PKIFreeText()) + ) + componentType = CertReq() + +class PollReqContent(univ.SequenceOf): + """ + PollReqContent ::= SEQUENCE OF SEQUENCE { + certReqId INTEGER + } + + """ + class CertReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()) + ) + componentType = CertReq() + +class InfoTypeAndValue(univ.Sequence): + """ + InfoTypeAndValue ::= SEQUENCE { + infoType OBJECT IDENTIFIER, + infoValue ANY DEFINED BY infoType OPTIONAL + }""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('infoType', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('infoValue', univ.Any()) + ) + +class GenRepContent(univ.SequenceOf): + componentType = InfoTypeAndValue() + +class GenMsgContent(univ.SequenceOf): + componentType = InfoTypeAndValue() + +class PKIConfirmContent(univ.Null): pass + +class CRLAnnContent(univ.SequenceOf): + componentType = rfc2459.CertificateList() + +class CAKeyUpdAnnContent(univ.Sequence): + """ + CAKeyUpdAnnContent ::= SEQUENCE { + oldWithNew CMPCertificate, + newWithOld CMPCertificate, + newWithNew CMPCertificate + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('oldWithNew', CMPCertificate()), + namedtype.NamedType('newWithOld', CMPCertificate()), + namedtype.NamedType('newWithNew', CMPCertificate()) + ) + +class RevDetails(univ.Sequence): + """ + RevDetails ::= SEQUENCE { + certDetails CertTemplate, + crlEntryDetails Extensions OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certDetails', rfc2511.CertTemplate()), + namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions()) + ) + +class RevReqContent(univ.SequenceOf): + componentType = RevDetails() + +class CertOrEncCert(univ.Choice): + """ + CertOrEncCert ::= CHOICE { + certificate [0] CMPCertificate, + encryptedCert [1] EncryptedValue + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', CMPCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + +class CertifiedKeyPair(univ.Sequence): + """ + CertifiedKeyPair ::= SEQUENCE { + certOrEncCert CertOrEncCert, + privateKey [0] EncryptedValue OPTIONAL, + publicationInfo [1] PKIPublicationInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certOrEncCert', CertOrEncCert()), + namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + + +class POPODecKeyRespContent(univ.SequenceOf): + componentType = univ.Integer() + +class Challenge(univ.Sequence): + """ + Challenge ::= SEQUENCE { + owf AlgorithmIdentifier OPTIONAL, + witness OCTET STRING, + challenge OCTET STRING + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()), + namedtype.NamedType('challenge', univ.OctetString()) + ) + +class PKIStatus(univ.Integer): + """ + PKIStatus ::= INTEGER { + accepted (0), + grantedWithMods (1), + rejection (2), + waiting (3), + revocationWarning (4), + revocationNotification (5), + keyUpdateWarning (6) + } + """ + namedValues = namedval.NamedValues( + ('accepted', 0), + ('grantedWithMods', 1), + ('rejection', 2), + ('waiting', 3), + ('revocationWarning', 4), + ('revocationNotification', 5), + ('keyUpdateWarning', 6) + ) + +class PKIFailureInfo(univ.BitString): + """ + PKIFailureInfo ::= BIT STRING { + badAlg (0), + badMessageCheck (1), + badRequest (2), + badTime (3), + badCertId (4), + badDataFormat (5), + wrongAuthority (6), + incorrectData (7), + missingTimeStamp (8), + badPOP (9), + certRevoked (10), + certConfirmed (11), + wrongIntegrity (12), + badRecipientNonce (13), + timeNotAvailable (14), + unacceptedPolicy (15), + unacceptedExtension (16), + addInfoNotAvailable (17), + badSenderNonce (18), + badCertTemplate (19), + signerNotTrusted (20), + transactionIdInUse (21), + unsupportedVersion (22), + notAuthorized (23), + systemUnavail (24), + systemFailure (25), + duplicateCertReq (26) + """ + namedValues = namedval.NamedValues( + ('badAlg', 0), + ('badMessageCheck', 1), + ('badRequest', 2), + ('badTime', 3), + ('badCertId', 4), + ('badDataFormat', 5), + ('wrongAuthority', 6), + ('incorrectData', 7), + ('missingTimeStamp', 8), + ('badPOP', 9), + ('certRevoked', 10), + ('certConfirmed', 11), + ('wrongIntegrity', 12), + ('badRecipientNonce', 13), + ('timeNotAvailable', 14), + ('unacceptedPolicy', 15), + ('unacceptedExtension', 16), + ('addInfoNotAvailable', 17), + ('badSenderNonce', 18), + ('badCertTemplate', 19), + ('signerNotTrusted', 20), + ('transactionIdInUse', 21), + ('unsupportedVersion', 22), + ('notAuthorized', 23), + ('systemUnavail', 24), + ('systemFailure', 25), + ('duplicateCertReq', 26) + ) + +class PKIStatusInfo(univ.Sequence): + """ + PKIStatusInfo ::= SEQUENCE { + status PKIStatus, + statusString PKIFreeText OPTIONAL, + failInfo PKIFailureInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.OptionalNamedType('statusString', PKIFreeText()), + namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) + ) + +class ErrorMsgContent(univ.Sequence): + """ + ErrorMsgContent ::= SEQUENCE { + pKIStatusInfo PKIStatusInfo, + errorCode INTEGER OPTIONAL, + -- implementation-specific error codes + errorDetails PKIFreeText OPTIONAL + -- implementation-specific error details + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('pKIStatusInfo', PKIStatusInfo()), + namedtype.OptionalNamedType('errorCode', univ.Integer()), + namedtype.OptionalNamedType('errorDetails', PKIFreeText()) + ) + +class CertStatus(univ.Sequence): + """ + CertStatus ::= SEQUENCE { + certHash OCTET STRING, + certReqId INTEGER, + statusInfo PKIStatusInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certHash', univ.OctetString()), + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.OptionalNamedType('statusInfo', PKIStatusInfo()) + ) + +class CertConfirmContent(univ.SequenceOf): + componentType = CertStatus() + +class RevAnnContent(univ.Sequence): + """ + RevAnnContent ::= SEQUENCE { + status PKIStatus, + certId CertId, + willBeRevokedAt GeneralizedTime, + badSinceDate GeneralizedTime, + crlDetails Extensions OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.NamedType('certId', rfc2511.CertId()), + namedtype.NamedType('willBeRevokedAt', useful.GeneralizedTime()), + namedtype.NamedType('badSinceDate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions()) + ) + +class RevRepContent(univ.Sequence): + """ + RevRepContent ::= SEQUENCE { + status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, + revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId + OPTIONAL, + crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList + OPTIONAL + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('revCerts', univ.SequenceOf( + componentType=rfc2511.CertId() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType('crls', univ.SequenceOf( + componentType=rfc2459.CertificateList() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + +class KeyRecRepContent(univ.Sequence): + """ + KeyRecRepContent ::= SEQUENCE { + status PKIStatusInfo, + newSigCert [0] CMPCertificate OPTIONAL, + caCerts [1] SEQUENCE SIZE (1..MAX) OF + CMPCertificate OPTIONAL, + keyPairHist [2] SEQUENCE SIZE (1..MAX) OF + CertifiedKeyPair OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('newSigCert', CMPCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType('caCerts', univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ), + namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf( + componentType=CertifiedKeyPair() + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ) + ) + +class CertResponse(univ.Sequence): + """ + CertResponse ::= SEQUENCE { + certReqId INTEGER, + status PKIStatusInfo, + certifiedKeyPair CertifiedKeyPair OPTIONAL, + rspInfo OCTET STRING OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('certifiedKeyPair', CertifiedKeyPair()), + namedtype.OptionalNamedType('rspInfo', univ.OctetString()) + ) + +class CertRepMessage(univ.Sequence): + """ + CertRepMessage ::= SEQUENCE { + caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate + OPTIONAL, + response SEQUENCE OF CertResponse + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('caPubs', univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) + ) + ), + namedtype.NamedType('response', CertResponse()) + ) + +class POPODecKeyChallContent(univ.SequenceOf): + componentType = Challenge() + +class OOBCertHash(univ.Sequence): + """ + OOBCertHash ::= SEQUENCE { + hashAlg [0] AlgorithmIdentifier OPTIONAL, + certId [1] CertId OPTIONAL, + hashVal BIT STRING + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('hashAlg', + rfc2459.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) + ) + ), + namedtype.OptionalNamedType('certId', rfc2511.CertId().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) + ) + ), + namedtype.NamedType('hashVal', univ.BitString()) + ) + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +class NestedMessageContent(univ.SequenceOf): + """ + NestedMessageContent ::= PKIMessages + """ + componentType = univ.Any() + +class DHBMParameter(univ.Sequence): + """ + DHBMParameter ::= SEQUENCE { + owf AlgorithmIdentifier, + -- AlgId for a One-Way Function (SHA-1 recommended) + mac AlgorithmIdentifier + -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], + } -- or HMAC [RFC2104, RFC2202]) + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) + ) + +id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30') + +class PBMParameter(univ.Sequence): + """ + PBMParameter ::= SEQUENCE { + salt OCTET STRING, + owf AlgorithmIdentifier, + iterationCount INTEGER, + mac AlgorithmIdentifier + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, 128) + ) + ), + namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) + ) + +id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13') + +class PKIProtection(univ.BitString): pass + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +nestedMessageContent = NestedMessageContent().subtype(explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)) + +class PKIBody(univ.Choice): + """ + PKIBody ::= CHOICE { -- message-specific body elements + ir [0] CertReqMessages, --Initialization Request + ip [1] CertRepMessage, --Initialization Response + cr [2] CertReqMessages, --Certification Request + cp [3] CertRepMessage, --Certification Response + p10cr [4] CertificationRequest, --imported from [PKCS10] + popdecc [5] POPODecKeyChallContent, --pop Challenge + popdecr [6] POPODecKeyRespContent, --pop Response + kur [7] CertReqMessages, --Key Update Request + kup [8] CertRepMessage, --Key Update Response + krr [9] CertReqMessages, --Key Recovery Request + krp [10] KeyRecRepContent, --Key Recovery Response + rr [11] RevReqContent, --Revocation Request + rp [12] RevRepContent, --Revocation Response + ccr [13] CertReqMessages, --Cross-Cert. Request + ccp [14] CertRepMessage, --Cross-Cert. Response + ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. + cann [16] CertAnnContent, --Certificate Ann. + rann [17] RevAnnContent, --Revocation Ann. + crlann [18] CRLAnnContent, --CRL Announcement + pkiconf [19] PKIConfirmContent, --Confirmation + nested [20] NestedMessageContent, --Nested Message + genm [21] GenMsgContent, --General Message + + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('ir', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) + ) + ), + namedtype.NamedType('ip', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) + ) + ), + namedtype.NamedType('cr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,2) + ) + ), + namedtype.NamedType('cp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,3) + ) + ), + namedtype.NamedType('p10cr', rfc2314.CertificationRequest().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,4) + ) + ), + namedtype.NamedType('popdecc', POPODecKeyChallContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,5) + ) + ), + namedtype.NamedType('popdecr', POPODecKeyRespContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,6) + ) + ), + namedtype.NamedType('kur', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,7) + ) + ), + namedtype.NamedType('kup', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,8) + ) + ), + namedtype.NamedType('krr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,9) + ) + ), + namedtype.NamedType('krp', KeyRecRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,10) + ) + ), + namedtype.NamedType('rr', RevReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,11) + ) + ), + namedtype.NamedType('rp', RevRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,12) + ) + ), + namedtype.NamedType('ccr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,13) + ) + ), + namedtype.NamedType('ccp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,14) + ) + ), + namedtype.NamedType('ckuann', CAKeyUpdAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,15) + ) + ), + namedtype.NamedType('cann', CertAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,16) + ) + ), + namedtype.NamedType('rann', RevAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,17) + ) + ), + namedtype.NamedType('crlann', CRLAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,18) + ) + ), + namedtype.NamedType('pkiconf', PKIConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,19) + ) + ), + namedtype.NamedType('nested', nestedMessageContent), +# namedtype.NamedType('nested', NestedMessageContent().subtype( +# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) +# ) +# ), + namedtype.NamedType('genm', GenMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,21) + ) + ) + ) + + +class PKIHeader(univ.Sequence): + """ + PKIHeader ::= SEQUENCE { + pvno INTEGER { cmp1999(1), cmp2000(2) }, + sender GeneralName, + recipient GeneralName, + messageTime [0] GeneralizedTime OPTIONAL, + protectionAlg [1] AlgorithmIdentifier OPTIONAL, + senderKID [2] KeyIdentifier OPTIONAL, + recipKID [3] KeyIdentifier OPTIONAL, + transactionID [4] OCTET STRING OPTIONAL, + senderNonce [5] OCTET STRING OPTIONAL, + recipNonce [6] OCTET STRING OPTIONAL, + freeText [7] PKIFreeText OPTIONAL, + generalInfo [8] SEQUENCE SIZE (1..MAX) OF + InfoTypeAndValue OPTIONAL + } + + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('pvno', univ.Integer( + namedValues=namedval.NamedValues( + ('cmp1999', 1), + ('cmp2000', 2) + ) + ) + ), + namedtype.NamedType('sender', rfc2459.GeneralName()), + namedtype.NamedType('recipient', rfc2459.GeneralName()), + namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), + namedtype.OptionalNamedType('generalInfo', + univ.SequenceOf( + componentType=InfoTypeAndValue().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8) + ) + ) + ) + ) + +class ProtectedPart(univ.Sequence): + """ + ProtectedPart ::= SEQUENCE { + header PKIHeader, + body PKIBody + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('header', PKIHeader()), + namedtype.NamedType('infoValue', PKIBody()) + ) + +class PKIMessage(univ.Sequence): + """ + PKIMessage ::= SEQUENCE { + header PKIHeader, + body PKIBody, + protection [0] PKIProtection OPTIONAL, + extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate + OPTIONAL + }""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('header', PKIHeader()), + namedtype.NamedType('body', PKIBody()), + namedtype.OptionalNamedType('protection', PKIProtection().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType( 'extraCerts', + univ.SequenceOf( + CMPCertificate().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)) + ) + ) + ) + +class PKIMessages(univ.SequenceOf): + """ + PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage + """ + componentType = PKIMessage() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +NestedMessageContent.componentType = PKIMessages() +nestedMessageContent.componentType = PKIMessages() -- cgit v1.2.3 From 756ab23d4494d4f3fecb60ac1da4919ca4520e5e Mon Sep 17 00:00:00 2001 From: elie Date: Sun, 6 May 2012 18:29:59 +0000 Subject: fix to PKIMessage->extraCerts definition --- pyasn1_modules/rfc4210.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index b2c898b..466bfa2 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -672,10 +672,13 @@ class PKIMessage(univ.Sequence): namedtype.OptionalNamedType('protection', PKIProtection().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType( 'extraCerts', univ.SequenceOf( - CMPCertificate().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)) - ) + componentType=CMPCertificate() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) ) + ) class PKIMessages(univ.SequenceOf): """ -- cgit v1.2.3 From 09f00267136f7a614e4fa3aac777099c4e267e3e Mon Sep 17 00:00:00 2001 From: elie Date: Sun, 6 May 2012 18:31:52 +0000 Subject: \r's removed --- pyasn1_modules/rfc4210.py | 1386 ++++++++++++++++++++++----------------------- 1 file changed, 693 insertions(+), 693 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 466bfa2..0e9e9f9 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -1,693 +1,693 @@ -# -# Certificate Management Protocol structures as per RFC4210 -# -# Based on Alex Railean's work -# -from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful -from pyasn1_modules import rfc2459, rfc2511, rfc2314 - -MAX = 64 - -class KeyIdentifier(univ.OctetString): pass - -class CMPCertificate(rfc2459.Certificate): pass - -class OOBCert(CMPCertificate): pass - -class CertAnnContent(CMPCertificate): pass - -class PKIFreeText(univ.SequenceOf): - """ - PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String - """ - componentType = char.UTF8String() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) - -class PollRepContent(univ.SequenceOf): - """ - PollRepContent ::= SEQUENCE OF SEQUENCE { - certReqId INTEGER, - checkAfter INTEGER, -- time in seconds - reason PKIFreeText OPTIONAL - } - """ - class CertReq(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('certReqId', univ.Integer()), - namedtype.NamedType('checkAfter', univ.Integer()), - namedtype.OptionalNamedType('reason', PKIFreeText()) - ) - componentType = CertReq() - -class PollReqContent(univ.SequenceOf): - """ - PollReqContent ::= SEQUENCE OF SEQUENCE { - certReqId INTEGER - } - - """ - class CertReq(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('certReqId', univ.Integer()) - ) - componentType = CertReq() - -class InfoTypeAndValue(univ.Sequence): - """ - InfoTypeAndValue ::= SEQUENCE { - infoType OBJECT IDENTIFIER, - infoValue ANY DEFINED BY infoType OPTIONAL - }""" - componentType = namedtype.NamedTypes( - namedtype.NamedType('infoType', univ.ObjectIdentifier()), - namedtype.OptionalNamedType('infoValue', univ.Any()) - ) - -class GenRepContent(univ.SequenceOf): - componentType = InfoTypeAndValue() - -class GenMsgContent(univ.SequenceOf): - componentType = InfoTypeAndValue() - -class PKIConfirmContent(univ.Null): pass - -class CRLAnnContent(univ.SequenceOf): - componentType = rfc2459.CertificateList() - -class CAKeyUpdAnnContent(univ.Sequence): - """ - CAKeyUpdAnnContent ::= SEQUENCE { - oldWithNew CMPCertificate, - newWithOld CMPCertificate, - newWithNew CMPCertificate - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('oldWithNew', CMPCertificate()), - namedtype.NamedType('newWithOld', CMPCertificate()), - namedtype.NamedType('newWithNew', CMPCertificate()) - ) - -class RevDetails(univ.Sequence): - """ - RevDetails ::= SEQUENCE { - certDetails CertTemplate, - crlEntryDetails Extensions OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('certDetails', rfc2511.CertTemplate()), - namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions()) - ) - -class RevReqContent(univ.SequenceOf): - componentType = RevDetails() - -class CertOrEncCert(univ.Choice): - """ - CertOrEncCert ::= CHOICE { - certificate [0] CMPCertificate, - encryptedCert [1] EncryptedValue - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('certificate', CMPCertificate().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) - ) - -class CertifiedKeyPair(univ.Sequence): - """ - CertifiedKeyPair ::= SEQUENCE { - certOrEncCert CertOrEncCert, - privateKey [0] EncryptedValue OPTIONAL, - publicationInfo [1] PKIPublicationInfo OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('certOrEncCert', CertOrEncCert()), - namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) - ) - - -class POPODecKeyRespContent(univ.SequenceOf): - componentType = univ.Integer() - -class Challenge(univ.Sequence): - """ - Challenge ::= SEQUENCE { - owf AlgorithmIdentifier OPTIONAL, - witness OCTET STRING, - challenge OCTET STRING - } - """ - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('owf', rfc2459.AlgorithmIdentifier()), - namedtype.NamedType('witness', univ.OctetString()), - namedtype.NamedType('challenge', univ.OctetString()) - ) - -class PKIStatus(univ.Integer): - """ - PKIStatus ::= INTEGER { - accepted (0), - grantedWithMods (1), - rejection (2), - waiting (3), - revocationWarning (4), - revocationNotification (5), - keyUpdateWarning (6) - } - """ - namedValues = namedval.NamedValues( - ('accepted', 0), - ('grantedWithMods', 1), - ('rejection', 2), - ('waiting', 3), - ('revocationWarning', 4), - ('revocationNotification', 5), - ('keyUpdateWarning', 6) - ) - -class PKIFailureInfo(univ.BitString): - """ - PKIFailureInfo ::= BIT STRING { - badAlg (0), - badMessageCheck (1), - badRequest (2), - badTime (3), - badCertId (4), - badDataFormat (5), - wrongAuthority (6), - incorrectData (7), - missingTimeStamp (8), - badPOP (9), - certRevoked (10), - certConfirmed (11), - wrongIntegrity (12), - badRecipientNonce (13), - timeNotAvailable (14), - unacceptedPolicy (15), - unacceptedExtension (16), - addInfoNotAvailable (17), - badSenderNonce (18), - badCertTemplate (19), - signerNotTrusted (20), - transactionIdInUse (21), - unsupportedVersion (22), - notAuthorized (23), - systemUnavail (24), - systemFailure (25), - duplicateCertReq (26) - """ - namedValues = namedval.NamedValues( - ('badAlg', 0), - ('badMessageCheck', 1), - ('badRequest', 2), - ('badTime', 3), - ('badCertId', 4), - ('badDataFormat', 5), - ('wrongAuthority', 6), - ('incorrectData', 7), - ('missingTimeStamp', 8), - ('badPOP', 9), - ('certRevoked', 10), - ('certConfirmed', 11), - ('wrongIntegrity', 12), - ('badRecipientNonce', 13), - ('timeNotAvailable', 14), - ('unacceptedPolicy', 15), - ('unacceptedExtension', 16), - ('addInfoNotAvailable', 17), - ('badSenderNonce', 18), - ('badCertTemplate', 19), - ('signerNotTrusted', 20), - ('transactionIdInUse', 21), - ('unsupportedVersion', 22), - ('notAuthorized', 23), - ('systemUnavail', 24), - ('systemFailure', 25), - ('duplicateCertReq', 26) - ) - -class PKIStatusInfo(univ.Sequence): - """ - PKIStatusInfo ::= SEQUENCE { - status PKIStatus, - statusString PKIFreeText OPTIONAL, - failInfo PKIFailureInfo OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('status', PKIStatus()), - namedtype.OptionalNamedType('statusString', PKIFreeText()), - namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) - ) - -class ErrorMsgContent(univ.Sequence): - """ - ErrorMsgContent ::= SEQUENCE { - pKIStatusInfo PKIStatusInfo, - errorCode INTEGER OPTIONAL, - -- implementation-specific error codes - errorDetails PKIFreeText OPTIONAL - -- implementation-specific error details - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('pKIStatusInfo', PKIStatusInfo()), - namedtype.OptionalNamedType('errorCode', univ.Integer()), - namedtype.OptionalNamedType('errorDetails', PKIFreeText()) - ) - -class CertStatus(univ.Sequence): - """ - CertStatus ::= SEQUENCE { - certHash OCTET STRING, - certReqId INTEGER, - statusInfo PKIStatusInfo OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('certHash', univ.OctetString()), - namedtype.NamedType('certReqId', univ.Integer()), - namedtype.OptionalNamedType('statusInfo', PKIStatusInfo()) - ) - -class CertConfirmContent(univ.SequenceOf): - componentType = CertStatus() - -class RevAnnContent(univ.Sequence): - """ - RevAnnContent ::= SEQUENCE { - status PKIStatus, - certId CertId, - willBeRevokedAt GeneralizedTime, - badSinceDate GeneralizedTime, - crlDetails Extensions OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('status', PKIStatus()), - namedtype.NamedType('certId', rfc2511.CertId()), - namedtype.NamedType('willBeRevokedAt', useful.GeneralizedTime()), - namedtype.NamedType('badSinceDate', useful.GeneralizedTime()), - namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions()) - ) - -class RevRepContent(univ.Sequence): - """ - RevRepContent ::= SEQUENCE { - status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, - revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId - OPTIONAL, - crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList - OPTIONAL - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('status', PKIStatusInfo()), - namedtype.OptionalNamedType('revCerts', univ.SequenceOf( - componentType=rfc2511.CertId() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('crls', univ.SequenceOf( - componentType=rfc2459.CertificateList() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) - ) - -class KeyRecRepContent(univ.Sequence): - """ - KeyRecRepContent ::= SEQUENCE { - status PKIStatusInfo, - newSigCert [0] CMPCertificate OPTIONAL, - caCerts [1] SEQUENCE SIZE (1..MAX) OF - CMPCertificate OPTIONAL, - keyPairHist [2] SEQUENCE SIZE (1..MAX) OF - CertifiedKeyPair OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('status', PKIStatusInfo()), - namedtype.OptionalNamedType('newSigCert', CMPCertificate().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('caCerts', univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - ) - ), - namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf( - componentType=CertifiedKeyPair() - ).subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - ) - ) - ) - -class CertResponse(univ.Sequence): - """ - CertResponse ::= SEQUENCE { - certReqId INTEGER, - status PKIStatusInfo, - certifiedKeyPair CertifiedKeyPair OPTIONAL, - rspInfo OCTET STRING OPTIONAL - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('certReqId', univ.Integer()), - namedtype.NamedType('status', PKIStatusInfo()), - namedtype.OptionalNamedType('certifiedKeyPair', CertifiedKeyPair()), - namedtype.OptionalNamedType('rspInfo', univ.OctetString()) - ) - -class CertRepMessage(univ.Sequence): - """ - CertRepMessage ::= SEQUENCE { - caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate - OPTIONAL, - response SEQUENCE OF CertResponse - } - """ - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('caPubs', univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) - ) - ), - namedtype.NamedType('response', CertResponse()) - ) - -class POPODecKeyChallContent(univ.SequenceOf): - componentType = Challenge() - -class OOBCertHash(univ.Sequence): - """ - OOBCertHash ::= SEQUENCE { - hashAlg [0] AlgorithmIdentifier OPTIONAL, - certId [1] CertId OPTIONAL, - hashVal BIT STRING - } - """ - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('hashAlg', - rfc2459.AlgorithmIdentifier().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) - ) - ), - namedtype.OptionalNamedType('certId', rfc2511.CertId().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) - ) - ), - namedtype.NamedType('hashVal', univ.BitString()) - ) - -# pyasn1 does not naturally handle recursive definitions, thus this hack: -# NestedMessageContent ::= PKIMessages -class NestedMessageContent(univ.SequenceOf): - """ - NestedMessageContent ::= PKIMessages - """ - componentType = univ.Any() - -class DHBMParameter(univ.Sequence): - """ - DHBMParameter ::= SEQUENCE { - owf AlgorithmIdentifier, - -- AlgId for a One-Way Function (SHA-1 recommended) - mac AlgorithmIdentifier - -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], - } -- or HMAC [RFC2104, RFC2202]) - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), - namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) - ) - -id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30') - -class PBMParameter(univ.Sequence): - """ - PBMParameter ::= SEQUENCE { - salt OCTET STRING, - owf AlgorithmIdentifier, - iterationCount INTEGER, - mac AlgorithmIdentifier - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('salt', univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(0, 128) - ) - ), - namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), - namedtype.NamedType('iterationCount', univ.Integer()), - namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) - ) - -id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13') - -class PKIProtection(univ.BitString): pass - -# pyasn1 does not naturally handle recursive definitions, thus this hack: -# NestedMessageContent ::= PKIMessages -nestedMessageContent = NestedMessageContent().subtype(explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)) - -class PKIBody(univ.Choice): - """ - PKIBody ::= CHOICE { -- message-specific body elements - ir [0] CertReqMessages, --Initialization Request - ip [1] CertRepMessage, --Initialization Response - cr [2] CertReqMessages, --Certification Request - cp [3] CertRepMessage, --Certification Response - p10cr [4] CertificationRequest, --imported from [PKCS10] - popdecc [5] POPODecKeyChallContent, --pop Challenge - popdecr [6] POPODecKeyRespContent, --pop Response - kur [7] CertReqMessages, --Key Update Request - kup [8] CertRepMessage, --Key Update Response - krr [9] CertReqMessages, --Key Recovery Request - krp [10] KeyRecRepContent, --Key Recovery Response - rr [11] RevReqContent, --Revocation Request - rp [12] RevRepContent, --Revocation Response - ccr [13] CertReqMessages, --Cross-Cert. Request - ccp [14] CertRepMessage, --Cross-Cert. Response - ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. - cann [16] CertAnnContent, --Certificate Ann. - rann [17] RevAnnContent, --Revocation Ann. - crlann [18] CRLAnnContent, --CRL Announcement - pkiconf [19] PKIConfirmContent, --Confirmation - nested [20] NestedMessageContent, --Nested Message - genm [21] GenMsgContent, --General Message - - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('ir', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) - ) - ), - namedtype.NamedType('ip', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) - ) - ), - namedtype.NamedType('cr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,2) - ) - ), - namedtype.NamedType('cp', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,3) - ) - ), - namedtype.NamedType('p10cr', rfc2314.CertificationRequest().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,4) - ) - ), - namedtype.NamedType('popdecc', POPODecKeyChallContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,5) - ) - ), - namedtype.NamedType('popdecr', POPODecKeyRespContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,6) - ) - ), - namedtype.NamedType('kur', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,7) - ) - ), - namedtype.NamedType('kup', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,8) - ) - ), - namedtype.NamedType('krr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,9) - ) - ), - namedtype.NamedType('krp', KeyRecRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,10) - ) - ), - namedtype.NamedType('rr', RevReqContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,11) - ) - ), - namedtype.NamedType('rp', RevRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,12) - ) - ), - namedtype.NamedType('ccr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,13) - ) - ), - namedtype.NamedType('ccp', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,14) - ) - ), - namedtype.NamedType('ckuann', CAKeyUpdAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,15) - ) - ), - namedtype.NamedType('cann', CertAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,16) - ) - ), - namedtype.NamedType('rann', RevAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,17) - ) - ), - namedtype.NamedType('crlann', CRLAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,18) - ) - ), - namedtype.NamedType('pkiconf', PKIConfirmContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,19) - ) - ), - namedtype.NamedType('nested', nestedMessageContent), -# namedtype.NamedType('nested', NestedMessageContent().subtype( -# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) -# ) -# ), - namedtype.NamedType('genm', GenMsgContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,21) - ) - ) - ) - - -class PKIHeader(univ.Sequence): - """ - PKIHeader ::= SEQUENCE { - pvno INTEGER { cmp1999(1), cmp2000(2) }, - sender GeneralName, - recipient GeneralName, - messageTime [0] GeneralizedTime OPTIONAL, - protectionAlg [1] AlgorithmIdentifier OPTIONAL, - senderKID [2] KeyIdentifier OPTIONAL, - recipKID [3] KeyIdentifier OPTIONAL, - transactionID [4] OCTET STRING OPTIONAL, - senderNonce [5] OCTET STRING OPTIONAL, - recipNonce [6] OCTET STRING OPTIONAL, - freeText [7] PKIFreeText OPTIONAL, - generalInfo [8] SEQUENCE SIZE (1..MAX) OF - InfoTypeAndValue OPTIONAL - } - - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('pvno', univ.Integer( - namedValues=namedval.NamedValues( - ('cmp1999', 1), - ('cmp2000', 2) - ) - ) - ), - namedtype.NamedType('sender', rfc2459.GeneralName()), - namedtype.NamedType('recipient', rfc2459.GeneralName()), - namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), - namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), - namedtype.OptionalNamedType('generalInfo', - univ.SequenceOf( - componentType=InfoTypeAndValue().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8) - ) - ) - ) - ) - -class ProtectedPart(univ.Sequence): - """ - ProtectedPart ::= SEQUENCE { - header PKIHeader, - body PKIBody - } - """ - componentType = namedtype.NamedTypes( - namedtype.NamedType('header', PKIHeader()), - namedtype.NamedType('infoValue', PKIBody()) - ) - -class PKIMessage(univ.Sequence): - """ - PKIMessage ::= SEQUENCE { - header PKIHeader, - body PKIBody, - protection [0] PKIProtection OPTIONAL, - extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate - OPTIONAL - }""" - componentType = namedtype.NamedTypes( - namedtype.NamedType('header', PKIHeader()), - namedtype.NamedType('body', PKIBody()), - namedtype.OptionalNamedType('protection', PKIProtection().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType( 'extraCerts', - univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) - ) - -class PKIMessages(univ.SequenceOf): - """ - PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage - """ - componentType = PKIMessage() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) - -# pyasn1 does not naturally handle recursive definitions, thus this hack: -# NestedMessageContent ::= PKIMessages -NestedMessageContent.componentType = PKIMessages() -nestedMessageContent.componentType = PKIMessages() +# +# Certificate Management Protocol structures as per RFC4210 +# +# Based on Alex Railean's work +# +from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful +from pyasn1_modules import rfc2459, rfc2511, rfc2314 + +MAX = 64 + +class KeyIdentifier(univ.OctetString): pass + +class CMPCertificate(rfc2459.Certificate): pass + +class OOBCert(CMPCertificate): pass + +class CertAnnContent(CMPCertificate): pass + +class PKIFreeText(univ.SequenceOf): + """ + PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String + """ + componentType = char.UTF8String() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +class PollRepContent(univ.SequenceOf): + """ + PollRepContent ::= SEQUENCE OF SEQUENCE { + certReqId INTEGER, + checkAfter INTEGER, -- time in seconds + reason PKIFreeText OPTIONAL + } + """ + class CertReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('checkAfter', univ.Integer()), + namedtype.OptionalNamedType('reason', PKIFreeText()) + ) + componentType = CertReq() + +class PollReqContent(univ.SequenceOf): + """ + PollReqContent ::= SEQUENCE OF SEQUENCE { + certReqId INTEGER + } + + """ + class CertReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()) + ) + componentType = CertReq() + +class InfoTypeAndValue(univ.Sequence): + """ + InfoTypeAndValue ::= SEQUENCE { + infoType OBJECT IDENTIFIER, + infoValue ANY DEFINED BY infoType OPTIONAL + }""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('infoType', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('infoValue', univ.Any()) + ) + +class GenRepContent(univ.SequenceOf): + componentType = InfoTypeAndValue() + +class GenMsgContent(univ.SequenceOf): + componentType = InfoTypeAndValue() + +class PKIConfirmContent(univ.Null): pass + +class CRLAnnContent(univ.SequenceOf): + componentType = rfc2459.CertificateList() + +class CAKeyUpdAnnContent(univ.Sequence): + """ + CAKeyUpdAnnContent ::= SEQUENCE { + oldWithNew CMPCertificate, + newWithOld CMPCertificate, + newWithNew CMPCertificate + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('oldWithNew', CMPCertificate()), + namedtype.NamedType('newWithOld', CMPCertificate()), + namedtype.NamedType('newWithNew', CMPCertificate()) + ) + +class RevDetails(univ.Sequence): + """ + RevDetails ::= SEQUENCE { + certDetails CertTemplate, + crlEntryDetails Extensions OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certDetails', rfc2511.CertTemplate()), + namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions()) + ) + +class RevReqContent(univ.SequenceOf): + componentType = RevDetails() + +class CertOrEncCert(univ.Choice): + """ + CertOrEncCert ::= CHOICE { + certificate [0] CMPCertificate, + encryptedCert [1] EncryptedValue + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', CMPCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + +class CertifiedKeyPair(univ.Sequence): + """ + CertifiedKeyPair ::= SEQUENCE { + certOrEncCert CertOrEncCert, + privateKey [0] EncryptedValue OPTIONAL, + publicationInfo [1] PKIPublicationInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certOrEncCert', CertOrEncCert()), + namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + + +class POPODecKeyRespContent(univ.SequenceOf): + componentType = univ.Integer() + +class Challenge(univ.Sequence): + """ + Challenge ::= SEQUENCE { + owf AlgorithmIdentifier OPTIONAL, + witness OCTET STRING, + challenge OCTET STRING + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()), + namedtype.NamedType('challenge', univ.OctetString()) + ) + +class PKIStatus(univ.Integer): + """ + PKIStatus ::= INTEGER { + accepted (0), + grantedWithMods (1), + rejection (2), + waiting (3), + revocationWarning (4), + revocationNotification (5), + keyUpdateWarning (6) + } + """ + namedValues = namedval.NamedValues( + ('accepted', 0), + ('grantedWithMods', 1), + ('rejection', 2), + ('waiting', 3), + ('revocationWarning', 4), + ('revocationNotification', 5), + ('keyUpdateWarning', 6) + ) + +class PKIFailureInfo(univ.BitString): + """ + PKIFailureInfo ::= BIT STRING { + badAlg (0), + badMessageCheck (1), + badRequest (2), + badTime (3), + badCertId (4), + badDataFormat (5), + wrongAuthority (6), + incorrectData (7), + missingTimeStamp (8), + badPOP (9), + certRevoked (10), + certConfirmed (11), + wrongIntegrity (12), + badRecipientNonce (13), + timeNotAvailable (14), + unacceptedPolicy (15), + unacceptedExtension (16), + addInfoNotAvailable (17), + badSenderNonce (18), + badCertTemplate (19), + signerNotTrusted (20), + transactionIdInUse (21), + unsupportedVersion (22), + notAuthorized (23), + systemUnavail (24), + systemFailure (25), + duplicateCertReq (26) + """ + namedValues = namedval.NamedValues( + ('badAlg', 0), + ('badMessageCheck', 1), + ('badRequest', 2), + ('badTime', 3), + ('badCertId', 4), + ('badDataFormat', 5), + ('wrongAuthority', 6), + ('incorrectData', 7), + ('missingTimeStamp', 8), + ('badPOP', 9), + ('certRevoked', 10), + ('certConfirmed', 11), + ('wrongIntegrity', 12), + ('badRecipientNonce', 13), + ('timeNotAvailable', 14), + ('unacceptedPolicy', 15), + ('unacceptedExtension', 16), + ('addInfoNotAvailable', 17), + ('badSenderNonce', 18), + ('badCertTemplate', 19), + ('signerNotTrusted', 20), + ('transactionIdInUse', 21), + ('unsupportedVersion', 22), + ('notAuthorized', 23), + ('systemUnavail', 24), + ('systemFailure', 25), + ('duplicateCertReq', 26) + ) + +class PKIStatusInfo(univ.Sequence): + """ + PKIStatusInfo ::= SEQUENCE { + status PKIStatus, + statusString PKIFreeText OPTIONAL, + failInfo PKIFailureInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.OptionalNamedType('statusString', PKIFreeText()), + namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) + ) + +class ErrorMsgContent(univ.Sequence): + """ + ErrorMsgContent ::= SEQUENCE { + pKIStatusInfo PKIStatusInfo, + errorCode INTEGER OPTIONAL, + -- implementation-specific error codes + errorDetails PKIFreeText OPTIONAL + -- implementation-specific error details + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('pKIStatusInfo', PKIStatusInfo()), + namedtype.OptionalNamedType('errorCode', univ.Integer()), + namedtype.OptionalNamedType('errorDetails', PKIFreeText()) + ) + +class CertStatus(univ.Sequence): + """ + CertStatus ::= SEQUENCE { + certHash OCTET STRING, + certReqId INTEGER, + statusInfo PKIStatusInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certHash', univ.OctetString()), + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.OptionalNamedType('statusInfo', PKIStatusInfo()) + ) + +class CertConfirmContent(univ.SequenceOf): + componentType = CertStatus() + +class RevAnnContent(univ.Sequence): + """ + RevAnnContent ::= SEQUENCE { + status PKIStatus, + certId CertId, + willBeRevokedAt GeneralizedTime, + badSinceDate GeneralizedTime, + crlDetails Extensions OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.NamedType('certId', rfc2511.CertId()), + namedtype.NamedType('willBeRevokedAt', useful.GeneralizedTime()), + namedtype.NamedType('badSinceDate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions()) + ) + +class RevRepContent(univ.Sequence): + """ + RevRepContent ::= SEQUENCE { + status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, + revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId + OPTIONAL, + crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList + OPTIONAL + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('revCerts', univ.SequenceOf( + componentType=rfc2511.CertId() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType('crls', univ.SequenceOf( + componentType=rfc2459.CertificateList() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + +class KeyRecRepContent(univ.Sequence): + """ + KeyRecRepContent ::= SEQUENCE { + status PKIStatusInfo, + newSigCert [0] CMPCertificate OPTIONAL, + caCerts [1] SEQUENCE SIZE (1..MAX) OF + CMPCertificate OPTIONAL, + keyPairHist [2] SEQUENCE SIZE (1..MAX) OF + CertifiedKeyPair OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('newSigCert', CMPCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType('caCerts', univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ), + namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf( + componentType=CertifiedKeyPair() + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ) + ) + +class CertResponse(univ.Sequence): + """ + CertResponse ::= SEQUENCE { + certReqId INTEGER, + status PKIStatusInfo, + certifiedKeyPair CertifiedKeyPair OPTIONAL, + rspInfo OCTET STRING OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('certifiedKeyPair', CertifiedKeyPair()), + namedtype.OptionalNamedType('rspInfo', univ.OctetString()) + ) + +class CertRepMessage(univ.Sequence): + """ + CertRepMessage ::= SEQUENCE { + caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate + OPTIONAL, + response SEQUENCE OF CertResponse + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('caPubs', univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) + ) + ), + namedtype.NamedType('response', CertResponse()) + ) + +class POPODecKeyChallContent(univ.SequenceOf): + componentType = Challenge() + +class OOBCertHash(univ.Sequence): + """ + OOBCertHash ::= SEQUENCE { + hashAlg [0] AlgorithmIdentifier OPTIONAL, + certId [1] CertId OPTIONAL, + hashVal BIT STRING + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('hashAlg', + rfc2459.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) + ) + ), + namedtype.OptionalNamedType('certId', rfc2511.CertId().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) + ) + ), + namedtype.NamedType('hashVal', univ.BitString()) + ) + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +class NestedMessageContent(univ.SequenceOf): + """ + NestedMessageContent ::= PKIMessages + """ + componentType = univ.Any() + +class DHBMParameter(univ.Sequence): + """ + DHBMParameter ::= SEQUENCE { + owf AlgorithmIdentifier, + -- AlgId for a One-Way Function (SHA-1 recommended) + mac AlgorithmIdentifier + -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], + } -- or HMAC [RFC2104, RFC2202]) + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) + ) + +id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30') + +class PBMParameter(univ.Sequence): + """ + PBMParameter ::= SEQUENCE { + salt OCTET STRING, + owf AlgorithmIdentifier, + iterationCount INTEGER, + mac AlgorithmIdentifier + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, 128) + ) + ), + namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) + ) + +id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13') + +class PKIProtection(univ.BitString): pass + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +nestedMessageContent = NestedMessageContent().subtype(explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)) + +class PKIBody(univ.Choice): + """ + PKIBody ::= CHOICE { -- message-specific body elements + ir [0] CertReqMessages, --Initialization Request + ip [1] CertRepMessage, --Initialization Response + cr [2] CertReqMessages, --Certification Request + cp [3] CertRepMessage, --Certification Response + p10cr [4] CertificationRequest, --imported from [PKCS10] + popdecc [5] POPODecKeyChallContent, --pop Challenge + popdecr [6] POPODecKeyRespContent, --pop Response + kur [7] CertReqMessages, --Key Update Request + kup [8] CertRepMessage, --Key Update Response + krr [9] CertReqMessages, --Key Recovery Request + krp [10] KeyRecRepContent, --Key Recovery Response + rr [11] RevReqContent, --Revocation Request + rp [12] RevRepContent, --Revocation Response + ccr [13] CertReqMessages, --Cross-Cert. Request + ccp [14] CertRepMessage, --Cross-Cert. Response + ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. + cann [16] CertAnnContent, --Certificate Ann. + rann [17] RevAnnContent, --Revocation Ann. + crlann [18] CRLAnnContent, --CRL Announcement + pkiconf [19] PKIConfirmContent, --Confirmation + nested [20] NestedMessageContent, --Nested Message + genm [21] GenMsgContent, --General Message + + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('ir', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) + ) + ), + namedtype.NamedType('ip', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) + ) + ), + namedtype.NamedType('cr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,2) + ) + ), + namedtype.NamedType('cp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,3) + ) + ), + namedtype.NamedType('p10cr', rfc2314.CertificationRequest().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,4) + ) + ), + namedtype.NamedType('popdecc', POPODecKeyChallContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,5) + ) + ), + namedtype.NamedType('popdecr', POPODecKeyRespContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,6) + ) + ), + namedtype.NamedType('kur', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,7) + ) + ), + namedtype.NamedType('kup', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,8) + ) + ), + namedtype.NamedType('krr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,9) + ) + ), + namedtype.NamedType('krp', KeyRecRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,10) + ) + ), + namedtype.NamedType('rr', RevReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,11) + ) + ), + namedtype.NamedType('rp', RevRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,12) + ) + ), + namedtype.NamedType('ccr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,13) + ) + ), + namedtype.NamedType('ccp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,14) + ) + ), + namedtype.NamedType('ckuann', CAKeyUpdAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,15) + ) + ), + namedtype.NamedType('cann', CertAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,16) + ) + ), + namedtype.NamedType('rann', RevAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,17) + ) + ), + namedtype.NamedType('crlann', CRLAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,18) + ) + ), + namedtype.NamedType('pkiconf', PKIConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,19) + ) + ), + namedtype.NamedType('nested', nestedMessageContent), +# namedtype.NamedType('nested', NestedMessageContent().subtype( +# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) +# ) +# ), + namedtype.NamedType('genm', GenMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,21) + ) + ) + ) + + +class PKIHeader(univ.Sequence): + """ + PKIHeader ::= SEQUENCE { + pvno INTEGER { cmp1999(1), cmp2000(2) }, + sender GeneralName, + recipient GeneralName, + messageTime [0] GeneralizedTime OPTIONAL, + protectionAlg [1] AlgorithmIdentifier OPTIONAL, + senderKID [2] KeyIdentifier OPTIONAL, + recipKID [3] KeyIdentifier OPTIONAL, + transactionID [4] OCTET STRING OPTIONAL, + senderNonce [5] OCTET STRING OPTIONAL, + recipNonce [6] OCTET STRING OPTIONAL, + freeText [7] PKIFreeText OPTIONAL, + generalInfo [8] SEQUENCE SIZE (1..MAX) OF + InfoTypeAndValue OPTIONAL + } + + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('pvno', univ.Integer( + namedValues=namedval.NamedValues( + ('cmp1999', 1), + ('cmp2000', 2) + ) + ) + ), + namedtype.NamedType('sender', rfc2459.GeneralName()), + namedtype.NamedType('recipient', rfc2459.GeneralName()), + namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), + namedtype.OptionalNamedType('generalInfo', + univ.SequenceOf( + componentType=InfoTypeAndValue().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8) + ) + ) + ) + ) + +class ProtectedPart(univ.Sequence): + """ + ProtectedPart ::= SEQUENCE { + header PKIHeader, + body PKIBody + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('header', PKIHeader()), + namedtype.NamedType('infoValue', PKIBody()) + ) + +class PKIMessage(univ.Sequence): + """ + PKIMessage ::= SEQUENCE { + header PKIHeader, + body PKIBody, + protection [0] PKIProtection OPTIONAL, + extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate + OPTIONAL + }""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('header', PKIHeader()), + namedtype.NamedType('body', PKIBody()), + namedtype.OptionalNamedType('protection', PKIProtection().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType( 'extraCerts', + univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + +class PKIMessages(univ.SequenceOf): + """ + PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage + """ + componentType = PKIMessage() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +NestedMessageContent.componentType = PKIMessages() +nestedMessageContent.componentType = PKIMessages() -- cgit v1.2.3 From fba3eb0a0e80d78a5557bf84c5d084f0df85b926 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 30 May 2012 15:28:35 +0000 Subject: typo fix --- pyasn1_modules/rfc4210.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 0e9e9f9..545e9f4 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -399,7 +399,9 @@ class CertRepMessage(univ.Sequence): explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) ) ), - namedtype.NamedType('response', CertResponse()) + namedtype.NamedType('response', univ.SequenceOf( + componentType=CertResponse()) + ) ) class POPODecKeyChallContent(univ.SequenceOf): -- cgit v1.2.3 From d686c52547e74fe7f593c84ac06ad12b5028ba98 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 4 Jul 2012 09:42:24 +0000 Subject: package version established in form of __init__.__version__ which is in-sync with distutils --- pyasn1_modules/__init__.py | 1 + 1 file changed, 1 insertion(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index e69de29..156d6f9 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -0,0 +1 @@ +__version__ = '0.0.4' -- cgit v1.2.3 From 28b75828f1f0bbc8bb694d80bc336e47ca9e514b Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 4 Jul 2012 12:41:19 +0000 Subject: reference to PEP --- pyasn1_modules/__init__.py | 1 + 1 file changed, 1 insertion(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 156d6f9..578c2e4 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1 +1,2 @@ +# http://www.python.org/dev/peps/pep-0396/ __version__ = '0.0.4' -- cgit v1.2.3 From 3602d82f4a3678fb0eb0ae24d381ffa852d95ac1 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 11 Jul 2012 15:37:22 +0000 Subject: SNMPv2c message syntax properly defined --- pyasn1_modules/rfc1901.py | 15 +++++++++++++++ pyasn1_modules/rfc1905.py | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 pyasn1_modules/rfc1901.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc1901.py b/pyasn1_modules/rfc1901.py new file mode 100644 index 0000000..8cd7e7d --- /dev/null +++ b/pyasn1_modules/rfc1901.py @@ -0,0 +1,15 @@ +# +# SNMPv2c message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1901.txt +# +from pyasn1.type import univ, namedtype, namedval + +class Message(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues = namedval.NamedValues(('version-2c', 1)))), + namedtype.NamedType('community', univ.OctetString()), + namedtype.NamedType('data', univ.Any()) + ) + diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py index ab6528f..bec60f8 100644 --- a/pyasn1_modules/rfc1905.py +++ b/pyasn1_modules/rfc1905.py @@ -1,5 +1,5 @@ # -# SNMPv2c message syntax +# SNMPv2c PDU syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1905.txt -- cgit v1.2.3 From 956fee4f8e5fd3b1c500360dc4aa12dc5a766cb2 Mon Sep 17 00:00:00 2001 From: elie Date: Fri, 4 Jan 2013 12:16:07 +0000 Subject: 0.0.5 / 2013 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 578c2e4..824d8df 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.4' +__version__ = '0.0.5' -- cgit v1.2.3 From 6f17339bb6c0aa7dadcaccba2ca4f84b9b26d7ea Mon Sep 17 00:00:00 2001 From: elie Date: Thu, 4 Jul 2013 11:43:21 +0000 Subject: fix to rfc2459.CRLDistPointsSyntax typo --- pyasn1_modules/rfc2459.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index c5021e0..e212645 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -761,7 +761,7 @@ class BaseDistance(univ.Integer): id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') class CRLDistPointsSyntax(univ.SequenceOf): - componentType = DistributionPoint + componentType = DistributionPoint() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') -- cgit v1.2.3 From 0e52244e7c337cbb3556412c618e4598a1fa63de Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 11 Jun 2014 07:17:27 +0000 Subject: missing components added to rfc4210.PKIBody --- pyasn1_modules/rfc4210.py | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 545e9f4..c577560 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -504,6 +504,11 @@ class PKIBody(univ.Choice): pkiconf [19] PKIConfirmContent, --Confirmation nested [20] NestedMessageContent, --Nested Message genm [21] GenMsgContent, --General Message + genp [22] GenRepContent, --General Response + error [23] ErrorMsgContent, --Error Message + certConf [24] CertConfirmContent, --Certificate confirm + pollReq [25] PollReqContent, --Polling request + pollRep [26] PollRepContent --Polling response """ componentType = namedtype.NamedTypes( @@ -595,6 +600,26 @@ class PKIBody(univ.Choice): namedtype.NamedType('genm', GenMsgContent().subtype( explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,21) ) + ), + namedtype.NamedType('gen', GenRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,22) + ) + ), + namedtype.NamedType('error', ErrorMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,23) + ) + ), + namedtype.NamedType('certConf', CertConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,24) + ) + ), + namedtype.NamedType('pollReq', PollReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,25) + ) + ), + namedtype.NamedType('pollRep', PollRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,26) + ) ) ) -- cgit v1.2.3 From c6668966874a8d6385f74e7f4b4da5be1573d9fc Mon Sep 17 00:00:00 2001 From: elie Date: Fri, 13 Jun 2014 08:41:01 +0000 Subject: typo fix to CertReqMsg --- pyasn1_modules/rfc2511.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index 132be13..2fc592c 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -168,7 +168,7 @@ class CertReqMsg(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReq', CertRequest()), namedtype.OptionalNamedType('pop', ProofOfPossession()), - namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class CertReqMessages(univ.SequenceOf): -- cgit v1.2.3 From a642a0cbac4803c278f3ed6f8546e18552792197 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 20 May 2015 06:21:09 +0000 Subject: typo fix to id_kp_serverAuth object value --- pyasn1_modules/rfc2459.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index e212645..8c65f25 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -648,7 +648,7 @@ class CRLNumber(univ.Integer): class BaseCRLNumber(CRLNumber): pass -id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1.1') +id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1') id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') -- cgit v1.2.3 From a28b1a70bee474e882150b19dcb90378d754fe58 Mon Sep 17 00:00:00 2001 From: elie Date: Wed, 20 May 2015 06:21:23 +0000 Subject: 0.0.6 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 824d8df..01abca4 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.5' +__version__ = '0.0.6' -- cgit v1.2.3 From c464b402b4eb5691393f318fc2413193fcc1bba3 Mon Sep 17 00:00:00 2001 From: elie Date: Sun, 5 Jul 2015 13:03:23 +0000 Subject: - extensions added to text files, CVS attic flushed. - version bumped to 0.0.7 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 01abca4..ace227a 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.6' +__version__ = '0.0.7' -- cgit v1.2.3 From 168a5048261bc253b77f51cefbcb0c255c99f18b Mon Sep 17 00:00:00 2001 From: elie Date: Sat, 1 Aug 2015 07:36:43 +0000 Subject: fix to rfc2459.BasicConstraints syntax --- pyasn1_modules/rfc2459.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 8c65f25..dc78b5e 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -692,7 +692,7 @@ id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') class BasicConstraints(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('cA', univ.Boolean(False)), + namedtype.DefaultedNamedType('cA', univ.Boolean(False)), namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) -- cgit v1.2.3 From 2bec19fdec335f8227139fe0a4e26ea2d7ea1bd3 Mon Sep 17 00:00:00 2001 From: elie Date: Sat, 1 Aug 2015 08:52:41 +0000 Subject: 0.0.8 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index ace227a..6598192 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.7' +__version__ = '0.0.8' -- cgit v1.2.3 From 38b9aac99651d86fe2dd6a08200658fbe2cd82f0 Mon Sep 17 00:00:00 2001 From: elie Date: Sun, 16 Aug 2015 19:48:46 +0000 Subject: fix to misspelled rfc2459.id_at_sutname variable --- pyasn1_modules/rfc2459.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index dc78b5e..f632caa 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -87,7 +87,8 @@ class Attribute(univ.Sequence): id_at = univ.ObjectIdentifier('2.5.4') id_at_name = univ.ObjectIdentifier('2.5.4.41') -id_at_sutname = univ.ObjectIdentifier('2.5.4.4') +# preserve misspelled variable for compatibility +id_at_sutname = id_at_surname = univ.ObjectIdentifier('2.5.4.4') id_at_givenName = univ.ObjectIdentifier('2.5.4.42') id_at_initials = univ.ObjectIdentifier('2.5.4.43') id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') -- cgit v1.2.3 From 11bbdadd53d14827d194028ec91f5c320f1d257e Mon Sep 17 00:00:00 2001 From: elie Date: Mon, 17 Aug 2015 21:40:32 +0000 Subject: - Fix to misspelled rfc2459.NameConstraints component tag ID - Fix to misspelled rfc2459.GeneralSubtree component default status --- pyasn1_modules/rfc2459.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index f632caa..c52ab09 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -778,7 +778,7 @@ class IssuingDistributionPoint(univ.Sequence): class GeneralSubtree(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), - namedtype.NamedType('minimum', BaseDistance(0).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -791,7 +791,7 @@ id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') class NameConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) -- cgit v1.2.3 From 35eec0d4d678845dcc06aa343e561f2582e5fdc9 Mon Sep 17 00:00:00 2001 From: elie Date: Sat, 10 Oct 2015 18:09:59 +0000 Subject: fix to __doc__ use in setup.py to make -O0 installation mode working --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 6598192..8b44cc3 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.8' +__version__ = '0.0.9' -- cgit v1.2.3 From 71ba606413ce29728541e426a5068981204b1859 Mon Sep 17 00:00:00 2001 From: elie Date: Tue, 29 Dec 2015 23:14:22 +0000 Subject: copyright added to source files --- pyasn1_modules/pem.py | 6 ++++++ pyasn1_modules/rfc1155.py | 5 +++++ pyasn1_modules/rfc1157.py | 5 +++++ pyasn1_modules/rfc1901.py | 5 +++++ pyasn1_modules/rfc1902.py | 5 +++++ pyasn1_modules/rfc1905.py | 5 +++++ pyasn1_modules/rfc2251.py | 5 +++++ pyasn1_modules/rfc2314.py | 5 +++++ pyasn1_modules/rfc2315.py | 5 +++++ pyasn1_modules/rfc2437.py | 5 +++++ pyasn1_modules/rfc2459.py | 5 +++++ pyasn1_modules/rfc2511.py | 5 +++++ pyasn1_modules/rfc2560.py | 5 +++++ pyasn1_modules/rfc3412.py | 5 +++++ pyasn1_modules/rfc3414.py | 5 +++++ pyasn1_modules/rfc3447.py | 5 +++++ pyasn1_modules/rfc4210.py | 5 +++++ pyasn1_modules/rfc5208.py | 5 +++++ 18 files changed, 91 insertions(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index d8d8158..ce99ac9 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -1,3 +1,9 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# import base64, sys stSpam, stHam, stDump = 0, 1, 2 diff --git a/pyasn1_modules/rfc1155.py b/pyasn1_modules/rfc1155.py index 9e3c5cd..ba0368f 100644 --- a/pyasn1_modules/rfc1155.py +++ b/pyasn1_modules/rfc1155.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv1 message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index 6a36b06..30b5257 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv1 message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc1901.py b/pyasn1_modules/rfc1901.py index 8cd7e7d..6a8bbf8 100644 --- a/pyasn1_modules/rfc1901.py +++ b/pyasn1_modules/rfc1901.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv2c message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc1902.py b/pyasn1_modules/rfc1902.py index df0b0c3..eb4f9e4 100644 --- a/pyasn1_modules/rfc1902.py +++ b/pyasn1_modules/rfc1902.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv2c message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py index bec60f8..a007be6 100644 --- a/pyasn1_modules/rfc1905.py +++ b/pyasn1_modules/rfc1905.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv2c PDU syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2251.py b/pyasn1_modules/rfc2251.py index 3074c67..725364c 100644 --- a/pyasn1_modules/rfc2251.py +++ b/pyasn1_modules/rfc2251.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # LDAP message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2314.py b/pyasn1_modules/rfc2314.py index 86b11fb..7c14725 100644 --- a/pyasn1_modules/rfc2314.py +++ b/pyasn1_modules/rfc2314.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # PKCS#10 syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index 76bb957..cc93343 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # PKCS#7 message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py index 3abf6dc..c28834d 100644 --- a/pyasn1_modules/rfc2437.py +++ b/pyasn1_modules/rfc2437.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # PKCS#1 syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index c52ab09..072c84c 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # X.509 message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index 2fc592c..7d25717 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # X.509 certificate Request Message Format (CRMF) syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py index 0be1091..8c6fe69 100644 --- a/pyasn1_modules/rfc2560.py +++ b/pyasn1_modules/rfc2560.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # OCSP request/response syntax # # Derived from a minimal OCSP library (RFC2560) code written by diff --git a/pyasn1_modules/rfc3412.py b/pyasn1_modules/rfc3412.py index e80ce31..85e4107 100644 --- a/pyasn1_modules/rfc3412.py +++ b/pyasn1_modules/rfc3412.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv3 message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc3414.py b/pyasn1_modules/rfc3414.py index 580c88e..5f09b1c 100644 --- a/pyasn1_modules/rfc3414.py +++ b/pyasn1_modules/rfc3414.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # SNMPv3 message syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc3447.py b/pyasn1_modules/rfc3447.py index 96dea7f..4e4405c 100644 --- a/pyasn1_modules/rfc3447.py +++ b/pyasn1_modules/rfc3447.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # PKCS#1 syntax # # ASN.1 source from: diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index c577560..9edbf89 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # Certificate Management Protocol structures as per RFC4210 # # Based on Alex Railean's work diff --git a/pyasn1_modules/rfc5208.py b/pyasn1_modules/rfc5208.py index d1d2c16..3484150 100644 --- a/pyasn1_modules/rfc5208.py +++ b/pyasn1_modules/rfc5208.py @@ -1,4 +1,9 @@ # +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# # PKCS#8 syntax # # ASN.1 source from: -- cgit v1.2.3 From b1d990293ca2e5de59ccefd14b2827e580849ce1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stanis=C5=82aw=20Pitucha?= Date: Wed, 16 Mar 2016 11:36:49 +1100 Subject: Add CMC-related modules Modules have been generated using asn1ate, with manual fixes to link up different RFCs. --- pyasn1_modules/rfc3280.py | 1511 +++++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc3281.py | 350 +++++++++++ pyasn1_modules/rfc3852.py | 668 ++++++++++++++++++++ pyasn1_modules/rfc4211.py | 356 +++++++++++ pyasn1_modules/rfc5280.py | 1509 ++++++++++++++++++++++++++++++++++++++++++++ pyasn1_modules/rfc5652.py | 672 ++++++++++++++++++++ pyasn1_modules/rfc6402.py | 581 +++++++++++++++++ 7 files changed, 5647 insertions(+) create mode 100644 pyasn1_modules/rfc3280.py create mode 100644 pyasn1_modules/rfc3281.py create mode 100644 pyasn1_modules/rfc3852.py create mode 100644 pyasn1_modules/rfc4211.py create mode 100644 pyasn1_modules/rfc5280.py create mode 100644 pyasn1_modules/rfc5652.py create mode 100644 pyasn1_modules/rfc6402.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc3280.py b/pyasn1_modules/rfc3280.py new file mode 100644 index 0000000..a019f98 --- /dev/null +++ b/pyasn1_modules/rfc3280.py @@ -0,0 +1,1511 @@ +""" +RFC3280 +Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation +List (CRL) Profile +""" +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +MAX = 64 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +unformatted_postal_address = univ.Integer(16) + + +ub_organizational_units = univ.Integer(4) + + +ub_organizational_unit_name_length = univ.Integer(32) + + +class OrganizationalUnitName(char.PrintableString): + pass + + +OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +class OrganizationalUnitNames(univ.SequenceOf): + pass + + +OrganizationalUnitNames.componentType = OrganizationalUnitName() +OrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) + + +class AttributeType(univ.ObjectIdentifier): + pass + + +id_at = _OID(2, 5, 4) + + +id_at_name = _OID(id_at, 41) + + +ub_pds_parameter_length = univ.Integer(30) + + +class PDSParameter(univ.Set): + pass + + +PDSParameter.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) +) + + +class PhysicalDeliveryOrganizationName(PDSParameter): + pass + + +ub_organization_name_length = univ.Integer(64) + + +ub_domain_defined_attribute_type_length = univ.Integer(8) + + +ub_domain_defined_attribute_value_length = univ.Integer(128) + + +class TeletexDomainDefinedAttribute(univ.Sequence): + pass + + +TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + + +id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) + + +id_qt = _OID(id_pkix, 2) + + +class PresentationAddress(univ.Sequence): + pass + + +PresentationAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class AlgorithmIdentifier(univ.Sequence): + pass + + +AlgorithmIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) +) + + +class UniqueIdentifier(univ.BitString): + pass + + +class Extension(univ.Sequence): + pass + + +Extension.componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), + namedtype.NamedType('extnValue', univ.OctetString()) +) + + +class Extensions(univ.SequenceOf): + pass + + +Extensions.componentType = Extension() +Extensions.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class CertificateSerialNumber(univ.Integer): + pass + + +class SubjectPublicKeyInfo(univ.Sequence): + pass + + +SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) +) + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class Validity(univ.Sequence): + pass + + +Validity.componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) +) + + +class Version(univ.Integer): + pass + + +Version.namedValues = namedval.NamedValues( + ('v1', 0), + ('v2', 1), + ('v3', 2) +) + + +class AttributeValue(univ.Any): + pass + + +class AttributeTypeAndValue(univ.Sequence): + pass + + +AttributeTypeAndValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('value', AttributeValue()) +) + + +class RelativeDistinguishedName(univ.SetOf): + pass + + +RelativeDistinguishedName.componentType = AttributeTypeAndValue() +RelativeDistinguishedName.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class RDNSequence(univ.SequenceOf): + pass + + +RDNSequence.componentType = RelativeDistinguishedName() + + +class Name(univ.Choice): + pass + + +Name.componentType = namedtype.NamedTypes( + namedtype.NamedType('rdnSequence', RDNSequence()) +) + + +class TBSCertificate(univ.Sequence): + pass + + +TBSCertificate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value="v1")), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class Certificate(univ.Sequence): + pass + + +Certificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +ub_surname_length = univ.Integer(40) + + +class TeletexOrganizationName(char.TeletexString): + pass + + +TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +ub_e163_4_sub_address_length = univ.Integer(40) + + +teletex_common_name = univ.Integer(2) + + +ub_country_name_alpha_length = univ.Integer(2) + + +ub_country_name_numeric_length = univ.Integer(3) + + +class CountryName(univ.Choice): + pass + + +CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) +CountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + + +extension_OR_address_components = univ.Integer(12) + + +id_at_dnQualifier = _OID(id_at, 46) + + +ub_e163_4_number_length = univ.Integer(15) + + +class ExtendedNetworkAddress(univ.Choice): + pass + + +ExtendedNetworkAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + )) + ), + namedtype.NamedType('psap-address', PresentationAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +terminal_type = univ.Integer(23) + + +id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25) + + +ub_state_name = univ.Integer(128) + + +class X520StateOrProvinceName(univ.Choice): + pass + + +X520StateOrProvinceName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) +) + + +ub_organization_name = univ.Integer(64) + + +class X520OrganizationName(univ.Choice): + pass + + +X520OrganizationName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) +) + + +ub_emailaddress_length = univ.Integer(128) + + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): + pass + + +id_at_surname = _OID(id_at, 4) + + +ub_common_name_length = univ.Integer(64) + + +id_ad = _OID(id_pkix, 48) + + +ub_numeric_user_id_length = univ.Integer(32) + + +class NumericUserIdentifier(char.NumericString): + pass + + +NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + + +class OrganizationName(char.PrintableString): + pass + + +OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +ub_domain_name_length = univ.Integer(16) + + +class AdministrationDomainName(univ.Choice): + pass + + +AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) +AdministrationDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) +) + + +class PrivateDomainName(univ.Choice): + pass + + +PrivateDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) +) + + +ub_generation_qualifier_length = univ.Integer(3) + + +ub_given_name_length = univ.Integer(16) + + +ub_initials_length = univ.Integer(5) + + +class PersonalName(univ.Set): + pass + + +PersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +ub_terminal_id_length = univ.Integer(24) + + +class TerminalIdentifier(char.PrintableString): + pass + + +TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) + + +ub_x121_address_length = univ.Integer(16) + + +class X121Address(char.NumericString): + pass + + +X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) + + +class NetworkAddress(X121Address): + pass + + +class BuiltInStandardAttributes(univ.Sequence): + pass + + +BuiltInStandardAttributes.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('country-name', CountryName()), + namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) +) + + +ub_domain_defined_attributes = univ.Integer(4) + + +class BuiltInDomainDefinedAttribute(univ.Sequence): + pass + + +BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + + +class BuiltInDomainDefinedAttributes(univ.SequenceOf): + pass + + +BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() +BuiltInDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +ub_extension_attributes = univ.Integer(256) + + +class ExtensionAttribute(univ.Sequence): + pass + + +ExtensionAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class ExtensionAttributes(univ.SetOf): + pass + + +ExtensionAttributes.componentType = ExtensionAttribute() +ExtensionAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_extension_attributes) + + +class ORAddress(univ.Sequence): + pass + + +ORAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), + namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), + namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) +) + + +id_pe = _OID(id_pkix, 1) + + +ub_title = univ.Integer(64) + + +class X520Title(univ.Choice): + pass + + +X520Title.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) +) + + +id_at_organizationalUnitName = _OID(id_at, 11) + + +class EmailAddress(char.IA5String): + pass + + +EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) + + +physical_delivery_country_name = univ.Integer(8) + + +id_at_givenName = _OID(id_at, 42) + + +class TeletexCommonName(char.TeletexString): + pass + + +TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + + +id_qt_cps = _OID(id_qt, 1) + + +class LocalPostalAttributes(PDSParameter): + pass + + +class StreetAddress(PDSParameter): + pass + + +id_kp = _OID(id_pkix, 3) + + +class DirectoryString(univ.Choice): + pass + + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class DomainComponent(char.IA5String): + pass + + +id_at_initials = _OID(id_at, 43) + + +id_qt_unotice = _OID(id_qt, 2) + + +ub_pds_name_length = univ.Integer(16) + + +class PDSName(char.PrintableString): + pass + + +PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) + + +class PosteRestanteAddress(PDSParameter): + pass + + +class DistinguishedName(RDNSequence): + pass + + +class CommonName(char.PrintableString): + pass + + +CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + + +ub_serial_number = univ.Integer(64) + + +class X520SerialNumber(char.PrintableString): + pass + + +X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) + + +id_at_generationQualifier = _OID(id_at, 44) + + +ub_organizational_unit_name = univ.Integer(64) + + +id_ad_ocsp = _OID(id_ad, 1) + + +class TeletexOrganizationalUnitName(char.TeletexString): + pass + + +TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +class TeletexPersonalName(univ.Set): + pass + + +TeletexPersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class TeletexDomainDefinedAttributes(univ.SequenceOf): + pass + + +TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() +TeletexDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +class TBSCertList(univ.Sequence): + pass + + +TBSCertList.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + )) + )), + namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +local_postal_attributes = univ.Integer(21) + + +pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) + + +class PhysicalDeliveryCountryName(univ.Choice): + pass + + +PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + + +ub_name = univ.Integer(32768) + + +class X520name(univ.Choice): + pass + + +X520name.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) +) + + +id_emailAddress = _OID(pkcs_9, 1) + + +class TerminalType(univ.Integer): + pass + + +TerminalType.namedValues = namedval.NamedValues( + ('telex', 3), + ('teletex', 4), + ('g3-facsimile', 5), + ('g4-facsimile', 6), + ('ia5-terminal', 7), + ('videotex', 8) +) + + +class X520OrganizationalUnitName(univ.Choice): + pass + + +X520OrganizationalUnitName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) +) + + +id_at_commonName = _OID(id_at, 3) + + +pds_name = univ.Integer(7) + + +post_office_box_address = univ.Integer(18) + + +ub_locality_name = univ.Integer(128) + + +class X520LocalityName(univ.Choice): + pass + + +X520LocalityName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) +) + + +id_ad_timeStamping = _OID(id_ad, 3) + + +id_at_countryName = _OID(id_at, 6) + + +physical_delivery_personal_name = univ.Integer(13) + + +teletex_personal_name = univ.Integer(4) + + +teletex_organizational_unit_names = univ.Integer(5) + + +class PhysicalDeliveryPersonalName(PDSParameter): + pass + + +ub_postal_code_length = univ.Integer(16) + + +class PostalCode(univ.Choice): + pass + + +PostalCode.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) +) + + +class X520countryName(char.PrintableString): + pass + + +X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) + + +postal_code = univ.Integer(9) + + +id_ad_caRepository = _OID(id_ad, 5) + + +extension_physical_delivery_address_components = univ.Integer(15) + + +class PostOfficeBoxAddress(PDSParameter): + pass + + +class PhysicalDeliveryOfficeName(PDSParameter): + pass + + +id_at_title = _OID(id_at, 12) + + +id_at_serialNumber = _OID(id_at, 5) + + +id_ad_caIssuers = _OID(id_ad, 2) + + +ub_integer_options = univ.Integer(256) + + +class CertificateList(univ.Sequence): + pass + + +CertificateList.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class PhysicalDeliveryOfficeNumber(PDSParameter): + pass + + +class TeletexOrganizationalUnitNames(univ.SequenceOf): + pass + + +TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() +TeletexOrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) + + +physical_delivery_office_name = univ.Integer(10) + + +ub_common_name = univ.Integer(64) + + +class ExtensionORAddressComponents(PDSParameter): + pass + + +ub_pseudonym = univ.Integer(128) + + +poste_restante_address = univ.Integer(19) + + +id_at_organizationName = _OID(id_at, 10) + + +physical_delivery_office_number = univ.Integer(11) + + +id_at_pseudonym = _OID(id_at, 65) + + +class X520CommonName(univ.Choice): + pass + + +X520CommonName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) +) + + +physical_delivery_organization_name = univ.Integer(14) + + +class X520dnQualifier(char.PrintableString): + pass + + +id_at_stateOrProvinceName = _OID(id_at, 8) + + +common_name = univ.Integer(1) + + +id_at_localityName = _OID(id_at, 7) + + +ub_match = univ.Integer(128) + + +ub_unformatted_address_length = univ.Integer(180) + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) +) + + +extended_network_address = univ.Integer(22) + + +unique_postal_name = univ.Integer(20) + + +ub_pds_physical_address_lines = univ.Integer(6) + + +class UnformattedPostalAddress(univ.Set): + pass + + +UnformattedPostalAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) +) + + +class UniquePostalName(PDSParameter): + pass + + +class X520Pseudonym(univ.Choice): + pass + + +X520Pseudonym.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) +) + + +teletex_organization_name = univ.Integer(3) + + +teletex_domain_defined_attributes = univ.Integer(6) + + +street_address = univ.Integer(17) + + +id_kp_OCSPSigning = _OID(id_kp, 9) + + +id_ce = _OID(2, 5, 29) + + +id_ce_certificatePolicies = _OID(id_ce, 32) + + +class EDIPartyName(univ.Sequence): + pass + + +EDIPartyName.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class AnotherName(univ.Sequence): + pass + + +AnotherName.componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class GeneralName(univ.Choice): + pass + + +GeneralName.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) +) + + +class GeneralNames(univ.SequenceOf): + pass + + +GeneralNames.componentType = GeneralName() +GeneralNames.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class IssuerAltName(GeneralNames): + pass + + +id_ce_cRLDistributionPoints = _OID(id_ce, 31) + + +class CertPolicyId(univ.ObjectIdentifier): + pass + + +class PolicyMappings(univ.SequenceOf): + pass + + +PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) +)) + +PolicyMappings.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class PolicyQualifierId(univ.ObjectIdentifier): + pass + + +holdInstruction = _OID(2, 2, 840, 10040, 2) + + +id_ce_subjectDirectoryAttributes = _OID(id_ce, 9) + + +id_holdinstruction_callissuer = _OID(holdInstruction, 2) + + +class SubjectDirectoryAttributes(univ.SequenceOf): + pass + + +SubjectDirectoryAttributes.componentType = Attribute() +SubjectDirectoryAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +anyPolicy = _OID(id_ce_certificatePolicies, 0) + + +id_ce_subjectAltName = _OID(id_ce, 17) + + +id_kp_emailProtection = _OID(id_kp, 4) + + +class ReasonFlags(univ.BitString): + pass + + +ReasonFlags.namedValues = namedval.NamedValues( + ('unused', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('privilegeWithdrawn', 7), + ('aACompromise', 8) +) + + +class DistributionPointName(univ.Choice): + pass + + +DistributionPointName.componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class DistributionPoint(univ.Sequence): + pass + + +DistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +id_ce_keyUsage = _OID(id_ce, 15) + + +class PolicyQualifierInfo(univ.Sequence): + pass + + +PolicyQualifierInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType('qualifier', univ.Any()) +) + + +class PolicyInformation(univ.Sequence): + pass + + +PolicyInformation.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', CertPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) +) + + +class CertificatePolicies(univ.SequenceOf): + pass + + +CertificatePolicies.componentType = PolicyInformation() +CertificatePolicies.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_ce_basicConstraints = _OID(id_ce, 19) + + +class HoldInstructionCode(univ.ObjectIdentifier): + pass + + +class KeyPurposeId(univ.ObjectIdentifier): + pass + + +class ExtKeyUsageSyntax(univ.SequenceOf): + pass + + +ExtKeyUsageSyntax.componentType = KeyPurposeId() +ExtKeyUsageSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class SubjectAltName(GeneralNames): + pass + + +class BasicConstraints(univ.Sequence): + pass + + +BasicConstraints.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) +) + + +class SkipCerts(univ.Integer): + pass + + +SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class InhibitAnyPolicy(SkipCerts): + pass + + +class CRLNumber(univ.Integer): + pass + + +CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class BaseCRLNumber(CRLNumber): + pass + + +class KeyIdentifier(univ.OctetString): + pass + + +class AuthorityKeyIdentifier(univ.Sequence): + pass + + +AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +id_ce_nameConstraints = _OID(id_ce, 30) + + +id_kp_serverAuth = _OID(id_kp, 1) + + +id_ce_freshestCRL = _OID(id_ce, 46) + + +id_ce_cRLReasons = _OID(id_ce, 21) + + +class CRLDistributionPoints(univ.SequenceOf): + pass + + +CRLDistributionPoints.componentType = DistributionPoint() +CRLDistributionPoints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class FreshestCRL(CRLDistributionPoints): + pass + + +id_ce_inhibitAnyPolicy = _OID(id_ce, 54) + + +class CRLReason(univ.Enumerated): + pass + + +CRLReason.namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8), + ('privilegeWithdrawn', 9), + ('aACompromise', 10) +) + + +class BaseDistance(univ.Integer): + pass + + +BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class GeneralSubtree(univ.Sequence): + pass + + +GeneralSubtree.componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class GeneralSubtrees(univ.SequenceOf): + pass + + +GeneralSubtrees.componentType = GeneralSubtree() +GeneralSubtrees.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + pass + + +NameConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_pe_authorityInfoAccess = _OID(id_pe, 1) + + +id_pe_subjectInfoAccess = _OID(id_pe, 11) + + +id_ce_certificateIssuer = _OID(id_ce, 29) + + +id_ce_invalidityDate = _OID(id_ce, 24) + + +class DirectoryString(univ.Choice): + pass + + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('any', univ.Any()) +) + + +id_ce_authorityKeyIdentifier = _OID(id_ce, 35) + + +class AccessDescription(univ.Sequence): + pass + + +AccessDescription.componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) +) + + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + pass + + +AuthorityInfoAccessSyntax.componentType = AccessDescription() +AuthorityInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_ce_issuingDistributionPoint = _OID(id_ce, 28) + + +class CPSuri(char.IA5String): + pass + + +class DisplayText(univ.Choice): + pass + + +DisplayText.componentType = namedtype.NamedTypes( + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) +) + + +class NoticeReference(univ.Sequence): + pass + + +NoticeReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) +) + + +class UserNotice(univ.Sequence): + pass + + +UserNotice.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) +) + + +class PrivateKeyUsagePeriod(univ.Sequence): + pass + + +PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_ce_subjectKeyIdentifier = _OID(id_ce, 14) + + +class CertificateIssuer(GeneralNames): + pass + + +class InvalidityDate(useful.GeneralizedTime): + pass + + +class SubjectInfoAccessSyntax(univ.SequenceOf): + pass + + +SubjectInfoAccessSyntax.componentType = AccessDescription() +SubjectInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class KeyUsage(univ.BitString): + pass + + +KeyUsage.namedValues = namedval.NamedValues( + ('digitalSignature', 0), + ('nonRepudiation', 1), + ('keyEncipherment', 2), + ('dataEncipherment', 3), + ('keyAgreement', 4), + ('keyCertSign', 5), + ('cRLSign', 6), + ('encipherOnly', 7), + ('decipherOnly', 8) +) + + +id_ce_extKeyUsage = _OID(id_ce, 37) + + +anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0) + + +id_ce_privateKeyUsagePeriod = _OID(id_ce, 16) + + +id_ce_policyMappings = _OID(id_ce, 33) + + +id_ce_cRLNumber = _OID(id_ce, 20) + + +id_ce_policyConstraints = _OID(id_ce, 36) + + +id_holdinstruction_none = _OID(holdInstruction, 1) + + +id_holdinstruction_reject = _OID(holdInstruction, 3) + + +id_kp_timeStamping = _OID(id_kp, 8) + + +class PolicyConstraints(univ.Sequence): + pass + + +PolicyConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SubjectKeyIdentifier(KeyIdentifier): + pass + + +id_kp_clientAuth = _OID(id_kp, 2) + + +id_ce_deltaCRLIndicator = _OID(id_ce, 27) + + +id_ce_issuerAltName = _OID(id_ce, 18) + + +id_kp_codeSigning = _OID(id_kp, 3) + + +id_ce_holdInstructionCode = _OID(id_ce, 23) + + +class IssuingDistributionPoint(univ.Sequence): + pass + + +IssuingDistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) +) + + diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py new file mode 100644 index 0000000..38db8c4 --- /dev/null +++ b/pyasn1_modules/rfc3281.py @@ -0,0 +1,350 @@ +""" +RFC3281 +An Internet Attribute Certificate Profile for Authorization +""" + +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import univ +from pyasn1.type import char +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import constraint +from pyasn1.type import useful + +from . import rfc3280 + +MAX=64 + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class ObjectDigestInfo(univ.Sequence): + pass + + +ObjectDigestInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('digestedObjectType', univ.Enumerated(namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))), + namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()), + namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('objectDigest', univ.BitString()) +) + + +class IssuerSerial(univ.Sequence): + pass + + +IssuerSerial.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc3280.GeneralNames()), + namedtype.NamedType('serial', rfc3280.CertificateSerialNumber()), + namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier()) +) + + +class TargetCert(univ.Sequence): + pass + + +TargetCert.componentType = namedtype.NamedTypes( + namedtype.NamedType('targetCertificate', IssuerSerial()), + namedtype.OptionalNamedType('targetName', rfc3280.GeneralName()), + namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo()) +) + + +class Target(univ.Choice): + pass + + +Target.componentType = namedtype.NamedTypes( + namedtype.NamedType('targetName', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('targetCert', TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +class Targets(univ.SequenceOf): + pass + + +Targets.componentType = Target() + + +class ProxyInfo(univ.SequenceOf): + pass + + +ProxyInfo.componentType = Targets() + + + +id_at_role = _OID(rfc3280.id_at, 72) + + +id_pe_aaControls = _OID(rfc3280.id_pe, 6) + + +id_at_role = _OID(rfc3280.id_at, 72) + + +id_ce_targetInformation = _OID(rfc3280.id_ce, 55) + + +id_pe_ac_auditIdentity = _OID(rfc3280.id_pe, 4) + + +class ClassList(univ.BitString): + pass + + +ClassList.namedValues = namedval.NamedValues( + ('unmarked', 0), + ('unclassified', 1), + ('restricted', 2), + ('confidential', 3), + ('secret', 4), + ('topSecret', 5) +) + + +class SecurityCategory(univ.Sequence): + pass + + +SecurityCategory.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class Clearance(univ.Sequence): + pass + + +Clearance.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.DefaultedNamedType('classList', + ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype(value="unclassified")), + namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class AttCertVersion(univ.Integer): + pass + + +AttCertVersion.namedValues = namedval.NamedValues( + ('v2', 1) +) + + +id_aca = _OID(rfc3280.id_pkix, 10) + + +id_at_clearance = _OID(2, 5, 1, 5, 55) + + +class AttrSpec(univ.SequenceOf): + pass + + +AttrSpec.componentType = univ.ObjectIdentifier() + + +class AAControls(univ.Sequence): + pass + + +AAControls.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.OptionalNamedType('permittedAttrs', AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedAttrs', AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1)) +) + + +id_aca = _OID(rfc3280.id_pkix, 10) + + +class AttCertValidityPeriod(univ.Sequence): + pass + + +AttCertValidityPeriod.componentType = namedtype.NamedTypes( + namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()), + namedtype.NamedType('notAfterTime', useful.GeneralizedTime()) +) + + +id_pe_ac_auditIdentity = _OID(rfc3280.id_pe, 4) + + +id_at_clearance = _OID(2, 5, 1, 5, 55) + + +id_aca_authenticationInfo = _OID(id_aca, 1) + + +class V2Form(univ.Sequence): + pass + + +V2Form.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('issuerName', rfc3280.GeneralNames()), + namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class AttCertIssuer(univ.Choice): + pass + + +AttCertIssuer.componentType = namedtype.NamedTypes( + namedtype.NamedType('v1Form', rfc3280.GeneralNames()), + namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class Holder(univ.Sequence): + pass + + +Holder.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +class AttributeCertificateInfo(univ.Sequence): + pass + + +AttributeCertificateInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', AttCertVersion()), + namedtype.NamedType('holder', Holder()), + namedtype.NamedType('issuer', AttCertIssuer()), + namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), + namedtype.NamedType('attrCertValidityPeriod', AttCertValidityPeriod()), + namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions()) +) + + +class AttributeCertificate(univ.Sequence): + pass + + +AttributeCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('acinfo', AttributeCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('signatureValue', univ.BitString()) +) + + +id_aca_authenticationInfo = _OID(id_aca, 1) + + +id_mod = _OID(rfc3280.id_pkix, 0) + + +id_mod_attribute_cert = _OID(id_mod, 12) + + +id_aca_accessIdentity = _OID(id_aca, 2) + + +id_aca_accessIdentity = _OID(id_aca, 2) + + +class RoleSyntax(univ.Sequence): + pass + + +RoleSyntax.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('roleName', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_aca_chargingIdentity = _OID(id_aca, 3) + + +id_aca_chargingIdentity = _OID(id_aca, 3) + + +class ACClearAttrs(univ.Sequence): + pass + + +ACClearAttrs.componentType = namedtype.NamedTypes( + namedtype.NamedType('acIssuer', rfc3280.GeneralName()), + namedtype.NamedType('acSerial', univ.Integer()), + namedtype.NamedType('attrs', univ.SequenceOf(componentType=rfc3280.Attribute())) +) + + +id_ce_targetInformation = _OID(rfc3280.id_ce, 55) + + +id_aca_group = _OID(id_aca, 4) + + +id_aca_group = _OID(id_aca, 4) + + +id_pe_ac_proxying = _OID(rfc3280.id_pe, 10) + + +id_pe_aaControls = _OID(rfc3280.id_pe, 6) + + +class SvceAuthInfo(univ.Sequence): + pass + + +SvceAuthInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('service', rfc3280.GeneralName()), + namedtype.NamedType('ident', rfc3280.GeneralName()), + namedtype.OptionalNamedType('authInfo', univ.OctetString()) +) + + +class IetfAttrSyntax(univ.Sequence): + pass + + +IetfAttrSyntax.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('values', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('octets', univ.OctetString()), + namedtype.NamedType('oid', univ.ObjectIdentifier()), + namedtype.NamedType('string', char.UTF8String()) + )) + )) +) + + +id_aca_encAttrs = _OID(id_aca, 6) + + +id_aca_encAttrs = _OID(id_aca, 6) + + +id_pe_ac_proxying = _OID(rfc3280.id_pe, 10) + + diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py new file mode 100644 index 0000000..32a5655 --- /dev/null +++ b/pyasn1_modules/rfc3852.py @@ -0,0 +1,668 @@ +""" +RFC3852 +Cryptographic Message Syntax (CMS) +""" +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +MAX = 64 + +from . import rfc3280 +from . import rfc3281 + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class AttributeValue(univ.Any): + pass + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue())) +) + + +class SignedAttributes(univ.SetOf): + pass + + +SignedAttributes.componentType = Attribute() +SignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class OtherRevocationInfoFormat(univ.Sequence): + pass + + +OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherRevInfo', univ.Any()) +) + + +class RevocationInfoChoice(univ.Choice): + pass + + +RevocationInfoChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('crl', rfc3280.CertificateList()), + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class RevocationInfoChoices(univ.SetOf): + pass + + +RevocationInfoChoices.componentType = RevocationInfoChoice() + + +class OtherKeyAttribute(univ.Sequence): + pass + + +OtherKeyAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('keyAttr', univ.Any()) +) + + +id_signedData = _OID(1, 2, 840, 113549, 1, 7, 2) + + +class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class EncryptedKey(univ.OctetString): + pass + + +class CMSVersion(univ.Integer): + pass + + +CMSVersion.namedValues = namedval.NamedValues( + ('v0', 0), + ('v1', 1), + ('v2', 2), + ('v3', 3), + ('v4', 4), + ('v5', 5) +) + + +class KEKIdentifier(univ.Sequence): + pass + + +KEKIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyIdentifier', univ.OctetString()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KEKRecipientInfo(univ.Sequence): + pass + + +KEKRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('kekid', KEKIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class PasswordRecipientInfo(univ.Sequence): + pass + + +PasswordRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class OtherRecipientInfo(univ.Sequence): + pass + + +OtherRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('oriType', univ.ObjectIdentifier()), + namedtype.NamedType('oriValue', univ.Any()) +) + + +class IssuerAndSerialNumber(univ.Sequence): + pass + + +IssuerAndSerialNumber.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc3280.Name()), + namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()) +) + + +class SubjectKeyIdentifier(univ.OctetString): + pass + + +class RecipientKeyIdentifier(univ.Sequence): + pass + + +RecipientKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KeyAgreeRecipientIdentifier(univ.Choice): + pass + + +KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class RecipientEncryptedKey(univ.Sequence): + pass + + +RecipientEncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientEncryptedKeys(univ.SequenceOf): + pass + + +RecipientEncryptedKeys.componentType = RecipientEncryptedKey() + + +class UserKeyingMaterial(univ.OctetString): + pass + + +class OriginatorPublicKey(univ.Sequence): + pass + + +OriginatorPublicKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('publicKey', univ.BitString()) +) + + +class OriginatorIdentifierOrKey(univ.Choice): + pass + + +OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class KeyAgreeRecipientInfo(univ.Sequence): + pass + + +KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) +) + + +class RecipientIdentifier(univ.Choice): + pass + + +RecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class KeyTransRecipientInfo(univ.Sequence): + pass + + +KeyTransRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('rid', RecipientIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientInfo(univ.Choice): + pass + + +RecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('ktri', KeyTransRecipientInfo()), + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) +) + + +class RecipientInfos(univ.SetOf): + pass + + +RecipientInfos.componentType = RecipientInfo() +RecipientInfos.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class Signature(univ.BitString): + pass + + +class SignerIdentifier(univ.Choice): + pass + + +SignerIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class UnprotectedAttributes(univ.SetOf): + pass + + +UnprotectedAttributes.componentType = Attribute() +UnprotectedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class ContentType(univ.ObjectIdentifier): + pass + + +class EncryptedContent(univ.OctetString): + pass + + +class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class EncryptedContentInfo(univ.Sequence): + pass + + +EncryptedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class EncryptedData(univ.Sequence): + pass + + +EncryptedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_contentType = _OID(1, 2, 840, 113549, 1, 9, 3) + + +id_data = _OID(1, 2, 840, 113549, 1, 7, 1) + + +id_messageDigest = _OID(1, 2, 840, 113549, 1, 9, 4) + + +class DigestAlgorithmIdentifiers(univ.SetOf): + pass + + +DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() + + +class EncapsulatedContentInfo(univ.Sequence): + pass + + +EncapsulatedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('eContentType', ContentType()), + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class Digest(univ.OctetString): + pass + + +class DigestedData(univ.Sequence): + pass + + +DigestedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.NamedType('digest', Digest()) +) + + +class ContentInfo(univ.Sequence): + pass + + +ContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class UnauthAttributes(univ.SetOf): + pass + + +UnauthAttributes.componentType = Attribute() +UnauthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class ExtendedCertificateInfo(univ.Sequence): + pass + + +ExtendedCertificateInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('certificate', rfc3280.Certificate()), + namedtype.NamedType('attributes', UnauthAttributes()) +) + + +class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class ExtendedCertificate(univ.Sequence): + pass + + +ExtendedCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) +) + + +class OtherCertificateFormat(univ.Sequence): + pass + + +OtherCertificateFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherCert', univ.Any()) +) + + +class AttributeCertificateV2(rfc3281.AttributeCertificate): + pass + + +class AttCertVersionV1(univ.Integer): + pass + + +AttCertVersionV1.namedValues = namedval.NamedValues( + ('v1', 0) +) + + +class AttributeCertificateInfoV1(univ.Sequence): + pass + + +AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), + namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + )) + ), + namedtype.NamedType('issuer', rfc3280.GeneralNames()), + namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), + namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), + namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions()) +) + + +class AttributeCertificateV1(univ.Sequence): + pass + + +AttributeCertificateV1.componentType = namedtype.NamedTypes( + namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), + namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class CertificateChoices(univ.Choice): + pass + + +CertificateChoices.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc3280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class CertificateSet(univ.SetOf): + pass + + +CertificateSet.componentType = CertificateChoices() + + +class MessageAuthenticationCode(univ.OctetString): + pass + + +class UnsignedAttributes(univ.SetOf): + pass + + +UnsignedAttributes.componentType = Attribute() +UnsignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class SignatureValue(univ.OctetString): + pass + + +class SignerInfo(univ.Sequence): + pass + + +SignerInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('sid', SignerIdentifier()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', SignatureValue()), + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SignerInfos(univ.SetOf): + pass + + +SignerInfos.componentType = SignerInfo() + + +class SignedData(univ.Sequence): + pass + + +SignedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) +) + + +class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier): + pass + + +class MessageDigest(univ.OctetString): + pass + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class OriginatorInfo(univ.Sequence): + pass + + +OriginatorInfo.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('certs', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class AuthAttributes(univ.SetOf): + pass + + +AuthAttributes.componentType = Attribute() +AuthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class AuthenticatedData(univ.Sequence): + pass + + +AuthenticatedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('mac', MessageAuthenticationCode()), + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +id_ct_contentInfo = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 6) + + +id_envelopedData = _OID(1, 2, 840, 113549, 1, 7, 3) + + +class EnvelopedData(univ.Sequence): + pass + + +EnvelopedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class Countersignature(SignerInfo): + pass + + +id_digestedData = _OID(1, 2, 840, 113549, 1, 7, 5) + + +id_signingTime = _OID(1, 2, 840, 113549, 1, 9, 5) + + +class ExtendedCertificateOrCertificate(univ.Choice): + pass + + +ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc3280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +id_encryptedData = _OID(1, 2, 840, 113549, 1, 7, 6) + + +id_ct_authData = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 2) + + +class SigningTime(Time): + pass + + +id_countersignature = _OID(1, 2, 840, 113549, 1, 9, 6) + + diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py new file mode 100644 index 0000000..0f404de --- /dev/null +++ b/pyasn1_modules/rfc4211.py @@ -0,0 +1,356 @@ +""" +RFC4211 +Internet X.509 Public Key Infrastructure Certificate Request Message Format +(CRMF) +""" + +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from . import rfc3280 +from . import rfc3852 + +MAX = 64 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) + + +id_pkip = _OID(id_pkix, 5) + + +id_regCtrl = _OID(id_pkip, 1) + + +class SinglePubInfo(univ.Sequence): + pass + + +SinglePubInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('pubMethod', univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), + namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName()) +) + + +class UTF8Pairs(char.UTF8String): + pass + + +class PKMACValue(univ.Sequence): + pass + + +PKMACValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('value', univ.BitString()) +) + + +class POPOSigningKeyInput(univ.Sequence): + pass + + +POPOSigningKeyInput.componentType = namedtype.NamedTypes( + namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('publicKeyMAC', PKMACValue()) + )) + ), + namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo()) +) + + +class POPOSigningKey(univ.Sequence): + pass + + +POPOSigningKey.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class Attributes(univ.SetOf): + pass + + +Attributes.componentType = rfc3280.Attribute() + + +class PrivateKeyInfo(univ.Sequence): + pass + + +PrivateKeyInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer()), + namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('privateKey', univ.OctetString()), + namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class EncryptedValue(univ.Sequence): + pass + + +EncryptedValue.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('encValue', univ.BitString()) +) + + +class EncryptedKey(univ.Choice): + pass + + +EncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedValue', EncryptedValue()), + namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class KeyGenParameters(univ.OctetString): + pass + + +class PKIArchiveOptions(univ.Choice): + pass + + +PKIArchiveOptions.componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +id_regCtrl_authenticator = _OID(id_regCtrl, 2) + + +id_regInfo = _OID(id_pkip, 2) + + +id_regInfo_certReq = _OID(id_regInfo, 2) + + +class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo): + pass + + +class Authenticator(char.UTF8String): + pass + + +class SubsequentMessage(univ.Integer): + pass + + +SubsequentMessage.namedValues = namedval.NamedValues( + ('encrCert', 0), + ('challengeResp', 1) +) + + +class AttributeTypeAndValue(univ.Sequence): + pass + + +AttributeTypeAndValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', univ.ObjectIdentifier()), + namedtype.NamedType('value', univ.Any()) +) + + +class POPOPrivKey(univ.Choice): + pass + + +POPOPrivKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('agreeMAC', PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) +) + + +class ProofOfPossession(univ.Choice): + pass + + +ProofOfPossession.componentType = namedtype.NamedTypes( + namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signature', POPOSigningKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class OptionalValidity(univ.Sequence): + pass + + +OptionalValidity.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class CertTemplate(univ.Sequence): + pass + + +CertTemplate.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', rfc3280.Version().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('validity', OptionalValidity().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('subject', rfc3280.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9))) +) + + +class Controls(univ.SequenceOf): + pass + + +Controls.componentType = AttributeTypeAndValue() +Controls.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class CertRequest(univ.Sequence): + pass + + +CertRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('certTemplate', CertTemplate()), + namedtype.OptionalNamedType('controls', Controls()) +) + + +class CertReqMsg(univ.Sequence): + pass + + +CertReqMsg.componentType = namedtype.NamedTypes( + namedtype.NamedType('certReq', CertRequest()), + namedtype.OptionalNamedType('popo', ProofOfPossession()), + namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue())) +) + + +class CertReqMessages(univ.SequenceOf): + pass + + +CertReqMessages.componentType = CertReqMsg() +CertReqMessages.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class CertReq(CertRequest): + pass + + +id_regCtrl_pkiPublicationInfo = _OID(id_regCtrl, 3) + + +class CertId(univ.Sequence): + pass + + +CertId.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc3280.GeneralName()), + namedtype.NamedType('serialNumber', univ.Integer()) +) + + +class OldCertId(CertId): + pass + + +class PKIPublicationInfo(univ.Sequence): + pass + + +PKIPublicationInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), + namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo())) +) + + +class EncKeyWithID(univ.Sequence): + pass + + +EncKeyWithID.componentType = namedtype.NamedTypes( + namedtype.NamedType('privateKey', PrivateKeyInfo()), + namedtype.OptionalNamedType('identifier', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('string', char.UTF8String()), + namedtype.NamedType('generalName', rfc3280.GeneralName()) + )) + ) +) + + +id_regCtrl_protocolEncrKey = _OID(id_regCtrl, 6) + + +id_regCtrl_oldCertID = _OID(id_regCtrl, 5) + + +id_smime = _OID(1, 2, 840, 113549, 1, 9, 16) + + +class PBMParameter(univ.Sequence): + pass + + +PBMParameter.componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString()), + namedtype.NamedType('owf', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier()) +) + + +id_regCtrl_regToken = _OID(id_regCtrl, 1) + + +id_regCtrl_pkiArchiveOptions = _OID(id_regCtrl, 4) + + +id_regInfo_utf8Pairs = _OID(id_regInfo, 1) + + +id_ct = _OID(id_smime, 1) + + +id_ct_encKeyWithID = _OID(id_ct, 21) + + +class RegToken(char.UTF8String): + pass + + diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py new file mode 100644 index 0000000..eabc0c6 --- /dev/null +++ b/pyasn1_modules/rfc5280.py @@ -0,0 +1,1509 @@ +""" +RFC5280 +Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation +List (CRL) Profile +""" +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import univ +from pyasn1.type import char +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import constraint +from pyasn1.type import useful + + +MAX = 64 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +ub_e163_4_sub_address_length = univ.Integer(40) + + +ub_e163_4_number_length = univ.Integer(15) + + +unformatted_postal_address = univ.Integer(16) + + +class TerminalType(univ.Integer): + pass + + +TerminalType.namedValues = namedval.NamedValues( + ('telex', 3), + ('teletex', 4), + ('g3-facsimile', 5), + ('g4-facsimile', 6), + ('ia5-terminal', 7), + ('videotex', 8) +) + + +class Extension(univ.Sequence): + pass + + +Extension.componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), + namedtype.NamedType('extnValue', univ.OctetString()) +) + + +class Extensions(univ.SequenceOf): + pass + + +Extensions.componentType = Extension() +Extensions.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +physical_delivery_personal_name = univ.Integer(13) + + +ub_unformatted_address_length = univ.Integer(180) + + +ub_pds_parameter_length = univ.Integer(30) + + +ub_pds_physical_address_lines = univ.Integer(6) + + +class UnformattedPostalAddress(univ.Set): + pass + + +UnformattedPostalAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) +) + + +ub_organization_name = univ.Integer(64) + + +class X520OrganizationName(univ.Choice): + pass + + +X520OrganizationName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) +) + + +ub_x121_address_length = univ.Integer(16) + + +pds_name = univ.Integer(7) + + +id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) + + +id_kp = _OID(id_pkix, 3) + + +ub_postal_code_length = univ.Integer(16) + + +class PostalCode(univ.Choice): + pass + + +PostalCode.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) +) + + +ub_generation_qualifier_length = univ.Integer(3) + + +unique_postal_name = univ.Integer(20) + + +class DomainComponent(char.IA5String): + pass + + +ub_domain_defined_attribute_value_length = univ.Integer(128) + + +ub_match = univ.Integer(128) + + +id_at = _OID(2, 5, 4) + + +class AttributeType(univ.ObjectIdentifier): + pass + + +id_at_organizationalUnitName = _OID(id_at, 11) + + +terminal_type = univ.Integer(23) + + +class PDSParameter(univ.Set): + pass + + +PDSParameter.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) +) + + +class PhysicalDeliveryPersonalName(PDSParameter): + pass + + +ub_surname_length = univ.Integer(40) + + +id_ad = _OID(id_pkix, 48) + + +ub_domain_defined_attribute_type_length = univ.Integer(8) + + +class TeletexDomainDefinedAttribute(univ.Sequence): + pass + + +TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + + +ub_domain_defined_attributes = univ.Integer(4) + + +class TeletexDomainDefinedAttributes(univ.SequenceOf): + pass + + +TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() +TeletexDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +extended_network_address = univ.Integer(22) + + +ub_locality_name = univ.Integer(128) + + +class X520LocalityName(univ.Choice): + pass + + +X520LocalityName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) +) + + +teletex_organization_name = univ.Integer(3) + + +ub_given_name_length = univ.Integer(16) + + +ub_initials_length = univ.Integer(5) + + +class PersonalName(univ.Set): + pass + + +PersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +ub_organizational_unit_name_length = univ.Integer(32) + + +class OrganizationalUnitName(char.PrintableString): + pass + + +OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +id_at_generationQualifier = _OID(id_at, 44) + + +class Version(univ.Integer): + pass + + +Version.namedValues = namedval.NamedValues( + ('v1', 0), + ('v2', 1), + ('v3', 2) +) + + +class CertificateSerialNumber(univ.Integer): + pass + + +class AlgorithmIdentifier(univ.Sequence): + pass + + +AlgorithmIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) +) + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class AttributeValue(univ.Any): + pass + + +class AttributeTypeAndValue(univ.Sequence): + pass + + +AttributeTypeAndValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('value', AttributeValue()) +) + + +class RelativeDistinguishedName(univ.SetOf): + pass + + +RelativeDistinguishedName.componentType = AttributeTypeAndValue() +RelativeDistinguishedName.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class RDNSequence(univ.SequenceOf): + pass + + +RDNSequence.componentType = RelativeDistinguishedName() + + +class Name(univ.Choice): + pass + + +Name.componentType = namedtype.NamedTypes( + namedtype.NamedType('rdnSequence', RDNSequence()) +) + + +class TBSCertList(univ.Sequence): + pass + + +TBSCertList.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + )) + )), + namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class CertificateList(univ.Sequence): + pass + + +CertificateList.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class PhysicalDeliveryOfficeName(PDSParameter): + pass + + +ub_extension_attributes = univ.Integer(256) + + +class ExtensionAttribute(univ.Sequence): + pass + + +ExtensionAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_qt = _OID(id_pkix, 2) + + +id_qt_cps = _OID(id_qt, 1) + + +id_at_stateOrProvinceName = _OID(id_at, 8) + + +id_at_title = _OID(id_at, 12) + + +id_at_serialNumber = _OID(id_at, 5) + + +class X520dnQualifier(char.PrintableString): + pass + + +class PosteRestanteAddress(PDSParameter): + pass + + +poste_restante_address = univ.Integer(19) + + +class UniqueIdentifier(univ.BitString): + pass + + +class Validity(univ.Sequence): + pass + + +Validity.componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) +) + + +class SubjectPublicKeyInfo(univ.Sequence): + pass + + +SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) +) + + +class TBSCertificate(univ.Sequence): + pass + + +TBSCertificate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value="v1")), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +physical_delivery_office_name = univ.Integer(10) + + +ub_name = univ.Integer(32768) + + +class X520name(univ.Choice): + pass + + +X520name.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) +) + + +id_at_dnQualifier = _OID(id_at, 46) + + +ub_serial_number = univ.Integer(64) + + +ub_pseudonym = univ.Integer(128) + + +pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) + + +class X121Address(char.NumericString): + pass + + +X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) + + +class NetworkAddress(X121Address): + pass + + +ub_integer_options = univ.Integer(256) + + +id_at_commonName = _OID(id_at, 3) + + +ub_organization_name_length = univ.Integer(64) + + +id_ad_ocsp = _OID(id_ad, 1) + + +ub_country_name_numeric_length = univ.Integer(3) + + +ub_country_name_alpha_length = univ.Integer(2) + + +class PhysicalDeliveryCountryName(univ.Choice): + pass + + +PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + + +id_emailAddress = _OID(pkcs_9, 1) + + +common_name = univ.Integer(1) + + +class X520Pseudonym(univ.Choice): + pass + + +X520Pseudonym.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) +) + + +ub_domain_name_length = univ.Integer(16) + + +class AdministrationDomainName(univ.Choice): + pass + + +AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) +AdministrationDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) +) + + +class PresentationAddress(univ.Sequence): + pass + + +PresentationAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class ExtendedNetworkAddress(univ.Choice): + pass + + +ExtendedNetworkAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + )) + ), + namedtype.NamedType('psap-address', PresentationAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class TeletexOrganizationName(char.TeletexString): + pass + + +TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +ub_terminal_id_length = univ.Integer(24) + + +class TerminalIdentifier(char.PrintableString): + pass + + +TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) + + +id_ad_caIssuers = _OID(id_ad, 2) + + +id_at_countryName = _OID(id_at, 6) + + +class StreetAddress(PDSParameter): + pass + + +postal_code = univ.Integer(9) + + +id_at_givenName = _OID(id_at, 42) + + +ub_title = univ.Integer(64) + + +class ExtensionAttributes(univ.SetOf): + pass + + +ExtensionAttributes.componentType = ExtensionAttribute() +ExtensionAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_extension_attributes) + + +ub_emailaddress_length = univ.Integer(255) + + +id_ad_caRepository = _OID(id_ad, 5) + + +class ExtensionORAddressComponents(PDSParameter): + pass + + +ub_organizational_unit_name = univ.Integer(64) + + +class X520OrganizationalUnitName(univ.Choice): + pass + + +X520OrganizationalUnitName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) +) + + +class LocalPostalAttributes(PDSParameter): + pass + + +teletex_organizational_unit_names = univ.Integer(5) + + +class X520Title(univ.Choice): + pass + + +X520Title.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) +) + + +id_at_localityName = _OID(id_at, 7) + + +id_at_initials = _OID(id_at, 43) + + +ub_state_name = univ.Integer(128) + + +class X520StateOrProvinceName(univ.Choice): + pass + + +X520StateOrProvinceName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) +) + + +physical_delivery_organization_name = univ.Integer(14) + + +id_at_surname = _OID(id_at, 4) + + +class X520countryName(char.PrintableString): + pass + + +X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) + + +physical_delivery_office_number = univ.Integer(11) + + +id_qt_unotice = _OID(id_qt, 2) + + +class X520SerialNumber(char.PrintableString): + pass + + +X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) +) + + +ub_common_name = univ.Integer(64) + + +id_pe = _OID(id_pkix, 1) + + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): + pass + + +class EmailAddress(char.IA5String): + pass + + +EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) + + +id_at_organizationName = _OID(id_at, 10) + + +post_office_box_address = univ.Integer(18) + + +class BuiltInDomainDefinedAttribute(univ.Sequence): + pass + + +BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + + +class BuiltInDomainDefinedAttributes(univ.SequenceOf): + pass + + +BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() +BuiltInDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +id_at_pseudonym = _OID(id_at, 65) + + +id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25) + + +class X520CommonName(univ.Choice): + pass + + +X520CommonName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) +) + + +extension_OR_address_components = univ.Integer(12) + + +ub_organizational_units = univ.Integer(4) + + +teletex_personal_name = univ.Integer(4) + + +ub_numeric_user_id_length = univ.Integer(32) + + +ub_common_name_length = univ.Integer(64) + + +class TeletexCommonName(char.TeletexString): + pass + + +TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + + +class PhysicalDeliveryOrganizationName(PDSParameter): + pass + + +extension_physical_delivery_address_components = univ.Integer(15) + + +class NumericUserIdentifier(char.NumericString): + pass + + +NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + + +class CountryName(univ.Choice): + pass + + +CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) +CountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + + +class OrganizationName(char.PrintableString): + pass + + +OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +class OrganizationalUnitNames(univ.SequenceOf): + pass + + +OrganizationalUnitNames.componentType = OrganizationalUnitName() +OrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) + + +class PrivateDomainName(univ.Choice): + pass + + +PrivateDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) +) + + +class BuiltInStandardAttributes(univ.Sequence): + pass + + +BuiltInStandardAttributes.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('country-name', CountryName()), + namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) +) + + +class ORAddress(univ.Sequence): + pass + + +ORAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), + namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), + namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) +) + + +class DistinguishedName(RDNSequence): + pass + + +id_ad_timeStamping = _OID(id_ad, 3) + + +class PhysicalDeliveryOfficeNumber(PDSParameter): + pass + + +teletex_domain_defined_attributes = univ.Integer(6) + + +class UniquePostalName(PDSParameter): + pass + + +physical_delivery_country_name = univ.Integer(8) + + +ub_pds_name_length = univ.Integer(16) + + +class PDSName(char.PrintableString): + pass + + +PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) + + +class TeletexPersonalName(univ.Set): + pass + + +TeletexPersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +street_address = univ.Integer(17) + + +class PostOfficeBoxAddress(PDSParameter): + pass + + +local_postal_attributes = univ.Integer(21) + + +class DirectoryString(univ.Choice): + pass + + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +teletex_common_name = univ.Integer(2) + + +class CommonName(char.PrintableString): + pass + + +CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + + +class Certificate(univ.Sequence): + pass + + +Certificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class TeletexOrganizationalUnitName(char.TeletexString): + pass + + +TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +id_at_name = _OID(id_at, 41) + + +class TeletexOrganizationalUnitNames(univ.SequenceOf): + pass + + +TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() +TeletexOrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) + + +id_ce = _OID(2, 5, 29) + + +id_ce_issuerAltName = _OID(id_ce, 18) + + +class SkipCerts(univ.Integer): + pass + + +SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class CRLReason(univ.Enumerated): + pass + + +CRLReason.namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8), + ('privilegeWithdrawn', 9), + ('aACompromise', 10) +) + + +class PrivateKeyUsagePeriod(univ.Sequence): + pass + + +PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class AnotherName(univ.Sequence): + pass + + +AnotherName.componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class EDIPartyName(univ.Sequence): + pass + + +EDIPartyName.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class GeneralName(univ.Choice): + pass + + +GeneralName.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) +) + + +class BaseDistance(univ.Integer): + pass + + +BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class GeneralSubtree(univ.Sequence): + pass + + +GeneralSubtree.componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class GeneralNames(univ.SequenceOf): + pass + + +GeneralNames.componentType = GeneralName() +GeneralNames.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class DistributionPointName(univ.Choice): + pass + + +DistributionPointName.componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class ReasonFlags(univ.BitString): + pass + + +ReasonFlags.namedValues = namedval.NamedValues( + ('unused', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('privilegeWithdrawn', 7), + ('aACompromise', 8) +) + + +class IssuingDistributionPoint(univ.Sequence): + pass + + +IssuingDistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) +) + + +id_ce_certificatePolicies = _OID(id_ce, 32) + + +id_kp_emailProtection = _OID(id_kp, 4) + + +class AccessDescription(univ.Sequence): + pass + + +AccessDescription.componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) +) + + +class IssuerAltName(GeneralNames): + pass + + +id_ce_cRLDistributionPoints = _OID(id_ce, 31) + + +holdInstruction = _OID(2, 2, 840, 10040, 2) + + +id_holdinstruction_callissuer = _OID(holdInstruction, 2) + + +id_ce_subjectDirectoryAttributes = _OID(id_ce, 9) + + +id_ce_issuingDistributionPoint = _OID(id_ce, 28) + + +class DistributionPoint(univ.Sequence): + pass + + +DistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class CRLDistributionPoints(univ.SequenceOf): + pass + + +CRLDistributionPoints.componentType = DistributionPoint() +CRLDistributionPoints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class GeneralSubtrees(univ.SequenceOf): + pass + + +GeneralSubtrees.componentType = GeneralSubtree() +GeneralSubtrees.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + pass + + +NameConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SubjectDirectoryAttributes(univ.SequenceOf): + pass + + +SubjectDirectoryAttributes.componentType = Attribute() +SubjectDirectoryAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_kp_OCSPSigning = _OID(id_kp, 9) + + +id_kp_timeStamping = _OID(id_kp, 8) + + +class DisplayText(univ.Choice): + pass + + +DisplayText.componentType = namedtype.NamedTypes( + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) +) + + +class NoticeReference(univ.Sequence): + pass + + +NoticeReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) +) + + +class UserNotice(univ.Sequence): + pass + + +UserNotice.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) +) + + +class PolicyQualifierId(univ.ObjectIdentifier): + pass + + +class PolicyQualifierInfo(univ.Sequence): + pass + + +PolicyQualifierInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType('qualifier', univ.Any()) +) + + +class CertPolicyId(univ.ObjectIdentifier): + pass + + +class PolicyInformation(univ.Sequence): + pass + + +PolicyInformation.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', CertPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) +) + + +class CertificatePolicies(univ.SequenceOf): + pass + + +CertificatePolicies.componentType = PolicyInformation() +CertificatePolicies.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class SubjectAltName(GeneralNames): + pass + + +id_ce_basicConstraints = _OID(id_ce, 19) + + +id_ce_authorityKeyIdentifier = _OID(id_ce, 35) + + +id_kp_codeSigning = _OID(id_kp, 3) + + +class BasicConstraints(univ.Sequence): + pass + + +BasicConstraints.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) +) + + +id_ce_certificateIssuer = _OID(id_ce, 29) + + +class PolicyMappings(univ.SequenceOf): + pass + + +PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) +)) + +PolicyMappings.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class InhibitAnyPolicy(SkipCerts): + pass + + +anyPolicy = _OID(id_ce_certificatePolicies, 0) + + +class CRLNumber(univ.Integer): + pass + + +CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class BaseCRLNumber(CRLNumber): + pass + + +id_ce_nameConstraints = _OID(id_ce, 30) + + +id_kp_serverAuth = _OID(id_kp, 1) + + +id_ce_freshestCRL = _OID(id_ce, 46) + + +id_ce_cRLReasons = _OID(id_ce, 21) + + +id_ce_extKeyUsage = _OID(id_ce, 37) + + +class KeyIdentifier(univ.OctetString): + pass + + +class AuthorityKeyIdentifier(univ.Sequence): + pass + + +AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class FreshestCRL(CRLDistributionPoints): + pass + + +id_ce_policyConstraints = _OID(id_ce, 36) + + +id_pe_authorityInfoAccess = _OID(id_pe, 1) + + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + pass + + +AuthorityInfoAccessSyntax.componentType = AccessDescription() +AuthorityInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_holdinstruction_none = _OID(holdInstruction, 1) + + +class CPSuri(char.IA5String): + pass + + +id_pe_subjectInfoAccess = _OID(id_pe, 11) + + +class SubjectKeyIdentifier(KeyIdentifier): + pass + + +id_ce_subjectAltName = _OID(id_ce, 17) + + +class KeyPurposeId(univ.ObjectIdentifier): + pass + + +class ExtKeyUsageSyntax(univ.SequenceOf): + pass + + +ExtKeyUsageSyntax.componentType = KeyPurposeId() +ExtKeyUsageSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class HoldInstructionCode(univ.ObjectIdentifier): + pass + + +id_ce_deltaCRLIndicator = _OID(id_ce, 27) + + +id_ce_keyUsage = _OID(id_ce, 15) + + +id_ce_holdInstructionCode = _OID(id_ce, 23) + + +class SubjectInfoAccessSyntax(univ.SequenceOf): + pass + + +SubjectInfoAccessSyntax.componentType = AccessDescription() +SubjectInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class InvalidityDate(useful.GeneralizedTime): + pass + + +class KeyUsage(univ.BitString): + pass + + +KeyUsage.namedValues = namedval.NamedValues( + ('digitalSignature', 0), + ('nonRepudiation', 1), + ('keyEncipherment', 2), + ('dataEncipherment', 3), + ('keyAgreement', 4), + ('keyCertSign', 5), + ('cRLSign', 6), + ('encipherOnly', 7), + ('decipherOnly', 8) +) + + +id_ce_invalidityDate = _OID(id_ce, 24) + + +id_ce_policyMappings = _OID(id_ce, 33) + + +anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0) + + +id_ce_privateKeyUsagePeriod = _OID(id_ce, 16) + + +id_ce_cRLNumber = _OID(id_ce, 20) + + +class CertificateIssuer(GeneralNames): + pass + + +id_holdinstruction_reject = _OID(holdInstruction, 3) + + +class PolicyConstraints(univ.Sequence): + pass + + +PolicyConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_kp_clientAuth = _OID(id_kp, 2) + + +id_ce_subjectKeyIdentifier = _OID(id_ce, 14) + + +id_ce_inhibitAnyPolicy = _OID(id_ce, 54) + + diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py new file mode 100644 index 0000000..fc2409c --- /dev/null +++ b/pyasn1_modules/rfc5652.py @@ -0,0 +1,672 @@ +""" +RFC5652 +Cryptographic Message Syntax (CMS) +""" +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from . import rfc3281 +from . import rfc5280 + +MAX = 64 + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class AttCertVersionV1(univ.Integer): + pass + + +AttCertVersionV1.namedValues = namedval.NamedValues( + ('v1', 0) +) + + +class AttributeCertificateInfoV1(univ.Sequence): + pass + + +AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), + namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + )) + ), + namedtype.NamedType('issuer', rfc5280.GeneralNames()), + namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), + namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), + namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', rfc5280.Extensions()) +) + + +class AttributeCertificateV1(univ.Sequence): + pass + + +AttributeCertificateV1.componentType = namedtype.NamedTypes( + namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), + namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class AttributeValue(univ.Any): + pass + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue())) +) + + +class SignedAttributes(univ.SetOf): + pass + + +SignedAttributes.componentType = Attribute() +SignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class AttributeCertificateV2(rfc3281.AttributeCertificate): + pass + + +class OtherKeyAttribute(univ.Sequence): + pass + + +OtherKeyAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('keyAttr', univ.Any()) +) + + +class UnauthAttributes(univ.SetOf): + pass + + +UnauthAttributes.componentType = Attribute() +UnauthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_encryptedData = _OID(1, 2, 840, 113549, 1, 7, 6) + + +class SignatureValue(univ.OctetString): + pass + + +class IssuerAndSerialNumber(univ.Sequence): + pass + + +IssuerAndSerialNumber.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc5280.Name()), + namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()) +) + + +class SubjectKeyIdentifier(univ.OctetString): + pass + + +class RecipientKeyIdentifier(univ.Sequence): + pass + + +RecipientKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KeyAgreeRecipientIdentifier(univ.Choice): + pass + + +KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class EncryptedKey(univ.OctetString): + pass + + +class RecipientEncryptedKey(univ.Sequence): + pass + + +RecipientEncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientEncryptedKeys(univ.SequenceOf): + pass + + +RecipientEncryptedKeys.componentType = RecipientEncryptedKey() + + +class MessageAuthenticationCode(univ.OctetString): + pass + + +class CMSVersion(univ.Integer): + pass + + +CMSVersion.namedValues = namedval.NamedValues( + ('v0', 0), + ('v1', 1), + ('v2', 2), + ('v3', 3), + ('v4', 4), + ('v5', 5) +) + + +class OtherCertificateFormat(univ.Sequence): + pass + + +OtherCertificateFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherCert', univ.Any()) +) + + +class ExtendedCertificateInfo(univ.Sequence): + pass + + +ExtendedCertificateInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('certificate', rfc5280.Certificate()), + namedtype.NamedType('attributes', UnauthAttributes()) +) + + +class Signature(univ.BitString): + pass + + +class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class ExtendedCertificate(univ.Sequence): + pass + + +ExtendedCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) +) + + +class CertificateChoices(univ.Choice): + pass + + +CertificateChoices.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc5280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class CertificateSet(univ.SetOf): + pass + + +CertificateSet.componentType = CertificateChoices() + + +class OtherRevocationInfoFormat(univ.Sequence): + pass + + +OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherRevInfo', univ.Any()) +) + + +class RevocationInfoChoice(univ.Choice): + pass + + +RevocationInfoChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('crl', rfc5280.CertificateList()), + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class RevocationInfoChoices(univ.SetOf): + pass + + +RevocationInfoChoices.componentType = RevocationInfoChoice() + + +class OriginatorInfo(univ.Sequence): + pass + + +OriginatorInfo.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('certs', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class ContentType(univ.ObjectIdentifier): + pass + + +class EncryptedContent(univ.OctetString): + pass + + +class ContentEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class EncryptedContentInfo(univ.Sequence): + pass + + +EncryptedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class UnprotectedAttributes(univ.SetOf): + pass + + +UnprotectedAttributes.componentType = Attribute() +UnprotectedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class KEKIdentifier(univ.Sequence): + pass + + +KEKIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyIdentifier', univ.OctetString()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KEKRecipientInfo(univ.Sequence): + pass + + +KEKRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('kekid', KEKIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class KeyDerivationAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class PasswordRecipientInfo(univ.Sequence): + pass + + +PasswordRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientIdentifier(univ.Choice): + pass + + +RecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class KeyTransRecipientInfo(univ.Sequence): + pass + + +KeyTransRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('rid', RecipientIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class UserKeyingMaterial(univ.OctetString): + pass + + +class OriginatorPublicKey(univ.Sequence): + pass + + +OriginatorPublicKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('publicKey', univ.BitString()) +) + + +class OriginatorIdentifierOrKey(univ.Choice): + pass + + +OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class KeyAgreeRecipientInfo(univ.Sequence): + pass + + +KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) +) + + +class OtherRecipientInfo(univ.Sequence): + pass + + +OtherRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('oriType', univ.ObjectIdentifier()), + namedtype.NamedType('oriValue', univ.Any()) +) + + +class RecipientInfo(univ.Choice): + pass + + +RecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('ktri', KeyTransRecipientInfo()), + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) +) + + +class RecipientInfos(univ.SetOf): + pass + + +RecipientInfos.componentType = RecipientInfo() +RecipientInfos.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class EnvelopedData(univ.Sequence): + pass + + +EnvelopedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +id_ct_contentInfo = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 6) + + +id_digestedData = _OID(1, 2, 840, 113549, 1, 7, 5) + + +class EncryptedData(univ.Sequence): + pass + + +EncryptedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_messageDigest = _OID(1, 2, 840, 113549, 1, 9, 4) + + +id_signedData = _OID(1, 2, 840, 113549, 1, 7, 2) + + +class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier): + pass + + +class UnsignedAttributes(univ.SetOf): + pass + + +UnsignedAttributes.componentType = Attribute() +UnsignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class SignerIdentifier(univ.Choice): + pass + + +SignerIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class SignerInfo(univ.Sequence): + pass + + +SignerInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('sid', SignerIdentifier()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', SignatureValue()), + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SignerInfos(univ.SetOf): + pass + + +SignerInfos.componentType = SignerInfo() + + +class Countersignature(SignerInfo): + pass + + +class ContentInfo(univ.Sequence): + pass + + +ContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class EncapsulatedContentInfo(univ.Sequence): + pass + + +EncapsulatedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('eContentType', ContentType()), + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +id_countersignature = _OID(1, 2, 840, 113549, 1, 9, 6) + + +id_data = _OID(1, 2, 840, 113549, 1, 7, 1) + + +class MessageDigest(univ.OctetString): + pass + + +class AuthAttributes(univ.SetOf): + pass + + +AuthAttributes.componentType = Attribute() +AuthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class AuthenticatedData(univ.Sequence): + pass + + +AuthenticatedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('mac', MessageAuthenticationCode()), + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +id_contentType = _OID(1, 2, 840, 113549, 1, 9, 3) + + +class ExtendedCertificateOrCertificate(univ.Choice): + pass + + +ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc5280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class Digest(univ.OctetString): + pass + + +class DigestedData(univ.Sequence): + pass + + +DigestedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.NamedType('digest', Digest()) +) + + +id_envelopedData = _OID(1, 2, 840, 113549, 1, 7, 3) + + +class DigestAlgorithmIdentifiers(univ.SetOf): + pass + + +DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() + + +class SignedData(univ.Sequence): + pass + + +SignedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) +) + + +id_signingTime = _OID(1, 2, 840, 113549, 1, 9, 5) + + +class SigningTime(Time): + pass + + +id_ct_authData = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 2) diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py new file mode 100644 index 0000000..c18637d --- /dev/null +++ b/pyasn1_modules/rfc6402.py @@ -0,0 +1,581 @@ +""" +RFC6402 +Certificate Management over CMS (CMC) Updates +""" +# Generated by asn1ate, and manually adjusted + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from . import rfc4211 +from . import rfc5280 +from . import rfc5652 + +MAX = 64 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class ChangeSubjectName(univ.Sequence): + pass + + +ChangeSubjectName.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('subject', rfc5280.Name()), + namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames()) +) + + +class AttributeValue(univ.Any): + pass + + +class CMCStatus(univ.Integer): + pass + + +CMCStatus.namedValues = namedval.NamedValues( + ('success', 0), + ('failed', 2), + ('pending', 3), + ('noSupport', 4), + ('confirmRequired', 5), + ('popRequired', 6), + ('partial', 7) +) + + +class PendInfo(univ.Sequence): + pass + + +PendInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('pendToken', univ.OctetString()), + namedtype.NamedType('pendTime', useful.GeneralizedTime()) +) + + +bodyIdMax = univ.Integer(4294967295) + + +class BodyPartID(univ.Integer): + pass + + +BodyPartID.subtypeSpec = constraint.ValueRangeConstraint(0, bodyIdMax) + + +class BodyPartPath(univ.SequenceOf): + pass + + +BodyPartPath.componentType = BodyPartID() +BodyPartPath.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class BodyPartReference(univ.Choice): + pass + + +BodyPartReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('bodyPartPath', BodyPartPath()) +) + + +class CMCFailInfo(univ.Integer): + pass + + +CMCFailInfo.namedValues = namedval.NamedValues( + ('badAlg', 0), + ('badMessageCheck', 1), + ('badRequest', 2), + ('badTime', 3), + ('badCertId', 4), + ('unsupportedExt', 5), + ('mustArchiveKeys', 6), + ('badIdentity', 7), + ('popRequired', 8), + ('popFailed', 9), + ('noKeyReuse', 10), + ('internalCAError', 11), + ('tryLater', 12), + ('authDataFail', 13) +) + + +class CMCStatusInfoV2(univ.Sequence): + pass + + +CMCStatusInfoV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('cMCStatus', CMCStatus()), + namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())), + namedtype.OptionalNamedType('statusString', char.UTF8String()), + namedtype.OptionalNamedType('otherInfo', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfo', CMCFailInfo()), + namedtype.NamedType('pendInfo', PendInfo()), + namedtype.NamedType('extendedFailInfo', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), + namedtype.NamedType('failInfoValue', AttributeValue()) + )) + ) + )) + ) +) + + +class GetCRL(univ.Sequence): + pass + + +GetCRL.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerName', rfc5280.Name()), + namedtype.OptionalNamedType('cRLName', rfc5280.GeneralName()), + namedtype.OptionalNamedType('time', useful.GeneralizedTime()), + namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags()) +) + + +id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) + + +id_cmc = _OID(id_pkix, 7) + + +id_cmc_batchResponses = _OID(id_cmc, 29) + + +id_cmc_popLinkWitness = _OID(id_cmc, 23) + + +class PopLinkWitnessV2(univ.Sequence): + pass + + +PopLinkWitnessV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyGenAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('macAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()) +) + + +id_cmc_popLinkWitnessV2 = _OID(id_cmc, 33) + + +id_cmc_identityProofV2 = _OID(id_cmc, 34) + + +id_cmc_revokeRequest = _OID(id_cmc, 17) + + +id_cmc_recipientNonce = _OID(id_cmc, 7) + + +class ControlsProcessed(univ.Sequence): + pass + + +ControlsProcessed.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())) +) + + +class CertificationRequest(univ.Sequence): + pass + + +CertificationRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificationRequestInfo', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer()), + namedtype.NamedType('subject', rfc5280.Name()), + namedtype.NamedType('subjectPublicKeyInfo', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + )) + ), + namedtype.NamedType('attributes', univ.SetOf(componentType=rfc5652.Attribute()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + )) + ), + namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class TaggedCertificationRequest(univ.Sequence): + pass + + +TaggedCertificationRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('certificationRequest', CertificationRequest()) +) + + +class TaggedRequest(univ.Choice): + pass + + +TaggedRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('tcr', TaggedCertificationRequest().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('crm', rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()), + namedtype.NamedType('requestMessageValue', univ.Any()) + )) + .subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +id_cmc_popLinkRandom = _OID(id_cmc, 22) + + +id_cmc_statusInfo = _OID(id_cmc, 1) + + +id_cmc_trustedAnchors = _OID(id_cmc, 26) + + +id_cmc_transactionId = _OID(id_cmc, 5) + + +id_cmc_encryptedPOP = _OID(id_cmc, 9) + + +class PublishTrustAnchors(univ.Sequence): + pass + + +PublishTrustAnchors.componentType = namedtype.NamedTypes( + namedtype.NamedType('seqNumber', univ.Integer()), + namedtype.NamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('anchorHashes', univ.SequenceOf(componentType=univ.OctetString())) +) + + +class RevokeRequest(univ.Sequence): + pass + + +RevokeRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerName', rfc5280.Name()), + namedtype.NamedType('serialNumber', univ.Integer()), + namedtype.NamedType('reason', rfc5280.CRLReason()), + namedtype.OptionalNamedType('invalidityDate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('passphrase', univ.OctetString()), + namedtype.OptionalNamedType('comment', char.UTF8String()) +) + + +id_cmc_senderNonce = _OID(id_cmc, 6) + + +id_cmc_authData = _OID(id_cmc, 27) + + +class TaggedContentInfo(univ.Sequence): + pass + + +TaggedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('contentInfo', rfc5652.ContentInfo()) +) + + +class IdentifyProofV2(univ.Sequence): + pass + + +IdentifyProofV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()) +) + + +class CMCPublicationInfo(univ.Sequence): + pass + + +CMCPublicationInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('certHashes', univ.SequenceOf(componentType=univ.OctetString())), + namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo()) +) + + +id_kp_cmcCA = _OID(rfc5280.id_kp, 27) + + +id_cmc_confirmCertAcceptance = _OID(id_cmc, 24) + + +id_cmc_raIdentityWitness = _OID(id_cmc, 35) + + +id_ExtensionReq = _OID(1, 2, 840, 113549, 1, 9, 14) + + +id_cct = _OID(id_pkix, 12) + + +id_cct_PKIData = _OID(id_cct, 2) + + +id_kp_cmcRA = _OID(rfc5280.id_kp, 28) + + +class CMCStatusInfo(univ.Sequence): + pass + + +CMCStatusInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('cMCStatus', CMCStatus()), + namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())), + namedtype.OptionalNamedType('statusString', char.UTF8String()), + namedtype.OptionalNamedType('otherInfo', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfo', CMCFailInfo()), + namedtype.NamedType('pendInfo', PendInfo()) + )) + ) +) + + +class DecryptedPOP(univ.Sequence): + pass + + +DecryptedPOP.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('thePOP', univ.OctetString()) +) + + +id_cmc_addExtensions = _OID(id_cmc, 8) + + +id_cmc_modCertTemplate = _OID(id_cmc, 31) + + +class TaggedAttribute(univ.Sequence): + pass + + +TaggedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue())) +) + + +class OtherMsg(univ.Sequence): + pass + + +OtherMsg.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('otherMsgType', univ.ObjectIdentifier()), + namedtype.NamedType('otherMsgValue', univ.Any()) +) + + +class PKIData(univ.Sequence): + pass + + +PKIData.componentType = namedtype.NamedTypes( + namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), + namedtype.NamedType('reqSequence', univ.SequenceOf(componentType=TaggedRequest())), + namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), + namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) +) + + +class BodyPartList(univ.SequenceOf): + pass + + +BodyPartList.componentType = BodyPartID() +BodyPartList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_cmc_responseBody = _OID(id_cmc, 37) + + +class AuthPublish(BodyPartID): + pass + + +class CMCUnsignedData(univ.Sequence): + pass + + +CMCUnsignedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartPath', BodyPartPath()), + namedtype.NamedType('identifier', univ.ObjectIdentifier()), + namedtype.NamedType('content', univ.Any()) +) + + +class CMCCertId(rfc5652.IssuerAndSerialNumber): + pass + + +class PKIResponse(univ.Sequence): + pass + + +PKIResponse.componentType = namedtype.NamedTypes( + namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), + namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), + namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) +) + + +class ResponseBody(PKIResponse): + pass + + +id_cmc_statusInfoV2 = _OID(id_cmc, 25) + + +id_cmc_lraPOPWitness = _OID(id_cmc, 11) + + +class ModCertTemplate(univ.Sequence): + pass + + +ModCertTemplate.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkiDataReference', BodyPartPath()), + namedtype.NamedType('certReferences', BodyPartList()), + namedtype.DefaultedNamedType('replace', univ.Boolean().subtype(value=1)), + namedtype.NamedType('certTemplate', rfc4211.CertTemplate()) +) + + +id_cmc_regInfo = _OID(id_cmc, 18) + + +id_cmc_identityProof = _OID(id_cmc, 3) + + +class ExtensionReq(univ.SequenceOf): + pass + + +ExtensionReq.componentType = rfc5280.Extension() +ExtensionReq.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_kp_cmcArchive = _OID(rfc5280.id_kp, 28) + + +id_cmc_publishCert = _OID(id_cmc, 30) + + +id_cmc_dataReturn = _OID(id_cmc, 4) + + +class LraPopWitness(univ.Sequence): + pass + + +LraPopWitness.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkiDataBodyid', BodyPartID()), + namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID())) +) + + +id_aa = _OID(1, 2, 840, 113549, 1, 9, 16, 2) + + +id_aa_cmc_unsignedData = _OID(id_aa, 34) + + +id_cmc_getCert = _OID(id_cmc, 15) + + +id_cmc_batchRequests = _OID(id_cmc, 28) + + +id_cmc_decryptedPOP = _OID(id_cmc, 10) + + +id_cmc_responseInfo = _OID(id_cmc, 19) + + +id_cmc_changeSubjectName = _OID(id_cmc, 36) + + +class GetCert(univ.Sequence): + pass + + +GetCert.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerName', rfc5280.GeneralName()), + namedtype.NamedType('serialNumber', univ.Integer()) +) + + +id_cmc_identification = _OID(id_cmc, 2) + + +id_cmc_queryPending = _OID(id_cmc, 21) + + +class AddExtensions(univ.Sequence): + pass + + +AddExtensions.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkiDataReference', BodyPartID()), + namedtype.NamedType('certReferences', univ.SequenceOf(componentType=BodyPartID())), + namedtype.NamedType('extensions', univ.SequenceOf(componentType=rfc5280.Extension())) +) + + +class EncryptedPOP(univ.Sequence): + pass + + +EncryptedPOP.componentType = namedtype.NamedTypes( + namedtype.NamedType('request', TaggedRequest()), + namedtype.NamedType('cms', rfc5652.ContentInfo()), + namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witnessAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()) +) + + +id_cmc_getCRL = _OID(id_cmc, 16) + + +id_cct_PKIResponse = _OID(id_cct, 3) + + +id_cmc_controlProcessed = _OID(id_cmc, 32) + + +class NoSignatureValue(univ.OctetString): + pass + + +id_ad_cmc = _OID(rfc5280.id_ad, 12) + + +id_alg_noSignature = _OID(id_pkix, 6, 2) + + -- cgit v1.2.3 From bc17ad0b90ec51a01b306a88e48fc22a7befb895 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Sun, 27 Mar 2016 23:01:34 +0200 Subject: copyright info header added to merged files --- pyasn1_modules/rfc3280.py | 21 ++++++++++++++------- pyasn1_modules/rfc3281.py | 22 ++++++++++++++-------- pyasn1_modules/rfc3852.py | 25 ++++++++++++++++--------- pyasn1_modules/rfc4211.py | 26 ++++++++++++++++---------- pyasn1_modules/rfc5280.py | 21 ++++++++++++++------- pyasn1_modules/rfc5652.py | 23 +++++++++++++++-------- pyasn1_modules/rfc6402.py | 25 ++++++++++++++++--------- 7 files changed, 105 insertions(+), 58 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc3280.py b/pyasn1_modules/rfc3280.py index a019f98..bae34aa 100644 --- a/pyasn1_modules/rfc3280.py +++ b/pyasn1_modules/rfc3280.py @@ -1,10 +1,17 @@ -""" -RFC3280 -Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation -List (CRL) Profile -""" -# Generated by asn1ate, and manually adjusted - +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# Internet X.509 Public Key Infrastructure Certificate and Certificate +# Revocation List (CRL) Profile +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3280.txt +# from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful MAX = 64 diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py index 38db8c4..0a7d020 100644 --- a/pyasn1_modules/rfc3281.py +++ b/pyasn1_modules/rfc3281.py @@ -1,10 +1,16 @@ -""" -RFC3281 -An Internet Attribute Certificate Profile for Authorization -""" - -# Generated by asn1ate, and manually adjusted - +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# An Internet Attribute Certificate Profile for Authorization +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3281.txt +# from pyasn1.type import univ from pyasn1.type import char from pyasn1.type import namedtype @@ -13,7 +19,7 @@ from pyasn1.type import tag from pyasn1.type import constraint from pyasn1.type import useful -from . import rfc3280 +from pyasn1_modules import rfc3280 MAX=64 diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py index 32a5655..e4dc7e4 100644 --- a/pyasn1_modules/rfc3852.py +++ b/pyasn1_modules/rfc3852.py @@ -1,15 +1,22 @@ -""" -RFC3852 -Cryptographic Message Syntax (CMS) -""" -# Generated by asn1ate, and manually adjusted - -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3852.txt +# +from pyasn1.type import univ, namedtype, namedval, tag, constraint, useful MAX = 64 -from . import rfc3280 -from . import rfc3281 +from pyasn1_modules import rfc3280 +from pyasn1_modules import rfc3281 def _OID(*components): output = [] diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py index 0f404de..48056eb 100644 --- a/pyasn1_modules/rfc4211.py +++ b/pyasn1_modules/rfc4211.py @@ -1,15 +1,21 @@ -""" -RFC4211 -Internet X.509 Public Key Infrastructure Certificate Request Message Format -(CRMF) -""" - -# Generated by asn1ate, and manually adjusted - +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# Internet X.509 Public Key Infrastructure Certificate Request +# Message Format (CRMF) +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc4211.txt +# from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful -from . import rfc3280 -from . import rfc3852 +from pyasn1_modules import rfc3280 +from pyasn1_modules import rfc3852 MAX = 64 diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index eabc0c6..cef8023 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -1,10 +1,17 @@ -""" -RFC5280 -Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation -List (CRL) Profile -""" -# Generated by asn1ate, and manually adjusted - +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# Internet X.509 Public Key Infrastructure Certificate and Certificate +# Revocation List (CRL) Profile +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc5280.txt +# from pyasn1.type import univ from pyasn1.type import char from pyasn1.type import namedtype diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py index fc2409c..78a389d 100644 --- a/pyasn1_modules/rfc5652.py +++ b/pyasn1_modules/rfc5652.py @@ -1,9 +1,16 @@ -""" -RFC5652 -Cryptographic Message Syntax (CMS) -""" -# Generated by asn1ate, and manually adjusted - +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc5652.txt +# from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype @@ -12,8 +19,8 @@ from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful -from . import rfc3281 -from . import rfc5280 +from pyasn1_modules import rfc3281 +from pyasn1_modules import rfc5280 MAX = 64 diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index c18637d..ce70de6 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -1,14 +1,21 @@ -""" -RFC6402 -Certificate Management over CMS (CMC) Updates -""" -# Generated by asn1ate, and manually adjusted - +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2016, Ilya Etingof +# License: http://pyasn1.sf.net/license.html +# +# Certificate Management over CMS (CMC) Updates +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc6402.txt +# from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful -from . import rfc4211 -from . import rfc5280 -from . import rfc5652 +from pyasn1_modules import rfc4211 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 MAX = 64 -- cgit v1.2.3 From 2a5c89cd9890d34a77e8d9e2d715cf6bbef7bbd1 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Sun, 27 Mar 2016 23:45:18 +0200 Subject: pep8 reformatted --- pyasn1_modules/pem.py | 23 +- pyasn1_modules/rfc1155.py | 46 +-- pyasn1_modules/rfc1157.py | 62 ++-- pyasn1_modules/rfc1901.py | 6 +- pyasn1_modules/rfc1902.py | 86 +++--- pyasn1_modules/rfc1905.py | 73 +++-- pyasn1_modules/rfc2251.py | 450 +++++++++++++++++++++-------- pyasn1_modules/rfc2314.py | 20 +- pyasn1_modules/rfc2315.py | 160 +++++++---- pyasn1_modules/rfc2437.py | 18 +- pyasn1_modules/rfc2459.py | 705 ++++++++++++++++++++++++++++++++++------------ pyasn1_modules/rfc2511.py | 173 ++++++++---- pyasn1_modules/rfc2560.py | 124 +++++--- pyasn1_modules/rfc3280.py | 547 ++++++++++++++++++----------------- pyasn1_modules/rfc3281.py | 147 ++++------ pyasn1_modules/rfc3412.py | 37 ++- pyasn1_modules/rfc3414.py | 14 +- pyasn1_modules/rfc3447.py | 8 +- pyasn1_modules/rfc3852.py | 159 ++++++----- pyasn1_modules/rfc4210.py | 410 +++++++++++++++------------ pyasn1_modules/rfc4211.py | 162 ++++++----- pyasn1_modules/rfc5208.py | 26 +- pyasn1_modules/rfc5280.py | 676 +++++++++++++++++++++++--------------------- pyasn1_modules/rfc5652.py | 154 +++++----- pyasn1_modules/rfc6402.py | 168 ++++------- 25 files changed, 2715 insertions(+), 1739 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index ce99ac9..638e74e 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -8,16 +8,19 @@ import base64, sys stSpam, stHam, stDump = 0, 1, 2 + # The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')... # Return is (marker-index, substrate) def readPemBlocksFromFile(fileObj, *markers): - startMarkers = dict(map(lambda x: (x[1],x[0]), + startMarkers = dict(map(lambda x: (x[1], x[0]), enumerate(map(lambda x: x[0], markers)))) - stopMarkers = dict(map(lambda x: (x[1],x[0]), + stopMarkers = dict(map(lambda x: (x[1], x[0]), enumerate(map(lambda x: x[1], markers)))) - idx = -1; substrate = '' + idx = -1 + substrate = '' + certLines = [] state = stSpam - while 1: + while True: certLine = fileObj.readline() if not certLine: break @@ -35,23 +38,25 @@ def readPemBlocksFromFile(fileObj, *markers): certLines.append(certLine) if state == stDump: if sys.version_info[0] <= 2: - substrate = ''.join([ base64.b64decode(x) for x in certLines ]) + substrate = ''.join([base64.b64decode(x) for x in certLines]) else: - substrate = ''.encode().join([ base64.b64decode(x.encode()) for x in certLines ]) + substrate = ''.encode().join([base64.b64decode(x.encode()) for x in certLines]) break return idx, substrate + # Backward compatibility routine -def readPemFromFile(fileObj, +def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', endMarker='-----END CERTIFICATE-----'): idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker)) return substrate + def readBase64FromFile(fileObj): if sys.version_info[0] <= 2: - return ''.join([ base64.b64decode(x) for x in fileObj.readlines() ]) + return ''.join([base64.b64decode(x) for x in fileObj.readlines()]) else: return ''.encode().join( - [ base64.b64decode(x.encode()) for x in fileObj.readlines() ] + [base64.b64decode(x.encode()) for x in fileObj.readlines()] ) diff --git a/pyasn1_modules/rfc1155.py b/pyasn1_modules/rfc1155.py index ba0368f..f0e39ca 100644 --- a/pyasn1_modules/rfc1155.py +++ b/pyasn1_modules/rfc1155.py @@ -12,56 +12,69 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1.type import univ, namedtype, tag, constraint + class ObjectName(univ.ObjectIdentifier): pass + class SimpleSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('number', univ.Integer()), namedtype.NamedType('string', univ.OctetString()), namedtype.NamedType('object', univ.ObjectIdentifier()), namedtype.NamedType('empty', univ.Null()) - ) + ) + class IpAddress(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) - ) + ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( 4, 4 - ) + ) + + class NetworkAddress(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('internet', IpAddress()) - ) + ) + class Counter(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) - ) + ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + + class Gauge(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) - ) + ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + + class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) - ) + ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + + class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) - ) - + ) + + class ApplicationSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('address', NetworkAddress()), @@ -69,10 +82,11 @@ class ApplicationSyntax(univ.Choice): namedtype.NamedType('gauge', Gauge()), namedtype.NamedType('ticks', TimeTicks()), namedtype.NamedType('arbitrary', Opaque()) - ) - + ) + + class ObjectSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', SimpleSyntax()), namedtype.NamedType('application-wide', ApplicationSyntax()) - ) + ) diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index 30b5257..30f36b4 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -12,18 +12,25 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1.type import univ, namedtype, namedval, tag from pyasn1_modules import rfc1155 + class Version(univ.Integer): namedValues = namedval.NamedValues( ('version-1', 0) - ) + ) defaultValue = 0 -class Community(univ.OctetString): pass -class RequestID(univ.Integer): pass +class Community(univ.OctetString): + pass + + +class RequestID(univ.Integer): + pass + + class ErrorStatus(univ.Integer): namedValues = namedval.NamedValues( ('noError', 0), @@ -32,52 +39,70 @@ class ErrorStatus(univ.Integer): ('badValue', 3), ('readOnly', 4), ('genErr', 5) - ) + ) + + class ErrorIndex(univ.Integer): pass + class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('name', rfc1155.ObjectName()), namedtype.NamedType('value', rfc1155.ObjectSyntax()) - ) + ) + + class VarBindList(univ.SequenceOf): componentType = VarBind() + class _RequestBase(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', RequestID()), namedtype.NamedType('error-status', ErrorStatus()), namedtype.NamedType('error-index', ErrorIndex()), namedtype.NamedType('variable-bindings', VarBindList()) - ) - + ) + + class GetRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) + ) + + class GetNextRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) + ) + + class GetResponsePDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) - ) + ) + + class SetRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) - ) + ) + class TrapPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('enterprise', univ.ObjectIdentifier()), namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()), - namedtype.NamedType('generic-trap', univ.Integer().clone(namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), ('authenticationFailure', 4), ('egpNeighborLoss', 5), ('enterpriseSpecific', 6)))), + namedtype.NamedType('generic-trap', univ.Integer().clone( + namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), + ('authenticationFailure', 4), ('egpNeighborLoss', 5), + ('enterpriseSpecific', 6)))), namedtype.NamedType('specific-trap', univ.Integer()), namedtype.NamedType('time-stamp', rfc1155.TimeTicks()), namedtype.NamedType('variable-bindings', VarBindList()) - ) - + ) + + class Pdus(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('get-request', GetRequestPDU()), @@ -85,11 +110,12 @@ class Pdus(univ.Choice): namedtype.NamedType('get-response', GetResponsePDU()), namedtype.NamedType('set-request', SetRequestPDU()), namedtype.NamedType('trap', TrapPDU()) - ) - + ) + + class Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('community', Community()), namedtype.NamedType('data', Pdus()) - ) + ) diff --git a/pyasn1_modules/rfc1901.py b/pyasn1_modules/rfc1901.py index 6a8bbf8..a321624 100644 --- a/pyasn1_modules/rfc1901.py +++ b/pyasn1_modules/rfc1901.py @@ -11,10 +11,10 @@ # from pyasn1.type import univ, namedtype, namedval + class Message(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('version', univ.Integer(namedValues = namedval.NamedValues(('version-2c', 1)))), + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('version-2c', 1)))), namedtype.NamedType('community', univ.OctetString()), namedtype.NamedType('data', univ.Any()) - ) - + ) diff --git a/pyasn1_modules/rfc1902.py b/pyasn1_modules/rfc1902.py index eb4f9e4..f49820e 100644 --- a/pyasn1_modules/rfc1902.py +++ b/pyasn1_modules/rfc1902.py @@ -9,86 +9,102 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc1902.txt # -from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1.type import univ, namedtype, tag, constraint + class Integer(univ.Integer): - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( -2147483648, 2147483647 - ) + ) + class Integer32(univ.Integer): - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( -2147483648, 2147483647 - ) - + ) + + class OctetString(univ.OctetString): - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueSizeConstraint( + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( 0, 65535 - ) + ) + class IpAddress(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00) - ) - subtypeSpec = univ.OctetString.subtypeSpec+constraint.ValueSizeConstraint( + ) + subtypeSpec = univ.OctetString.subtypeSpec + constraint.ValueSizeConstraint( 4, 4 - ) + ) + class Counter32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01) - ) - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + class Gauge32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) - ) - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + class Unsigned32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) - ) - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03) - ) - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 - ) + ) + class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04) - ) + ) + class Counter64(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06) - ) - subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 18446744073709551615 - ) + ) + + +class Bits(univ.OctetString): + pass -class Bits(univ.OctetString): pass -class ObjectName(univ.ObjectIdentifier): pass +class ObjectName(univ.ObjectIdentifier): + pass + class SimpleSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('integer-value', Integer()), namedtype.NamedType('string-value', OctetString()), namedtype.NamedType('objectID-value', univ.ObjectIdentifier()) - ) + ) + class ApplicationSyntax(univ.Choice): componentType = namedtype.NamedTypes( @@ -97,14 +113,14 @@ class ApplicationSyntax(univ.Choice): namedtype.NamedType('timeticks-value', TimeTicks()), namedtype.NamedType('arbitrary-value', Opaque()), namedtype.NamedType('big-counter-value', Counter64()), -# This conflicts with Counter32 -# namedtype.NamedType('unsigned-integer-value', Unsigned32()), + # This conflicts with Counter32 + # namedtype.NamedType('unsigned-integer-value', Unsigned32()), namedtype.NamedType('gauge32-value', Gauge32()) - ) # BITS misplaced? + ) # BITS misplaced? + class ObjectSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', SimpleSyntax()), namedtype.NamedType('application-wide', ApplicationSyntax()) - ) - + ) diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py index a007be6..8ed4dd7 100644 --- a/pyasn1_modules/rfc1905.py +++ b/pyasn1_modules/rfc1905.py @@ -14,82 +14,108 @@ from pyasn1_modules import rfc1902 max_bindings = rfc1902.Integer(2147483647) + class _BindValue(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('value', rfc1902.ObjectSyntax()), namedtype.NamedType('unSpecified', univ.Null()), - namedtype.NamedType('noSuchObject', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('noSuchInstance', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('endOfMibView', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) - + namedtype.NamedType('noSuchObject', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('noSuchInstance', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('endOfMibView', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('name', rfc1902.ObjectName()), namedtype.NamedType('', _BindValue()) - ) - + ) + + class VarBindList(univ.SequenceOf): componentType = VarBind() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint( 0, max_bindings - ) + ) + class PDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', rfc1902.Integer32()), - namedtype.NamedType('error-status', univ.Integer(namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), ('notWritable', 17), ('inconsistentName', 18)))), - namedtype.NamedType('error-index', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('error-status', univ.Integer( + namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), + ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), + ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), + ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), + ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), + ('notWritable', 17), ('inconsistentName', 18)))), + namedtype.NamedType('error-index', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('variable-bindings', VarBindList()) - ) + ) + class BulkPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', rfc1902.Integer32()), - namedtype.NamedType('non-repeaters', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), - namedtype.NamedType('max-repetitions', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('non-repeaters', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('max-repetitions', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('variable-bindings', VarBindList()) - ) + ) + class GetRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) + ) + class GetNextRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) + ) + class ResponsePDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) - ) + ) + class SetRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) - ) + ) + class GetBulkRequestPDU(BulkPDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) - ) + ) + class InformRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) - ) + ) + class SNMPv2TrapPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) - ) + ) + class ReportPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) - ) + ) + class PDUs(univ.Choice): componentType = namedtype.NamedTypes( @@ -101,5 +127,4 @@ class PDUs(univ.Choice): namedtype.NamedType('inform-request', InformRequestPDU()), namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()), namedtype.NamedType('report', ReportPDU()) - ) - + ) diff --git a/pyasn1_modules/rfc2251.py b/pyasn1_modules/rfc2251.py index 725364c..9538918 100644 --- a/pyasn1_modules/rfc2251.py +++ b/pyasn1_modules/rfc2251.py @@ -12,313 +12,521 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import tag, namedtype, namedval, univ, constraint,char,useful -from pyasn1.codec.der import decoder, encoder +from pyasn1.type import tag, namedtype, namedval, univ, constraint maxInt = univ.Integer(2147483647) -class LDAPString(univ.OctetString): pass -class LDAPOID(univ.OctetString): pass -class LDAPDN(LDAPString): pass -class RelativeLDAPDN(LDAPString): pass -class AttributeType(LDAPString): pass -class AttributeDescription(LDAPString): pass +class LDAPString(univ.OctetString): + pass + + +class LDAPOID(univ.OctetString): + pass + + +class LDAPDN(LDAPString): + pass + + +class RelativeLDAPDN(LDAPString): + pass + + +class AttributeType(LDAPString): + pass + + +class AttributeDescription(LDAPString): + pass + class AttributeDescriptionList(univ.SequenceOf): componentType = AttributeDescription() -class AttributeValue(univ.OctetString): pass -class AssertionValue(univ.OctetString): pass +class AttributeValue(univ.OctetString): + pass + + +class AssertionValue(univ.OctetString): + pass + class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeDesc', AttributeDescription()), namedtype.NamedType('assertionValue', AssertionValue()) - ) + ) + class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) - ) + ) + + +class MatchingRuleId(LDAPString): + pass -class MatchingRuleId(LDAPString): pass class Control(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('controlType', LDAPOID()), namedtype.DefaultedNamedType('criticality', univ.Boolean('False')), namedtype.OptionalNamedType('controlValue', univ.OctetString()) - ) - + ) + + class Controls(univ.SequenceOf): componentType = Control() -class LDAPURL(LDAPString): pass + +class LDAPURL(LDAPString): + pass + class Referral(univ.SequenceOf): componentType = LDAPURL() + class SaslCredentials(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('mechanism', LDAPString()), namedtype.OptionalNamedType('credentials', univ.OctetString()) - ) - + ) + + class AuthenticationChoice(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('simple', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('reserved-1', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('reserved-2', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('sasl', SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) - ) - + namedtype.NamedType('simple', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('reserved-1', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('reserved-2', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('sasl', + SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + + class BindRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))), namedtype.NamedType('name', LDAPDN()), namedtype.NamedType('authentication', AuthenticationChoice()) - ) + ) + class PartialAttributeList(univ.SequenceOf): - componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) - + componentType = univ.Sequence( + componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) + + class SearchResultEntry(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('objectName', LDAPDN()), namedtype.NamedType('attributes', PartialAttributeList()) - ) + ) + class MatchingRuleAssertion(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('type', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('matchValue', AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) - ) - + namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('type', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('matchValue', + AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + + class SubstringFilter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), - namedtype.NamedType('substrings', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))))))) - ) + namedtype.NamedType('substrings', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('initial', + LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('any', + LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('final', LDAPString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))))))) + ) + # Ugly hack to handle recursive Filter reference (up to 3-levels deep). class Filter3(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), - namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), - namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) - ) + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + class Filter2(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('not', Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), - namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), - namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) - ) + namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('not', + Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + class Filter(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('not', Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), - namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), - namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) - ) + namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('not', + Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + # End of Filter hack class SearchRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('baseObject', LDAPDN()), - namedtype.NamedType('scope', univ.Enumerated(namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))), - namedtype.NamedType('derefAliases', univ.Enumerated(namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), ('derefFindingBaseObj', 2), ('derefAlways', 3)))), - namedtype.NamedType('sizeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), - namedtype.NamedType('timeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), + namedtype.NamedType('scope', univ.Enumerated( + namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))), + namedtype.NamedType('derefAliases', univ.Enumerated( + namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), + ('derefFindingBaseObj', 2), ('derefAlways', 3)))), + namedtype.NamedType('sizeLimit', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), + namedtype.NamedType('timeLimit', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), namedtype.NamedType('typesOnly', univ.Boolean()), namedtype.NamedType('filter', Filter()), namedtype.NamedType('attributes', AttributeDescriptionList()) - ) + ) + class UnbindRequest(univ.Null): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) - ) + ) + class BindResponse(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) - ) + ) componentType = namedtype.NamedTypes( - namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('resultCode', univ.Enumerated( + namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), + ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), + ('compareTrue', 6), ('authMethodNotSupported', 7), + ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), + ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), + ('confidentialityRequired', 13), ('saslBindInProgress', 14), + ('noSuchAttribute', 16), ('undefinedAttributeType', 17), + ('inappropriateMatching', 18), ('constraintViolation', 19), + ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), + ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), + ('reserved-35', 35), ('aliasDereferencingProblem', 36), + ('inappropriateAuthentication', 48), ('invalidCredentials', 49), + ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), + ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), + ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), + ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), + ('objectClassModsProhibited', 69), ('reserved-70', 70), + ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), + ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), + ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), + ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), - namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))) - ) + namedtype.OptionalNamedType('referral', Referral().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))) + ) + class LDAPResult(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('resultCode', univ.Enumerated( + namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), + ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), + ('compareTrue', 6), ('authMethodNotSupported', 7), + ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), + ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), + ('confidentialityRequired', 13), ('saslBindInProgress', 14), + ('noSuchAttribute', 16), ('undefinedAttributeType', 17), + ('inappropriateMatching', 18), ('constraintViolation', 19), + ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), + ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), + ('reserved-35', 35), ('aliasDereferencingProblem', 36), + ('inappropriateAuthentication', 48), ('invalidCredentials', 49), + ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), + ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), + ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), + ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), + ('objectClassModsProhibited', 69), ('reserved-70', 70), + ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), + ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), + ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), + ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), - namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) - ) + namedtype.OptionalNamedType('referral', Referral().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + ) + class SearchResultReference(univ.SequenceOf): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19) - ) + ) componentType = LDAPURL() + class SearchResultDone(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5) - ) + ) + class AttributeTypeAndValues(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) - ) - + ) + + class ModifyRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('object', LDAPDN()), - namedtype.NamedType('modification', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))), namedtype.NamedType('modification', AttributeTypeAndValues()))))) - ) + namedtype.NamedType('modification', univ.SequenceOf(componentType=univ.Sequence( + componentType=namedtype.NamedTypes(namedtype.NamedType('operation', univ.Enumerated( + namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))), + namedtype.NamedType('modification', AttributeTypeAndValues()))))) + ) + class ModifyResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7) - ) + ) + class AttributeList(univ.SequenceOf): - componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) - + componentType = univ.Sequence( + componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) + + class AddRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('attributes', AttributeList()) - ) + ) + class AddResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9) - ) + ) + class DelRequest(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10) - ) + ) + class DelResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11) - ) + ) + class ModifyDNRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('newrdn', RelativeLDAPDN()), namedtype.NamedType('deleteoldrdn', univ.Boolean()), - namedtype.OptionalNamedType('newSuperior', LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - - ) + namedtype.OptionalNamedType('newSuperior', + LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + + ) + class ModifyDNResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13) - ) + ) + class CompareRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14) - ) + ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('ava', AttributeValueAssertion()) - ) + ) + class CompareResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15) - ) + ) + class AbandonRequest(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16) - ) + ) + class ExtendedRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23) - ) + ) componentType = namedtype.NamedTypes( - namedtype.NamedType('requestName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - ) + namedtype.NamedType('requestName', + LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + class ExtendedResponse(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24) - ) + ) componentType = namedtype.NamedTypes( - namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('resultCode', univ.Enumerated( + namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), + ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), + ('compareTrue', 6), ('authMethodNotSupported', 7), + ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), + ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), + ('confidentialityRequired', 13), ('saslBindInProgress', 14), + ('noSuchAttribute', 16), ('undefinedAttributeType', 17), + ('inappropriateMatching', 18), ('constraintViolation', 19), + ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), + ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), + ('reserved-35', 35), ('aliasDereferencingProblem', 36), + ('inappropriateAuthentication', 48), ('invalidCredentials', 49), + ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), + ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), + ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), + ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), + ('objectClassModsProhibited', 69), ('reserved-70', 70), + ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), + ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), + ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), + ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), - namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('referral', Referral().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + + namedtype.OptionalNamedType('responseName', LDAPOID().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))), + namedtype.OptionalNamedType('response', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11))) + ) - namedtype.OptionalNamedType('responseName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))), - namedtype.OptionalNamedType('response', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11))) - ) class MessageID(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, maxInt - ) + ) + class LDAPMessage(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('messageID', MessageID()), - namedtype.NamedType('protocolOp', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('bindRequest', BindRequest()), namedtype.NamedType('bindResponse', BindResponse()), namedtype.NamedType('unbindRequest', UnbindRequest()), namedtype.NamedType('searchRequest', SearchRequest()), namedtype.NamedType('searchResEntry', SearchResultEntry()), namedtype.NamedType('searchResDone', SearchResultDone()), namedtype.NamedType('searchResRef', SearchResultReference()), namedtype.NamedType('modifyRequest', ModifyRequest()), namedtype.NamedType('modifyResponse', ModifyResponse()), namedtype.NamedType('addRequest', AddRequest()), namedtype.NamedType('addResponse', AddResponse()), namedtype.NamedType('delRequest', DelRequest()), namedtype.NamedType('delResponse', DelResponse()), namedtype.NamedType('modDNRequest', ModifyDNRequest()), namedtype.NamedType('modDNResponse', ModifyDNResponse()), namedtype.NamedType('compareRequest', CompareRequest()), namedtype.NamedType('compareResponse', CompareResponse()), namedtype.NamedType('abandonRequest', AbandonRequest()), namedtype.NamedType('extendedReq', ExtendedRequest()), namedtype.NamedType('extendedResp', ExtendedResponse())))), - namedtype.OptionalNamedType('controls', Controls().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) - ) + namedtype.NamedType('protocolOp', univ.Choice( + componentType=namedtype.NamedTypes(namedtype.NamedType('bindRequest', BindRequest()), + namedtype.NamedType('bindResponse', BindResponse()), + namedtype.NamedType('unbindRequest', UnbindRequest()), + namedtype.NamedType('searchRequest', SearchRequest()), + namedtype.NamedType('searchResEntry', SearchResultEntry()), + namedtype.NamedType('searchResDone', SearchResultDone()), + namedtype.NamedType('searchResRef', SearchResultReference()), + namedtype.NamedType('modifyRequest', ModifyRequest()), + namedtype.NamedType('modifyResponse', ModifyResponse()), + namedtype.NamedType('addRequest', AddRequest()), + namedtype.NamedType('addResponse', AddResponse()), + namedtype.NamedType('delRequest', DelRequest()), + namedtype.NamedType('delResponse', DelResponse()), + namedtype.NamedType('modDNRequest', ModifyDNRequest()), + namedtype.NamedType('modDNResponse', ModifyDNResponse()), + namedtype.NamedType('compareRequest', CompareRequest()), + namedtype.NamedType('compareResponse', CompareResponse()), + namedtype.NamedType('abandonRequest', AbandonRequest()), + namedtype.NamedType('extendedReq', ExtendedRequest()), + namedtype.NamedType('extendedResp', ExtendedResponse())))), + namedtype.OptionalNamedType('controls', Controls().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) diff --git a/pyasn1_modules/rfc2314.py b/pyasn1_modules/rfc2314.py index 7c14725..f350f77 100644 --- a/pyasn1_modules/rfc2314.py +++ b/pyasn1_modules/rfc2314.py @@ -11,24 +11,34 @@ # # Sample captures could be obtained with "openssl req" command # -from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import * + class Attributes(univ.SetOf): componentType = Attribute() -class Version(univ.Integer): pass + +class Version(univ.Integer): + pass + class CertificationRequestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), - namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('attributes', + Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) -class Signature(univ.BitString): pass -class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass + +class Signature(univ.BitString): + pass + + +class SignatureAlgorithmIdentifier(AlgorithmIdentifier): + pass + class CertificationRequest(univ.Sequence): componentType = namedtype.NamedTypes( diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index cc93343..9c7cab3 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -12,20 +12,22 @@ # Sample captures from: # openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b # -from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful from pyasn1_modules.rfc2459 import * + class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) - ) + ) + class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeType', AttributeType()), namedtype.NamedType('attributeValue', AttributeValue()) - ) + ) + pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7') data = univ.ObjectIdentifier('1.2.840.113549.1.7.1') @@ -35,39 +37,58 @@ signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4') digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5') encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6') -class ContentType(univ.ObjectIdentifier): pass -class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass +class ContentType(univ.ObjectIdentifier): + pass + + +class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class EncryptedContent(univ.OctetString): + pass -class EncryptedContent(univ.OctetString): pass class EncryptedContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), - namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) - ) + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class Version(univ.Integer): # overrides x509.Version + pass -class Version(univ.Integer): pass # overrides x509.Version class EncryptedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) - ) + ) + + +class DigestAlgorithmIdentifier(AlgorithmIdentifier): + pass -class DigestAlgorithmIdentifier(AlgorithmIdentifier): pass class DigestAlgorithmIdentifiers(univ.SetOf): componentType = DigestAlgorithmIdentifier() -class Digest(univ.OctetString): pass + +class Digest(univ.OctetString): + pass + class ContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), - namedtype.OptionalNamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) - ) + namedtype.OptionalNamedType('content', univ.Any().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + class DigestedData(univ.Sequence): componentType = namedtype.NamedTypes( @@ -75,17 +96,23 @@ class DigestedData(univ.Sequence): namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('contentInfo', ContentInfo()), namedtype.NamedType('digest', Digest) - ) + ) + class IssuerAndSerialNumber(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('serialNumber', CertificateSerialNumber()) - ) + ) + + +class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): + pass + -class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass +class EncryptedKey(univ.OctetString): + pass -class EncryptedKey(univ.OctetString): pass class RecipientInfo(univ.Sequence): componentType = namedtype.NamedTypes( @@ -93,48 +120,63 @@ class RecipientInfo(univ.Sequence): namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) - ) - + ) + + class RecipientInfos(univ.SetOf): componentType = RecipientInfo() + class Attributes(univ.SetOf): componentType = Attribute() + class ExtendedCertificateInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('certificate', Certificate()), namedtype.NamedType('attributes', Attributes()) - ) + ) + -class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass +class SignatureAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class Signature(univ.BitString): + pass -class Signature(univ.BitString): pass class ExtendedCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) - ) + ) + class ExtendedCertificateOrCertificate(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) - ) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + class ExtendedCertificatesAndCertificates(univ.SetOf): componentType = ExtendedCertificateOrCertificate() -class SerialNumber(univ.Integer): pass + +class SerialNumber(univ.Integer): + pass + class CRLEntry(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('userCertificate', SerialNumber()), namedtype.NamedType('revocationDate', useful.UTCTime()) - ) + ) + class TBSCertificateRevocationList(univ.Sequence): componentType = namedtype.NamedTypes( @@ -143,68 +185,88 @@ class TBSCertificateRevocationList(univ.Sequence): namedtype.NamedType('lastUpdate', useful.UTCTime()), namedtype.NamedType('nextUpdate', useful.UTCTime()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry())) - ) - + ) + + class CertificateRevocationList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) - ) + ) + class CertificateRevocationLists(univ.SetOf): componentType = CertificateRevocationList() -class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass -class EncryptedDigest(univ.OctetString): pass +class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class EncryptedDigest(univ.OctetString): + pass + class SignerInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), - namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedDigest', EncryptedDigest()), - namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) - ) - + namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + class SignerInfos(univ.SetOf): componentType = SignerInfo() + class SignedAndEnvelopedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('signerInfos', SignerInfos()) - ) + ) + class EnvelopedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) - ) - + ) + + class DigestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('digest', Digest()) - ) - + ) + + class SignedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('contentInfo', ContentInfo()), - namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('signerInfos', SignerInfos()) - ) - -class Data(univ.OctetString): pass + ) + + +class Data(univ.OctetString): + pass diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py index c28834d..33b5e50 100644 --- a/pyasn1_modules/rfc2437.py +++ b/pyasn1_modules/rfc2437.py @@ -11,7 +11,7 @@ # # Sample captures could be obtained with "openssl genrsa" command # -from pyasn1.type import tag, namedtype, namedval, univ, constraint +from pyasn1.type import tag, namedtype, univ from pyasn1_modules.rfc2459 import AlgorithmIdentifier pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') @@ -28,7 +28,10 @@ id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') MAX = 16 -class Version(univ.Integer): pass + +class Version(univ.Integer): + pass + class RSAPrivateKey(univ.Sequence): componentType = namedtype.NamedTypes( @@ -43,16 +46,21 @@ class RSAPrivateKey(univ.Sequence): namedtype.NamedType('coefficient', univ.Integer()) ) + class RSAPublicKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()) ) + # XXX defaults not set class RSAES_OAEP_params(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 072c84c..f405f41 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -13,7 +13,7 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful +from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful MAX = 64 # XXX ? @@ -58,9 +58,18 @@ ub_terminal_id_length = univ.Integer(24) ub_unformatted_address_length = univ.Integer(180) ub_x121_address_length = univ.Integer(16) -class UniversalString(char.UniversalString): pass -class BMPString(char.BMPString): pass -class UTF8String(char.UTF8String): pass + +class UniversalString(char.UniversalString): + pass + + +class BMPString(char.BMPString): + pass + + +class UTF8String(char.UTF8String): + pass + id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') @@ -74,21 +83,28 @@ id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') -class AttributeValue(univ.Any): pass -class AttributeType(univ.ObjectIdentifier): pass +class AttributeValue(univ.Any): + pass + + +class AttributeType(univ.ObjectIdentifier): + pass + class AttributeTypeAndValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('value', AttributeValue()) - ) + ) + class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) - ) + ) + id_at = univ.ObjectIdentifier('2.5.4') id_at_name = univ.ObjectIdentifier('2.5.4.41') @@ -98,97 +114,153 @@ id_at_givenName = univ.ObjectIdentifier('2.5.4.42') id_at_initials = univ.ObjectIdentifier('2.5.4.43') id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') + class X520name(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) + id_at_commonName = univ.ObjectIdentifier('2.5.4.3') + class X520CommonName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) + id_at_localityName = univ.ObjectIdentifier('2.5.4.7') + class X520LocalityName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) + id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') + class X520StateOrProvinceName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) + id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') + class X520OrganizationName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) + id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') + class X520OrganizationalUnitName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) + id_at_title = univ.ObjectIdentifier('2.5.4.12') + class X520Title(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) + id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') -class X520dnQualifier(char.PrintableString): pass + +class X520dnQualifier(char.PrintableString): + pass + id_at_countryName = univ.ObjectIdentifier('2.5.4.6') + class X520countryName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) + pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') + class Pkcs9email(char.IA5String): subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) + # ---- class DSAPrivateKey(univ.Sequence): @@ -200,97 +272,124 @@ class DSAPrivateKey(univ.Sequence): namedtype.NamedType('g', univ.Integer()), namedtype.NamedType('public', univ.Integer()), namedtype.NamedType('private', univ.Integer()) - ) + ) + # ---- class RelativeDistinguishedName(univ.SetOf): componentType = AttributeTypeAndValue() + class RDNSequence(univ.SequenceOf): componentType = RelativeDistinguishedName() + class Name(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('', RDNSequence()) - ) + ) + class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX - ) + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + # hm, this should not be here!? XXX + ) + # certificate and CRL specific structures begin here - + class AlgorithmIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any()) - ) + ) + class Extension(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extnID', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('critical', univ.Boolean('False')), namedtype.NamedType('extnValue', univ.Any()) - ) + ) + class Extensions(univ.SequenceOf): componentType = Extension() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + class SubjectPublicKeyInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithm', AlgorithmIdentifier()), - namedtype.NamedType('subjectPublicKey', univ.BitString()) - ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + ) + + +class UniqueIdentifier(univ.BitString): + pass -class UniqueIdentifier(univ.BitString): pass class Time(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) - ) - + ) + + class Validity(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('notBefore', Time()), namedtype.NamedType('notAfter', Time()) - ) + ) + + +class CertificateSerialNumber(univ.Integer): + pass -class CertificateSerialNumber(univ.Integer): pass class Version(univ.Integer): namedValues = namedval.NamedValues( ('v1', 0), ('v2', 1), ('v3', 2) - ) + ) + class TBSCertificate(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), - namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) - ) + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + class Certificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificate', TBSCertificate()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signatureValue', univ.BitString()) - ) + ) + # CRL structures @@ -300,7 +399,8 @@ class RevokedCertificate(univ.Sequence): namedtype.NamedType('revocationDate', Time()), namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) ) - + + class TBSCertList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version()), @@ -309,9 +409,11 @@ class TBSCertList(univ.Sequence): namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), - namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType('crlExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) + class CertificateList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertList', TBSCertList()), @@ -319,6 +421,7 @@ class CertificateList(univ.Sequence): namedtype.NamedType('signature', univ.BitString()) ) + # Algorithm OIDs and parameter structures pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') @@ -328,20 +431,24 @@ md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') + class Dss_Sig_Value(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('r', univ.Integer()), namedtype.NamedType('s', univ.Integer()) ) + dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') + class ValidationParms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('seed', univ.BitString()), namedtype.NamedType('pgenCounter', univ.Integer()) ) + class DomainParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), @@ -351,8 +458,10 @@ class DomainParameters(univ.Sequence): namedtype.OptionalNamedType('validationParms', ValidationParms()) ) + id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') + class Dss_Parms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), @@ -360,22 +469,28 @@ class Dss_Parms(univ.Sequence): namedtype.NamedType('g', univ.Integer()) ) + # x400 address syntax starts here teletex_domain_defined_attributes = univ.Integer(6) + class TeletexDomainDefinedAttribute(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('type', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.TeletexString()) ) + class TeletexDomainDefinedAttributes(univ.SequenceOf): componentType = TeletexDomainDefinedAttribute() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + terminal_type = univ.Integer(23) + class TerminalType(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) namedValues = namedval.NamedValues( @@ -387,227 +502,354 @@ class TerminalType(univ.Integer): ('videotex', 8) ) + class PresentationAddress(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), ) + extended_network_address = univ.Integer(22) + class E163_4_address(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('number', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) + class ExtendedNetworkAddress(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('e163-4-address', E163_4_address()), - namedtype.NamedType('psap-address', PresentationAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('psap-address', PresentationAddress().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) + class PDSParameter(univ.Set): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), - namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) + local_postal_attributes = univ.Integer(21) -class LocalPostalAttributes(PDSParameter): pass -class UniquePostalName(PDSParameter): pass +class LocalPostalAttributes(PDSParameter): + pass + + +class UniquePostalName(PDSParameter): + pass + unique_postal_name = univ.Integer(20) poste_restante_address = univ.Integer(19) -class PosteRestanteAddress(PDSParameter): pass + +class PosteRestanteAddress(PDSParameter): + pass + post_office_box_address = univ.Integer(18) -class PostOfficeBoxAddress(PDSParameter): pass + +class PostOfficeBoxAddress(PDSParameter): + pass + street_address = univ.Integer(17) -class StreetAddress(PDSParameter): pass + +class StreetAddress(PDSParameter): + pass + class UnformattedPostalAddress(univ.Set): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), - namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) + physical_delivery_office_name = univ.Integer(10) -class PhysicalDeliveryOfficeName(PDSParameter): pass + +class PhysicalDeliveryOfficeName(PDSParameter): + pass + physical_delivery_office_number = univ.Integer(11) -class PhysicalDeliveryOfficeNumber(PDSParameter): pass + +class PhysicalDeliveryOfficeNumber(PDSParameter): + pass + extension_OR_address_components = univ.Integer(12) -class ExtensionORAddressComponents(PDSParameter): pass + +class ExtensionORAddressComponents(PDSParameter): + pass + physical_delivery_personal_name = univ.Integer(13) -class PhysicalDeliveryPersonalName(PDSParameter): pass + +class PhysicalDeliveryPersonalName(PDSParameter): + pass + physical_delivery_organization_name = univ.Integer(14) -class PhysicalDeliveryOrganizationName(PDSParameter): pass + +class PhysicalDeliveryOrganizationName(PDSParameter): + pass + extension_physical_delivery_address_components = univ.Integer(15) -class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): + pass + unformatted_postal_address = univ.Integer(16) postal_code = univ.Integer(9) + class PostalCode(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), - namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) + namedtype.NamedType('numeric-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) + class PhysicalDeliveryCountryName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), - namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, + ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) + class PDSName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) + physical_delivery_country_name = univ.Integer(8) + class TeletexOrganizationalUnitName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + pds_name = univ.Integer(7) teletex_organizational_unit_names = univ.Integer(5) + class TeletexOrganizationalUnitNames(univ.SequenceOf): componentType = TeletexOrganizationalUnitName() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) + teletex_personal_name = univ.Integer(4) + class TeletexPersonalName(univ.Set): componentType = namedtype.NamedTypes( - namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.NamedType('surname', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) + teletex_organization_name = univ.Integer(3) + class TeletexOrganizationName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) + teletex_common_name = univ.Integer(2) + class TeletexCommonName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) + class CommonName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) + common_name = univ.Integer(1) + class ExtensionAttribute(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) + class ExtensionAttributes(univ.SetOf): componentType = ExtensionAttribute() subtypeSpec = univ.SetOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) + class BuiltInDomainDefinedAttribute(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), - namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + namedtype.NamedType('type', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) + class BuiltInDomainDefinedAttributes(univ.SequenceOf): componentType = BuiltInDomainDefinedAttribute() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + class OrganizationalUnitName(char.PrintableString): subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + class OrganizationalUnitNames(univ.SequenceOf): componentType = OrganizationalUnitName() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) + class PersonalName(univ.Set): componentType = namedtype.NamedTypes( - namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.NamedType('surname', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) + class NumericUserIdentifier(char.NumericString): subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + class OrganizationName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) + class PrivateDomainName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), - namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) + class TerminalIdentifier(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) + class X121Address(char.NumericString): subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) -class NetworkAddress(X121Address): pass + +class NetworkAddress(X121Address): + pass + class AdministrationDomainName(univ.Choice): tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) - ) + ) componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), - namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) + class CountryName(univ.Choice): tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) - ) + ) componentType = namedtype.NamedTypes( - namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), - namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, + ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) + class BuiltInStandardAttributes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), - namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('personal-name', PersonalName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), - namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) + class ORAddress(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), @@ -615,13 +857,17 @@ class ORAddress(univ.Sequence): namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) ) + # # PKIX1Implicit88 # id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') -class InvalidityDate(useful.GeneralizedTime): pass + +class InvalidityDate(useful.GeneralizedTime): + pass + id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') @@ -631,10 +877,14 @@ holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') -class HoldInstructionCode(univ.ObjectIdentifier): pass + +class HoldInstructionCode(univ.ObjectIdentifier): + pass + id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') + class CRLReason(univ.Enumerated): namedValues = namedval.NamedValues( ('unspecified', 0), @@ -647,12 +897,17 @@ class CRLReason(univ.Enumerated): ('removeFromCRL', 8) ) + id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') + class CRLNumber(univ.Integer): subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) -class BaseCRLNumber(CRLNumber): pass + +class BaseCRLNumber(CRLNumber): + pass + id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1') id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') @@ -665,12 +920,16 @@ id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') -class KeyPurposeId(univ.ObjectIdentifier): pass + +class KeyPurposeId(univ.ObjectIdentifier): + pass + class ExtKeyUsageSyntax(univ.SequenceOf): componentType = KeyPurposeId() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + class ReasonFlags(univ.BitString): namedValues = namedval.NamedValues( ('unused', 0), @@ -686,145 +945,209 @@ class ReasonFlags(univ.BitString): class SkipCerts(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) + id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') + class PolicyConstraints(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) + id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') + class BasicConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('cA', univ.Boolean(False)), - namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) + id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') + class SubjectDirectoryAttributes(univ.SequenceOf): componentType = Attribute() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + class EDIPartyName(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('partyName', + DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) + class AnotherName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type-id', univ.ObjectIdentifier()), - namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) + class GeneralName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), - namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) + class GeneralNames(univ.SequenceOf): componentType = GeneralName() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + class AccessDescription(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), namedtype.NamedType('accessLocation', GeneralName()) ) + class AuthorityInfoAccessSyntax(univ.SequenceOf): componentType = AccessDescription() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') + class DistributionPointName(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('fullName', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) + class DistributionPoint(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) + + class BaseDistance(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) + id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') + class CRLDistPointsSyntax(univ.SequenceOf): componentType = DistributionPoint() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + + id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') + class IssuingDistributionPoint(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) + class GeneralSubtree(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), - namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) + class GeneralSubtrees(univ.SequenceOf): componentType = GeneralSubtree() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') + class NameConstraints(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class DisplayText(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', + char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) + class NoticeReference(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('organization', DisplayText()), namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) ) + class UserNotice(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('noticeRef', NoticeReference()), namedtype.OptionalNamedType('explicitText', DisplayText()) ) -class CPSuri(char.IA5String): pass + +class CPSuri(char.IA5String): + pass + class PolicyQualifierId(univ.ObjectIdentifier): subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) -class CertPolicyId(univ.ObjectIdentifier): pass + +class CertPolicyId(univ.ObjectIdentifier): + pass + class PolicyQualifierInfo(univ.Sequence): componentType = namedtype.NamedTypes( @@ -832,40 +1155,53 @@ class PolicyQualifierInfo(univ.Sequence): namedtype.NamedType('qualifier', univ.Any()) ) + id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') + class PolicyInformation(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyIdentifier', CertPolicyId()), - namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) + class CertificatePolicies(univ.SequenceOf): componentType = PolicyInformation() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') + class PolicyMapping(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) ) + class PolicyMappings(univ.SequenceOf): componentType = PolicyMapping() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') + class PrivateKeyUsagePeriod(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) + id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') + class KeyUsage(univ.BitString): namedValues = namedval.NamedValues( ('digitalSignature', 0), @@ -879,31 +1215,50 @@ class KeyUsage(univ.BitString): ('decipherOnly', 8) ) + id_ce = univ.ObjectIdentifier('2.5.29') id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') -class KeyIdentifier(univ.OctetString): pass + +class KeyIdentifier(univ.OctetString): + pass + id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') -class SubjectKeyIdentifier(KeyIdentifier): pass + +class SubjectKeyIdentifier(KeyIdentifier): + pass + class AuthorityKeyIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) + id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') -class CertificateIssuer(GeneralNames): pass + +class CertificateIssuer(GeneralNames): + pass + id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') -class SubjectAltName(GeneralNames): pass + +class SubjectAltName(GeneralNames): + pass + id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') -class IssuerAltName(GeneralNames): pass + +class IssuerAltName(GeneralNames): + pass diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index 7d25717..f75e6b4 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -11,11 +11,10 @@ # # Sample captures could be obtained with OpenSSL # -from pyasn1.type import tag, namedtype, namedval, univ, constraint, char,useful from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2315 -MAX=16 +MAX = 16 id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5') @@ -30,15 +29,22 @@ id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2') id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1') id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2') + # This should be in PKIX Certificate Extensions module -class GeneralName(univ.OctetString): pass +class GeneralName(univ.OctetString): + pass + # end of PKIX Certificate Extensions module -class UTF8Pairs(char.UTF8String): pass +class UTF8Pairs(char.UTF8String): + pass + + +class ProtocolEncrKey(SubjectPublicKeyInfo): + pass -class ProtocolEncrKey(SubjectPublicKeyInfo): pass class CertId(univ.Sequence): componentType = namedtype.NamedTypes( @@ -46,47 +52,74 @@ class CertId(univ.Sequence): namedtype.NamedType('serialNumber', univ.Integer()) ) -class OldCertId(CertId): pass -class KeyGenParameters(univ.OctetString): pass +class OldCertId(CertId): + pass + + +class KeyGenParameters(univ.OctetString): + pass + class EncryptedValue(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('encValue', univ.BitString()) ) + class EncryptedKey(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedValue', EncryptedValue()), - namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) + class PKIArchiveOptions(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('archiveRemGenPrivKey', + univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) + class SinglePubInfo(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('pubMethod', univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), + namedtype.NamedType('pubMethod', univ.Integer( + namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), namedtype.OptionalNamedType('pubLocation', GeneralName()) ) + class PKIPublicationInfo(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), - namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + namedtype.NamedType('action', + univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), + namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) -class Authenticator(char.UTF8String): pass -class RegToken(char.UTF8String): pass + +class Authenticator(char.UTF8String): + pass + + +class RegToken(char.UTF8String): + pass + class SubsequentMessage(univ.Integer): namedValues = namedval.NamedValues( @@ -94,13 +127,18 @@ class SubsequentMessage(univ.Integer): ('challengeResp', 1) ) + class POPOPrivKey(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.NamedType('thisMessage', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dhMAC', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) + class PBMParameter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString()), @@ -109,73 +147,108 @@ class PBMParameter(univ.Sequence): namedtype.NamedType('mac', AlgorithmIdentifier()) ) + class PKMACValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algId', AlgorithmIdentifier()), namedtype.NamedType('value', univ.BitString()) ) + class POPOSigningKeyInput(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('publicKeyMAC', PKMACValue())))), + namedtype.NamedType('authInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('publicKeyMAC', PKMACValue()) + ) + )), namedtype.NamedType('publicKey', SubjectPublicKeyInfo()) ) + class POPOSigningKey(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) + class ProofOfPossession(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('signature', POPOSigningKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + namedtype.NamedType('raVerified', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signature', POPOSigningKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('keyAgreement', POPOPrivKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) + class Controls(univ.SequenceOf): componentType = AttributeTypeAndValue() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + class OptionalValidity(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('notBefore', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('notAfter', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - ) + namedtype.OptionalNamedType('notBefore', + Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', + Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + class CertTemplate(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('version', Version().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.OptionalNamedType('validity', OptionalValidity().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), - namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), - namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) - ) - + namedtype.OptionalNamedType('version', Version().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('issuer', Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('validity', OptionalValidity().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('subject', Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), + namedtype.OptionalNamedType('extensions', Extensions().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + + class CertRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('certTemplate', CertTemplate()), namedtype.OptionalNamedType('controls', Controls()) - ) + ) + + +class CertReq(CertRequest): + pass -class CertReq(CertRequest): pass class CertReqMsg(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReq', CertRequest()), namedtype.OptionalNamedType('pop', ProofOfPossession()), - namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) - ) - + namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + class CertReqMessages(univ.SequenceOf): componentType = CertReqMsg() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py index 8c6fe69..5215d6b 100644 --- a/pyasn1_modules/rfc2560.py +++ b/pyasn1_modules/rfc2560.py @@ -21,9 +21,10 @@ # * dates are left as strings in GeneralizedTime format -- datetime.datetime # would be nicer # -from pyasn1.type import tag, namedtype, namedval, univ, constraint, useful +from pyasn1.type import tag, namedtype, namedval, univ, useful from pyasn1_modules import rfc2459 + # Start of OCSP module definitions # This should be in directory Authentication Framework (X.509) module @@ -40,13 +41,16 @@ class CRLReason(univ.Enumerated): ('removeFromCRL', 8), ('privilegeWithdrawn', 9), ('aACompromise', 10) - ) + ) + # end of directory Authentication Framework (X.509) module # This should be in PKIX Certificate Extensions module -class GeneralName(univ.OctetString): pass +class GeneralName(univ.OctetString): + pass + # end of PKIX Certificate Extensions module @@ -60,18 +64,26 @@ id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5)) id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6)) id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7)) + class AcceptableResponses(univ.SequenceOf): componentType = univ.ObjectIdentifier() -class ArchiveCutoff(useful.GeneralizedTime): pass -class UnknownInfo(univ.Null): pass +class ArchiveCutoff(useful.GeneralizedTime): + pass + + +class UnknownInfo(univ.Null): + pass + class RevokedInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('revocationTime', useful.GeneralizedTime()), - namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) + namedtype.OptionalNamedType('revocationReason', CRLReason().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + class CertID(univ.Sequence): componentType = namedtype.NamedTypes( @@ -79,57 +91,77 @@ class CertID(univ.Sequence): namedtype.NamedType('issuerNameHash', univ.OctetString()), namedtype.NamedType('issuerKeyHash', univ.OctetString()), namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber()) - ) + ) + class CertStatus(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('good', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('revoked', RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('unknown', UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) + namedtype.NamedType('good', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('revoked', + RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('unknown', + UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + class SingleResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certID', CertID()), namedtype.NamedType('certStatus', CertStatus()), namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), - namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - ) + namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class KeyHash(univ.OctetString): + pass -class KeyHash(univ.OctetString): pass class ResponderID(univ.Choice): componentType = namedtype.NamedTypes( - namedtype.NamedType('byName', rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('byKey', KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) + namedtype.NamedType('byName', + rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('byKey', + KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + class Version(univ.Integer): namedValues = namedval.NamedValues(('v1', 0)) + class ResponseData(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('responderID', ResponderID()), namedtype.NamedType('producedAt', useful.GeneralizedTime()), namedtype.NamedType('responses', univ.SequenceOf(SingleResponse())), - namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - ) + namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + class BasicOCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsResponseData', ResponseData()), namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), - namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) + namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + class ResponseBytes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('responseType', univ.ObjectIdentifier()), namedtype.NamedType('response', univ.OctetString()) - ) + ) + class OCSPResponseStatus(univ.Enumerated): namedValues = namedval.NamedValues( @@ -140,37 +172,49 @@ class OCSPResponseStatus(univ.Enumerated): ('undefinedStatus', 4), # should never occur ('sigRequired', 5), ('unauthorized', 6) - ) + ) + class OCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('responseStatus', OCSPResponseStatus()), - namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) + namedtype.NamedType('responseStatus', OCSPResponseStatus()), + namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + class Request(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('reqCert', CertID()), - namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) + namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + class Signature(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), - namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) + namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + class TBSRequest(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('requestorName', GeneralName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestorName', GeneralName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('requestList', univ.SequenceOf(Request())), - namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) + namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + class OCSPRequest(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('tbsRequest', TBSRequest()), - namedtype.OptionalNamedType('optionalSignature', Signature().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) + namedtype.NamedType('tbsRequest', TBSRequest()), + namedtype.OptionalNamedType('optionalSignature', Signature().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) diff --git a/pyasn1_modules/rfc3280.py b/pyasn1_modules/rfc3280.py index bae34aa..29540ad 100644 --- a/pyasn1_modules/rfc3280.py +++ b/pyasn1_modules/rfc3280.py @@ -30,10 +30,8 @@ def _OID(*components): unformatted_postal_address = univ.Integer(16) - ub_organizational_units = univ.Integer(4) - ub_organizational_unit_name_length = univ.Integer(32) @@ -49,7 +47,7 @@ class OrganizationalUnitNames(univ.SequenceOf): OrganizationalUnitNames.componentType = OrganizationalUnitName() -OrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) +OrganizationalUnitNames.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) class AttributeType(univ.ObjectIdentifier): @@ -58,10 +56,8 @@ class AttributeType(univ.ObjectIdentifier): id_at = _OID(2, 5, 4) - id_at_name = _OID(id_at, 41) - ub_pds_parameter_length = univ.Integer(30) @@ -70,8 +66,10 @@ class PDSParameter(univ.Set): PDSParameter.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), - namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) @@ -81,10 +79,8 @@ class PhysicalDeliveryOrganizationName(PDSParameter): ub_organization_name_length = univ.Integer(64) - ub_domain_defined_attribute_type_length = univ.Integer(8) - ub_domain_defined_attribute_value_length = univ.Integer(128) @@ -93,14 +89,14 @@ class TeletexDomainDefinedAttribute(univ.Sequence): TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), - namedtype.NamedType('value', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + namedtype.NamedType('type', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) - id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) - id_qt = _OID(id_pkix, 2) @@ -109,10 +105,14 @@ class PresentationAddress(univ.Sequence): PresentationAddress.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) @@ -146,7 +146,7 @@ class Extensions(univ.SequenceOf): Extensions.componentType = Extension() -Extensions.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +Extensions.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class CertificateSerialNumber(univ.Integer): @@ -213,7 +213,7 @@ class RelativeDistinguishedName(univ.SetOf): RelativeDistinguishedName.componentType = AttributeTypeAndValue() -RelativeDistinguishedName.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +RelativeDistinguishedName.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class RDNSequence(univ.SequenceOf): @@ -238,17 +238,20 @@ class TBSCertificate(univ.Sequence): TBSCertificate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', - Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value="v1")), + Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value="v1")), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), - namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) @@ -262,7 +265,6 @@ Certificate.componentType = namedtype.NamedTypes( namedtype.NamedType('signature', univ.BitString()) ) - ub_surname_length = univ.Integer(40) @@ -272,16 +274,12 @@ class TeletexOrganizationName(char.TeletexString): TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) - ub_e163_4_sub_address_length = univ.Integer(40) - teletex_common_name = univ.Integer(2) - ub_country_name_alpha_length = univ.Integer(2) - ub_country_name_numeric_length = univ.Integer(3) @@ -291,17 +289,16 @@ class CountryName(univ.Choice): CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) CountryName.componentType = namedtype.NamedTypes( - namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), - namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) - extension_OR_address_components = univ.Integer(12) - id_at_dnQualifier = _OID(id_at, 46) - ub_e163_4_number_length = univ.Integer(15) @@ -311,20 +308,22 @@ class ExtendedNetworkAddress(univ.Choice): ExtendedNetworkAddress.componentType = namedtype.NamedTypes( namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('number', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )) - ), - namedtype.NamedType('psap-address', PresentationAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ), + namedtype.NamedType('psap-address', PresentationAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) - terminal_type = univ.Integer(23) - id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25) - ub_state_name = univ.Integer(128) @@ -333,14 +332,18 @@ class X520StateOrProvinceName(univ.Choice): X520StateOrProvinceName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) - ub_organization_name = univ.Integer(64) @@ -349,14 +352,18 @@ class X520OrganizationName(univ.Choice): X520OrganizationName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) - ub_emailaddress_length = univ.Integer(128) @@ -366,13 +373,10 @@ class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): id_at_surname = _OID(id_at, 4) - ub_common_name_length = univ.Integer(64) - id_ad = _OID(id_pkix, 48) - ub_numeric_user_id_length = univ.Integer(32) @@ -389,7 +393,6 @@ class OrganizationName(char.PrintableString): OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) - ub_domain_name_length = univ.Integer(16) @@ -397,10 +400,13 @@ class AdministrationDomainName(univ.Choice): pass -AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) +AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) AdministrationDomainName.componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), - namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) @@ -409,17 +415,16 @@ class PrivateDomainName(univ.Choice): PrivateDomainName.componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), - namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) - ub_generation_qualifier_length = univ.Integer(3) - ub_given_name_length = univ.Integer(16) - ub_initials_length = univ.Integer(5) @@ -428,13 +433,20 @@ class PersonalName(univ.Set): PersonalName.componentType = namedtype.NamedTypes( - namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.NamedType('surname', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) - ub_terminal_id_length = univ.Integer(24) @@ -444,7 +456,6 @@ class TerminalIdentifier(char.PrintableString): TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) - ub_x121_address_length = univ.Integer(16) @@ -466,16 +477,22 @@ class BuiltInStandardAttributes(univ.Sequence): BuiltInStandardAttributes.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), - namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('personal-name', PersonalName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) - ub_domain_defined_attributes = univ.Integer(4) @@ -484,8 +501,10 @@ class BuiltInDomainDefinedAttribute(univ.Sequence): BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), - namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + namedtype.NamedType('type', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) @@ -494,8 +513,7 @@ class BuiltInDomainDefinedAttributes(univ.SequenceOf): BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() -BuiltInDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) - +BuiltInDomainDefinedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) ub_extension_attributes = univ.Integer(256) @@ -505,8 +523,11 @@ class ExtensionAttribute(univ.Sequence): ExtensionAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -515,7 +536,7 @@ class ExtensionAttributes(univ.SetOf): ExtensionAttributes.componentType = ExtensionAttribute() -ExtensionAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_extension_attributes) +ExtensionAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) class ORAddress(univ.Sequence): @@ -528,10 +549,8 @@ ORAddress.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) ) - id_pe = _OID(id_pkix, 1) - ub_title = univ.Integer(64) @@ -540,14 +559,17 @@ class X520Title(univ.Choice): X520Title.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) - id_at_organizationalUnitName = _OID(id_at, 11) @@ -557,10 +579,8 @@ class EmailAddress(char.IA5String): EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) - physical_delivery_country_name = univ.Integer(8) - id_at_givenName = _OID(id_at, 42) @@ -570,7 +590,6 @@ class TeletexCommonName(char.TeletexString): TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) - id_qt_cps = _OID(id_qt, 1) @@ -590,9 +609,12 @@ class DirectoryString(univ.Choice): DirectoryString.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) @@ -604,10 +626,8 @@ class DomainComponent(char.IA5String): id_at_initials = _OID(id_at, 43) - id_qt_unotice = _OID(id_qt, 2) - ub_pds_name_length = univ.Integer(16) @@ -632,7 +652,6 @@ class CommonName(char.PrintableString): CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) - ub_serial_number = univ.Integer(64) @@ -642,13 +661,10 @@ class X520SerialNumber(char.PrintableString): X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) - id_at_generationQualifier = _OID(id_at, 44) - ub_organizational_unit_name = univ.Integer(64) - id_ad_ocsp = _OID(id_ad, 1) @@ -664,10 +680,18 @@ class TeletexPersonalName(univ.Set): TeletexPersonalName.componentType = namedtype.NamedTypes( - namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.NamedType('surname', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) @@ -676,7 +700,7 @@ class TeletexDomainDefinedAttributes(univ.SequenceOf): TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() -TeletexDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) +TeletexDomainDefinedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) class TBSCertList(univ.Sequence): @@ -689,19 +713,19 @@ TBSCertList.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), - namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('userCertificate', CertificateSerialNumber()), - namedtype.NamedType('revocationDate', Time()), - namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) - )) - )), - namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('revokedCertificates', + univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + )) + )), + namedtype.OptionalNamedType('crlExtensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) - local_postal_attributes = univ.Integer(21) - pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) @@ -710,11 +734,12 @@ class PhysicalDeliveryCountryName(univ.Choice): PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( - namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), - namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) - ub_name = univ.Integer(32768) @@ -723,14 +748,17 @@ class X520name(univ.Choice): X520name.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) - id_emailAddress = _OID(pkcs_9, 1) @@ -753,23 +781,24 @@ class X520OrganizationalUnitName(univ.Choice): X520OrganizationalUnitName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) - id_at_commonName = _OID(id_at, 3) - pds_name = univ.Integer(7) - post_office_box_address = univ.Integer(18) - ub_locality_name = univ.Integer(128) @@ -778,26 +807,26 @@ class X520LocalityName(univ.Choice): X520LocalityName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) - id_ad_timeStamping = _OID(id_ad, 3) - id_at_countryName = _OID(id_at, 6) - physical_delivery_personal_name = univ.Integer(13) - teletex_personal_name = univ.Integer(4) - teletex_organizational_unit_names = univ.Integer(5) @@ -813,8 +842,10 @@ class PostalCode(univ.Choice): PostalCode.componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), - namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) + namedtype.NamedType('numeric-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) @@ -824,13 +855,10 @@ class X520countryName(char.PrintableString): X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) - postal_code = univ.Integer(9) - id_ad_caRepository = _OID(id_ad, 5) - extension_physical_delivery_address_components = univ.Integer(15) @@ -844,13 +872,10 @@ class PhysicalDeliveryOfficeName(PDSParameter): id_at_title = _OID(id_at, 12) - id_at_serialNumber = _OID(id_at, 5) - id_ad_caIssuers = _OID(id_ad, 2) - ub_integer_options = univ.Integer(256) @@ -874,12 +899,10 @@ class TeletexOrganizationalUnitNames(univ.SequenceOf): TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() -TeletexOrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) - +TeletexOrganizationalUnitNames.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) physical_delivery_office_name = univ.Integer(10) - ub_common_name = univ.Integer(64) @@ -889,16 +912,12 @@ class ExtensionORAddressComponents(PDSParameter): ub_pseudonym = univ.Integer(128) - poste_restante_address = univ.Integer(19) - id_at_organizationName = _OID(id_at, 10) - physical_delivery_office_number = univ.Integer(11) - id_at_pseudonym = _OID(id_at, 65) @@ -907,14 +926,18 @@ class X520CommonName(univ.Choice): X520CommonName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) - physical_delivery_organization_name = univ.Integer(14) @@ -924,16 +947,12 @@ class X520dnQualifier(char.PrintableString): id_at_stateOrProvinceName = _OID(id_at, 8) - common_name = univ.Integer(1) - id_at_localityName = _OID(id_at, 7) - ub_match = univ.Integer(128) - ub_unformatted_address_length = univ.Integer(180) @@ -946,13 +965,10 @@ Attribute.componentType = namedtype.NamedTypes( namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) ) - extended_network_address = univ.Integer(22) - unique_postal_name = univ.Integer(20) - ub_pds_physical_address_lines = univ.Integer(6) @@ -961,8 +977,10 @@ class UnformattedPostalAddress(univ.Set): UnformattedPostalAddress.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), - namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) @@ -975,29 +993,28 @@ class X520Pseudonym(univ.Choice): X520Pseudonym.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) ) - teletex_organization_name = univ.Integer(3) - teletex_domain_defined_attributes = univ.Integer(6) - street_address = univ.Integer(17) - id_kp_OCSPSigning = _OID(id_kp, 9) - id_ce = _OID(2, 5, 29) - id_ce_certificatePolicies = _OID(id_ce, 32) @@ -1006,8 +1023,10 @@ class EDIPartyName(univ.Sequence): EDIPartyName.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('partyName', + DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1026,15 +1045,24 @@ class GeneralName(univ.Choice): GeneralName.componentType = namedtype.NamedTypes( - namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', + univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) @@ -1043,7 +1071,7 @@ class GeneralNames(univ.SequenceOf): GeneralNames.componentType = GeneralName() -GeneralNames.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +GeneralNames.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class IssuerAltName(GeneralNames): @@ -1066,7 +1094,7 @@ PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) )) -PolicyMappings.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +PolicyMappings.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class PolicyQualifierId(univ.ObjectIdentifier): @@ -1075,10 +1103,8 @@ class PolicyQualifierId(univ.ObjectIdentifier): holdInstruction = _OID(2, 2, 840, 10040, 2) - id_ce_subjectDirectoryAttributes = _OID(id_ce, 9) - id_holdinstruction_callissuer = _OID(holdInstruction, 2) @@ -1087,15 +1113,12 @@ class SubjectDirectoryAttributes(univ.SequenceOf): SubjectDirectoryAttributes.componentType = Attribute() -SubjectDirectoryAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +SubjectDirectoryAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) anyPolicy = _OID(id_ce_certificatePolicies, 0) - id_ce_subjectAltName = _OID(id_ce, 17) - id_kp_emailProtection = _OID(id_kp, 4) @@ -1121,8 +1144,10 @@ class DistributionPointName(univ.Choice): DistributionPointName.componentType = namedtype.NamedTypes( - namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('fullName', + GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1131,12 +1156,14 @@ class DistributionPoint(univ.Sequence): DistributionPoint.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) - id_ce_keyUsage = _OID(id_ce, 15) @@ -1165,8 +1192,7 @@ class CertificatePolicies(univ.SequenceOf): CertificatePolicies.componentType = PolicyInformation() -CertificatePolicies.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +CertificatePolicies.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) id_ce_basicConstraints = _OID(id_ce, 19) @@ -1184,7 +1210,7 @@ class ExtKeyUsageSyntax(univ.SequenceOf): ExtKeyUsageSyntax.componentType = KeyPurposeId() -ExtKeyUsageSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +ExtKeyUsageSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class SubjectAltName(GeneralNames): @@ -1197,7 +1223,8 @@ class BasicConstraints(univ.Sequence): BasicConstraints.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), - namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) @@ -1232,21 +1259,20 @@ class AuthorityKeyIdentifier(univ.Sequence): AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) - id_ce_nameConstraints = _OID(id_ce, 30) - id_kp_serverAuth = _OID(id_kp, 1) - id_ce_freshestCRL = _OID(id_ce, 46) - id_ce_cRLReasons = _OID(id_ce, 21) @@ -1255,7 +1281,7 @@ class CRLDistributionPoints(univ.SequenceOf): CRLDistributionPoints.componentType = DistributionPoint() -CRLDistributionPoints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +CRLDistributionPoints.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class FreshestCRL(CRLDistributionPoints): @@ -1296,8 +1322,10 @@ class GeneralSubtree(univ.Sequence): GeneralSubtree.componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), - namedtype.DefaultedNamedType('minimum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), - namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1306,7 +1334,7 @@ class GeneralSubtrees(univ.SequenceOf): GeneralSubtrees.componentType = GeneralSubtree() -GeneralSubtrees.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +GeneralSubtrees.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class NameConstraints(univ.Sequence): @@ -1314,20 +1342,18 @@ class NameConstraints(univ.Sequence): NameConstraints.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) - id_pe_authorityInfoAccess = _OID(id_pe, 1) - id_pe_subjectInfoAccess = _OID(id_pe, 11) - id_ce_certificateIssuer = _OID(id_ce, 29) - id_ce_invalidityDate = _OID(id_ce, 24) @@ -1339,7 +1365,6 @@ DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('any', univ.Any()) ) - id_ce_authorityKeyIdentifier = _OID(id_ce, 35) @@ -1358,8 +1383,7 @@ class AuthorityInfoAccessSyntax(univ.SequenceOf): AuthorityInfoAccessSyntax.componentType = AccessDescription() -AuthorityInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +AuthorityInfoAccessSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) id_ce_issuingDistributionPoint = _OID(id_ce, 28) @@ -1374,7 +1398,8 @@ class DisplayText(univ.Choice): DisplayText.componentType = namedtype.NamedTypes( namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), - namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', + char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) @@ -1405,11 +1430,12 @@ class PrivateKeyUsagePeriod(univ.Sequence): PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) - id_ce_subjectKeyIdentifier = _OID(id_ce, 14) @@ -1426,7 +1452,7 @@ class SubjectInfoAccessSyntax(univ.SequenceOf): SubjectInfoAccessSyntax.componentType = AccessDescription() -SubjectInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +SubjectInfoAccessSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class KeyUsage(univ.BitString): @@ -1445,31 +1471,22 @@ KeyUsage.namedValues = namedval.NamedValues( ('decipherOnly', 8) ) - id_ce_extKeyUsage = _OID(id_ce, 37) - anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0) - id_ce_privateKeyUsagePeriod = _OID(id_ce, 16) - id_ce_policyMappings = _OID(id_ce, 33) - id_ce_cRLNumber = _OID(id_ce, 20) - id_ce_policyConstraints = _OID(id_ce, 36) - id_holdinstruction_none = _OID(holdInstruction, 1) - id_holdinstruction_reject = _OID(holdInstruction, 3) - id_kp_timeStamping = _OID(id_kp, 8) @@ -1478,8 +1495,10 @@ class PolicyConstraints(univ.Sequence): PolicyConstraints.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('requireExplicitPolicy', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1489,16 +1508,12 @@ class SubjectKeyIdentifier(KeyIdentifier): id_kp_clientAuth = _OID(id_kp, 2) - id_ce_deltaCRLIndicator = _OID(id_ce, 27) - id_ce_issuerAltName = _OID(id_ce, 18) - id_kp_codeSigning = _OID(id_kp, 3) - id_ce_holdInstructionCode = _OID(id_ce, 23) @@ -1507,12 +1522,16 @@ class IssuingDistributionPoint(univ.Sequence): IssuingDistributionPoint.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), - namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), - namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), - namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) ) - - diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py index 0a7d020..c522670 100644 --- a/pyasn1_modules/rfc3281.py +++ b/pyasn1_modules/rfc3281.py @@ -21,9 +21,10 @@ from pyasn1.type import useful from pyasn1_modules import rfc3280 -MAX=64 +MAX = 64 -def _OID(*components): + +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -39,7 +40,8 @@ class ObjectDigestInfo(univ.Sequence): ObjectDigestInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('digestedObjectType', univ.Enumerated(namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))), + namedtype.NamedType('digestedObjectType', univ.Enumerated( + namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))), namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()), namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('objectDigest', univ.BitString()) @@ -73,9 +75,12 @@ class Target(univ.Choice): Target.componentType = namedtype.NamedTypes( - namedtype.NamedType('targetName', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('targetCert', TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + namedtype.NamedType('targetName', rfc3280.GeneralName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('targetCert', + TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) @@ -92,21 +97,13 @@ class ProxyInfo(univ.SequenceOf): ProxyInfo.componentType = Targets() +id_at_role = _buildOid(rfc3280.id_at, 72) +id_pe_aaControls = _buildOid(rfc3280.id_pe, 6) -id_at_role = _OID(rfc3280.id_at, 72) - - -id_pe_aaControls = _OID(rfc3280.id_pe, 6) - - -id_at_role = _OID(rfc3280.id_at, 72) - +id_ce_targetInformation = _buildOid(rfc3280.id_ce, 55) -id_ce_targetInformation = _OID(rfc3280.id_ce, 55) - - -id_pe_ac_auditIdentity = _OID(rfc3280.id_pe, 4) +id_pe_ac_auditIdentity = _buildOid(rfc3280.id_pe, 4) class ClassList(univ.BitString): @@ -128,7 +125,8 @@ class SecurityCategory(univ.Sequence): SecurityCategory.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('type', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -138,11 +136,14 @@ class Clearance(univ.Sequence): Clearance.componentType = namedtype.NamedTypes( - namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.DefaultedNamedType('classList', - ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 1)).subtype(value="unclassified")), - namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype( + value="unclassified")), + namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) @@ -154,11 +155,9 @@ AttCertVersion.namedValues = namedval.NamedValues( ('v2', 1) ) +id_aca = _buildOid(rfc3280.id_pkix, 10) -id_aca = _OID(rfc3280.id_pkix, 10) - - -id_at_clearance = _OID(2, 5, 1, 5, 55) +id_at_clearance = _buildOid(2, 5, 1, 5, 55) class AttrSpec(univ.SequenceOf): @@ -173,16 +172,16 @@ class AAControls(univ.Sequence): AAControls.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), - namedtype.OptionalNamedType('permittedAttrs', AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('excludedAttrs', AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.OptionalNamedType('permittedAttrs', + AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedAttrs', + AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1)) ) -id_aca = _OID(rfc3280.id_pkix, 10) - - class AttCertValidityPeriod(univ.Sequence): pass @@ -193,13 +192,7 @@ AttCertValidityPeriod.componentType = namedtype.NamedTypes( ) -id_pe_ac_auditIdentity = _OID(rfc3280.id_pe, 4) - - -id_at_clearance = _OID(2, 5, 1, 5, 55) - - -id_aca_authenticationInfo = _OID(id_aca, 1) +id_aca_authenticationInfo = _buildOid(id_aca, 1) class V2Form(univ.Sequence): @@ -208,8 +201,10 @@ class V2Form(univ.Sequence): V2Form.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('issuerName', rfc3280.GeneralNames()), - namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -219,7 +214,8 @@ class AttCertIssuer(univ.Choice): AttCertIssuer.componentType = namedtype.NamedTypes( namedtype.NamedType('v1Form', rfc3280.GeneralNames()), - namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('v2Form', + V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -228,9 +224,12 @@ class Holder(univ.Sequence): Holder.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) @@ -261,20 +260,11 @@ AttributeCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('signatureValue', univ.BitString()) ) +id_mod = _buildOid(rfc3280.id_pkix, 0) -id_aca_authenticationInfo = _OID(id_aca, 1) - - -id_mod = _OID(rfc3280.id_pkix, 0) - - -id_mod_attribute_cert = _OID(id_mod, 12) - +id_mod_attribute_cert = _buildOid(id_mod, 12) -id_aca_accessIdentity = _OID(id_aca, 2) - - -id_aca_accessIdentity = _OID(id_aca, 2) +id_aca_accessIdentity = _buildOid(id_aca, 2) class RoleSyntax(univ.Sequence): @@ -282,15 +272,13 @@ class RoleSyntax(univ.Sequence): RoleSyntax.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('roleName', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('roleName', + rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) - -id_aca_chargingIdentity = _OID(id_aca, 3) - - -id_aca_chargingIdentity = _OID(id_aca, 3) +id_aca_chargingIdentity = _buildOid(id_aca, 3) class ACClearAttrs(univ.Sequence): @@ -303,20 +291,9 @@ ACClearAttrs.componentType = namedtype.NamedTypes( namedtype.NamedType('attrs', univ.SequenceOf(componentType=rfc3280.Attribute())) ) +id_aca_group = _buildOid(id_aca, 4) -id_ce_targetInformation = _OID(rfc3280.id_ce, 55) - - -id_aca_group = _OID(id_aca, 4) - - -id_aca_group = _OID(id_aca, 4) - - -id_pe_ac_proxying = _OID(rfc3280.id_pe, 10) - - -id_pe_aaControls = _OID(rfc3280.id_pe, 6) +id_pe_ac_proxying = _buildOid(rfc3280.id_pe, 10) class SvceAuthInfo(univ.Sequence): @@ -335,7 +312,8 @@ class IetfAttrSyntax(univ.Sequence): IetfAttrSyntax.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('policyAuthority', rfc3280.GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('values', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType('octets', univ.OctetString()), namedtype.NamedType('oid', univ.ObjectIdentifier()), @@ -344,13 +322,4 @@ IetfAttrSyntax.componentType = namedtype.NamedTypes( )) ) - -id_aca_encAttrs = _OID(id_aca, 6) - - -id_aca_encAttrs = _OID(id_aca, 6) - - -id_pe_ac_proxying = _OID(rfc3280.id_pe, 10) - - +id_aca_encAttrs = _buildOid(id_aca, 6) diff --git a/pyasn1_modules/rfc3412.py b/pyasn1_modules/rfc3412.py index 85e4107..891d1eb 100644 --- a/pyasn1_modules/rfc3412.py +++ b/pyasn1_modules/rfc3412.py @@ -9,35 +9,42 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3412.txt # -from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1.type import univ, namedtype, constraint from pyasn1_modules import rfc1905 + class ScopedPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contextEngineId', univ.OctetString()), namedtype.NamedType('contextName', univ.OctetString()), namedtype.NamedType('data', rfc1905.PDUs()) - ) - + ) + + class ScopedPduData(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('plaintext', ScopedPDU()), namedtype.NamedType('encryptedPDU', univ.OctetString()), - ) - + ) + + class HeaderData(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('msgID', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), - namedtype.NamedType('msgMaxSize', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))), + namedtype.NamedType('msgID', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgMaxSize', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))), namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))), - namedtype.NamedType('msgSecurityModel', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647))) - ) + namedtype.NamedType('msgSecurityModel', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647))) + ) + class SNMPv3Message(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('msgVersion', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), - namedtype.NamedType('msgGlobalData', HeaderData()), - namedtype.NamedType('msgSecurityParameters', univ.OctetString()), - namedtype.NamedType('msgData', ScopedPduData()) - ) - + namedtype.NamedType('msgVersion', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgGlobalData', HeaderData()), + namedtype.NamedType('msgSecurityParameters', univ.OctetString()), + namedtype.NamedType('msgData', ScopedPduData()) + ) diff --git a/pyasn1_modules/rfc3414.py b/pyasn1_modules/rfc3414.py index 5f09b1c..a84f74a 100644 --- a/pyasn1_modules/rfc3414.py +++ b/pyasn1_modules/rfc3414.py @@ -9,14 +9,18 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3414.txt # -from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1.type import univ, namedtype, constraint + class UsmSecurityParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()), - namedtype.NamedType('msgAuthoritativeEngineBoots', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), - namedtype.NamedType('msgAuthoritativeEngineTime', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), - namedtype.NamedType('msgUserName', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))), + namedtype.NamedType('msgAuthoritativeEngineBoots', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgAuthoritativeEngineTime', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgUserName', + univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))), namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()), namedtype.NamedType('msgPrivacyParameters', univ.OctetString()) - ) + ) diff --git a/pyasn1_modules/rfc3447.py b/pyasn1_modules/rfc3447.py index 4e4405c..ec7c85a 100644 --- a/pyasn1_modules/rfc3447.py +++ b/pyasn1_modules/rfc3447.py @@ -13,17 +13,19 @@ # from pyasn1_modules.rfc2437 import * + class OtherPrimeInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('prime', univ.Integer()), namedtype.NamedType('exponent', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()) - ) + ) + class OtherPrimeInfos(univ.SequenceOf): componentType = OtherPrimeInfo() - subtypeSpec = univ.SequenceOf.subtypeSpec + \ - constraint.ValueSizeConstraint(1, MAX) + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + class RSAPrivateKey(univ.Sequence): componentType = namedtype.NamedTypes( diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py index e4dc7e4..b721afa 100644 --- a/pyasn1_modules/rfc3852.py +++ b/pyasn1_modules/rfc3852.py @@ -13,12 +13,13 @@ # from pyasn1.type import univ, namedtype, namedval, tag, constraint, useful -MAX = 64 - from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3281 -def _OID(*components): +MAX = 64 + + +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -48,7 +49,7 @@ class SignedAttributes(univ.SetOf): SignedAttributes.componentType = Attribute() -SignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +SignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class OtherRevocationInfoFormat(univ.Sequence): @@ -67,7 +68,8 @@ class RevocationInfoChoice(univ.Choice): RevocationInfoChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('crl', rfc3280.CertificateList()), - namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -87,8 +89,7 @@ OtherKeyAttribute.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('keyAttr', univ.Any()) ) - -id_signedData = _OID(1, 2, 840, 113549, 1, 7, 2) +id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): @@ -146,7 +147,8 @@ class PasswordRecipientInfo(univ.Sequence): PasswordRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) @@ -193,7 +195,8 @@ class KeyAgreeRecipientIdentifier(univ.Choice): KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -234,8 +237,10 @@ class OriginatorIdentifierOrKey(univ.Choice): OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -245,8 +250,10 @@ class KeyAgreeRecipientInfo(univ.Sequence): KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) ) @@ -258,7 +265,8 @@ class RecipientIdentifier(univ.Choice): RecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -280,10 +288,14 @@ class RecipientInfo(univ.Choice): RecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('ktri', KeyTransRecipientInfo()), - namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('kekri', KEKRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('ori', OtherRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) ) @@ -292,7 +304,7 @@ class RecipientInfos(univ.SetOf): RecipientInfos.componentType = RecipientInfo() -RecipientInfos.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +RecipientInfos.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): @@ -309,7 +321,8 @@ class SignerIdentifier(univ.Choice): SignerIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -318,7 +331,7 @@ class UnprotectedAttributes(univ.SetOf): UnprotectedAttributes.componentType = Attribute() -UnprotectedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnprotectedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class ContentType(univ.ObjectIdentifier): @@ -340,7 +353,8 @@ class EncryptedContentInfo(univ.Sequence): EncryptedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), - namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -351,17 +365,15 @@ class EncryptedData(univ.Sequence): EncryptedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) +id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) -id_contentType = _OID(1, 2, 840, 113549, 1, 9, 3) - - -id_data = _OID(1, 2, 840, 113549, 1, 7, 1) +id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) - -id_messageDigest = _OID(1, 2, 840, 113549, 1, 9, 4) +id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) class DigestAlgorithmIdentifiers(univ.SetOf): @@ -377,7 +389,8 @@ class EncapsulatedContentInfo(univ.Sequence): EncapsulatedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('eContentType', ContentType()), - namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -412,7 +425,7 @@ class UnauthAttributes(univ.SetOf): UnauthAttributes.componentType = Attribute() -UnauthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnauthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class ExtendedCertificateInfo(univ.Sequence): @@ -471,10 +484,12 @@ class AttributeCertificateInfoV1(univ.Sequence): AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )) - ), + ), namedtype.NamedType('issuer', rfc3280.GeneralNames()), namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), @@ -502,10 +517,14 @@ class CertificateChoices(univ.Choice): CertificateChoices.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc3280.Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('other', OtherCertificateFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) @@ -525,7 +544,7 @@ class UnsignedAttributes(univ.SetOf): UnsignedAttributes.componentType = Attribute() -UnsignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnsignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class SignatureValue(univ.OctetString): @@ -540,10 +559,12 @@ SignerInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('sid', SignerIdentifier()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), - namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', SignatureValue()), - namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -562,8 +583,10 @@ SignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), - namedtype.OptionalNamedType('certificates', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) @@ -591,8 +614,10 @@ class OriginatorInfo(univ.Sequence): OriginatorInfo.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('certs', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('certs', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -601,7 +626,7 @@ class AuthAttributes(univ.SetOf): AuthAttributes.componentType = Attribute() -AuthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +AuthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class AuthenticatedData(univ.Sequence): @@ -610,21 +635,23 @@ class AuthenticatedData(univ.Sequence): AuthenticatedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), - namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), - namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('mac', MessageAuthenticationCode()), - namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) +id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) -id_ct_contentInfo = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 6) - - -id_envelopedData = _OID(1, 2, 840, 113549, 1, 7, 3) +id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) class EnvelopedData(univ.Sequence): @@ -633,10 +660,12 @@ class EnvelopedData(univ.Sequence): EnvelopedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -644,10 +673,9 @@ class Countersignature(SignerInfo): pass -id_digestedData = _OID(1, 2, 840, 113549, 1, 7, 5) - +id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) -id_signingTime = _OID(1, 2, 840, 113549, 1, 9, 5) +id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) class ExtendedCertificateOrCertificate(univ.Choice): @@ -656,20 +684,17 @@ class ExtendedCertificateOrCertificate(univ.Choice): ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc3280.Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) +id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) -id_encryptedData = _OID(1, 2, 840, 113549, 1, 7, 6) - - -id_ct_authData = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 2) +id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) class SigningTime(Time): pass -id_countersignature = _OID(1, 2, 840, 113549, 1, 9, 6) - - +id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 9edbf89..5fde668 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -8,18 +8,27 @@ # # Based on Alex Railean's work # -from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful +from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful from pyasn1_modules import rfc2459, rfc2511, rfc2314 MAX = 64 -class KeyIdentifier(univ.OctetString): pass -class CMPCertificate(rfc2459.Certificate): pass +class KeyIdentifier(univ.OctetString): + pass -class OOBCert(CMPCertificate): pass -class CertAnnContent(CMPCertificate): pass +class CMPCertificate(rfc2459.Certificate): + pass + + +class OOBCert(CMPCertificate): + pass + + +class CertAnnContent(CMPCertificate): + pass + class PKIFreeText(univ.SequenceOf): """ @@ -28,6 +37,7 @@ class PKIFreeText(univ.SequenceOf): componentType = char.UTF8String() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + class PollRepContent(univ.SequenceOf): """ PollRepContent ::= SEQUENCE OF SEQUENCE { @@ -36,14 +46,17 @@ class PollRepContent(univ.SequenceOf): reason PKIFreeText OPTIONAL } """ + class CertReq(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('checkAfter', univ.Integer()), namedtype.OptionalNamedType('reason', PKIFreeText()) ) + componentType = CertReq() + class PollReqContent(univ.SequenceOf): """ PollReqContent ::= SEQUENCE OF SEQUENCE { @@ -51,12 +64,15 @@ class PollReqContent(univ.SequenceOf): } """ + class CertReq(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()) ) + componentType = CertReq() + class InfoTypeAndValue(univ.Sequence): """ InfoTypeAndValue ::= SEQUENCE { @@ -68,17 +84,23 @@ class InfoTypeAndValue(univ.Sequence): namedtype.OptionalNamedType('infoValue', univ.Any()) ) + class GenRepContent(univ.SequenceOf): componentType = InfoTypeAndValue() + class GenMsgContent(univ.SequenceOf): componentType = InfoTypeAndValue() -class PKIConfirmContent(univ.Null): pass + +class PKIConfirmContent(univ.Null): + pass + class CRLAnnContent(univ.SequenceOf): componentType = rfc2459.CertificateList() + class CAKeyUpdAnnContent(univ.Sequence): """ CAKeyUpdAnnContent ::= SEQUENCE { @@ -93,6 +115,7 @@ class CAKeyUpdAnnContent(univ.Sequence): namedtype.NamedType('newWithNew', CMPCertificate()) ) + class RevDetails(univ.Sequence): """ RevDetails ::= SEQUENCE { @@ -104,10 +127,12 @@ class RevDetails(univ.Sequence): namedtype.NamedType('certDetails', rfc2511.CertTemplate()), namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions()) ) - + + class RevReqContent(univ.SequenceOf): componentType = RevDetails() + class CertOrEncCert(univ.Choice): """ CertOrEncCert ::= CHOICE { @@ -118,14 +143,15 @@ class CertOrEncCert(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', CMPCertificate().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), + ) + ), namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) ) + ) ) + class CertifiedKeyPair(univ.Sequence): """ CertifiedKeyPair ::= SEQUENCE { @@ -137,19 +163,20 @@ class CertifiedKeyPair(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certOrEncCert', CertOrEncCert()), namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) + ) ) - + class POPODecKeyRespContent(univ.SequenceOf): componentType = univ.Integer() + class Challenge(univ.Sequence): """ Challenge ::= SEQUENCE { @@ -164,6 +191,7 @@ class Challenge(univ.Sequence): namedtype.NamedType('challenge', univ.OctetString()) ) + class PKIStatus(univ.Integer): """ PKIStatus ::= INTEGER { @@ -185,7 +213,8 @@ class PKIStatus(univ.Integer): ('revocationNotification', 5), ('keyUpdateWarning', 6) ) - + + class PKIFailureInfo(univ.BitString): """ PKIFailureInfo ::= BIT STRING { @@ -247,6 +276,7 @@ class PKIFailureInfo(univ.BitString): ('duplicateCertReq', 26) ) + class PKIStatusInfo(univ.Sequence): """ PKIStatusInfo ::= SEQUENCE { @@ -259,7 +289,8 @@ class PKIStatusInfo(univ.Sequence): namedtype.NamedType('status', PKIStatus()), namedtype.OptionalNamedType('statusString', PKIFreeText()), namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) - ) + ) + class ErrorMsgContent(univ.Sequence): """ @@ -277,6 +308,7 @@ class ErrorMsgContent(univ.Sequence): namedtype.OptionalNamedType('errorDetails', PKIFreeText()) ) + class CertStatus(univ.Sequence): """ CertStatus ::= SEQUENCE { @@ -291,9 +323,11 @@ class CertStatus(univ.Sequence): namedtype.OptionalNamedType('statusInfo', PKIStatusInfo()) ) + class CertConfirmContent(univ.SequenceOf): componentType = CertStatus() + class RevAnnContent(univ.Sequence): """ RevAnnContent ::= SEQUENCE { @@ -312,6 +346,7 @@ class RevAnnContent(univ.Sequence): namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions()) ) + class RevRepContent(univ.Sequence): """ RevRepContent ::= SEQUENCE { @@ -324,21 +359,22 @@ class RevRepContent(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatusInfo()), namedtype.OptionalNamedType('revCerts', univ.SequenceOf( - componentType=rfc2511.CertId() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), + componentType=rfc2511.CertId() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), namedtype.OptionalNamedType('crls', univ.SequenceOf( - componentType=rfc2459.CertificateList() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) + componentType=rfc2459.CertificateList() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) + ) ) + class KeyRecRepContent(univ.Sequence): """ KeyRecRepContent ::= SEQUENCE { @@ -354,24 +390,25 @@ class KeyRecRepContent(univ.Sequence): namedtype.NamedType('status', PKIStatusInfo()), namedtype.OptionalNamedType('newSigCert', CMPCertificate().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), + ) + ), namedtype.OptionalNamedType('caCerts', univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - ) - ), + componentType=CMPCertificate() + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ), namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf( - componentType=CertifiedKeyPair() - ).subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - ) + componentType=CertifiedKeyPair() + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) ) + ) ) - + + class CertResponse(univ.Sequence): """ CertResponse ::= SEQUENCE { @@ -388,6 +425,7 @@ class CertResponse(univ.Sequence): namedtype.OptionalNamedType('rspInfo', univ.OctetString()) ) + class CertRepMessage(univ.Sequence): """ CertRepMessage ::= SEQUENCE { @@ -398,20 +436,22 @@ class CertRepMessage(univ.Sequence): """ componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('caPubs', univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) - ) - ), + componentType=CMPCertificate() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ), namedtype.NamedType('response', univ.SequenceOf( - componentType=CertResponse()) - ) + componentType=CertResponse()) + ) ) + class POPODecKeyChallContent(univ.SequenceOf): componentType = Challenge() + class OOBCertHash(univ.Sequence): """ OOBCertHash ::= SEQUENCE { @@ -423,16 +463,17 @@ class OOBCertHash(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('hashAlg', rfc2459.AlgorithmIdentifier().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), namedtype.OptionalNamedType('certId', rfc2511.CertId().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ), namedtype.NamedType('hashVal', univ.BitString()) ) + # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages class NestedMessageContent(univ.SequenceOf): @@ -441,6 +482,7 @@ class NestedMessageContent(univ.SequenceOf): """ componentType = univ.Any() + class DHBMParameter(univ.Sequence): """ DHBMParameter ::= SEQUENCE { @@ -455,8 +497,10 @@ class DHBMParameter(univ.Sequence): namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) ) + id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30') + class PBMParameter(univ.Sequence): """ PBMParameter ::= SEQUENCE { @@ -468,22 +512,28 @@ class PBMParameter(univ.Sequence): """ componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(0, 128) - ) - ), + subtypeSpec=constraint.ValueSizeConstraint(0, 128) + ) + ), namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('iterationCount', univ.Integer()), namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) ) + id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13') -class PKIProtection(univ.BitString): pass + +class PKIProtection(univ.BitString): + pass + # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages -nestedMessageContent = NestedMessageContent().subtype(explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)) - +nestedMessageContent = NestedMessageContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 20)) + + class PKIBody(univ.Choice): """ PKIBody ::= CHOICE { -- message-specific body elements @@ -518,114 +568,114 @@ class PKIBody(univ.Choice): """ componentType = namedtype.NamedTypes( namedtype.NamedType('ir', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), namedtype.NamedType('ip', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ), namedtype.NamedType('cr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,2) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) + ), namedtype.NamedType('cp', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,3) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + ), namedtype.NamedType('p10cr', rfc2314.CertificationRequest().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,4) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4) + ) + ), namedtype.NamedType('popdecc', POPODecKeyChallContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,5) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) + ) + ), namedtype.NamedType('popdecr', POPODecKeyRespContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,6) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) + ) + ), namedtype.NamedType('kur', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,7) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) + ) + ), namedtype.NamedType('kup', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,8) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) + ) + ), namedtype.NamedType('krr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,9) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9) + ) + ), namedtype.NamedType('krp', KeyRecRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,10) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10) + ) + ), namedtype.NamedType('rr', RevReqContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,11) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11) + ) + ), namedtype.NamedType('rp', RevRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,12) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12) + ) + ), namedtype.NamedType('ccr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,13) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13) + ) + ), namedtype.NamedType('ccp', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,14) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14) + ) + ), namedtype.NamedType('ckuann', CAKeyUpdAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,15) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15) + ) + ), namedtype.NamedType('cann', CertAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,16) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16) + ) + ), namedtype.NamedType('rann', RevAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,17) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17) + ) + ), namedtype.NamedType('crlann', CRLAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,18) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18) + ) + ), namedtype.NamedType('pkiconf', PKIConfirmContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,19) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19) + ) + ), namedtype.NamedType('nested', nestedMessageContent), -# namedtype.NamedType('nested', NestedMessageContent().subtype( -# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) -# ) -# ), + # namedtype.NamedType('nested', NestedMessageContent().subtype( + # explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) + # ) + # ), namedtype.NamedType('genm', GenMsgContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,21) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21) + ) + ), namedtype.NamedType('gen', GenRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,22) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22) + ) + ), namedtype.NamedType('error', ErrorMsgContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,23) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23) + ) + ), namedtype.NamedType('certConf', CertConfirmContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,24) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24) + ) + ), namedtype.NamedType('pollReq', PollReqContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,25) - ) - ), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25) + ) + ), namedtype.NamedType('pollRep', PollRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,26) - ) + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26) ) + ) ) @@ -650,32 +700,40 @@ class PKIHeader(univ.Sequence): """ componentType = namedtype.NamedTypes( namedtype.NamedType('pvno', univ.Integer( - namedValues=namedval.NamedValues( - ('cmp1999', 1), - ('cmp2000', 2) - ) + namedValues=namedval.NamedValues( + ('cmp1999', 1), + ('cmp2000', 2) ) - ), + ) + ), namedtype.NamedType('sender', rfc2459.GeneralName()), namedtype.NamedType('recipient', rfc2459.GeneralName()), - namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), - namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), + namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('freeText', PKIFreeText().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), namedtype.OptionalNamedType('generalInfo', - univ.SequenceOf( - componentType=InfoTypeAndValue().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8) - ) - ) - ) - ) + univ.SequenceOf( + componentType=InfoTypeAndValue().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8) + ) + ) + ) + ) + class ProtectedPart(univ.Sequence): """ @@ -687,7 +745,8 @@ class ProtectedPart(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('header', PKIHeader()), namedtype.NamedType('infoValue', PKIBody()) - ) + ) + class PKIMessage(univ.Sequence): """ @@ -701,17 +760,19 @@ class PKIMessage(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('header', PKIHeader()), namedtype.NamedType('body', PKIBody()), - namedtype.OptionalNamedType('protection', PKIProtection().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType( 'extraCerts', - univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) + namedtype.OptionalNamedType('protection', PKIProtection().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('extraCerts', + univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) ) + class PKIMessages(univ.SequenceOf): """ PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage @@ -719,6 +780,7 @@ class PKIMessages(univ.SequenceOf): componentType = PKIMessage() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages NestedMessageContent.componentType = PKIMessages() diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py index 48056eb..b984062 100644 --- a/pyasn1_modules/rfc4211.py +++ b/pyasn1_modules/rfc4211.py @@ -12,7 +12,7 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc4211.txt # -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3852 @@ -20,7 +20,7 @@ from pyasn1_modules import rfc3852 MAX = 64 -def _OID(*components): +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -31,13 +31,11 @@ def _OID(*components): return univ.ObjectIdentifier(output) -id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) +id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) +id_pkip = _buildOid(id_pkix, 5) -id_pkip = _OID(id_pkix, 5) - - -id_regCtrl = _OID(id_pkip, 1) +id_regCtrl = _buildOid(id_pkip, 1) class SinglePubInfo(univ.Sequence): @@ -45,7 +43,8 @@ class SinglePubInfo(univ.Sequence): SinglePubInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('pubMethod', univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), + namedtype.NamedType('pubMethod', univ.Integer( + namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName()) ) @@ -70,10 +69,11 @@ class POPOSigningKeyInput(univ.Sequence): POPOSigningKeyInput.componentType = namedtype.NamedTypes( namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('sender', rfc3280.GeneralName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('publicKeyMAC', PKMACValue()) )) - ), + ), namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo()) ) @@ -83,7 +83,8 @@ class POPOSigningKey(univ.Sequence): POPOSigningKey.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) @@ -104,7 +105,8 @@ PrivateKeyInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer()), namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('privateKey', univ.OctetString()), - namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('attributes', + Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -113,11 +115,16 @@ class EncryptedValue(univ.Sequence): EncryptedValue.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.NamedType('encValue', univ.BitString()) ) @@ -128,7 +135,8 @@ class EncryptedKey(univ.Choice): EncryptedKey.componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedValue', EncryptedValue()), - namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -141,19 +149,19 @@ class PKIArchiveOptions(univ.Choice): PKIArchiveOptions.componentType = namedtype.NamedTypes( - namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.NamedType('encryptedPrivKey', + EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyGenParameters', + KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('archiveRemGenPrivKey', + univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) +id_regCtrl_authenticator = _buildOid(id_regCtrl, 2) -id_regCtrl_authenticator = _OID(id_regCtrl, 2) - - -id_regInfo = _OID(id_pkip, 2) +id_regInfo = _buildOid(id_pkip, 2) - -id_regInfo_certReq = _OID(id_regInfo, 2) +id_regInfo_certReq = _buildOid(id_regInfo, 2) class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo): @@ -189,11 +197,16 @@ class POPOPrivKey(univ.Choice): POPOPrivKey.componentType = namedtype.NamedTypes( - namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('agreeMAC', PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + namedtype.NamedType('thisMessage', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subsequentMessage', + SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dhMAC', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('agreeMAC', + PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) @@ -202,10 +215,14 @@ class ProofOfPossession(univ.Choice): ProofOfPossession.componentType = namedtype.NamedTypes( - namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('signature', POPOSigningKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + namedtype.NamedType('raVerified', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signature', POPOSigningKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('keyEncipherment', + POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('keyAgreement', + POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) @@ -214,8 +231,10 @@ class OptionalValidity(univ.Sequence): OptionalValidity.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -224,16 +243,26 @@ class CertTemplate(univ.Sequence): CertTemplate.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('version', rfc3280.Version().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.OptionalNamedType('validity', OptionalValidity().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.OptionalNamedType('subject', rfc3280.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), - namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9))) + namedtype.OptionalNamedType('version', rfc3280.Version().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('validity', OptionalValidity().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('subject', rfc3280.Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9))) ) @@ -242,7 +271,7 @@ class Controls(univ.SequenceOf): Controls.componentType = AttributeTypeAndValue() -Controls.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +Controls.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class CertRequest(univ.Sequence): @@ -272,14 +301,14 @@ class CertReqMessages(univ.SequenceOf): CertReqMessages.componentType = CertReqMsg() -CertReqMessages.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +CertReqMessages.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class CertReq(CertRequest): pass -id_regCtrl_pkiPublicationInfo = _OID(id_regCtrl, 3) +id_regCtrl_pkiPublicationInfo = _buildOid(id_regCtrl, 3) class CertId(univ.Sequence): @@ -301,7 +330,8 @@ class PKIPublicationInfo(univ.Sequence): PKIPublicationInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), + namedtype.NamedType('action', + univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo())) ) @@ -316,17 +346,14 @@ EncKeyWithID.componentType = namedtype.NamedTypes( namedtype.NamedType('string', char.UTF8String()), namedtype.NamedType('generalName', rfc3280.GeneralName()) )) - ) + ) ) +id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6) -id_regCtrl_protocolEncrKey = _OID(id_regCtrl, 6) - - -id_regCtrl_oldCertID = _OID(id_regCtrl, 5) - +id_regCtrl_oldCertID = _buildOid(id_regCtrl, 5) -id_smime = _OID(1, 2, 840, 113549, 1, 9, 16) +id_smime = _buildOid(1, 2, 840, 113549, 1, 9, 16) class PBMParameter(univ.Sequence): @@ -340,23 +367,16 @@ PBMParameter.componentType = namedtype.NamedTypes( namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier()) ) +id_regCtrl_regToken = _buildOid(id_regCtrl, 1) -id_regCtrl_regToken = _OID(id_regCtrl, 1) +id_regCtrl_pkiArchiveOptions = _buildOid(id_regCtrl, 4) +id_regInfo_utf8Pairs = _buildOid(id_regInfo, 1) -id_regCtrl_pkiArchiveOptions = _OID(id_regCtrl, 4) +id_ct = _buildOid(id_smime, 1) - -id_regInfo_utf8Pairs = _OID(id_regInfo, 1) - - -id_ct = _OID(id_smime, 1) - - -id_ct_encKeyWithID = _OID(id_ct, 21) +id_ct_encKeyWithID = _buildOid(id_ct, 21) class RegToken(char.UTF8String): pass - - diff --git a/pyasn1_modules/rfc5208.py b/pyasn1_modules/rfc5208.py index 3484150..6b7c3ba 100644 --- a/pyasn1_modules/rfc5208.py +++ b/pyasn1_modules/rfc5208.py @@ -11,15 +11,21 @@ # # Sample captures could be obtained with "openssl pkcs8 -topk8" command # -from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2251 -class KeyEncryptionAlgorithms(AlgorithmIdentifier): pass -class PrivateKeyAlgorithms(AlgorithmIdentifier): pass +class KeyEncryptionAlgorithms(AlgorithmIdentifier): + pass + + +class PrivateKeyAlgorithms(AlgorithmIdentifier): + pass + + +class EncryptedData(univ.OctetString): + pass -class EncryptedData(univ.OctetString): pass class EncryptedPrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( @@ -27,18 +33,24 @@ class EncryptedPrivateKeyInfo(univ.Sequence): namedtype.NamedType('encryptedData', EncryptedData()) ) -class PrivateKey(univ.OctetString): pass + +class PrivateKey(univ.OctetString): + pass + class Attributes(univ.SetOf): componentType = rfc2251.Attribute() + class Version(univ.Integer): - namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) + namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) + class PrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('privateKey', PrivateKey()), - namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType('attributes', Attributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index cef8023..3ea4617 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -20,11 +20,10 @@ from pyasn1.type import tag from pyasn1.type import constraint from pyasn1.type import useful - MAX = 64 -def _OID(*components): +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -37,10 +36,8 @@ def _OID(*components): ub_e163_4_sub_address_length = univ.Integer(40) - ub_e163_4_number_length = univ.Integer(15) - unformatted_postal_address = univ.Integer(16) @@ -74,18 +71,14 @@ class Extensions(univ.SequenceOf): Extensions.componentType = Extension() -Extensions.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +Extensions.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) physical_delivery_personal_name = univ.Integer(13) - ub_unformatted_address_length = univ.Integer(180) - ub_pds_parameter_length = univ.Integer(30) - ub_pds_physical_address_lines = univ.Integer(6) @@ -94,11 +87,12 @@ class UnformattedPostalAddress(univ.Set): UnformattedPostalAddress.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), - namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) - ub_organization_name = univ.Integer(64) @@ -107,25 +101,25 @@ class X520OrganizationName(univ.Choice): X520OrganizationName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) - ub_x121_address_length = univ.Integer(16) - pds_name = univ.Integer(7) +id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) -id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) - - -id_kp = _OID(id_pkix, 3) - +id_kp = _buildOid(id_pkix, 3) ub_postal_code_length = univ.Integer(16) @@ -135,14 +129,14 @@ class PostalCode(univ.Choice): PostalCode.componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), - namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) + namedtype.NamedType('numeric-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) - ub_generation_qualifier_length = univ.Integer(3) - unique_postal_name = univ.Integer(20) @@ -152,19 +146,16 @@ class DomainComponent(char.IA5String): ub_domain_defined_attribute_value_length = univ.Integer(128) - ub_match = univ.Integer(128) - -id_at = _OID(2, 5, 4) +id_at = _buildOid(2, 5, 4) class AttributeType(univ.ObjectIdentifier): pass -id_at_organizationalUnitName = _OID(id_at, 11) - +id_at_organizationalUnitName = _buildOid(id_at, 11) terminal_type = univ.Integer(23) @@ -174,8 +165,10 @@ class PDSParameter(univ.Set): PDSParameter.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), - namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) @@ -185,9 +178,7 @@ class PhysicalDeliveryPersonalName(PDSParameter): ub_surname_length = univ.Integer(40) - -id_ad = _OID(id_pkix, 48) - +id_ad = _buildOid(id_pkix, 48) ub_domain_defined_attribute_type_length = univ.Integer(8) @@ -197,11 +188,12 @@ class TeletexDomainDefinedAttribute(univ.Sequence): TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), - namedtype.NamedType('value', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + namedtype.NamedType('type', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) - ub_domain_defined_attributes = univ.Integer(4) @@ -210,12 +202,10 @@ class TeletexDomainDefinedAttributes(univ.SequenceOf): TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() -TeletexDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) - +TeletexDomainDefinedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) extended_network_address = univ.Integer(22) - ub_locality_name = univ.Integer(128) @@ -224,20 +214,22 @@ class X520LocalityName(univ.Choice): X520LocalityName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) - teletex_organization_name = univ.Integer(3) - ub_given_name_length = univ.Integer(16) - ub_initials_length = univ.Integer(5) @@ -246,13 +238,20 @@ class PersonalName(univ.Set): PersonalName.componentType = namedtype.NamedTypes( - namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.NamedType('surname', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) - ub_organizational_unit_name_length = univ.Integer(32) @@ -262,8 +261,7 @@ class OrganizationalUnitName(char.PrintableString): OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) - -id_at_generationQualifier = _OID(id_at, 44) +id_at_generationQualifier = _buildOid(id_at, 44) class Version(univ.Integer): @@ -320,7 +318,7 @@ class RelativeDistinguishedName(univ.SetOf): RelativeDistinguishedName.componentType = AttributeTypeAndValue() -RelativeDistinguishedName.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +RelativeDistinguishedName.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class RDNSequence(univ.SequenceOf): @@ -349,13 +347,15 @@ TBSCertList.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), - namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('userCertificate', CertificateSerialNumber()), - namedtype.NamedType('revocationDate', Time()), - namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) - )) - )), - namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('revokedCertificates', + univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + )) + )), + namedtype.OptionalNamedType('crlExtensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -382,24 +382,22 @@ class ExtensionAttribute(univ.Sequence): ExtensionAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) +id_qt = _buildOid(id_pkix, 2) -id_qt = _OID(id_pkix, 2) - - -id_qt_cps = _OID(id_qt, 1) - - -id_at_stateOrProvinceName = _OID(id_at, 8) - +id_qt_cps = _buildOid(id_qt, 1) -id_at_title = _OID(id_at, 12) +id_at_stateOrProvinceName = _buildOid(id_at, 8) +id_at_title = _buildOid(id_at, 12) -id_at_serialNumber = _OID(id_at, 5) +id_at_serialNumber = _buildOid(id_at, 5) class X520dnQualifier(char.PrintableString): @@ -443,23 +441,24 @@ class TBSCertificate(univ.Sequence): TBSCertificate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', - Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, - tag.tagFormatSimple, 0)).subtype(value="v1")), + Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value="v1")), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), - namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) - physical_delivery_office_name = univ.Integer(10) - ub_name = univ.Integer(32768) @@ -468,24 +467,24 @@ class X520name(univ.Choice): X520name.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) - -id_at_dnQualifier = _OID(id_at, 46) - +id_at_dnQualifier = _buildOid(id_at, 46) ub_serial_number = univ.Integer(64) - ub_pseudonym = univ.Integer(128) - -pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) +pkcs_9 = _buildOid(1, 2, 840, 113549, 1, 9) class X121Address(char.NumericString): @@ -501,19 +500,14 @@ class NetworkAddress(X121Address): ub_integer_options = univ.Integer(256) - -id_at_commonName = _OID(id_at, 3) - +id_at_commonName = _buildOid(id_at, 3) ub_organization_name_length = univ.Integer(64) - -id_ad_ocsp = _OID(id_ad, 1) - +id_ad_ocsp = _buildOid(id_ad, 1) ub_country_name_numeric_length = univ.Integer(3) - ub_country_name_alpha_length = univ.Integer(2) @@ -522,13 +516,13 @@ class PhysicalDeliveryCountryName(univ.Choice): PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( - namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), - namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) - -id_emailAddress = _OID(pkcs_9, 1) - +id_emailAddress = _buildOid(pkcs_9, 1) common_name = univ.Integer(1) @@ -538,14 +532,18 @@ class X520Pseudonym(univ.Choice): X520Pseudonym.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) ) - ub_domain_name_length = univ.Integer(16) @@ -553,10 +551,13 @@ class AdministrationDomainName(univ.Choice): pass -AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) +AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) AdministrationDomainName.componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), - namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) @@ -565,10 +566,14 @@ class PresentationAddress(univ.Sequence): PresentationAddress.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) @@ -578,11 +583,16 @@ class ExtendedNetworkAddress(univ.Choice): ExtendedNetworkAddress.componentType = namedtype.NamedTypes( namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('number', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )) - ), - namedtype.NamedType('psap-address', PresentationAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ), + namedtype.NamedType('psap-address', PresentationAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -592,7 +602,6 @@ class TeletexOrganizationName(char.TeletexString): TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) - ub_terminal_id_length = univ.Integer(24) @@ -602,11 +611,9 @@ class TerminalIdentifier(char.PrintableString): TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) +id_ad_caIssuers = _buildOid(id_ad, 2) -id_ad_caIssuers = _OID(id_ad, 2) - - -id_at_countryName = _OID(id_at, 6) +id_at_countryName = _buildOid(id_at, 6) class StreetAddress(PDSParameter): @@ -615,9 +622,7 @@ class StreetAddress(PDSParameter): postal_code = univ.Integer(9) - -id_at_givenName = _OID(id_at, 42) - +id_at_givenName = _buildOid(id_at, 42) ub_title = univ.Integer(64) @@ -627,13 +632,11 @@ class ExtensionAttributes(univ.SetOf): ExtensionAttributes.componentType = ExtensionAttribute() -ExtensionAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_extension_attributes) - +ExtensionAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) ub_emailaddress_length = univ.Integer(255) - -id_ad_caRepository = _OID(id_ad, 5) +id_ad_caRepository = _buildOid(id_ad, 5) class ExtensionORAddressComponents(PDSParameter): @@ -648,11 +651,16 @@ class X520OrganizationalUnitName(univ.Choice): X520OrganizationalUnitName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) @@ -668,19 +676,20 @@ class X520Title(univ.Choice): X520Title.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) +id_at_localityName = _buildOid(id_at, 7) -id_at_localityName = _OID(id_at, 7) - - -id_at_initials = _OID(id_at, 43) - +id_at_initials = _buildOid(id_at, 43) ub_state_name = univ.Integer(128) @@ -690,18 +699,21 @@ class X520StateOrProvinceName(univ.Choice): X520StateOrProvinceName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) - physical_delivery_organization_name = univ.Integer(14) - -id_at_surname = _OID(id_at, 4) +id_at_surname = _buildOid(id_at, 4) class X520countryName(char.PrintableString): @@ -710,11 +722,9 @@ class X520countryName(char.PrintableString): X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) - physical_delivery_office_number = univ.Integer(11) - -id_qt_unotice = _OID(id_qt, 2) +id_qt_unotice = _buildOid(id_qt, 2) class X520SerialNumber(char.PrintableString): @@ -733,11 +743,9 @@ Attribute.componentType = namedtype.NamedTypes( namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) ) - ub_common_name = univ.Integer(64) - -id_pe = _OID(id_pkix, 1) +id_pe = _buildOid(id_pkix, 1) class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): @@ -750,9 +758,7 @@ class EmailAddress(char.IA5String): EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) - -id_at_organizationName = _OID(id_at, 10) - +id_at_organizationName = _buildOid(id_at, 10) post_office_box_address = univ.Integer(18) @@ -762,8 +768,10 @@ class BuiltInDomainDefinedAttribute(univ.Sequence): BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), - namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + namedtype.NamedType('type', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) @@ -772,13 +780,11 @@ class BuiltInDomainDefinedAttributes(univ.SequenceOf): BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() -BuiltInDomainDefinedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) - - -id_at_pseudonym = _OID(id_at, 65) +BuiltInDomainDefinedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) +id_at_pseudonym = _buildOid(id_at, 65) -id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25) +id_domainComponent = _buildOid(0, 9, 2342, 19200300, 100, 1, 25) class X520CommonName(univ.Choice): @@ -786,26 +792,26 @@ class X520CommonName(univ.Choice): X520CommonName.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), - namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) - extension_OR_address_components = univ.Integer(12) - ub_organizational_units = univ.Integer(4) - teletex_personal_name = univ.Integer(4) - ub_numeric_user_id_length = univ.Integer(32) - ub_common_name_length = univ.Integer(64) @@ -836,8 +842,10 @@ class CountryName(univ.Choice): CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) CountryName.componentType = namedtype.NamedTypes( - namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), - namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) @@ -853,7 +861,7 @@ class OrganizationalUnitNames(univ.SequenceOf): OrganizationalUnitNames.componentType = OrganizationalUnitName() -OrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) +OrganizationalUnitNames.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) class PrivateDomainName(univ.Choice): @@ -861,8 +869,10 @@ class PrivateDomainName(univ.Choice): PrivateDomainName.componentType = namedtype.NamedTypes( - namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), - namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) @@ -873,13 +883,20 @@ class BuiltInStandardAttributes(univ.Sequence): BuiltInStandardAttributes.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), - namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.OptionalNamedType('personal-name', PersonalName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) @@ -898,7 +915,7 @@ class DistinguishedName(RDNSequence): pass -id_ad_timeStamping = _OID(id_ad, 3) +id_ad_timeStamping = _buildOid(id_ad, 3) class PhysicalDeliveryOfficeNumber(PDSParameter): @@ -914,7 +931,6 @@ class UniquePostalName(PDSParameter): physical_delivery_country_name = univ.Integer(8) - ub_pds_name_length = univ.Integer(16) @@ -930,13 +946,20 @@ class TeletexPersonalName(univ.Set): TeletexPersonalName.componentType = namedtype.NamedTypes( - namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.NamedType('surname', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) - street_address = univ.Integer(17) @@ -952,14 +975,16 @@ class DirectoryString(univ.Choice): DirectoryString.componentType = namedtype.NamedTypes( - namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), - namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) - teletex_common_name = univ.Integer(2) @@ -987,8 +1012,7 @@ class TeletexOrganizationalUnitName(char.TeletexString): TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) - -id_at_name = _OID(id_at, 41) +id_at_name = _buildOid(id_at, 41) class TeletexOrganizationalUnitNames(univ.SequenceOf): @@ -996,13 +1020,11 @@ class TeletexOrganizationalUnitNames(univ.SequenceOf): TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() -TeletexOrganizationalUnitNames.subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_units) - +TeletexOrganizationalUnitNames.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) -id_ce = _OID(2, 5, 29) +id_ce = _buildOid(2, 5, 29) - -id_ce_issuerAltName = _OID(id_ce, 18) +id_ce_issuerAltName = _buildOid(id_ce, 18) class SkipCerts(univ.Integer): @@ -1035,8 +1057,10 @@ class PrivateKeyUsagePeriod(univ.Sequence): PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1055,8 +1079,10 @@ class EDIPartyName(univ.Sequence): EDIPartyName.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('partyName', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -1065,15 +1091,24 @@ class GeneralName(univ.Choice): GeneralName.componentType = namedtype.NamedTypes( - namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), - namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), - namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', + univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) @@ -1090,8 +1125,10 @@ class GeneralSubtree(univ.Sequence): GeneralSubtree.componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), - namedtype.DefaultedNamedType('minimum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), - namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1100,7 +1137,7 @@ class GeneralNames(univ.SequenceOf): GeneralNames.componentType = GeneralName() -GeneralNames.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +GeneralNames.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class DistributionPointName(univ.Choice): @@ -1108,8 +1145,10 @@ class DistributionPointName(univ.Choice): DistributionPointName.componentType = namedtype.NamedTypes( - namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('fullName', + GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1135,19 +1174,23 @@ class IssuingDistributionPoint(univ.Sequence): IssuingDistributionPoint.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), - namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), - namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), - namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) ) +id_ce_certificatePolicies = _buildOid(id_ce, 32) -id_ce_certificatePolicies = _OID(id_ce, 32) - - -id_kp_emailProtection = _OID(id_kp, 4) +id_kp_emailProtection = _buildOid(id_kp, 4) class AccessDescription(univ.Sequence): @@ -1164,19 +1207,15 @@ class IssuerAltName(GeneralNames): pass -id_ce_cRLDistributionPoints = _OID(id_ce, 31) +id_ce_cRLDistributionPoints = _buildOid(id_ce, 31) +holdInstruction = _buildOid(2, 2, 840, 10040, 2) -holdInstruction = _OID(2, 2, 840, 10040, 2) +id_holdinstruction_callissuer = _buildOid(holdInstruction, 2) +id_ce_subjectDirectoryAttributes = _buildOid(id_ce, 9) -id_holdinstruction_callissuer = _OID(holdInstruction, 2) - - -id_ce_subjectDirectoryAttributes = _OID(id_ce, 9) - - -id_ce_issuingDistributionPoint = _OID(id_ce, 28) +id_ce_issuingDistributionPoint = _buildOid(id_ce, 28) class DistributionPoint(univ.Sequence): @@ -1184,9 +1223,12 @@ class DistributionPoint(univ.Sequence): DistributionPoint.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) @@ -1195,7 +1237,7 @@ class CRLDistributionPoints(univ.SequenceOf): CRLDistributionPoints.componentType = DistributionPoint() -CRLDistributionPoints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +CRLDistributionPoints.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class GeneralSubtrees(univ.SequenceOf): @@ -1203,7 +1245,7 @@ class GeneralSubtrees(univ.SequenceOf): GeneralSubtrees.componentType = GeneralSubtree() -GeneralSubtrees.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +GeneralSubtrees.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class NameConstraints(univ.Sequence): @@ -1211,8 +1253,10 @@ class NameConstraints(univ.Sequence): NameConstraints.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -1221,13 +1265,11 @@ class SubjectDirectoryAttributes(univ.SequenceOf): SubjectDirectoryAttributes.componentType = Attribute() -SubjectDirectoryAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +SubjectDirectoryAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) +id_kp_OCSPSigning = _buildOid(id_kp, 9) -id_kp_OCSPSigning = _OID(id_kp, 9) - - -id_kp_timeStamping = _OID(id_kp, 8) +id_kp_timeStamping = _buildOid(id_kp, 8) class DisplayText(univ.Choice): @@ -1236,7 +1278,8 @@ class DisplayText(univ.Choice): DisplayText.componentType = namedtype.NamedTypes( namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), - namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', + char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) @@ -1295,20 +1338,18 @@ class CertificatePolicies(univ.SequenceOf): CertificatePolicies.componentType = PolicyInformation() -CertificatePolicies.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +CertificatePolicies.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class SubjectAltName(GeneralNames): pass -id_ce_basicConstraints = _OID(id_ce, 19) - +id_ce_basicConstraints = _buildOid(id_ce, 19) -id_ce_authorityKeyIdentifier = _OID(id_ce, 35) +id_ce_authorityKeyIdentifier = _buildOid(id_ce, 35) - -id_kp_codeSigning = _OID(id_kp, 3) +id_kp_codeSigning = _buildOid(id_kp, 3) class BasicConstraints(univ.Sequence): @@ -1317,11 +1358,11 @@ class BasicConstraints(univ.Sequence): BasicConstraints.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), - namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) - -id_ce_certificateIssuer = _OID(id_ce, 29) +id_ce_certificateIssuer = _buildOid(id_ce, 29) class PolicyMappings(univ.SequenceOf): @@ -1333,14 +1374,14 @@ PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) )) -PolicyMappings.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +PolicyMappings.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class InhibitAnyPolicy(SkipCerts): pass -anyPolicy = _OID(id_ce_certificatePolicies, 0) +anyPolicy = _buildOid(id_ce_certificatePolicies, 0) class CRLNumber(univ.Integer): @@ -1354,19 +1395,15 @@ class BaseCRLNumber(CRLNumber): pass -id_ce_nameConstraints = _OID(id_ce, 30) - - -id_kp_serverAuth = _OID(id_kp, 1) +id_ce_nameConstraints = _buildOid(id_ce, 30) +id_kp_serverAuth = _buildOid(id_kp, 1) -id_ce_freshestCRL = _OID(id_ce, 46) +id_ce_freshestCRL = _buildOid(id_ce, 46) +id_ce_cRLReasons = _buildOid(id_ce, 21) -id_ce_cRLReasons = _OID(id_ce, 21) - - -id_ce_extKeyUsage = _OID(id_ce, 37) +id_ce_extKeyUsage = _buildOid(id_ce, 37) class KeyIdentifier(univ.OctetString): @@ -1378,9 +1415,12 @@ class AuthorityKeyIdentifier(univ.Sequence): AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) @@ -1388,10 +1428,9 @@ class FreshestCRL(CRLDistributionPoints): pass -id_ce_policyConstraints = _OID(id_ce, 36) - +id_ce_policyConstraints = _buildOid(id_ce, 36) -id_pe_authorityInfoAccess = _OID(id_pe, 1) +id_pe_authorityInfoAccess = _buildOid(id_pe, 1) class AuthorityInfoAccessSyntax(univ.SequenceOf): @@ -1399,24 +1438,23 @@ class AuthorityInfoAccessSyntax(univ.SequenceOf): AuthorityInfoAccessSyntax.componentType = AccessDescription() -AuthorityInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +AuthorityInfoAccessSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) - -id_holdinstruction_none = _OID(holdInstruction, 1) +id_holdinstruction_none = _buildOid(holdInstruction, 1) class CPSuri(char.IA5String): pass -id_pe_subjectInfoAccess = _OID(id_pe, 11) +id_pe_subjectInfoAccess = _buildOid(id_pe, 11) class SubjectKeyIdentifier(KeyIdentifier): pass -id_ce_subjectAltName = _OID(id_ce, 17) +id_ce_subjectAltName = _buildOid(id_ce, 17) class KeyPurposeId(univ.ObjectIdentifier): @@ -1428,20 +1466,18 @@ class ExtKeyUsageSyntax(univ.SequenceOf): ExtKeyUsageSyntax.componentType = KeyPurposeId() -ExtKeyUsageSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +ExtKeyUsageSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class HoldInstructionCode(univ.ObjectIdentifier): pass -id_ce_deltaCRLIndicator = _OID(id_ce, 27) - +id_ce_deltaCRLIndicator = _buildOid(id_ce, 27) -id_ce_keyUsage = _OID(id_ce, 15) +id_ce_keyUsage = _buildOid(id_ce, 15) - -id_ce_holdInstructionCode = _OID(id_ce, 23) +id_ce_holdInstructionCode = _buildOid(id_ce, 23) class SubjectInfoAccessSyntax(univ.SequenceOf): @@ -1449,7 +1485,7 @@ class SubjectInfoAccessSyntax(univ.SequenceOf): SubjectInfoAccessSyntax.componentType = AccessDescription() -SubjectInfoAccessSyntax.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +SubjectInfoAccessSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class InvalidityDate(useful.GeneralizedTime): @@ -1472,27 +1508,22 @@ KeyUsage.namedValues = namedval.NamedValues( ('decipherOnly', 8) ) +id_ce_invalidityDate = _buildOid(id_ce, 24) -id_ce_invalidityDate = _OID(id_ce, 24) - - -id_ce_policyMappings = _OID(id_ce, 33) - - -anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0) +id_ce_policyMappings = _buildOid(id_ce, 33) +anyExtendedKeyUsage = _buildOid(id_ce_extKeyUsage, 0) -id_ce_privateKeyUsagePeriod = _OID(id_ce, 16) +id_ce_privateKeyUsagePeriod = _buildOid(id_ce, 16) - -id_ce_cRLNumber = _OID(id_ce, 20) +id_ce_cRLNumber = _buildOid(id_ce, 20) class CertificateIssuer(GeneralNames): pass -id_holdinstruction_reject = _OID(holdInstruction, 3) +id_holdinstruction_reject = _buildOid(holdInstruction, 3) class PolicyConstraints(univ.Sequence): @@ -1500,17 +1531,14 @@ class PolicyConstraints(univ.Sequence): PolicyConstraints.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('requireExplicitPolicy', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) +id_kp_clientAuth = _buildOid(id_kp, 2) -id_kp_clientAuth = _OID(id_kp, 2) - - -id_ce_subjectKeyIdentifier = _OID(id_ce, 14) - - -id_ce_inhibitAnyPolicy = _OID(id_ce, 54) - +id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) +id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py index 78a389d..a2002ad 100644 --- a/pyasn1_modules/rfc5652.py +++ b/pyasn1_modules/rfc5652.py @@ -11,7 +11,6 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc5652.txt # -from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval @@ -24,7 +23,8 @@ from pyasn1_modules import rfc5280 MAX = 64 -def _OID(*components): + +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -51,10 +51,12 @@ class AttributeCertificateInfoV1(univ.Sequence): AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )) - ), + ), namedtype.NamedType('issuer', rfc5280.GeneralNames()), namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), @@ -95,7 +97,7 @@ class SignedAttributes(univ.SetOf): SignedAttributes.componentType = Attribute() -SignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +SignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class AttributeCertificateV2(rfc3281.AttributeCertificate): @@ -117,10 +119,9 @@ class UnauthAttributes(univ.SetOf): UnauthAttributes.componentType = Attribute() -UnauthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +UnauthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) -id_encryptedData = _OID(1, 2, 840, 113549, 1, 7, 6) +id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) class SignatureValue(univ.OctetString): @@ -158,7 +159,8 @@ class KeyAgreeRecipientIdentifier(univ.Choice): KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -247,10 +249,14 @@ class CertificateChoices(univ.Choice): CertificateChoices.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc5280.Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('other', OtherCertificateFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) @@ -277,7 +283,8 @@ class RevocationInfoChoice(univ.Choice): RevocationInfoChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('crl', rfc5280.CertificateList()), - namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -293,8 +300,10 @@ class OriginatorInfo(univ.Sequence): OriginatorInfo.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('certs', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('certs', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -317,7 +326,8 @@ class EncryptedContentInfo(univ.Sequence): EncryptedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), - namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -326,7 +336,7 @@ class UnprotectedAttributes(univ.SetOf): UnprotectedAttributes.componentType = Attribute() -UnprotectedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnprotectedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): @@ -366,7 +376,8 @@ class PasswordRecipientInfo(univ.Sequence): PasswordRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) @@ -378,7 +389,8 @@ class RecipientIdentifier(univ.Choice): RecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -414,8 +426,10 @@ class OriginatorIdentifierOrKey(univ.Choice): OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -425,8 +439,10 @@ class KeyAgreeRecipientInfo(univ.Sequence): KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) ) @@ -448,10 +464,14 @@ class RecipientInfo(univ.Choice): RecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('ktri', KeyTransRecipientInfo()), - namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), - namedtype.NamedType('kekri', KEKRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), - namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), - namedtype.NamedType('ori', OtherRecipientInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) ) @@ -460,7 +480,7 @@ class RecipientInfos(univ.SetOf): RecipientInfos.componentType = RecipientInfo() -RecipientInfos.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +RecipientInfos.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class EnvelopedData(univ.Sequence): @@ -469,10 +489,12 @@ class EnvelopedData(univ.Sequence): EnvelopedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -480,10 +502,9 @@ class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass -id_ct_contentInfo = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 6) - +id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) -id_digestedData = _OID(1, 2, 840, 113549, 1, 7, 5) +id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) class EncryptedData(univ.Sequence): @@ -493,14 +514,13 @@ class EncryptedData(univ.Sequence): EncryptedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), - namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) +id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) -id_messageDigest = _OID(1, 2, 840, 113549, 1, 9, 4) - - -id_signedData = _OID(1, 2, 840, 113549, 1, 7, 2) +id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier): @@ -512,7 +532,7 @@ class UnsignedAttributes(univ.SetOf): UnsignedAttributes.componentType = Attribute() -UnsignedAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +UnsignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class SignerIdentifier(univ.Choice): @@ -521,7 +541,8 @@ class SignerIdentifier(univ.Choice): SignerIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), - namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -533,10 +554,12 @@ SignerInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('sid', SignerIdentifier()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), - namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', SignatureValue()), - namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -567,14 +590,13 @@ class EncapsulatedContentInfo(univ.Sequence): EncapsulatedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('eContentType', ContentType()), - namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) +id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) -id_countersignature = _OID(1, 2, 840, 113549, 1, 9, 6) - - -id_data = _OID(1, 2, 840, 113549, 1, 7, 1) +id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) class MessageDigest(univ.OctetString): @@ -586,7 +608,7 @@ class AuthAttributes(univ.SetOf): AuthAttributes.componentType = Attribute() -AuthAttributes.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +AuthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class Time(univ.Choice): @@ -605,18 +627,21 @@ class AuthenticatedData(univ.Sequence): AuthenticatedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), - namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), - namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), - namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('mac', MessageAuthenticationCode()), - namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) - -id_contentType = _OID(1, 2, 840, 113549, 1, 9, 3) +id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) class ExtendedCertificateOrCertificate(univ.Choice): @@ -625,7 +650,8 @@ class ExtendedCertificateOrCertificate(univ.Choice): ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc5280.Certificate()), - namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -644,8 +670,7 @@ DigestedData.componentType = namedtype.NamedTypes( namedtype.NamedType('digest', Digest()) ) - -id_envelopedData = _OID(1, 2, 840, 113549, 1, 7, 3) +id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) class DigestAlgorithmIdentifiers(univ.SetOf): @@ -663,17 +688,18 @@ SignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), - namedtype.OptionalNamedType('certificates', CertificateSet().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) - -id_signingTime = _OID(1, 2, 840, 113549, 1, 9, 5) +id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) class SigningTime(Time): pass -id_ct_authData = _OID(1, 2, 840, 113549, 1, 9, 16, 1, 2) +id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index ce70de6..c1437f3 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -20,7 +20,7 @@ from pyasn1_modules import rfc5652 MAX = 64 -def _OID(*components): +def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): @@ -69,7 +69,6 @@ PendInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('pendTime', useful.GeneralizedTime()) ) - bodyIdMax = univ.Integer(4294967295) @@ -85,7 +84,7 @@ class BodyPartPath(univ.SequenceOf): BodyPartPath.componentType = BodyPartID() -BodyPartPath.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) +BodyPartPath.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class BodyPartReference(univ.Choice): @@ -135,9 +134,9 @@ CMCStatusInfoV2.componentType = namedtype.NamedTypes( namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), namedtype.NamedType('failInfoValue', AttributeValue()) )) - ) + ) )) - ) + ) ) @@ -152,17 +151,13 @@ GetCRL.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags()) ) +id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) -id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) - - -id_cmc = _OID(id_pkix, 7) +id_cmc = _buildOid(id_pkix, 7) +id_cmc_batchResponses = _buildOid(id_cmc, 29) -id_cmc_batchResponses = _OID(id_cmc, 29) - - -id_cmc_popLinkWitness = _OID(id_cmc, 23) +id_cmc_popLinkWitness = _buildOid(id_cmc, 23) class PopLinkWitnessV2(univ.Sequence): @@ -175,17 +170,13 @@ PopLinkWitnessV2.componentType = namedtype.NamedTypes( namedtype.NamedType('witness', univ.OctetString()) ) +id_cmc_popLinkWitnessV2 = _buildOid(id_cmc, 33) -id_cmc_popLinkWitnessV2 = _OID(id_cmc, 33) - +id_cmc_identityProofV2 = _buildOid(id_cmc, 34) -id_cmc_identityProofV2 = _OID(id_cmc, 34) +id_cmc_revokeRequest = _buildOid(id_cmc, 17) - -id_cmc_revokeRequest = _OID(id_cmc, 17) - - -id_cmc_recipientNonce = _OID(id_cmc, 7) +id_cmc_recipientNonce = _buildOid(id_cmc, 7) class ControlsProcessed(univ.Sequence): @@ -209,10 +200,11 @@ CertificationRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) )) - ), - namedtype.NamedType('attributes', univ.SetOf(componentType=rfc5652.Attribute()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ), + namedtype.NamedType('attributes', univ.SetOf(componentType=rfc5652.Attribute()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) )) - ), + ), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) @@ -233,30 +225,27 @@ class TaggedRequest(univ.Choice): TaggedRequest.componentType = namedtype.NamedTypes( - namedtype.NamedType('tcr', TaggedCertificationRequest().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('crm', rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('tcr', TaggedCertificationRequest().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('crm', + rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()), namedtype.NamedType('requestMessageValue', univ.Any()) )) - .subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + .subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) +id_cmc_popLinkRandom = _buildOid(id_cmc, 22) -id_cmc_popLinkRandom = _OID(id_cmc, 22) - - -id_cmc_statusInfo = _OID(id_cmc, 1) - +id_cmc_statusInfo = _buildOid(id_cmc, 1) -id_cmc_trustedAnchors = _OID(id_cmc, 26) +id_cmc_trustedAnchors = _buildOid(id_cmc, 26) +id_cmc_transactionId = _buildOid(id_cmc, 5) -id_cmc_transactionId = _OID(id_cmc, 5) - - -id_cmc_encryptedPOP = _OID(id_cmc, 9) +id_cmc_encryptedPOP = _buildOid(id_cmc, 9) class PublishTrustAnchors(univ.Sequence): @@ -283,11 +272,9 @@ RevokeRequest.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('comment', char.UTF8String()) ) +id_cmc_senderNonce = _buildOid(id_cmc, 6) -id_cmc_senderNonce = _OID(id_cmc, 6) - - -id_cmc_authData = _OID(id_cmc, 27) +id_cmc_authData = _buildOid(id_cmc, 27) class TaggedContentInfo(univ.Sequence): @@ -321,26 +308,19 @@ CMCPublicationInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo()) ) +id_kp_cmcCA = _buildOid(rfc5280.id_kp, 27) -id_kp_cmcCA = _OID(rfc5280.id_kp, 27) - - -id_cmc_confirmCertAcceptance = _OID(id_cmc, 24) +id_cmc_confirmCertAcceptance = _buildOid(id_cmc, 24) +id_cmc_raIdentityWitness = _buildOid(id_cmc, 35) -id_cmc_raIdentityWitness = _OID(id_cmc, 35) +id_ExtensionReq = _buildOid(1, 2, 840, 113549, 1, 9, 14) +id_cct = _buildOid(id_pkix, 12) -id_ExtensionReq = _OID(1, 2, 840, 113549, 1, 9, 14) +id_cct_PKIData = _buildOid(id_cct, 2) - -id_cct = _OID(id_pkix, 12) - - -id_cct_PKIData = _OID(id_cct, 2) - - -id_kp_cmcRA = _OID(rfc5280.id_kp, 28) +id_kp_cmcRA = _buildOid(rfc5280.id_kp, 28) class CMCStatusInfo(univ.Sequence): @@ -355,7 +335,7 @@ CMCStatusInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('failInfo', CMCFailInfo()), namedtype.NamedType('pendInfo', PendInfo()) )) - ) + ) ) @@ -369,11 +349,9 @@ DecryptedPOP.componentType = namedtype.NamedTypes( namedtype.NamedType('thePOP', univ.OctetString()) ) +id_cmc_addExtensions = _buildOid(id_cmc, 8) -id_cmc_addExtensions = _OID(id_cmc, 8) - - -id_cmc_modCertTemplate = _OID(id_cmc, 31) +id_cmc_modCertTemplate = _buildOid(id_cmc, 31) class TaggedAttribute(univ.Sequence): @@ -415,10 +393,9 @@ class BodyPartList(univ.SequenceOf): BodyPartList.componentType = BodyPartID() -BodyPartList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +BodyPartList.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) -id_cmc_responseBody = _OID(id_cmc, 37) +id_cmc_responseBody = _buildOid(id_cmc, 37) class AuthPublish(BodyPartID): @@ -455,10 +432,9 @@ class ResponseBody(PKIResponse): pass -id_cmc_statusInfoV2 = _OID(id_cmc, 25) - +id_cmc_statusInfoV2 = _buildOid(id_cmc, 25) -id_cmc_lraPOPWitness = _OID(id_cmc, 11) +id_cmc_lraPOPWitness = _buildOid(id_cmc, 11) class ModCertTemplate(univ.Sequence): @@ -472,11 +448,9 @@ ModCertTemplate.componentType = namedtype.NamedTypes( namedtype.NamedType('certTemplate', rfc4211.CertTemplate()) ) +id_cmc_regInfo = _buildOid(id_cmc, 18) -id_cmc_regInfo = _OID(id_cmc, 18) - - -id_cmc_identityProof = _OID(id_cmc, 3) +id_cmc_identityProof = _buildOid(id_cmc, 3) class ExtensionReq(univ.SequenceOf): @@ -484,16 +458,13 @@ class ExtensionReq(univ.SequenceOf): ExtensionReq.componentType = rfc5280.Extension() -ExtensionReq.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - +ExtensionReq.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) -id_kp_cmcArchive = _OID(rfc5280.id_kp, 28) +id_kp_cmcArchive = _buildOid(rfc5280.id_kp, 28) +id_cmc_publishCert = _buildOid(id_cmc, 30) -id_cmc_publishCert = _OID(id_cmc, 30) - - -id_cmc_dataReturn = _OID(id_cmc, 4) +id_cmc_dataReturn = _buildOid(id_cmc, 4) class LraPopWitness(univ.Sequence): @@ -505,26 +476,19 @@ LraPopWitness.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID())) ) +id_aa = _buildOid(1, 2, 840, 113549, 1, 9, 16, 2) -id_aa = _OID(1, 2, 840, 113549, 1, 9, 16, 2) - - -id_aa_cmc_unsignedData = _OID(id_aa, 34) - - -id_cmc_getCert = _OID(id_cmc, 15) +id_aa_cmc_unsignedData = _buildOid(id_aa, 34) +id_cmc_getCert = _buildOid(id_cmc, 15) -id_cmc_batchRequests = _OID(id_cmc, 28) +id_cmc_batchRequests = _buildOid(id_cmc, 28) +id_cmc_decryptedPOP = _buildOid(id_cmc, 10) -id_cmc_decryptedPOP = _OID(id_cmc, 10) +id_cmc_responseInfo = _buildOid(id_cmc, 19) - -id_cmc_responseInfo = _OID(id_cmc, 19) - - -id_cmc_changeSubjectName = _OID(id_cmc, 36) +id_cmc_changeSubjectName = _buildOid(id_cmc, 36) class GetCert(univ.Sequence): @@ -536,11 +500,9 @@ GetCert.componentType = namedtype.NamedTypes( namedtype.NamedType('serialNumber', univ.Integer()) ) +id_cmc_identification = _buildOid(id_cmc, 2) -id_cmc_identification = _OID(id_cmc, 2) - - -id_cmc_queryPending = _OID(id_cmc, 21) +id_cmc_queryPending = _buildOid(id_cmc, 21) class AddExtensions(univ.Sequence): @@ -566,23 +528,17 @@ EncryptedPOP.componentType = namedtype.NamedTypes( namedtype.NamedType('witness', univ.OctetString()) ) +id_cmc_getCRL = _buildOid(id_cmc, 16) -id_cmc_getCRL = _OID(id_cmc, 16) - +id_cct_PKIResponse = _buildOid(id_cct, 3) -id_cct_PKIResponse = _OID(id_cct, 3) - - -id_cmc_controlProcessed = _OID(id_cmc, 32) +id_cmc_controlProcessed = _buildOid(id_cmc, 32) class NoSignatureValue(univ.OctetString): pass -id_ad_cmc = _OID(rfc5280.id_ad, 12) - - -id_alg_noSignature = _OID(id_pkix, 6, 2) - +id_ad_cmc = _buildOid(rfc5280.id_ad, 12) +id_alg_noSignature = _buildOid(id_pkix, 6, 2) -- cgit v1.2.3 From c99c96a9f77c91620ea509efa745891c80059ebd Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Sun, 27 Mar 2016 23:51:41 +0200 Subject: pep8 reformatted --- pyasn1_modules/pem.py | 7 ++++--- pyasn1_modules/rfc1155.py | 3 ++- pyasn1_modules/rfc1157.py | 3 ++- 3 files changed, 8 insertions(+), 5 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index 638e74e..e3f8cb6 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -4,7 +4,8 @@ # Copyright (c) 2005-2016, Ilya Etingof # License: http://pyasn1.sf.net/license.html # -import base64, sys +import base64 +import sys stSpam, stHam, stDump = 0, 1, 2 @@ -13,9 +14,9 @@ stSpam, stHam, stDump = 0, 1, 2 # Return is (marker-index, substrate) def readPemBlocksFromFile(fileObj, *markers): startMarkers = dict(map(lambda x: (x[1], x[0]), - enumerate(map(lambda x: x[0], markers)))) + enumerate(map(lambda y: y[0], markers)))) stopMarkers = dict(map(lambda x: (x[1], x[0]), - enumerate(map(lambda x: x[1], markers)))) + enumerate(map(lambda y: y[1], markers)))) idx = -1 substrate = '' certLines = [] diff --git a/pyasn1_modules/rfc1155.py b/pyasn1_modules/rfc1155.py index f0e39ca..50f002c 100644 --- a/pyasn1_modules/rfc1155.py +++ b/pyasn1_modules/rfc1155.py @@ -15,7 +15,8 @@ from pyasn1.type import univ, namedtype, tag, constraint -class ObjectName(univ.ObjectIdentifier): pass +class ObjectName(univ.ObjectIdentifier): + pass class SimpleSyntax(univ.Choice): diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index 30f36b4..36fa0d3 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -42,7 +42,8 @@ class ErrorStatus(univ.Integer): ) -class ErrorIndex(univ.Integer): pass +class ErrorIndex(univ.Integer): + pass class VarBind(univ.Sequence): -- cgit v1.2.3 From 0ff3127d7982c20d57bd9d09d2de273a5a29e04f Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Wed, 11 Jan 2017 23:20:21 +0100 Subject: email changed, copyright extended to year 2017 --- pyasn1_modules/pem.py | 2 +- pyasn1_modules/rfc1155.py | 2 +- pyasn1_modules/rfc1157.py | 2 +- pyasn1_modules/rfc1901.py | 2 +- pyasn1_modules/rfc1902.py | 2 +- pyasn1_modules/rfc1905.py | 2 +- pyasn1_modules/rfc2251.py | 2 +- pyasn1_modules/rfc2314.py | 2 +- pyasn1_modules/rfc2315.py | 2 +- pyasn1_modules/rfc2437.py | 2 +- pyasn1_modules/rfc2459.py | 2 +- pyasn1_modules/rfc2511.py | 2 +- pyasn1_modules/rfc2560.py | 2 +- pyasn1_modules/rfc3280.py | 2 +- pyasn1_modules/rfc3281.py | 2 +- pyasn1_modules/rfc3412.py | 2 +- pyasn1_modules/rfc3414.py | 2 +- pyasn1_modules/rfc3447.py | 2 +- pyasn1_modules/rfc3852.py | 2 +- pyasn1_modules/rfc4210.py | 2 +- pyasn1_modules/rfc4211.py | 2 +- pyasn1_modules/rfc5208.py | 2 +- pyasn1_modules/rfc5280.py | 2 +- pyasn1_modules/rfc5652.py | 2 +- pyasn1_modules/rfc6402.py | 2 +- 25 files changed, 25 insertions(+), 25 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index e3f8cb6..913f96d 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # import base64 diff --git a/pyasn1_modules/rfc1155.py b/pyasn1_modules/rfc1155.py index 50f002c..4980a38 100644 --- a/pyasn1_modules/rfc1155.py +++ b/pyasn1_modules/rfc1155.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv1 message syntax diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index 36fa0d3..1ad1d27 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv1 message syntax diff --git a/pyasn1_modules/rfc1901.py b/pyasn1_modules/rfc1901.py index a321624..eadf9aa 100644 --- a/pyasn1_modules/rfc1901.py +++ b/pyasn1_modules/rfc1901.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv2c message syntax diff --git a/pyasn1_modules/rfc1902.py b/pyasn1_modules/rfc1902.py index f49820e..5e9307e 100644 --- a/pyasn1_modules/rfc1902.py +++ b/pyasn1_modules/rfc1902.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv2c message syntax diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py index 8ed4dd7..de5bb03 100644 --- a/pyasn1_modules/rfc1905.py +++ b/pyasn1_modules/rfc1905.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv2c PDU syntax diff --git a/pyasn1_modules/rfc2251.py b/pyasn1_modules/rfc2251.py index 9538918..d4a245a 100644 --- a/pyasn1_modules/rfc2251.py +++ b/pyasn1_modules/rfc2251.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # LDAP message syntax diff --git a/pyasn1_modules/rfc2314.py b/pyasn1_modules/rfc2314.py index f350f77..ef6a65b 100644 --- a/pyasn1_modules/rfc2314.py +++ b/pyasn1_modules/rfc2314.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # PKCS#10 syntax diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index 9c7cab3..765b5d0 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # PKCS#7 message syntax diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py index 33b5e50..4710a23 100644 --- a/pyasn1_modules/rfc2437.py +++ b/pyasn1_modules/rfc2437.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # PKCS#1 syntax diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index f405f41..52f9f76 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # X.509 message syntax diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index f75e6b4..1cc2fe8 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # X.509 certificate Request Message Format (CRMF) syntax diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py index 5215d6b..e41994a 100644 --- a/pyasn1_modules/rfc2560.py +++ b/pyasn1_modules/rfc2560.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # OCSP request/response syntax diff --git a/pyasn1_modules/rfc3280.py b/pyasn1_modules/rfc3280.py index 29540ad..b198f53 100644 --- a/pyasn1_modules/rfc3280.py +++ b/pyasn1_modules/rfc3280.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Internet X.509 Public Key Infrastructure Certificate and Certificate diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py index c522670..f31ac25 100644 --- a/pyasn1_modules/rfc3281.py +++ b/pyasn1_modules/rfc3281.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # An Internet Attribute Certificate Profile for Authorization diff --git a/pyasn1_modules/rfc3412.py b/pyasn1_modules/rfc3412.py index 891d1eb..b3f5a92 100644 --- a/pyasn1_modules/rfc3412.py +++ b/pyasn1_modules/rfc3412.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv3 message syntax diff --git a/pyasn1_modules/rfc3414.py b/pyasn1_modules/rfc3414.py index a84f74a..aeb82aa 100644 --- a/pyasn1_modules/rfc3414.py +++ b/pyasn1_modules/rfc3414.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # SNMPv3 message syntax diff --git a/pyasn1_modules/rfc3447.py b/pyasn1_modules/rfc3447.py index ec7c85a..5337598 100644 --- a/pyasn1_modules/rfc3447.py +++ b/pyasn1_modules/rfc3447.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # PKCS#1 syntax diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py index b721afa..1a09335 100644 --- a/pyasn1_modules/rfc3852.py +++ b/pyasn1_modules/rfc3852.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Cryptographic Message Syntax (CMS) diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 5fde668..4e048ef 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Certificate Management Protocol structures as per RFC4210 diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py index b984062..6404e17 100644 --- a/pyasn1_modules/rfc4211.py +++ b/pyasn1_modules/rfc4211.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Internet X.509 Public Key Infrastructure Certificate Request diff --git a/pyasn1_modules/rfc5208.py b/pyasn1_modules/rfc5208.py index 6b7c3ba..6b6487d 100644 --- a/pyasn1_modules/rfc5208.py +++ b/pyasn1_modules/rfc5208.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules software. # -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # PKCS#8 syntax diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index 3ea4617..f2aad23 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Internet X.509 Public Key Infrastructure Certificate and Certificate diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py index a2002ad..03f5b84 100644 --- a/pyasn1_modules/rfc5652.py +++ b/pyasn1_modules/rfc5652.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Cryptographic Message Syntax (CMS) diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index c1437f3..8ff105a 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -3,7 +3,7 @@ # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. -# Copyright (c) 2005-2016, Ilya Etingof +# Copyright (c) 2005-2017, Ilya Etingof # License: http://pyasn1.sf.net/license.html # # Certificate Management over CMS (CMC) Updates -- cgit v1.2.3 From b2a6435f1cfbf4234c87a62781531bb18c745ef0 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Tue, 18 Apr 2017 22:38:31 +0200 Subject: X.509 certificate extensions map added --- pyasn1_modules/rfc2459.py | 27 +++++++++++++++++++++++++++ pyasn1_modules/rfc5280.py | 27 +++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 52f9f76..b639028 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1262,3 +1262,30 @@ id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') class IssuerAltName(GeneralNames): pass + +# map of Certificate Extension OIDs to Extensions + +certificateExtensionsMap = { + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier, + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier, + id_ce_keyUsage: KeyUsage, + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod, + id_ce_certificatePolicies: PolicyInformation, # could be a sequence of concat'ed objects? + id_ce_policyMappings: PolicyMappings, + id_ce_subjectAltName: SubjectAltName, + id_ce_issuerAltName: IssuerAltName, + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes, + id_ce_basicConstraints: BasicConstraints, + id_ce_nameConstraints: NameConstraints, + id_ce_policyConstraints: PolicyConstraints, + id_ce_extKeyUsage: ExtKeyUsageSyntax, + id_ce_cRLDistributionPoints: CRLDistPointsSyntax, + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, + id_ce_cRLNumber: univ.Integer, + id_ce_deltaCRLIndicator: BaseCRLNumber, + id_ce_issuingDistributionPoint: IssuingDistributionPoint, + id_ce_cRLReasons: CRLReason, + id_ce_holdInstructionCode: univ.ObjectIdentifier, + id_ce_invalidityDate: useful.GeneralizedTime, + id_ce_certificateIssuer: GeneralNames, +} diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index f2aad23..bdbdde9 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -1542,3 +1542,30 @@ id_kp_clientAuth = _buildOid(id_kp, 2) id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) + +# map of Certificate Extension OIDs to Extensions + +certificateExtensionsMap = { + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier, + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier, + id_ce_keyUsage: KeyUsage, + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod, + id_ce_certificatePolicies: PolicyInformation, # could be a sequence of concat'ed objects? + id_ce_policyMappings: PolicyMappings, + id_ce_subjectAltName: SubjectAltName, + id_ce_issuerAltName: IssuerAltName, + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes, + id_ce_basicConstraints: BasicConstraints, + id_ce_nameConstraints: NameConstraints, + id_ce_policyConstraints: PolicyConstraints, + id_ce_extKeyUsage: ExtKeyUsageSyntax, + id_ce_cRLDistributionPoints: CRLDistPointsSyntax, + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, + id_ce_cRLNumber: univ.Integer, + id_ce_deltaCRLIndicator: BaseCRLNumber, + id_ce_issuingDistributionPoint: IssuingDistributionPoint, + id_ce_cRLReasons: CRLReason, + id_ce_holdInstructionCode: univ.ObjectIdentifier, + id_ce_invalidityDate: useful.GeneralizedTime, + id_ce_certificateIssuer: GeneralNames, +} -- cgit v1.2.3 From c5ce1d443e1dccc701bdabfd436d83a3e93775a2 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Tue, 18 Apr 2017 22:45:39 +0200 Subject: fix to CRLDistributionPoints --- pyasn1_modules/rfc2459.py | 2 +- pyasn1_modules/rfc5280.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index b639028..e47317b 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1279,7 +1279,7 @@ certificateExtensionsMap = { id_ce_nameConstraints: NameConstraints, id_ce_policyConstraints: PolicyConstraints, id_ce_extKeyUsage: ExtKeyUsageSyntax, - id_ce_cRLDistributionPoints: CRLDistPointsSyntax, + id_ce_cRLDistributionPoints: CRLDistributionPoints, id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, id_ce_cRLNumber: univ.Integer, id_ce_deltaCRLIndicator: BaseCRLNumber, diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index bdbdde9..cee14a5 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -1559,7 +1559,7 @@ certificateExtensionsMap = { id_ce_nameConstraints: NameConstraints, id_ce_policyConstraints: PolicyConstraints, id_ce_extKeyUsage: ExtKeyUsageSyntax, - id_ce_cRLDistributionPoints: CRLDistPointsSyntax, + id_ce_cRLDistributionPoints: CRLDistributionPoints, id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, id_ce_cRLNumber: univ.Integer, id_ce_deltaCRLIndicator: BaseCRLNumber, -- cgit v1.2.3 From 7a8d51246a16ec41c64d9d51c052923505a63229 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Tue, 18 Apr 2017 22:50:47 +0200 Subject: CRLDistPointsSyntax fix --- pyasn1_modules/rfc2459.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index e47317b..b639028 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1279,7 +1279,7 @@ certificateExtensionsMap = { id_ce_nameConstraints: NameConstraints, id_ce_policyConstraints: PolicyConstraints, id_ce_extKeyUsage: ExtKeyUsageSyntax, - id_ce_cRLDistributionPoints: CRLDistributionPoints, + id_ce_cRLDistributionPoints: CRLDistPointsSyntax, id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, id_ce_cRLNumber: univ.Integer, id_ce_deltaCRLIndicator: BaseCRLNumber, -- cgit v1.2.3 From 92083397f5a2df27200a6da3ead6bc1ac30a52ce Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Wed, 19 Apr 2017 22:09:27 +0200 Subject: X.509 cert attributes map added --- pyasn1_modules/rfc2459.py | 20 ++++++++++++++++++++ pyasn1_modules/rfc5280.py | 22 ++++++++++++++++++++++ 2 files changed, 42 insertions(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index b639028..2eb6c4e 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1263,6 +1263,26 @@ id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') class IssuerAltName(GeneralNames): pass + +# map of AttributeType -> AttributeValue + +certificateAttributesMap = { + id_at_name: X520name, + id_at_surname: X520name, + id_at_givenName: X520name, + id_at_initials: X520name, + id_at_generationQualifier: X520name, + id_at_commonName: X520CommonName, + id_at_localityName: X520LocalityName, + id_at_stateOrProvinceName: X520StateOrProvinceName, + id_at_organizationName: X520OrganizationName, + id_at_organizationalUnitName: X520OrganizationalUnitName, + id_at_title: X520Title, + id_at_dnQualifier: X520dnQualifier, + id_at_countryName: X520countryName, + emailAddress: Pkcs9email, +} + # map of Certificate Extension OIDs to Extensions certificateExtensionsMap = { diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index cee14a5..ffc93b5 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -1543,6 +1543,28 @@ id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) +# map of AttributeType -> AttributeValue + +certificateAttributesMap = { + id_at_name: X520name, + id_at_surname: X520name, + id_at_givenName: X520name, + id_at_initials: X520name, + id_at_generationQualifier: X520name, + id_at_commonName: X520CommonName, + id_at_localityName: X520LocalityName, + id_at_stateOrProvinceName: X520StateOrProvinceName, + id_at_organizationName: X520OrganizationName, + id_at_organizationalUnitName: X520OrganizationalUnitName, + id_at_title: X520Title, + id_at_dnQualifier: X520dnQualifier, + id_at_countryName: X520countryName, + id_at_serialNumber: X520SerialNumber, + id_at_pseudonym: X520Pseudonym, + id_domainComponent: DomainComponent, + id_emailAddress: EmailAddress, +} + # map of Certificate Extension OIDs to Extensions certificateExtensionsMap = { -- cgit v1.2.3 From 5aa52aef2db2b8f2fa97559c40747b7e381f1e8f Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Wed, 19 Apr 2017 22:33:43 +0200 Subject: refactored to keep instances in X.509 maps, as opposed to classes --- pyasn1_modules/rfc2459.py | 72 +++++++++++++++++++++---------------------- pyasn1_modules/rfc5280.py | 78 +++++++++++++++++++++++------------------------ 2 files changed, 75 insertions(+), 75 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 2eb6c4e..4fb1b7f 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -1267,45 +1267,45 @@ class IssuerAltName(GeneralNames): # map of AttributeType -> AttributeValue certificateAttributesMap = { - id_at_name: X520name, - id_at_surname: X520name, - id_at_givenName: X520name, - id_at_initials: X520name, - id_at_generationQualifier: X520name, - id_at_commonName: X520CommonName, - id_at_localityName: X520LocalityName, - id_at_stateOrProvinceName: X520StateOrProvinceName, - id_at_organizationName: X520OrganizationName, - id_at_organizationalUnitName: X520OrganizationalUnitName, - id_at_title: X520Title, - id_at_dnQualifier: X520dnQualifier, - id_at_countryName: X520countryName, - emailAddress: Pkcs9email, + id_at_name: X520name(), + id_at_surname: X520name(), + id_at_givenName: X520name(), + id_at_initials: X520name(), + id_at_generationQualifier: X520name(), + id_at_commonName: X520CommonName(), + id_at_localityName: X520LocalityName(), + id_at_stateOrProvinceName: X520StateOrProvinceName(), + id_at_organizationName: X520OrganizationName(), + id_at_organizationalUnitName: X520OrganizationalUnitName(), + id_at_title: X520Title(), + id_at_dnQualifier: X520dnQualifier(), + id_at_countryName: X520countryName(), + emailAddress: Pkcs9email(), } # map of Certificate Extension OIDs to Extensions certificateExtensionsMap = { - id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier, - id_ce_subjectKeyIdentifier: SubjectKeyIdentifier, - id_ce_keyUsage: KeyUsage, - id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod, - id_ce_certificatePolicies: PolicyInformation, # could be a sequence of concat'ed objects? - id_ce_policyMappings: PolicyMappings, - id_ce_subjectAltName: SubjectAltName, - id_ce_issuerAltName: IssuerAltName, - id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes, - id_ce_basicConstraints: BasicConstraints, - id_ce_nameConstraints: NameConstraints, - id_ce_policyConstraints: PolicyConstraints, - id_ce_extKeyUsage: ExtKeyUsageSyntax, - id_ce_cRLDistributionPoints: CRLDistPointsSyntax, - id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, - id_ce_cRLNumber: univ.Integer, - id_ce_deltaCRLIndicator: BaseCRLNumber, - id_ce_issuingDistributionPoint: IssuingDistributionPoint, - id_ce_cRLReasons: CRLReason, - id_ce_holdInstructionCode: univ.ObjectIdentifier, - id_ce_invalidityDate: useful.GeneralizedTime, - id_ce_certificateIssuer: GeneralNames, + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), + id_ce_keyUsage: KeyUsage(), + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), + id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? + id_ce_policyMappings: PolicyMappings(), + id_ce_subjectAltName: SubjectAltName(), + id_ce_issuerAltName: IssuerAltName(), + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), + id_ce_basicConstraints: BasicConstraints(), + id_ce_nameConstraints: NameConstraints(), + id_ce_policyConstraints: PolicyConstraints(), + id_ce_extKeyUsage: ExtKeyUsageSyntax(), + id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), + id_ce_cRLNumber: univ.Integer(), + id_ce_deltaCRLIndicator: BaseCRLNumber(), + id_ce_issuingDistributionPoint: IssuingDistributionPoint(), + id_ce_cRLReasons: CRLReason(), + id_ce_holdInstructionCode: univ.ObjectIdentifier(), + id_ce_invalidityDate: useful.GeneralizedTime(), + id_ce_certificateIssuer: GeneralNames(), } diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index ffc93b5..6261cdf 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -1546,48 +1546,48 @@ id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) # map of AttributeType -> AttributeValue certificateAttributesMap = { - id_at_name: X520name, - id_at_surname: X520name, - id_at_givenName: X520name, - id_at_initials: X520name, - id_at_generationQualifier: X520name, - id_at_commonName: X520CommonName, - id_at_localityName: X520LocalityName, - id_at_stateOrProvinceName: X520StateOrProvinceName, - id_at_organizationName: X520OrganizationName, - id_at_organizationalUnitName: X520OrganizationalUnitName, - id_at_title: X520Title, - id_at_dnQualifier: X520dnQualifier, - id_at_countryName: X520countryName, - id_at_serialNumber: X520SerialNumber, - id_at_pseudonym: X520Pseudonym, - id_domainComponent: DomainComponent, - id_emailAddress: EmailAddress, + id_at_name: X520name(), + id_at_surname: X520name(), + id_at_givenName: X520name(), + id_at_initials: X520name(), + id_at_generationQualifier: X520name(), + id_at_commonName: X520CommonName(), + id_at_localityName: X520LocalityName(), + id_at_stateOrProvinceName: X520StateOrProvinceName(), + id_at_organizationName: X520OrganizationName(), + id_at_organizationalUnitName: X520OrganizationalUnitName(), + id_at_title: X520Title(), + id_at_dnQualifier: X520dnQualifier(), + id_at_countryName: X520countryName(), + id_at_serialNumber: X520SerialNumber(), + id_at_pseudonym: X520Pseudonym(), + id_domainComponent: DomainComponent(), + id_emailAddress: EmailAddress(), } # map of Certificate Extension OIDs to Extensions certificateExtensionsMap = { - id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier, - id_ce_subjectKeyIdentifier: SubjectKeyIdentifier, - id_ce_keyUsage: KeyUsage, - id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod, - id_ce_certificatePolicies: PolicyInformation, # could be a sequence of concat'ed objects? - id_ce_policyMappings: PolicyMappings, - id_ce_subjectAltName: SubjectAltName, - id_ce_issuerAltName: IssuerAltName, - id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes, - id_ce_basicConstraints: BasicConstraints, - id_ce_nameConstraints: NameConstraints, - id_ce_policyConstraints: PolicyConstraints, - id_ce_extKeyUsage: ExtKeyUsageSyntax, - id_ce_cRLDistributionPoints: CRLDistributionPoints, - id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax, - id_ce_cRLNumber: univ.Integer, - id_ce_deltaCRLIndicator: BaseCRLNumber, - id_ce_issuingDistributionPoint: IssuingDistributionPoint, - id_ce_cRLReasons: CRLReason, - id_ce_holdInstructionCode: univ.ObjectIdentifier, - id_ce_invalidityDate: useful.GeneralizedTime, - id_ce_certificateIssuer: GeneralNames, + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), + id_ce_keyUsage: KeyUsage(), + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), + id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? + id_ce_policyMappings: PolicyMappings(), + id_ce_subjectAltName: SubjectAltName(), + id_ce_issuerAltName: IssuerAltName(), + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), + id_ce_basicConstraints: BasicConstraints(), + id_ce_nameConstraints: NameConstraints(), + id_ce_policyConstraints: PolicyConstraints(), + id_ce_extKeyUsage: ExtKeyUsageSyntax(), + id_ce_cRLDistributionPoints: CRLDistributionPoints(), + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), + id_ce_cRLNumber: univ.Integer(), + id_ce_deltaCRLIndicator: BaseCRLNumber(), + id_ce_issuingDistributionPoint: IssuingDistributionPoint(), + id_ce_cRLReasons: CRLReason(), + id_ce_holdInstructionCode: univ.ObjectIdentifier(), + id_ce_invalidityDate: useful.GeneralizedTime(), + id_ce_certificateIssuer: GeneralNames(), } -- cgit v1.2.3 From 1c6cfdfe8e99110f51c13220c9b071a764b7a259 Mon Sep 17 00:00:00 2001 From: Danielle Madeley Date: Wed, 31 May 2017 19:02:15 +1000 Subject: Add RFC 3279 --- pyasn1_modules/rfc3279.py | 232 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 232 insertions(+) create mode 100644 pyasn1_modules/rfc3279.py (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc3279.py b/pyasn1_modules/rfc3279.py new file mode 100644 index 0000000..fee49de --- /dev/null +++ b/pyasn1_modules/rfc3279.py @@ -0,0 +1,232 @@ +# +# This file is part of pyasn1-modules. +# +# Copyright (c) 2017, Danielle Madeley A +# License: http://pyasn1.sf.net/license.html +# +# Derived from RFC 3279 +# +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +md2 = _OID(1, 2, 840, 113549, 2, 2) +md5 = _OID(1, 2, 840, 113549, 2, 5) +id_sha1 = _OID(1, 3, 14, 3, 2, 26) +id_dsa = _OID(1, 2, 840, 10040, 4, 1) + + +class DSAPublicKey(univ.Integer): + pass + + +class Dss_Parms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()) + ) + + +id_dsa_with_sha1 = _OID(1, 2, 840, 10040, 4, 3) + + +class Dss_Sig_Value(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('r', univ.Integer()), + namedtype.NamedType('s', univ.Integer()) + ) + + +pkcs_1 = _OID(1, 2, 840, 113549, 1, 1) +rsaEncryption = _OID(pkcs_1, 1) +md2WithRSAEncryption = _OID(pkcs_1, 2) +md5WithRSAEncryption = _OID(pkcs_1, 4) +sha1WithRSAEncryption = _OID(pkcs_1, 5) + + +class RSAPublicKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()) + ) + + +dhpublicnumber = _OID(1, 2, 840, 10046, 2, 1) + + +class DHPublicKey(univ.Integer): + pass + + +class ValidationParms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('seed', univ.BitString()), + namedtype.NamedType('pgenCounter', univ.Integer()) + ) + + +class DomainParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.OptionalNamedType('j', univ.Integer()), + namedtype.OptionalNamedType('validationParms', ValidationParms()) + ) + + +id_keyExchangeAlgorithm = _OID(2, 16, 840, 1, 101, 2, 1, 1, 22) + + +class KEA_Parms_Id(univ.OctetString): + pass + + +ansi_X9_62 = _OID(1, 2, 840, 10045) + + +class FieldID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('fieldType', univ.ObjectIdentifier()), + namedtype.NamedType('parameters', univ.Any()) + ) + + +id_ecSigType = _OID(ansi_X9_62, 4) +ecdsa_with_SHA1 = _OID(id_ecSigType, 1) + + +class ECDSA_Sig_Value(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('r', univ.Integer()), + namedtype.NamedType('s', univ.Integer()) + ) + + +id_fieldType = _OID(ansi_X9_62, 1) +prime_field = _OID(id_fieldType, 1) + + +class Prime_p(univ.Integer): + pass + + +characteristic_two_field = _OID(id_fieldType, 2) + + +class Characteristic_two(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('m', univ.Integer()), + namedtype.NamedType('basis', univ.ObjectIdentifier()), + namedtype.NamedType('parameters', univ.Any()) + ) + + +id_characteristic_two_basis = _OID(characteristic_two_field, 3) +gnBasis = _OID(id_characteristic_two_basis, 1) +tpBasis = _OID(id_characteristic_two_basis, 2) + + +class Trinomial(univ.Integer): + pass + + +ppBasis = _OID(id_characteristic_two_basis, 3) + + +class Pentanomial(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('k1', univ.Integer()), + namedtype.NamedType('k2', univ.Integer()), + namedtype.NamedType('k3', univ.Integer()) + ) + + +class FieldElement(univ.OctetString): + pass + + +class ECPoint(univ.OctetString): + pass + + +class Curve(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('a', FieldElement()), + namedtype.NamedType('b', FieldElement()), + namedtype.OptionalNamedType('seed', univ.BitString()) + ) + + +class ECPVer(univ.Integer): + namedValues = namedval.NamedValues( + ('ecpVer1', 1) + ) + + +class ECParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', ECPVer()), + namedtype.NamedType('fieldID', FieldID()), + namedtype.NamedType('curve', Curve()), + namedtype.NamedType('base', ECPoint()), + namedtype.NamedType('order', univ.Integer()), + namedtype.OptionalNamedType('cofactor', univ.Integer()) + ) + + +class EcpkParameters(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ecParameters', ECParameters()), + namedtype.NamedType('namedCurve', univ.ObjectIdentifier()), + namedtype.NamedType('implicitlyCA', univ.Null()) + ) + + +id_publicKeyType = _OID(ansi_X9_62, 2) +id_ecPublicKey = _OID(id_publicKeyType, 1) + +ellipticCurve = _OID(ansi_X9_62, 3) + +c_TwoCurve = _OID(ellipticCurve, 0) +c2pnb163v1 = _OID(c_TwoCurve, 1) +c2pnb163v2 = _OID(c_TwoCurve, 2) +c2pnb163v3 = _OID(c_TwoCurve, 3) +c2pnb176w1 = _OID(c_TwoCurve, 4) +c2tnb191v1 = _OID(c_TwoCurve, 5) +c2tnb191v2 = _OID(c_TwoCurve, 6) +c2tnb191v3 = _OID(c_TwoCurve, 7) +c2onb191v4 = _OID(c_TwoCurve, 8) +c2onb191v5 = _OID(c_TwoCurve, 9) +c2pnb208w1 = _OID(c_TwoCurve, 10) +c2tnb239v1 = _OID(c_TwoCurve, 11) +c2tnb239v2 = _OID(c_TwoCurve, 12) +c2tnb239v3 = _OID(c_TwoCurve, 13) +c2onb239v4 = _OID(c_TwoCurve, 14) +c2onb239v5 = _OID(c_TwoCurve, 15) +c2pnb272w1 = _OID(c_TwoCurve, 16) +c2pnb304w1 = _OID(c_TwoCurve, 17) +c2tnb359v1 = _OID(c_TwoCurve, 18) +c2pnb368w1 = _OID(c_TwoCurve, 19) +c2tnb431r1 = _OID(c_TwoCurve, 20) + + +primeCurve = _OID(ellipticCurve, 1) +prime192v1 = _OID(primeCurve, 1) +prime192v2 = _OID(primeCurve, 2) +prime192v3 = _OID(primeCurve, 3) +prime239v1 = _OID(primeCurve, 4) +prime239v2 = _OID(primeCurve, 5) +prime239v3 = _OID(primeCurve, 6) +prime256v1 = _OID(primeCurve, 7) -- cgit v1.2.3 From 5f919aa833afe37c393457713b247ff3f430bcf0 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 1 Jun 2017 22:28:00 +0200 Subject: pep8 everything --- pyasn1_modules/rfc2251.py | 99 ++++++++----- pyasn1_modules/rfc2511.py | 14 +- pyasn1_modules/rfc3279.py | 3 +- pyasn1_modules/rfc3281.py | 22 +-- pyasn1_modules/rfc3447.py | 1 + pyasn1_modules/rfc3852.py | 15 +- pyasn1_modules/rfc4210.py | 357 +++++++++++++++++++++++----------------------- pyasn1_modules/rfc4211.py | 31 ++-- pyasn1_modules/rfc5280.py | 49 ++++--- pyasn1_modules/rfc5652.py | 15 +- pyasn1_modules/rfc6402.py | 71 +++++---- 11 files changed, 374 insertions(+), 303 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2251.py b/pyasn1_modules/rfc2251.py index d4a245a..94ba589 100644 --- a/pyasn1_modules/rfc2251.py +++ b/pyasn1_modules/rfc2251.py @@ -124,8 +124,11 @@ class BindRequest(univ.Sequence): class PartialAttributeList(univ.SequenceOf): componentType = univ.Sequence( - componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), - namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) + componentType=namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + ) class SearchResultEntry(univ.Sequence): @@ -154,13 +157,23 @@ class MatchingRuleAssertion(univ.Sequence): class SubstringFilter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), - namedtype.NamedType('substrings', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('initial', - LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('any', - LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('final', LDAPString().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))))))) + namedtype.NamedType('substrings', + univ.SequenceOf( + componentType=univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ), + namedtype.NamedType( + 'any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) + ), + namedtype.NamedType( + 'final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)) + ) + ) + ) + ) + ) ) @@ -357,10 +370,16 @@ class ModifyRequest(univ.Sequence): ) componentType = namedtype.NamedTypes( namedtype.NamedType('object', LDAPDN()), - namedtype.NamedType('modification', univ.SequenceOf(componentType=univ.Sequence( - componentType=namedtype.NamedTypes(namedtype.NamedType('operation', univ.Enumerated( - namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))), - namedtype.NamedType('modification', AttributeTypeAndValues()))))) + namedtype.NamedType('modification', + univ.SequenceOf( + componentType=univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2))) + ), + namedtype.NamedType('modification', AttributeTypeAndValues()))) + ) + ) ) @@ -372,8 +391,11 @@ class ModifyResponse(LDAPResult): class AttributeList(univ.SequenceOf): componentType = univ.Sequence( - componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), - namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) + componentType=namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + ) class AddRequest(univ.Sequence): @@ -506,27 +528,32 @@ class MessageID(univ.Integer): class LDAPMessage(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('messageID', MessageID()), - namedtype.NamedType('protocolOp', univ.Choice( - componentType=namedtype.NamedTypes(namedtype.NamedType('bindRequest', BindRequest()), - namedtype.NamedType('bindResponse', BindResponse()), - namedtype.NamedType('unbindRequest', UnbindRequest()), - namedtype.NamedType('searchRequest', SearchRequest()), - namedtype.NamedType('searchResEntry', SearchResultEntry()), - namedtype.NamedType('searchResDone', SearchResultDone()), - namedtype.NamedType('searchResRef', SearchResultReference()), - namedtype.NamedType('modifyRequest', ModifyRequest()), - namedtype.NamedType('modifyResponse', ModifyResponse()), - namedtype.NamedType('addRequest', AddRequest()), - namedtype.NamedType('addResponse', AddResponse()), - namedtype.NamedType('delRequest', DelRequest()), - namedtype.NamedType('delResponse', DelResponse()), - namedtype.NamedType('modDNRequest', ModifyDNRequest()), - namedtype.NamedType('modDNResponse', ModifyDNResponse()), - namedtype.NamedType('compareRequest', CompareRequest()), - namedtype.NamedType('compareResponse', CompareResponse()), - namedtype.NamedType('abandonRequest', AbandonRequest()), - namedtype.NamedType('extendedReq', ExtendedRequest()), - namedtype.NamedType('extendedResp', ExtendedResponse())))), + namedtype.NamedType( + 'protocolOp', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('bindRequest', BindRequest()), + namedtype.NamedType('bindResponse', BindResponse()), + namedtype.NamedType('unbindRequest', UnbindRequest()), + namedtype.NamedType('searchRequest', SearchRequest()), + namedtype.NamedType('searchResEntry', SearchResultEntry()), + namedtype.NamedType('searchResDone', SearchResultDone()), + namedtype.NamedType('searchResRef', SearchResultReference()), + namedtype.NamedType('modifyRequest', ModifyRequest()), + namedtype.NamedType('modifyResponse', ModifyResponse()), + namedtype.NamedType('addRequest', AddRequest()), + namedtype.NamedType('addResponse', AddResponse()), + namedtype.NamedType('delRequest', DelRequest()), + namedtype.NamedType('delResponse', DelResponse()), + namedtype.NamedType('modDNRequest', ModifyDNRequest()), + namedtype.NamedType('modDNResponse', ModifyDNResponse()), + namedtype.NamedType('compareRequest', CompareRequest()), + namedtype.NamedType('compareResponse', CompareResponse()), + namedtype.NamedType('abandonRequest', AbandonRequest()), + namedtype.NamedType('extendedReq', ExtendedRequest()), + namedtype.NamedType('extendedResp', ExtendedResponse()) + ) + ) + ), namedtype.OptionalNamedType('controls', Controls().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index 1cc2fe8..d1ac97a 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -157,12 +157,16 @@ class PKMACValue(univ.Sequence): class POPOSigningKeyInput(univ.Sequence): componentType = namedtype.NamedTypes( - namedtype.NamedType('authInfo', univ.Choice( - componentType=namedtype.NamedTypes( - namedtype.NamedType('sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('publicKeyMAC', PKMACValue()) + namedtype.NamedType( + 'authInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ), + namedtype.NamedType('publicKeyMAC', PKMACValue()) + ) ) - )), + ), namedtype.NamedType('publicKey', SubjectPublicKeyInfo()) ) diff --git a/pyasn1_modules/rfc3279.py b/pyasn1_modules/rfc3279.py index fee49de..f69ff08 100644 --- a/pyasn1_modules/rfc3279.py +++ b/pyasn1_modules/rfc3279.py @@ -1,7 +1,7 @@ # # This file is part of pyasn1-modules. # -# Copyright (c) 2017, Danielle Madeley A +# Copyright (c) 2017, Danielle Madeley # License: http://pyasn1.sf.net/license.html # # Derived from RFC 3279 @@ -221,7 +221,6 @@ c2tnb359v1 = _OID(c_TwoCurve, 18) c2pnb368w1 = _OID(c_TwoCurve, 19) c2tnb431r1 = _OID(c_TwoCurve, 20) - primeCurve = _OID(ellipticCurve, 1) prime192v1 = _OID(primeCurve, 1) prime192v2 = _OID(primeCurve, 2) diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py index f31ac25..2fcb330 100644 --- a/pyasn1_modules/rfc3281.py +++ b/pyasn1_modules/rfc3281.py @@ -312,14 +312,20 @@ class IetfAttrSyntax(univ.Sequence): IetfAttrSyntax.componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('policyAuthority', rfc3280.GeneralNames().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('values', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('octets', univ.OctetString()), - namedtype.NamedType('oid', univ.ObjectIdentifier()), - namedtype.NamedType('string', char.UTF8String()) - )) - )) + namedtype.OptionalNamedType( + 'policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ), + namedtype.NamedType( + 'values', univ.SequenceOf( + componentType=univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('octets', univ.OctetString()), + namedtype.NamedType('oid', univ.ObjectIdentifier()), + namedtype.NamedType('string', char.UTF8String()) + ) + ) + ) + ) ) id_aca_encAttrs = _buildOid(id_aca, 6) diff --git a/pyasn1_modules/rfc3447.py b/pyasn1_modules/rfc3447.py index 5337598..57c99fa 100644 --- a/pyasn1_modules/rfc3447.py +++ b/pyasn1_modules/rfc3447.py @@ -11,6 +11,7 @@ # # Sample captures could be obtained with "openssl genrsa" command # +from pyasn1.type import constraint, namedval from pyasn1_modules.rfc2437 import * diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py index 1a09335..35e3f79 100644 --- a/pyasn1_modules/rfc3852.py +++ b/pyasn1_modules/rfc3852.py @@ -483,13 +483,14 @@ class AttributeCertificateInfoV1(univ.Sequence): AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), - namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - )) - ), + namedtype.NamedType( + 'subject', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + ) + ), namedtype.NamedType('issuer', rfc3280.GeneralNames()), namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 4e048ef..3c00369 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -141,14 +141,8 @@ class CertOrEncCert(univ.Choice): } """ componentType = namedtype.NamedTypes( - namedtype.NamedType('certificate', CMPCertificate().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) + namedtype.NamedType('certificate', CMPCertificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -162,14 +156,8 @@ class CertifiedKeyPair(univ.Sequence): """ componentType = namedtype.NamedTypes( namedtype.NamedType('certOrEncCert', CertOrEncCert()), - namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ) + namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) @@ -358,20 +346,18 @@ class RevRepContent(univ.Sequence): """ componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatusInfo()), - namedtype.OptionalNamedType('revCerts', univ.SequenceOf( - componentType=rfc2511.CertId() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('crls', univ.SequenceOf( - componentType=rfc2459.CertificateList() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + namedtype.OptionalNamedType( + 'revCerts', univ.SequenceOf(componentType=rfc2511.CertId()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType( + 'crls', univ.SequenceOf(componentType=rfc2459.CertificateList()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) ) - ) ) @@ -388,24 +374,21 @@ class KeyRecRepContent(univ.Sequence): """ componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatusInfo()), - namedtype.OptionalNamedType('newSigCert', CMPCertificate().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('caCerts', univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) - ) - ), - namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf( - componentType=CertifiedKeyPair() - ).subtype( + namedtype.OptionalNamedType( + 'newSigCert', CMPCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType( + 'caCerts', univ.SequenceOf(componentType=CMPCertificate()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ), + namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf(componentType=CertifiedKeyPair()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), - subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + subtypeSpec=constraint.ValueSizeConstraint(1, MAX)) ) - ) ) @@ -435,16 +418,12 @@ class CertRepMessage(univ.Sequence): } """ componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('caPubs', univ.SequenceOf( - componentType=CMPCertificate() - ).subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, MAX), - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ), - namedtype.NamedType('response', univ.SequenceOf( - componentType=CertResponse()) - ) + namedtype.OptionalNamedType( + 'caPubs', univ.SequenceOf( + componentType=CMPCertificate() + ).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)) + ), + namedtype.NamedType('response', univ.SequenceOf(componentType=CertResponse())) ) @@ -461,15 +440,12 @@ class OOBCertHash(univ.Sequence): } """ componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('hashAlg', - rfc2459.AlgorithmIdentifier().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.OptionalNamedType('certId', rfc2511.CertId().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ), + namedtype.OptionalNamedType( + 'hashAlg', rfc2459.AlgorithmIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)) + ), + namedtype.OptionalNamedType( + 'certId', rfc2511.CertId().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)) + ), namedtype.NamedType('hashVal', univ.BitString()) ) @@ -511,10 +487,9 @@ class PBMParameter(univ.Sequence): } """ componentType = namedtype.NamedTypes( - namedtype.NamedType('salt', univ.OctetString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(0, 128) - ) - ), + namedtype.NamedType( + 'salt', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 128)) + ), namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('iterationCount', univ.Integer()), namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) @@ -567,115 +542,143 @@ class PKIBody(univ.Choice): """ componentType = namedtype.NamedTypes( - namedtype.NamedType('ir', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) - ) - ), - namedtype.NamedType('ip', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) - ) - ), - namedtype.NamedType('cr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) - ) - ), - namedtype.NamedType('cp', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) - ) - ), - namedtype.NamedType('p10cr', rfc2314.CertificationRequest().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4) - ) - ), - namedtype.NamedType('popdecc', POPODecKeyChallContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) - ) - ), - namedtype.NamedType('popdecr', POPODecKeyRespContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) - ) - ), - namedtype.NamedType('kur', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) - ) - ), - namedtype.NamedType('kup', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) - ) - ), - namedtype.NamedType('krr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9) - ) - ), - namedtype.NamedType('krp', KeyRecRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10) - ) - ), - namedtype.NamedType('rr', RevReqContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11) - ) - ), - namedtype.NamedType('rp', RevRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12) - ) - ), - namedtype.NamedType('ccr', rfc2511.CertReqMessages().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13) - ) - ), - namedtype.NamedType('ccp', CertRepMessage().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14) - ) - ), - namedtype.NamedType('ckuann', CAKeyUpdAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15) - ) - ), - namedtype.NamedType('cann', CertAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16) - ) - ), - namedtype.NamedType('rann', RevAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17) - ) - ), - namedtype.NamedType('crlann', CRLAnnContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18) - ) - ), - namedtype.NamedType('pkiconf', PKIConfirmContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19) - ) - ), - namedtype.NamedType('nested', nestedMessageContent), + namedtype.NamedType( + 'ir', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.NamedType( + 'ip', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ), + namedtype.NamedType( + 'cr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) + ), + namedtype.NamedType( + 'cp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + ), + namedtype.NamedType( + 'p10cr', rfc2314.CertificationRequest().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4) + ) + ), + namedtype.NamedType( + 'popdecc', POPODecKeyChallContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) + ) + ), + namedtype.NamedType( + 'popdecr', POPODecKeyRespContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) + ) + ), + namedtype.NamedType( + 'kur', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) + ) + ), + namedtype.NamedType( + 'kup', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) + ) + ), + namedtype.NamedType( + 'krr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9) + ) + ), + namedtype.NamedType( + 'krp', KeyRecRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10) + ) + ), + namedtype.NamedType( + 'rr', RevReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11) + ) + ), + namedtype.NamedType( + 'rp', RevRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12) + ) + ), + namedtype.NamedType( + 'ccr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13) + ) + ), + namedtype.NamedType( + 'ccp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14) + ) + ), + namedtype.NamedType( + 'ckuann', CAKeyUpdAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15) + ) + ), + namedtype.NamedType( + 'cann', CertAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16) + ) + ), + namedtype.NamedType( + 'rann', RevAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17) + ) + ), + namedtype.NamedType( + 'crlann', CRLAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18) + ) + ), + namedtype.NamedType( + 'pkiconf', PKIConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19) + ) + ), + namedtype.NamedType( + 'nested', nestedMessageContent + ), # namedtype.NamedType('nested', NestedMessageContent().subtype( # explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) # ) # ), - namedtype.NamedType('genm', GenMsgContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21) - ) - ), - namedtype.NamedType('gen', GenRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22) - ) - ), - namedtype.NamedType('error', ErrorMsgContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23) - ) - ), - namedtype.NamedType('certConf', CertConfirmContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24) - ) - ), - namedtype.NamedType('pollReq', PollReqContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25) - ) - ), - namedtype.NamedType('pollRep', PollRepContent().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26) + namedtype.NamedType( + 'genm', GenMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21) + ) + ), + namedtype.NamedType( + 'gen', GenRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22) + ) + ), + namedtype.NamedType( + 'error', ErrorMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23) + ) + ), + namedtype.NamedType( + 'certConf', CertConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24) + ) + ), + namedtype.NamedType( + 'pollReq', PollReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25) + ) + ), + namedtype.NamedType( + 'pollRep', PollRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26) + ) ) - ) ) @@ -699,13 +702,11 @@ class PKIHeader(univ.Sequence): """ componentType = namedtype.NamedTypes( - namedtype.NamedType('pvno', univ.Integer( - namedValues=namedval.NamedValues( - ('cmp1999', 1), - ('cmp2000', 2) + namedtype.NamedType( + 'pvno', univ.Integer( + namedValues=namedval.NamedValues(('cmp1999', 1), ('cmp2000', 2)) ) - ) - ), + ), namedtype.NamedType('sender', rfc2459.GeneralName()), namedtype.NamedType('recipient', rfc2459.GeneralName()), namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype( diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py index 6404e17..4484358 100644 --- a/pyasn1_modules/rfc4211.py +++ b/pyasn1_modules/rfc4211.py @@ -68,12 +68,18 @@ class POPOSigningKeyInput(univ.Sequence): POPOSigningKeyInput.componentType = namedtype.NamedTypes( - namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('sender', rfc3280.GeneralName().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('publicKeyMAC', PKMACValue()) - )) - ), + namedtype.NamedType( + 'authInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)) + ), + namedtype.NamedType( + 'publicKeyMAC', PKMACValue() + ) + ) + ) + ), namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo()) ) @@ -342,11 +348,14 @@ class EncKeyWithID(univ.Sequence): EncKeyWithID.componentType = namedtype.NamedTypes( namedtype.NamedType('privateKey', PrivateKeyInfo()), - namedtype.OptionalNamedType('identifier', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('string', char.UTF8String()), - namedtype.NamedType('generalName', rfc3280.GeneralName()) - )) - ) + namedtype.OptionalNamedType( + 'identifier', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('string', char.UTF8String()), + namedtype.NamedType('generalName', rfc3280.GeneralName()) + ) + ) + ) ) id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6) diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index 6261cdf..b5e7407 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -347,15 +347,19 @@ TBSCertList.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), - namedtype.OptionalNamedType('revokedCertificates', - univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('userCertificate', CertificateSerialNumber()), - namedtype.NamedType('revocationDate', Time()), - namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) - )) - )), - namedtype.OptionalNamedType('crlExtensions', - Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + namedtype.OptionalNamedType( + 'revokedCertificates', univ.SequenceOf( + componentType=univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + ) + ) + ) + ), + namedtype.OptionalNamedType( + 'crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -582,15 +586,14 @@ class ExtendedNetworkAddress(univ.Choice): ExtendedNetworkAddress.componentType = namedtype.NamedTypes( - namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('number', char.NumericString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( - subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - )) - ), + namedtype.NamedType( + 'e163-4-address', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + ) + ), namedtype.NamedType('psap-address', PresentationAddress().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) @@ -1369,10 +1372,12 @@ class PolicyMappings(univ.SequenceOf): pass -PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), - namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) -)) +PolicyMappings.componentType = univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) + ) +) PolicyMappings.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py index 03f5b84..2b38ccc 100644 --- a/pyasn1_modules/rfc5652.py +++ b/pyasn1_modules/rfc5652.py @@ -50,13 +50,14 @@ class AttributeCertificateInfoV1(univ.Sequence): AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), - namedtype.NamedType('subject', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) - )) - ), + namedtype.NamedType( + 'subject', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + ) + ), namedtype.NamedType('issuer', rfc5280.GeneralNames()), namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index 8ff105a..2d5e426 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -127,16 +127,21 @@ CMCStatusInfoV2.componentType = namedtype.NamedTypes( namedtype.NamedType('cMCStatus', CMCStatus()), namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())), namedtype.OptionalNamedType('statusString', char.UTF8String()), - namedtype.OptionalNamedType('otherInfo', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('failInfo', CMCFailInfo()), - namedtype.NamedType('pendInfo', PendInfo()), - namedtype.NamedType('extendedFailInfo', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), - namedtype.NamedType('failInfoValue', AttributeValue()) - )) - ) - )) - ) + namedtype.OptionalNamedType( + 'otherInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfo', CMCFailInfo()), + namedtype.NamedType('pendInfo', PendInfo()), + namedtype.NamedType( + 'extendedFailInfo', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), + namedtype.NamedType('failInfoValue', AttributeValue())) + ) + ) + ) + ) + ) ) @@ -193,18 +198,27 @@ class CertificationRequest(univ.Sequence): CertificationRequest.componentType = namedtype.NamedTypes( - namedtype.NamedType('certificationRequestInfo', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('version', univ.Integer()), - namedtype.NamedType('subject', rfc5280.Name()), - namedtype.NamedType('subjectPublicKeyInfo', univ.Sequence(componentType=namedtype.NamedTypes( - namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), - namedtype.NamedType('subjectPublicKey', univ.BitString()) - )) - ), - namedtype.NamedType('attributes', univ.SetOf(componentType=rfc5652.Attribute()).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - )) - ), + namedtype.NamedType( + 'certificationRequestInfo', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer()), + namedtype.NamedType('subject', rfc5280.Name()), + namedtype.NamedType( + 'subjectPublicKeyInfo', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + ) + ) + ), + namedtype.NamedType( + 'attributes', univ.SetOf( + componentType=rfc5652.Attribute()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ) + ) + ) + ), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) @@ -331,11 +345,14 @@ CMCStatusInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('cMCStatus', CMCStatus()), namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())), namedtype.OptionalNamedType('statusString', char.UTF8String()), - namedtype.OptionalNamedType('otherInfo', univ.Choice(componentType=namedtype.NamedTypes( - namedtype.NamedType('failInfo', CMCFailInfo()), - namedtype.NamedType('pendInfo', PendInfo()) - )) - ) + namedtype.OptionalNamedType( + 'otherInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfo', CMCFailInfo()), + namedtype.NamedType('pendInfo', PendInfo()) + ) + ) + ) ) -- cgit v1.2.3 From 9216f6d46b2f4cf78ffded2d05abca122cd938be Mon Sep 17 00:00:00 2001 From: Frank Zonneveld Date: Tue, 4 Jul 2017 15:45:29 +0200 Subject: MAX values from the RFC specs should be set to infinite. Handling of MAX in RFC should be translated to infinity as stated in pyasn1 documentation, see http://pyasn1.sourceforge.net/docs/tutorial.html#integer-type --- pyasn1_modules/rfc2437.py | 2 -- pyasn1_modules/rfc2459.py | 2 +- pyasn1_modules/rfc2511.py | 2 +- pyasn1_modules/rfc3280.py | 2 +- pyasn1_modules/rfc3281.py | 2 +- pyasn1_modules/rfc3852.py | 2 +- pyasn1_modules/rfc4210.py | 2 +- pyasn1_modules/rfc4211.py | 2 +- pyasn1_modules/rfc5280.py | 3 +-- pyasn1_modules/rfc5652.py | 2 +- pyasn1_modules/rfc6402.py | 2 +- 11 files changed, 10 insertions(+), 13 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py index 4710a23..cf97170 100644 --- a/pyasn1_modules/rfc2437.py +++ b/pyasn1_modules/rfc2437.py @@ -26,8 +26,6 @@ id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8') id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9') id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') -MAX = 16 - class Version(univ.Integer): pass diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 4fb1b7f..c988c4f 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -15,7 +15,7 @@ # from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful -MAX = 64 # XXX ? +MAX = float('inf') # # PKIX1Explicit88 diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index d1ac97a..4ae7db5 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -14,7 +14,7 @@ from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2315 -MAX = 16 +MAX = float('inf') id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5') diff --git a/pyasn1_modules/rfc3280.py b/pyasn1_modules/rfc3280.py index b198f53..3614e6c 100644 --- a/pyasn1_modules/rfc3280.py +++ b/pyasn1_modules/rfc3280.py @@ -14,7 +14,7 @@ # from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful -MAX = 64 +MAX = float('inf') def _OID(*components): diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py index 2fcb330..8aa99d3 100644 --- a/pyasn1_modules/rfc3281.py +++ b/pyasn1_modules/rfc3281.py @@ -21,7 +21,7 @@ from pyasn1.type import useful from pyasn1_modules import rfc3280 -MAX = 64 +MAX = float('inf') def _buildOid(*components): diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py index 35e3f79..872eb88 100644 --- a/pyasn1_modules/rfc3852.py +++ b/pyasn1_modules/rfc3852.py @@ -16,7 +16,7 @@ from pyasn1.type import univ, namedtype, namedval, tag, constraint, useful from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3281 -MAX = 64 +MAX = float('inf') def _buildOid(*components): diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index 3c00369..fd421e4 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -11,7 +11,7 @@ from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful from pyasn1_modules import rfc2459, rfc2511, rfc2314 -MAX = 64 +MAX = float('inf') class KeyIdentifier(univ.OctetString): diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py index 4484358..d20da78 100644 --- a/pyasn1_modules/rfc4211.py +++ b/pyasn1_modules/rfc4211.py @@ -17,7 +17,7 @@ from pyasn1.type import univ, char, namedtype, namedval, tag, constraint from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3852 -MAX = 64 +MAX = float('inf') def _buildOid(*components): diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index b5e7407..7d3aa69 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -20,8 +20,7 @@ from pyasn1.type import tag from pyasn1.type import constraint from pyasn1.type import useful -MAX = 64 - +MAX = float('inf') def _buildOid(*components): output = [] diff --git a/pyasn1_modules/rfc5652.py b/pyasn1_modules/rfc5652.py index 2b38ccc..5fd5b79 100644 --- a/pyasn1_modules/rfc5652.py +++ b/pyasn1_modules/rfc5652.py @@ -21,7 +21,7 @@ from pyasn1.type import useful from pyasn1_modules import rfc3281 from pyasn1_modules import rfc5280 -MAX = 64 +MAX = float('inf') def _buildOid(*components): diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index 2d5e426..c35f855 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -17,7 +17,7 @@ from pyasn1_modules import rfc4211 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 -MAX = 64 +MAX = float('inf') def _buildOid(*components): -- cgit v1.2.3 From eb30a145c9751a86ce8a7007d7d77ce0fcd92b6a Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Wed, 26 Jul 2017 23:28:40 +0200 Subject: fixed SequenceOf() componentType initialization --- pyasn1_modules/rfc2560.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py index e41994a..25a4e62 100644 --- a/pyasn1_modules/rfc2560.py +++ b/pyasn1_modules/rfc2560.py @@ -140,7 +140,7 @@ class ResponseData(univ.Sequence): explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('responderID', ResponderID()), namedtype.NamedType('producedAt', useful.GeneralizedTime()), - namedtype.NamedType('responses', univ.SequenceOf(SingleResponse())), + namedtype.NamedType('responses', univ.SequenceOf(componentType=SingleResponse())), namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) @@ -151,7 +151,7 @@ class BasicOCSPResponse(univ.Sequence): namedtype.NamedType('tbsResponseData', ResponseData()), namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), - namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype( + namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -195,7 +195,7 @@ class Signature(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), - namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype( + namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) @@ -206,7 +206,7 @@ class TBSRequest(univ.Sequence): explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('requestorName', GeneralName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('requestList', univ.SequenceOf(Request())), + namedtype.NamedType('requestList', univ.SequenceOf(componentType=Request())), namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) -- cgit v1.2.3 From 75a1d105027e86aa7d2720e6f0fa6349933ad55d Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 27 Jul 2017 00:20:47 +0200 Subject: temporary hack to recursive type definition --- pyasn1_modules/rfc4210.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index fd421e4..d7e6db0 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -784,5 +784,5 @@ class PKIMessages(univ.SequenceOf): # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages -NestedMessageContent.componentType = PKIMessages() -nestedMessageContent.componentType = PKIMessages() +NestedMessageContent._componentType = PKIMessages() +nestedMessageContent._componentType = PKIMessages() -- cgit v1.2.3 From 1c73860905ceeea03fabee3c44fa2f4d120a886f Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 27 Jul 2017 00:32:46 +0200 Subject: 0.0.10 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 8b44cc3..12fe6f2 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.9' +__version__ = '0.0.10' -- cgit v1.2.3 From a7de008dd5a68477d86d3ba61155bd1b84ef4192 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 27 Jul 2017 00:44:03 +0200 Subject: prepare for 0.0.11 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 12fe6f2..68d619b 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.10' +__version__ = '0.0.11' -- cgit v1.2.3 From f6ea9424b958d8d0056bc3912f9830bd2ca74caf Mon Sep 17 00:00:00 2001 From: Francisco Santos Date: Mon, 31 Jul 2017 10:33:09 +0200 Subject: Add missing MAX. --- pyasn1_modules/rfc2437.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py index cf97170..678d92d 100644 --- a/pyasn1_modules/rfc2437.py +++ b/pyasn1_modules/rfc2437.py @@ -26,6 +26,8 @@ id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8') id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9') id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') +MAX = float('inf') + class Version(univ.Integer): pass -- cgit v1.2.3 From 14a0d3b0037950f22314b5448716238fd43aff52 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Wed, 2 Aug 2017 18:31:25 +0200 Subject: typo fixed in rfc2315 --- pyasn1_modules/rfc2315.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index 765b5d0..b037c7f 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -95,7 +95,7 @@ class DigestedData(univ.Sequence): namedtype.NamedType('version', Version()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('contentInfo', ContentInfo()), - namedtype.NamedType('digest', Digest) + namedtype.NamedType('digest', Digest()) ) -- cgit v1.2.3 From 7ef20604f221bd665a7fcd36a71874646c6e58ef Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Sat, 5 Aug 2017 12:12:08 +0200 Subject: tests refactored into unit tests --- pyasn1_modules/__init__.py | 2 +- pyasn1_modules/pem.py | 12 +++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 68d619b..548ede9 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.0.11' +__version__ = '0.1.1' diff --git a/pyasn1_modules/pem.py b/pyasn1_modules/pem.py index 913f96d..9f16308 100644 --- a/pyasn1_modules/pem.py +++ b/pyasn1_modules/pem.py @@ -54,10 +54,12 @@ def readPemFromFile(fileObj, return substrate -def readBase64FromFile(fileObj): +def readBase64fromText(text): if sys.version_info[0] <= 2: - return ''.join([base64.b64decode(x) for x in fileObj.readlines()]) + return base64.b64decode(text) else: - return ''.encode().join( - [base64.b64decode(x.encode()) for x in fileObj.readlines()] - ) + return base64.b64decode(text.encode()) + + +def readBase64FromFile(fileObj): + return readBase64fromText(fileObj.read()) -- cgit v1.2.3 From 3f7babccaa67a9c802942e9a525996303f2d9c43 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 7 Sep 2017 11:37:04 +0200 Subject: 0.1.2 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 548ede9..68f6757 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.1.1' +__version__ = '0.1.2' -- cgit v1.2.3 From 061aac03057f49359c94bfbb8781751da15882b2 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 7 Sep 2017 17:12:24 +0200 Subject: 0.1.3 --- pyasn1_modules/__init__.py | 2 +- pyasn1_modules/rfc2315.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 68f6757..9ccea22 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.1.2' +__version__ = '0.1.3' diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index b037c7f..cf732b0 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -7,7 +7,7 @@ # PKCS#7 message syntax # # ASN.1 source from: -# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/pkcs7.asn +# https://opensource.apple.com/source/Security/Security-55179.1/libsecurity_asn1/asn1/pkcs7.asn.auto.html # # Sample captures from: # openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b -- cgit v1.2.3 From b22ce8058e9860e058232d18e0d6911b87199546 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 7 Sep 2017 17:21:18 +0200 Subject: 0.1.4 --- pyasn1_modules/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 9ccea22..2a2bbbf 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.1.3' +__version__ = '0.1.4' -- cgit v1.2.3 From c7c434936254d4fed1705444b028aefc38902b83 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Fri, 8 Sep 2017 22:48:38 +0200 Subject: WIP: open types support --- pyasn1_modules/__init__.py | 2 +- pyasn1_modules/rfc2459.py | 564 +++++++++++++++++++++++---------------------- 2 files changed, 289 insertions(+), 277 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py index 2a2bbbf..d0c5e53 100644 --- a/pyasn1_modules/__init__.py +++ b/pyasn1_modules/__init__.py @@ -1,2 +1,2 @@ # http://www.python.org/dev/peps/pep-0396/ -__version__ = '0.1.4' +__version__ = '0.2.1' diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index c988c4f..5f8bcd4 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -13,7 +13,7 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful +from pyasn1.type import tag, namedtype, namedval, opentype, univ, constraint, char, useful MAX = float('inf') @@ -84,26 +84,6 @@ id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') -class AttributeValue(univ.Any): - pass - - -class AttributeType(univ.ObjectIdentifier): - pass - - -class AttributeTypeAndValue(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('value', AttributeValue()) - ) - - -class Attribute(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) - ) id_at = univ.ObjectIdentifier('2.5.4') @@ -277,19 +257,6 @@ class DSAPrivateKey(univ.Sequence): # ---- -class RelativeDistinguishedName(univ.SetOf): - componentType = AttributeTypeAndValue() - - -class RDNSequence(univ.SequenceOf): - componentType = RelativeDistinguishedName() - - -class Name(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('', RDNSequence()) - ) - class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( @@ -316,111 +283,6 @@ class AlgorithmIdentifier(univ.Sequence): ) -class Extension(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('extnID', univ.ObjectIdentifier()), - namedtype.DefaultedNamedType('critical', univ.Boolean('False')), - namedtype.NamedType('extnValue', univ.Any()) - ) - - -class Extensions(univ.SequenceOf): - componentType = Extension() - sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) - - -class SubjectPublicKeyInfo(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithm', AlgorithmIdentifier()), - namedtype.NamedType('subjectPublicKey', univ.BitString()) - ) - - -class UniqueIdentifier(univ.BitString): - pass - - -class Time(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('utcTime', useful.UTCTime()), - namedtype.NamedType('generalTime', useful.GeneralizedTime()) - ) - - -class Validity(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('notBefore', Time()), - namedtype.NamedType('notAfter', Time()) - ) - - -class CertificateSerialNumber(univ.Integer): - pass - - -class Version(univ.Integer): - namedValues = namedval.NamedValues( - ('v1', 0), ('v2', 1), ('v3', 2) - ) - - -class TBSCertificate(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.DefaultedNamedType('version', Version('v1').subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('serialNumber', CertificateSerialNumber()), - namedtype.NamedType('signature', AlgorithmIdentifier()), - namedtype.NamedType('issuer', Name()), - namedtype.NamedType('validity', Validity()), - namedtype.NamedType('subject', Name()), - namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), - namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('extensions', Extensions().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) - ) - - -class Certificate(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('tbsCertificate', TBSCertificate()), - namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('signatureValue', univ.BitString()) - ) - - -# CRL structures - -class RevokedCertificate(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('userCertificate', CertificateSerialNumber()), - namedtype.NamedType('revocationDate', Time()), - namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) - ) - - -class TBSCertList(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('version', Version()), - namedtype.NamedType('signature', AlgorithmIdentifier()), - namedtype.NamedType('issuer', Name()), - namedtype.NamedType('thisUpdate', Time()), - namedtype.OptionalNamedType('nextUpdate', Time()), - namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), - namedtype.OptionalNamedType('crlExtensions', Extensions().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) - ) - - -class CertificateList(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('tbsCertList', TBSCertList()), - namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), - namedtype.NamedType('signature', univ.BitString()) - ) - # Algorithm OIDs and parameter structures @@ -972,11 +834,6 @@ class BasicConstraints(univ.Sequence): id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') -class SubjectDirectoryAttributes(univ.SequenceOf): - componentType = Attribute() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) - - class EDIPartyName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( @@ -986,76 +843,10 @@ class EDIPartyName(univ.Sequence): ) -class AnotherName(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('type-id', univ.ObjectIdentifier()), - namedtype.NamedType('value', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) - ) - - -class GeneralName(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('otherName', - AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('rfc822Name', - char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('dNSName', - char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.NamedType('x400Address', - ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('directoryName', - Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), - namedtype.NamedType('ediPartyName', - EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), - namedtype.NamedType('uniformResourceIdentifier', - char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), - namedtype.NamedType('iPAddress', univ.OctetString().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), - namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) - ) - - -class GeneralNames(univ.SequenceOf): - componentType = GeneralName() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) - - -class AccessDescription(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), - namedtype.NamedType('accessLocation', GeneralName()) - ) - - -class AuthorityInfoAccessSyntax(univ.SequenceOf): - componentType = AccessDescription() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) - id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') -class DistributionPointName(univ.Choice): - componentType = namedtype.NamedTypes( - namedtype.NamedType('fullName', GeneralNames().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) - ) - - -class DistributionPoint(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) - ) - class BaseDistance(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) @@ -1064,56 +855,14 @@ class BaseDistance(univ.Integer): id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') -class CRLDistPointsSyntax(univ.SequenceOf): - componentType = DistributionPoint() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) - - id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') -class IssuingDistributionPoint(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), - namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), - namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) - ) - - -class GeneralSubtree(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.NamedType('base', GeneralName()), - namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('maximum', BaseDistance().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) - ) - - -class GeneralSubtrees(univ.SequenceOf): - componentType = GeneralSubtree() - subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') -class NameConstraints(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), - namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) - ) - - class DisplayText(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('visibleString', @@ -1232,38 +981,15 @@ class SubjectKeyIdentifier(KeyIdentifier): pass -class AuthorityKeyIdentifier(univ.Sequence): - componentType = namedtype.NamedTypes( - namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), - namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) - ) - - id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') -class CertificateIssuer(GeneralNames): - pass - - id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') -class SubjectAltName(GeneralNames): - pass - - id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') -class IssuerAltName(GeneralNames): - pass - - # map of AttributeType -> AttributeValue certificateAttributesMap = { @@ -1283,6 +1009,187 @@ certificateAttributesMap = { emailAddress: Pkcs9email(), } + +class AttributeValue(univ.Any): + pass + + +class AttributeType(univ.ObjectIdentifier): + pass + + +class AttributeTypeAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('value', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap)) + ) + + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + + +class SubjectDirectoryAttributes(univ.SequenceOf): + componentType = Attribute() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class RelativeDistinguishedName(univ.SetOf): + componentType = AttributeTypeAndValue() + + +class RDNSequence(univ.SequenceOf): + componentType = RelativeDistinguishedName() + + +class Name(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('', RDNSequence()) + ) + +class CertificateSerialNumber(univ.Integer): + pass + + +class AnotherName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType('value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class GeneralName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) + ) + + +class GeneralNames(univ.SequenceOf): + componentType = GeneralName() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class AccessDescription(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) + ) + + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + componentType = AccessDescription() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class AuthorityKeyIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class DistributionPointName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class DistributionPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) + + +class CRLDistPointsSyntax(univ.SequenceOf): + componentType = DistributionPoint() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class IssuingDistributionPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + + +class GeneralSubtree(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class GeneralSubtrees(univ.SequenceOf): + componentType = GeneralSubtree() + subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class CertificateIssuer(GeneralNames): + pass + + +class SubjectAltName(GeneralNames): + pass + + +class IssuerAltName(GeneralNames): + pass + + # map of Certificate Extension OIDs to Extensions certificateExtensionsMap = { @@ -1290,7 +1197,8 @@ certificateExtensionsMap = { id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), - id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? +# TODO +# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? id_ce_policyMappings: PolicyMappings(), id_ce_subjectAltName: SubjectAltName(), id_ce_issuerAltName: IssuerAltName(), @@ -1309,3 +1217,107 @@ certificateExtensionsMap = { id_ce_invalidityDate: useful.GeneralizedTime(), id_ce_certificateIssuer: GeneralNames(), } + + + +class Extension(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean('False')), + namedtype.NamedType('extnValue', univ.OctetString(), + openType=opentype.OpenType('extnID', certificateExtensionsMap)) + ) + + +class Extensions(univ.SequenceOf): + componentType = Extension() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class SubjectPublicKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + ) + + +class UniqueIdentifier(univ.BitString): + pass + + +class Time(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) + ) + + +class Validity(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) + ) + + +class Version(univ.Integer): + namedValues = namedval.NamedValues( + ('v1', 0), ('v2', 1), ('v3', 2) + ) + + +class TBSCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + + +class Certificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signatureValue', univ.BitString()) + ) + +# CRL structures + +class RevokedCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + ) + + +class TBSCertList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), + namedtype.OptionalNamedType('crlExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class CertificateList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + -- cgit v1.2.3 From 49d39b1e21c7d0817b4ea3e69ffb70af97fa2da2 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Wed, 13 Sep 2017 01:09:14 +0200 Subject: WIP: open types support --- pyasn1_modules/rfc2315.py | 32 +++++++++++--- pyasn1_modules/rfc2459.py | 103 ++++++++++++++++++++++++--------------------- pyasn1_modules/rfc5280.py | 105 +++++++++++++++++++++++++++------------------- 3 files changed, 144 insertions(+), 96 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py index cf732b0..158aee7 100644 --- a/pyasn1_modules/rfc2315.py +++ b/pyasn1_modules/rfc2315.py @@ -25,7 +25,8 @@ class Attribute(univ.Sequence): class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeType', AttributeType()), - namedtype.NamedType('attributeValue', AttributeValue()) + namedtype.NamedType('attributeValue', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap)) ) @@ -50,12 +51,19 @@ class EncryptedContent(univ.OctetString): pass +contentTypeMap = {} + + class EncryptedContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), - namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType( + 'encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ), + openType=opentype.OpenType('contentType', contentTypeMap) + ) ) @@ -85,8 +93,11 @@ class Digest(univ.OctetString): class ContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), - namedtype.OptionalNamedType('content', univ.Any().subtype( - explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + namedtype.OptionalNamedType( + 'content', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)), + openType=opentype.OpenType('contentType', contentTypeMap) + ) ) @@ -270,3 +281,14 @@ class SignedData(univ.Sequence): class Data(univ.OctetString): pass + +_contentTypeMapUpdate = { + data: Data(), + signedData: SignedData(), + envelopedData: EnvelopedData(), + signedAndEnvelopedData: SignedAndEnvelopedData(), + digestedData: DigestedData(), + encryptedData: EncryptedData() +} + +contentTypeMap.update(_contentTypeMapUpdate) \ No newline at end of file diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 5f8bcd4..6855482 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -990,26 +990,6 @@ id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') -# map of AttributeType -> AttributeValue - -certificateAttributesMap = { - id_at_name: X520name(), - id_at_surname: X520name(), - id_at_givenName: X520name(), - id_at_initials: X520name(), - id_at_generationQualifier: X520name(), - id_at_commonName: X520CommonName(), - id_at_localityName: X520LocalityName(), - id_at_stateOrProvinceName: X520StateOrProvinceName(), - id_at_organizationName: X520OrganizationName(), - id_at_organizationalUnitName: X520OrganizationalUnitName(), - id_at_title: X520Title(), - id_at_dnQualifier: X520dnQualifier(), - id_at_countryName: X520countryName(), - emailAddress: Pkcs9email(), -} - - class AttributeValue(univ.Any): pass @@ -1017,6 +997,8 @@ class AttributeValue(univ.Any): class AttributeType(univ.ObjectIdentifier): pass +certificateAttributesMap = {} + class AttributeTypeAndValue(univ.Sequence): componentType = namedtype.NamedTypes( @@ -1190,34 +1172,7 @@ class IssuerAltName(GeneralNames): pass -# map of Certificate Extension OIDs to Extensions - -certificateExtensionsMap = { - id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), - id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), - id_ce_keyUsage: KeyUsage(), - id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), -# TODO -# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? - id_ce_policyMappings: PolicyMappings(), - id_ce_subjectAltName: SubjectAltName(), - id_ce_issuerAltName: IssuerAltName(), - id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), - id_ce_basicConstraints: BasicConstraints(), - id_ce_nameConstraints: NameConstraints(), - id_ce_policyConstraints: PolicyConstraints(), - id_ce_extKeyUsage: ExtKeyUsageSyntax(), - id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), - id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), - id_ce_cRLNumber: univ.Integer(), - id_ce_deltaCRLIndicator: BaseCRLNumber(), - id_ce_issuingDistributionPoint: IssuingDistributionPoint(), - id_ce_cRLReasons: CRLReason(), - id_ce_holdInstructionCode: univ.ObjectIdentifier(), - id_ce_invalidityDate: useful.GeneralizedTime(), - id_ce_certificateIssuer: GeneralNames(), -} - +certificateExtensionsMap = {} class Extension(univ.Sequence): @@ -1321,3 +1276,55 @@ class CertificateList(univ.Sequence): namedtype.NamedType('signature', univ.BitString()) ) +# map of AttributeType -> AttributeValue + +_certificateAttributesMapUpdate = { + id_at_name: X520name(), + id_at_surname: X520name(), + id_at_givenName: X520name(), + id_at_initials: X520name(), + id_at_generationQualifier: X520name(), + id_at_commonName: X520CommonName(), + id_at_localityName: X520LocalityName(), + id_at_stateOrProvinceName: X520StateOrProvinceName(), + id_at_organizationName: X520OrganizationName(), + id_at_organizationalUnitName: X520OrganizationalUnitName(), + id_at_title: X520Title(), + id_at_dnQualifier: X520dnQualifier(), + id_at_countryName: X520countryName(), + emailAddress: Pkcs9email(), +} + +certificateAttributesMap.update(_certificateAttributesMapUpdate) + + +# map of Certificate Extension OIDs to Extensions + +_certificateExtensionsMapUpdate = { + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), + id_ce_keyUsage: KeyUsage(), + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), +# TODO +# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? + id_ce_policyMappings: PolicyMappings(), + id_ce_subjectAltName: SubjectAltName(), + id_ce_issuerAltName: IssuerAltName(), + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), + id_ce_basicConstraints: BasicConstraints(), + id_ce_nameConstraints: NameConstraints(), + id_ce_policyConstraints: PolicyConstraints(), + id_ce_extKeyUsage: ExtKeyUsageSyntax(), + id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), + id_ce_cRLNumber: univ.Integer(), + id_ce_deltaCRLIndicator: BaseCRLNumber(), + id_ce_issuingDistributionPoint: IssuingDistributionPoint(), + id_ce_cRLReasons: CRLReason(), + id_ce_holdInstructionCode: univ.ObjectIdentifier(), + id_ce_invalidityDate: useful.GeneralizedTime(), + id_ce_certificateIssuer: GeneralNames(), +} + +certificateExtensionsMap.update(_certificateExtensionsMapUpdate) + diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index 7d3aa69..c750f28 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -16,6 +16,7 @@ from pyasn1.type import univ from pyasn1.type import char from pyasn1.type import namedtype from pyasn1.type import namedval +from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import constraint from pyasn1.type import useful @@ -279,13 +280,10 @@ class CertificateSerialNumber(univ.Integer): class AlgorithmIdentifier(univ.Sequence): - pass - - -AlgorithmIdentifier.componentType = namedtype.NamedTypes( - namedtype.NamedType('algorithm', univ.ObjectIdentifier()), - namedtype.OptionalNamedType('parameters', univ.Any()) -) + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) + ) class Time(univ.Choice): @@ -302,14 +300,17 @@ class AttributeValue(univ.Any): pass -class AttributeTypeAndValue(univ.Sequence): - pass +certificateAttributesMap = {} -AttributeTypeAndValue.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('value', AttributeValue()) -) +class AttributeTypeAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType( + 'value', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap) + ) + ) class RelativeDistinguishedName(univ.SetOf): @@ -379,18 +380,21 @@ class PhysicalDeliveryOfficeName(PDSParameter): ub_extension_attributes = univ.Integer(256) +certificateExtensionsMap = { -class ExtensionAttribute(univ.Sequence): - pass +} -ExtensionAttribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( - subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype( - implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), - namedtype.NamedType('extension-attribute-value', - univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) -) +class ExtensionAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'extension-attribute-type', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType( + 'extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)), + openType=opentype.OpenType('type', certificateExtensionsMap)) + ) id_qt = _buildOid(id_pkix, 2) @@ -737,13 +741,12 @@ X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_numbe class Attribute(univ.Sequence): - pass - - -Attribute.componentType = namedtype.NamedTypes( - namedtype.NamedType('type', AttributeType()), - namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) -) + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', + univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('type', certificateAttributesMap)) + ) ub_common_name = univ.Integer(64) @@ -1066,14 +1069,20 @@ PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( ) -class AnotherName(univ.Sequence): - pass +anotherNameMap = { +} -AnotherName.componentType = namedtype.NamedTypes( - namedtype.NamedType('type-id', univ.ObjectIdentifier()), - namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) -) + +class AnotherName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType( + 'value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('type-id', anotherNameMap) + ) + ) class EDIPartyName(univ.Sequence): @@ -1311,14 +1320,19 @@ class PolicyQualifierId(univ.ObjectIdentifier): pass -class PolicyQualifierInfo(univ.Sequence): - pass +policyQualifierInfoMap = { +} -PolicyQualifierInfo.componentType = namedtype.NamedTypes( - namedtype.NamedType('policyQualifierId', PolicyQualifierId()), - namedtype.NamedType('qualifier', univ.Any()) -) + +class PolicyQualifierInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType( + 'qualifier', univ.Any(), + openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) + ) + ) class CertPolicyId(univ.ObjectIdentifier): @@ -1549,7 +1563,7 @@ id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) # map of AttributeType -> AttributeValue -certificateAttributesMap = { +_certificateAttributesMapUpdate = { id_at_name: X520name(), id_at_surname: X520name(), id_at_givenName: X520name(), @@ -1569,9 +1583,12 @@ certificateAttributesMap = { id_emailAddress: EmailAddress(), } +certificateAttributesMap.update(_certificateAttributesMapUpdate) + + # map of Certificate Extension OIDs to Extensions -certificateExtensionsMap = { +_certificateExtensionsMap = { id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), @@ -1595,3 +1612,5 @@ certificateExtensionsMap = { id_ce_invalidityDate: useful.GeneralizedTime(), id_ce_certificateIssuer: GeneralNames(), } + +certificateExtensionsMap.update(_certificateExtensionsMap) -- cgit v1.2.3 From 5d61d1c03da165e4b7d082ddadf8be4462801eed Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Tue, 26 Sep 2017 22:31:29 +0200 Subject: fixed OCSP ResponderID component tagging --- pyasn1_modules/rfc2560.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py index 25a4e62..472099e 100644 --- a/pyasn1_modules/rfc2560.py +++ b/pyasn1_modules/rfc2560.py @@ -124,9 +124,9 @@ class KeyHash(univ.OctetString): class ResponderID(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('byName', - rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + rfc2459.Name().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('byKey', - KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + KeyHash().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) -- cgit v1.2.3 From 5662c4308d3758d68e34398c1a70a346e58eb5a1 Mon Sep 17 00:00:00 2001 From: Ilya Etingof Date: Thu, 23 Nov 2017 10:29:45 +0100 Subject: imports pep8'ed and optimized --- pyasn1_modules/rfc1155.py | 5 ++++- pyasn1_modules/rfc1157.py | 6 +++++- pyasn1_modules/rfc1901.py | 4 +++- pyasn1_modules/rfc1902.py | 5 ++++- pyasn1_modules/rfc1905.py | 7 ++++++- pyasn1_modules/rfc2251.py | 6 +++++- pyasn1_modules/rfc2437.py | 5 ++++- pyasn1_modules/rfc2459.py | 9 ++++++++- pyasn1_modules/rfc2511.py | 2 +- pyasn1_modules/rfc2560.py | 7 ++++++- pyasn1_modules/rfc3279.py | 4 +++- pyasn1_modules/rfc3280.py | 8 +++++++- pyasn1_modules/rfc3281.py | 4 ++-- pyasn1_modules/rfc3412.py | 5 ++++- pyasn1_modules/rfc3414.py | 4 +++- pyasn1_modules/rfc3447.py | 4 +++- pyasn1_modules/rfc3852.py | 7 ++++++- pyasn1_modules/rfc4210.py | 13 +++++++++++-- pyasn1_modules/rfc4211.py | 7 ++++++- pyasn1_modules/rfc5208.py | 2 +- pyasn1_modules/rfc5280.py | 5 +++-- pyasn1_modules/rfc6402.py | 8 +++++++- 22 files changed, 102 insertions(+), 25 deletions(-) (limited to 'pyasn1_modules') diff --git a/pyasn1_modules/rfc1155.py b/pyasn1_modules/rfc1155.py index 4980a38..69c160e 100644 --- a/pyasn1_modules/rfc1155.py +++ b/pyasn1_modules/rfc1155.py @@ -12,7 +12,10 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import univ, namedtype, tag, constraint +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ class ObjectName(univ.ObjectIdentifier): diff --git a/pyasn1_modules/rfc1157.py b/pyasn1_modules/rfc1157.py index 1ad1d27..9e6527b 100644 --- a/pyasn1_modules/rfc1157.py +++ b/pyasn1_modules/rfc1157.py @@ -12,7 +12,11 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import univ, namedtype, namedval, tag +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + from pyasn1_modules import rfc1155 diff --git a/pyasn1_modules/rfc1901.py b/pyasn1_modules/rfc1901.py index eadf9aa..6e8d1f1 100644 --- a/pyasn1_modules/rfc1901.py +++ b/pyasn1_modules/rfc1901.py @@ -9,7 +9,9 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc1901.txt # -from pyasn1.type import univ, namedtype, namedval +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ class Message(univ.Sequence): diff --git a/pyasn1_modules/rfc1902.py b/pyasn1_modules/rfc1902.py index 5e9307e..7e815d2 100644 --- a/pyasn1_modules/rfc1902.py +++ b/pyasn1_modules/rfc1902.py @@ -9,7 +9,10 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc1902.txt # -from pyasn1.type import univ, namedtype, tag, constraint +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ class Integer(univ.Integer): diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py index de5bb03..31e4203 100644 --- a/pyasn1_modules/rfc1905.py +++ b/pyasn1_modules/rfc1905.py @@ -9,7 +9,12 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc1905.txt # -from pyasn1.type import univ, namedtype, namedval, tag, constraint +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + from pyasn1_modules import rfc1902 max_bindings = rfc1902.Integer(2147483647) diff --git a/pyasn1_modules/rfc2251.py b/pyasn1_modules/rfc2251.py index 94ba589..a4c07a0 100644 --- a/pyasn1_modules/rfc2251.py +++ b/pyasn1_modules/rfc2251.py @@ -12,7 +12,11 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import tag, namedtype, namedval, univ, constraint +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ maxInt = univ.Integer(2147483647) diff --git a/pyasn1_modules/rfc2437.py b/pyasn1_modules/rfc2437.py index 678d92d..4e4113f 100644 --- a/pyasn1_modules/rfc2437.py +++ b/pyasn1_modules/rfc2437.py @@ -11,7 +11,10 @@ # # Sample captures could be obtained with "openssl genrsa" command # -from pyasn1.type import tag, namedtype, univ +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + from pyasn1_modules.rfc2459 import AlgorithmIdentifier pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py index 6855482..1f78185 100644 --- a/pyasn1_modules/rfc2459.py +++ b/pyasn1_modules/rfc2459.py @@ -13,7 +13,14 @@ # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # -from pyasn1.type import tag, namedtype, namedval, opentype, univ, constraint, char, useful +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful MAX = float('inf') diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py index 4ae7db5..b42d1d9 100644 --- a/pyasn1_modules/rfc2511.py +++ b/pyasn1_modules/rfc2511.py @@ -11,8 +11,8 @@ # # Sample captures could be obtained with OpenSSL # -from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2315 +from pyasn1_modules.rfc2459 import * MAX = float('inf') diff --git a/pyasn1_modules/rfc2560.py b/pyasn1_modules/rfc2560.py index 472099e..47ca4e1 100644 --- a/pyasn1_modules/rfc2560.py +++ b/pyasn1_modules/rfc2560.py @@ -21,7 +21,12 @@ # * dates are left as strings in GeneralizedTime format -- datetime.datetime # would be nicer # -from pyasn1.type import tag, namedtype, namedval, univ, useful +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + from pyasn1_modules import rfc2459 diff --git a/pyasn1_modules/rfc3279.py b/pyasn1_modules/rfc3279.py index f69ff08..65a554d 100644 --- a/pyasn1_modules/rfc3279.py +++ b/pyasn1_modules/rfc3279.py @@ -6,7 +6,9 @@ # # Derived from RFC 3279 # -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ def _OID(*components): diff --git a/pyasn1_modules/rfc3280.py b/pyasn1_modules/rfc3280.py index 3614e6c..f49dcfb 100644 --- a/pyasn1_modules/rfc3280.py +++ b/pyasn1_modules/rfc3280.py @@ -12,7 +12,13 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3280.txt # -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful MAX = float('inf') diff --git a/pyasn1_modules/rfc3281.py b/pyasn1_modules/rfc3281.py index 8aa99d3..9ecc2cd 100644 --- a/pyasn1_modules/rfc3281.py +++ b/pyasn1_modules/rfc3281.py @@ -11,12 +11,12 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3281.txt # -from pyasn1.type import univ from pyasn1.type import char +from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag -from pyasn1.type import constraint +from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc3280 diff --git a/pyasn1_modules/rfc3412.py b/pyasn1_modules/rfc3412.py index b3f5a92..1492e62 100644 --- a/pyasn1_modules/rfc3412.py +++ b/pyasn1_modules/rfc3412.py @@ -9,7 +9,10 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3412.txt # -from pyasn1.type import univ, namedtype, constraint +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + from pyasn1_modules import rfc1905 diff --git a/pyasn1_modules/rfc3414.py b/pyasn1_modules/rfc3414.py index aeb82aa..cac18cf 100644 --- a/pyasn1_modules/rfc3414.py +++ b/pyasn1_modules/rfc3414.py @@ -9,7 +9,9 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3414.txt # -from pyasn1.type import univ, namedtype, constraint +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ class UsmSecurityParameters(univ.Sequence): diff --git a/pyasn1_modules/rfc3447.py b/pyasn1_modules/rfc3447.py index 57c99fa..a2950aa 100644 --- a/pyasn1_modules/rfc3447.py +++ b/pyasn1_modules/rfc3447.py @@ -11,7 +11,9 @@ # # Sample captures could be obtained with "openssl genrsa" command # -from pyasn1.type import constraint, namedval +from pyasn1.type import constraint +from pyasn1.type import namedval + from pyasn1_modules.rfc2437 import * diff --git a/pyasn1_modules/rfc3852.py b/pyasn1_modules/rfc3852.py index 872eb88..3b17fe5 100644 --- a/pyasn1_modules/rfc3852.py +++ b/pyasn1_modules/rfc3852.py @@ -11,7 +11,12 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc3852.txt # -from pyasn1.type import univ, namedtype, namedval, tag, constraint, useful +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3281 diff --git a/pyasn1_modules/rfc4210.py b/pyasn1_modules/rfc4210.py index d7e6db0..b93464f 100644 --- a/pyasn1_modules/rfc4210.py +++ b/pyasn1_modules/rfc4210.py @@ -8,8 +8,17 @@ # # Based on Alex Railean's work # -from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful -from pyasn1_modules import rfc2459, rfc2511, rfc2314 +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc2314 +from pyasn1_modules import rfc2459 +from pyasn1_modules import rfc2511 MAX = float('inf') diff --git a/pyasn1_modules/rfc4211.py b/pyasn1_modules/rfc4211.py index d20da78..9ff07f2 100644 --- a/pyasn1_modules/rfc4211.py +++ b/pyasn1_modules/rfc4211.py @@ -12,7 +12,12 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc4211.txt # -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3852 diff --git a/pyasn1_modules/rfc5208.py b/pyasn1_modules/rfc5208.py index 6b6487d..7857d2f 100644 --- a/pyasn1_modules/rfc5208.py +++ b/pyasn1_modules/rfc5208.py @@ -11,8 +11,8 @@ # # Sample captures could be obtained with "openssl pkcs8 -topk8" command # -from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2251 +from pyasn1_modules.rfc2459 import * class KeyEncryptionAlgorithms(AlgorithmIdentifier): diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py index c750f28..2ecc627 100644 --- a/pyasn1_modules/rfc5280.py +++ b/pyasn1_modules/rfc5280.py @@ -12,17 +12,18 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc5280.txt # -from pyasn1.type import univ from pyasn1.type import char +from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag -from pyasn1.type import constraint +from pyasn1.type import univ from pyasn1.type import useful MAX = float('inf') + def _buildOid(*components): output = [] for x in tuple(components): diff --git a/pyasn1_modules/rfc6402.py b/pyasn1_modules/rfc6402.py index c35f855..faee07f 100644 --- a/pyasn1_modules/rfc6402.py +++ b/pyasn1_modules/rfc6402.py @@ -11,7 +11,13 @@ # ASN.1 source from: # http://www.ietf.org/rfc/rfc6402.txt # -from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful from pyasn1_modules import rfc4211 from pyasn1_modules import rfc5280 -- cgit v1.2.3