deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2025-07-10 14:43:34 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

upgrade pyasn1_modules to 0.1.4

Browse Source
This commit is contained in:
Jay Lee
2017-10-08 21:25:30 -04:00
parent ce5eb39f37
commit a1ca3523a3
27 changed files with 7915 additions and 751 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pyasn1_modules/__init__.py
View File

@ -1,2 +1,2 @@
# http://www.python.org/dev/peps/pep-0396/
__version__ = '0.0.8'
__version__ = '0.1.4'

42
src/pyasn1_modules/pem.py
View File

@ -1,17 +1,27 @@
import base64, sys
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
import base64
import sys
stSpam, stHam, stDump = 0, 1, 2
# The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')...
# Return is (marker-index, substrate)
def readPemBlocksFromFile(fileObj, *markers):
startMarkers = dict(map(lambda x: (x[1],x[0]),
enumerate(map(lambda x: x[0], markers))))
stopMarkers = dict(map(lambda x: (x[1],x[0]),
enumerate(map(lambda x: x[1], markers))))
idx = -1; substrate = ''
startMarkers = dict(map(lambda x: (x[1], x[0]),
enumerate(map(lambda y: y[0], markers))))
stopMarkers = dict(map(lambda x: (x[1], x[0]),
enumerate(map(lambda y: y[1], markers))))
idx = -1
substrate = ''
certLines = []
state = stSpam
while 1:
while True:
certLine = fileObj.readline()
if not certLine:
break
@ -29,12 +39,13 @@ def readPemBlocksFromFile(fileObj, *markers):
certLines.append(certLine)
if state == stDump:
if sys.version_info[0] <= 2:
substrate = ''.join([ base64.b64decode(x) for x in certLines ])
substrate = ''.join([base64.b64decode(x) for x in certLines])
else:
substrate = ''.encode().join([ base64.b64decode(x.encode()) for x in certLines ])
substrate = ''.encode().join([base64.b64decode(x.encode()) for x in certLines])
break
return idx, substrate
# Backward compatibility routine
def readPemFromFile(fileObj,
startMarker='-----BEGIN CERTIFICATE-----',
@ -42,10 +53,13 @@ def readPemFromFile(fileObj,
idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker))
return substrate
def readBase64FromFile(fileObj):
def readBase64fromText(text):
if sys.version_info[0] <= 2:
return ''.join([ base64.b64decode(x) for x in fileObj.readlines() ])
return base64.b64decode(text)
else:
return ''.encode().join(
[ base64.b64decode(x.encode()) for x in fileObj.readlines() ]
)
return base64.b64decode(text.encode())
def readBase64FromFile(fileObj):
return readBase64fromText(fileObj.read())

24
src/pyasn1_modules/rfc1155.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv1 message syntax
#
# ASN.1 source from:
@ -7,9 +12,12 @@
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
from pyasn1.type import univ, namedtype, namedval, tag, constraint
from pyasn1.type import univ, namedtype, tag, constraint
class ObjectName(univ.ObjectIdentifier):
pass
class ObjectName(univ.ObjectIdentifier): pass
class SimpleSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
@ -19,6 +27,7 @@ class SimpleSyntax(univ.Choice):
namedtype.NamedType('empty', univ.Null())
)
class IpAddress(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0)
@ -26,11 +35,14 @@ class IpAddress(univ.OctetString):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(
4, 4
)
class NetworkAddress(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('internet', IpAddress())
)
class Counter(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1)
@ -38,6 +50,8 @@ class Counter(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Gauge(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2)
@ -45,6 +59,8 @@ class Gauge(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class TimeTicks(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3)
@ -52,11 +68,14 @@ class TimeTicks(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Opaque(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4)
)
class ApplicationSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('address', NetworkAddress()),
@ -66,6 +85,7 @@ class ApplicationSyntax(univ.Choice):
namedtype.NamedType('arbitrary', Opaque())
)
class ObjectSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('simple', SimpleSyntax()),

42
src/pyasn1_modules/rfc1157.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv1 message syntax
#
# ASN.1 source from:
@ -7,18 +12,25 @@
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
from pyasn1.type import univ, namedtype, namedval, tag, constraint
from pyasn1.type import univ, namedtype, namedval, tag
from pyasn1_modules import rfc1155
class Version(univ.Integer):
namedValues = namedval.NamedValues(
('version-1', 0)
)
defaultValue = 0
class Community(univ.OctetString): pass
class RequestID(univ.Integer): pass
class Community(univ.OctetString):
pass
class RequestID(univ.Integer):
pass
class ErrorStatus(univ.Integer):
namedValues = namedval.NamedValues(
('noError', 0),
@ -28,16 +40,23 @@ class ErrorStatus(univ.Integer):
('readOnly', 4),
('genErr', 5)
)
class ErrorIndex(univ.Integer): pass
class ErrorIndex(univ.Integer):
pass
class VarBind(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('name', rfc1155.ObjectName()),
namedtype.NamedType('value', rfc1155.ObjectSyntax())
)
class VarBindList(univ.SequenceOf):
componentType = VarBind()
class _RequestBase(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('request-id', RequestID()),
@ -46,33 +65,45 @@ class _RequestBase(univ.Sequence):
namedtype.NamedType('variable-bindings', VarBindList())
)
class GetRequestPDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
class GetNextRequestPDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
class GetResponsePDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)
)
class SetRequestPDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)
)
class TrapPDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('enterprise', univ.ObjectIdentifier()),
namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()),
namedtype.NamedType('generic-trap', univ.Integer().clone(namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), ('authenticationFailure', 4), ('egpNeighborLoss', 5), ('enterpriseSpecific', 6)))),
namedtype.NamedType('generic-trap', univ.Integer().clone(
namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3),
('authenticationFailure', 4), ('egpNeighborLoss', 5),
('enterpriseSpecific', 6)))),
namedtype.NamedType('specific-trap', univ.Integer()),
namedtype.NamedType('time-stamp', rfc1155.TimeTicks()),
namedtype.NamedType('variable-bindings', VarBindList())
)
class Pdus(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('get-request', GetRequestPDU()),
@ -82,6 +113,7 @@ class Pdus(univ.Choice):
namedtype.NamedType('trap', TrapPDU())
)
class Message(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),

9
src/pyasn1_modules/rfc1901.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv2c message syntax
#
# ASN.1 source from:
@ -6,10 +11,10 @@
#
from pyasn1.type import univ, namedtype, namedval
class Message(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer(namedValues = namedval.NamedValues(('version-2c', 1)))),
namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('version-2c', 1)))),
namedtype.NamedType('community', univ.OctetString()),
namedtype.NamedType('data', univ.Any())
)

51
src/pyasn1_modules/rfc1902.py
View File

@ -1,82 +1,102 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv2c message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc1902.txt
#
from pyasn1.type import univ, namedtype, namedval, tag, constraint
from pyasn1.type import univ, namedtype, tag, constraint
class Integer(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
-2147483648, 2147483647
)
class Integer32(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
-2147483648, 2147483647
)
class OctetString(univ.OctetString):
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueSizeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(
0, 65535
)
class IpAddress(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00)
)
subtypeSpec = univ.OctetString.subtypeSpec+constraint.ValueSizeConstraint(
subtypeSpec = univ.OctetString.subtypeSpec + constraint.ValueSizeConstraint(
4, 4
)
class Counter32(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01)
)
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Gauge32(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02)
)
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Unsigned32(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02)
)
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class TimeTicks(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03)
)
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Opaque(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04)
)
class Counter64(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06)
)
subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint(
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 18446744073709551615
)
class Bits(univ.OctetString): pass
class ObjectName(univ.ObjectIdentifier): pass
class Bits(univ.OctetString):
pass
class ObjectName(univ.ObjectIdentifier):
pass
class SimpleSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
@ -85,6 +105,7 @@ class SimpleSyntax(univ.Choice):
namedtype.NamedType('objectID-value', univ.ObjectIdentifier())
)
class ApplicationSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ipAddress-value', IpAddress()),
@ -92,14 +113,14 @@ class ApplicationSyntax(univ.Choice):
namedtype.NamedType('timeticks-value', TimeTicks()),
namedtype.NamedType('arbitrary-value', Opaque()),
namedtype.NamedType('big-counter-value', Counter64()),
# This conflicts with Counter32
# namedtype.NamedType('unsigned-integer-value', Unsigned32()),
# This conflicts with Counter32
# namedtype.NamedType('unsigned-integer-value', Unsigned32()),
namedtype.NamedType('gauge32-value', Gauge32())
) # BITS misplaced?
class ObjectSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('simple', SimpleSyntax()),
namedtype.NamedType('application-wide', ApplicationSyntax())
)

46
src/pyasn1_modules/rfc1905.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv2c PDU syntax
#
# ASN.1 source from:
@ -9,83 +14,109 @@ from pyasn1_modules import rfc1902
max_bindings = rfc1902.Integer(2147483647)
class _BindValue(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('value', rfc1902.ObjectSyntax()),
namedtype.NamedType('unSpecified', univ.Null()),
namedtype.NamedType('noSuchObject', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('noSuchInstance', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('endOfMibView', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
namedtype.NamedType('noSuchObject',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('noSuchInstance',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('endOfMibView',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class VarBind(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('name', rfc1902.ObjectName()),
namedtype.NamedType('', _BindValue())
)
class VarBindList(univ.SequenceOf):
componentType = VarBind()
subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(
0, max_bindings
)
class PDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('request-id', rfc1902.Integer32()),
namedtype.NamedType('error-status', univ.Integer(namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), ('notWritable', 17), ('inconsistentName', 18)))),
namedtype.NamedType('error-index', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('error-status', univ.Integer(
namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3),
('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7),
('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10),
('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13),
('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16),
('notWritable', 17), ('inconsistentName', 18)))),
namedtype.NamedType('error-index',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('variable-bindings', VarBindList())
)
class BulkPDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('request-id', rfc1902.Integer32()),
namedtype.NamedType('non-repeaters', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('max-repetitions', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('non-repeaters',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('max-repetitions',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('variable-bindings', VarBindList())
)
class GetRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
class GetNextRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
class ResponsePDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)
)
class SetRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)
)
class GetBulkRequestPDU(BulkPDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5)
)
class InformRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6)
)
class SNMPv2TrapPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)
)
class ReportPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8)
)
class PDUs(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('get-request', GetRequestPDU()),
@ -97,4 +128,3 @@ class PDUs(univ.Choice):
namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()),
namedtype.NamedType('report', ReportPDU())
)

378
src/pyasn1_modules/rfc2251.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# LDAP message syntax
#
# ASN.1 source from:
@ -7,25 +12,46 @@
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
from pyasn1.type import tag, namedtype, namedval, univ, constraint,char,useful
from pyasn1.codec.der import decoder, encoder
from pyasn1.type import tag, namedtype, namedval, univ, constraint
maxInt = univ.Integer(2147483647)
class LDAPString(univ.OctetString): pass
class LDAPOID(univ.OctetString): pass
class LDAPDN(LDAPString): pass
class RelativeLDAPDN(LDAPString): pass
class AttributeType(LDAPString): pass
class AttributeDescription(LDAPString): pass
class LDAPString(univ.OctetString):
pass
class LDAPOID(univ.OctetString):
pass
class LDAPDN(LDAPString):
pass
class RelativeLDAPDN(LDAPString):
pass
class AttributeType(LDAPString):
pass
class AttributeDescription(LDAPString):
pass
class AttributeDescriptionList(univ.SequenceOf):
componentType = AttributeDescription()
class AttributeValue(univ.OctetString): pass
class AssertionValue(univ.OctetString): pass
class AttributeValue(univ.OctetString):
pass
class AssertionValue(univ.OctetString):
pass
class AttributeValueAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -33,13 +59,17 @@ class AttributeValueAssertion(univ.Sequence):
namedtype.NamedType('assertionValue', AssertionValue())
)
class Attribute(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
class MatchingRuleId(LDAPString): pass
class MatchingRuleId(LDAPString):
pass
class Control(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -48,28 +78,39 @@ class Control(univ.Sequence):
namedtype.OptionalNamedType('controlValue', univ.OctetString())
)
class Controls(univ.SequenceOf):
componentType = Control()
class LDAPURL(LDAPString): pass
class LDAPURL(LDAPString):
pass
class Referral(univ.SequenceOf):
componentType = LDAPURL()
class SaslCredentials(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('mechanism', LDAPString()),
namedtype.OptionalNamedType('credentials', univ.OctetString())
)
class AuthenticationChoice(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('simple', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('reserved-1', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('reserved-2', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('sasl', SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
namedtype.NamedType('simple', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('reserved-1', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('reserved-2', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('sasl',
SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
class BindRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0)
@ -80,8 +121,15 @@ class BindRequest(univ.Sequence):
namedtype.NamedType('authentication', AuthenticationChoice())
)
class PartialAttributeList(univ.SequenceOf):
componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))))
componentType = univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
)
class SearchResultEntry(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
@ -92,61 +140,114 @@ class SearchResultEntry(univ.Sequence):
namedtype.NamedType('attributes', PartialAttributeList())
)
class MatchingRuleAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('type', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('matchValue', AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('type', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('matchValue',
AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class SubstringFilter(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('substrings', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))))))
namedtype.NamedType('substrings',
univ.SequenceOf(
componentType=univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
),
namedtype.NamedType(
'any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))
),
namedtype.NamedType(
'final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))
)
)
)
)
)
)
# Ugly hack to handle recursive Filter reference (up to 3-levels deep).
class Filter3(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
class Filter2(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('not', Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('not',
Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
class Filter(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('not', Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('not',
Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
# End of Filter hack
class SearchRequest(univ.Sequence):
@ -155,73 +256,147 @@ class SearchRequest(univ.Sequence):
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('baseObject', LDAPDN()),
namedtype.NamedType('scope', univ.Enumerated(namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))),
namedtype.NamedType('derefAliases', univ.Enumerated(namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), ('derefFindingBaseObj', 2), ('derefAlways', 3)))),
namedtype.NamedType('sizeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
namedtype.NamedType('timeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
namedtype.NamedType('scope', univ.Enumerated(
namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))),
namedtype.NamedType('derefAliases', univ.Enumerated(
namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1),
('derefFindingBaseObj', 2), ('derefAlways', 3)))),
namedtype.NamedType('sizeLimit',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
namedtype.NamedType('timeLimit',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
namedtype.NamedType('typesOnly', univ.Boolean()),
namedtype.NamedType('filter', Filter()),
namedtype.NamedType('attributes', AttributeDescriptionList())
)
class UnbindRequest(univ.Null):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2)
)
class BindResponse(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('resultCode', univ.Enumerated(
namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
('compareTrue', 6), ('authMethodNotSupported', 7),
('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
('confidentialityRequired', 13), ('saslBindInProgress', 14),
('noSuchAttribute', 16), ('undefinedAttributeType', 17),
('inappropriateMatching', 18), ('constraintViolation', 19),
('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
('reserved-35', 35), ('aliasDereferencingProblem', 36),
('inappropriateAuthentication', 48), ('invalidCredentials', 49),
('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
('objectClassModsProhibited', 69), ('reserved-70', 70),
('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('matchedDN', LDAPDN()),
namedtype.NamedType('errorMessage', LDAPString()),
namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)))
namedtype.OptionalNamedType('referral', Referral().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)))
)
class LDAPResult(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('resultCode', univ.Enumerated(
namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
('compareTrue', 6), ('authMethodNotSupported', 7),
('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
('confidentialityRequired', 13), ('saslBindInProgress', 14),
('noSuchAttribute', 16), ('undefinedAttributeType', 17),
('inappropriateMatching', 18), ('constraintViolation', 19),
('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
('reserved-35', 35), ('aliasDereferencingProblem', 36),
('inappropriateAuthentication', 48), ('invalidCredentials', 49),
('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
('objectClassModsProhibited', 69), ('reserved-70', 70),
('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('matchedDN', LDAPDN()),
namedtype.NamedType('errorMessage', LDAPString()),
namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
namedtype.OptionalNamedType('referral', Referral().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class SearchResultReference(univ.SequenceOf):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19)
)
componentType = LDAPURL()
class SearchResultDone(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5)
)
class AttributeTypeAndValues(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
class ModifyRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('object', LDAPDN()),
namedtype.NamedType('modification', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))), namedtype.NamedType('modification', AttributeTypeAndValues())))))
namedtype.NamedType('modification',
univ.SequenceOf(
componentType=univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))
),
namedtype.NamedType('modification', AttributeTypeAndValues())))
)
)
)
class ModifyResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7)
)
class AttributeList(univ.SequenceOf):
componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))))
componentType = univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
)
class AddRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
@ -232,21 +407,25 @@ class AddRequest(univ.Sequence):
namedtype.NamedType('attributes', AttributeList())
)
class AddResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9)
)
class DelRequest(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10)
)
class DelResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11)
)
class ModifyDNRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12)
@ -255,15 +434,18 @@ class ModifyDNRequest(univ.Sequence):
namedtype.NamedType('entry', LDAPDN()),
namedtype.NamedType('newrdn', RelativeLDAPDN()),
namedtype.NamedType('deleteoldrdn', univ.Boolean()),
namedtype.OptionalNamedType('newSuperior', LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('newSuperior',
LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class ModifyDNResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13)
)
class CompareRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14)
@ -273,47 +455,105 @@ class CompareRequest(univ.Sequence):
namedtype.NamedType('ava', AttributeValueAssertion())
)
class CompareResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15)
)
class AbandonRequest(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16)
)
class ExtendedRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('requestName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
namedtype.NamedType('requestName',
LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class ExtendedResponse(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('resultCode', univ.Enumerated(
namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
('compareTrue', 6), ('authMethodNotSupported', 7),
('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
('confidentialityRequired', 13), ('saslBindInProgress', 14),
('noSuchAttribute', 16), ('undefinedAttributeType', 17),
('inappropriateMatching', 18), ('constraintViolation', 19),
('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
('reserved-35', 35), ('aliasDereferencingProblem', 36),
('inappropriateAuthentication', 48), ('invalidCredentials', 49),
('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
('objectClassModsProhibited', 69), ('reserved-70', 70),
('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('matchedDN', LDAPDN()),
namedtype.NamedType('errorMessage', LDAPString()),
namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('referral', Referral().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('responseName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))),
namedtype.OptionalNamedType('response', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)))
namedtype.OptionalNamedType('responseName', LDAPOID().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))),
namedtype.OptionalNamedType('response', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)))
)
class MessageID(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, maxInt
)
class LDAPMessage(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('messageID', MessageID()),
namedtype.NamedType('protocolOp', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('bindRequest', BindRequest()), namedtype.NamedType('bindResponse', BindResponse()), namedtype.NamedType('unbindRequest', UnbindRequest()), namedtype.NamedType('searchRequest', SearchRequest()), namedtype.NamedType('searchResEntry', SearchResultEntry()), namedtype.NamedType('searchResDone', SearchResultDone()), namedtype.NamedType('searchResRef', SearchResultReference()), namedtype.NamedType('modifyRequest', ModifyRequest()), namedtype.NamedType('modifyResponse', ModifyResponse()), namedtype.NamedType('addRequest', AddRequest()), namedtype.NamedType('addResponse', AddResponse()), namedtype.NamedType('delRequest', DelRequest()), namedtype.NamedType('delResponse', DelResponse()), namedtype.NamedType('modDNRequest', ModifyDNRequest()), namedtype.NamedType('modDNResponse', ModifyDNResponse()), namedtype.NamedType('compareRequest', CompareRequest()), namedtype.NamedType('compareResponse', CompareResponse()), namedtype.NamedType('abandonRequest', AbandonRequest()), namedtype.NamedType('extendedReq', ExtendedRequest()), namedtype.NamedType('extendedResp', ExtendedResponse())))),
namedtype.OptionalNamedType('controls', Controls().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.NamedType(
'protocolOp', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('bindRequest', BindRequest()),
namedtype.NamedType('bindResponse', BindResponse()),
namedtype.NamedType('unbindRequest', UnbindRequest()),
namedtype.NamedType('searchRequest', SearchRequest()),
namedtype.NamedType('searchResEntry', SearchResultEntry()),
namedtype.NamedType('searchResDone', SearchResultDone()),
namedtype.NamedType('searchResRef', SearchResultReference()),
namedtype.NamedType('modifyRequest', ModifyRequest()),
namedtype.NamedType('modifyResponse', ModifyResponse()),
namedtype.NamedType('addRequest', AddRequest()),
namedtype.NamedType('addResponse', AddResponse()),
namedtype.NamedType('delRequest', DelRequest()),
namedtype.NamedType('delResponse', DelResponse()),
namedtype.NamedType('modDNRequest', ModifyDNRequest()),
namedtype.NamedType('modDNResponse', ModifyDNResponse()),
namedtype.NamedType('compareRequest', CompareRequest()),
namedtype.NamedType('compareResponse', CompareResponse()),
namedtype.NamedType('abandonRequest', AbandonRequest()),
namedtype.NamedType('extendedReq', ExtendedRequest()),
namedtype.NamedType('extendedResp', ExtendedResponse())
)
)
),
namedtype.OptionalNamedType('controls', Controls().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)

25
src/pyasn1_modules/rfc2314.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# PKCS#10 syntax
#
# ASN.1 source from:
@ -6,24 +11,34 @@
#
# Sample captures could be obtained with "openssl req" command
#
from pyasn1.type import tag, namedtype, namedval, univ, constraint
from pyasn1_modules.rfc2459 import *
class Attributes(univ.SetOf):
componentType = Attribute()
class Version(univ.Integer): pass
class Version(univ.Integer):
pass
class CertificationRequestInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('subject', Name()),
namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.NamedType('attributes',
Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Signature(univ.BitString): pass
class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass
class Signature(univ.BitString):
pass
class SignatureAlgorithmIdentifier(AlgorithmIdentifier):
pass
class CertificationRequest(univ.Sequence):
componentType = namedtype.NamedTypes(

119
src/pyasn1_modules/rfc2315.py
View File

@ -1,27 +1,34 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# PKCS#7 message syntax
#
# ASN.1 source from:
# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/pkcs7.asn
# https://opensource.apple.com/source/Security/Security-55179.1/libsecurity_asn1/asn1/pkcs7.asn.auto.html
#
# Sample captures from:
# openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b
#
from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful
from pyasn1_modules.rfc2459 import *
class Attribute(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeType()),
namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue()))
)
class AttributeValueAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('attributeType', AttributeType()),
namedtype.NamedType('attributeValue', AttributeValue())
)
pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7')
data = univ.ObjectIdentifier('1.2.840.113549.1.7.1')
signedData = univ.ObjectIdentifier('1.2.840.113549.1.7.2')
@ -30,20 +37,31 @@ signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4')
digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5')
encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6')
class ContentType(univ.ObjectIdentifier): pass
class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass
class ContentType(univ.ObjectIdentifier):
pass
class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
pass
class EncryptedContent(univ.OctetString):
pass
class EncryptedContent(univ.OctetString): pass
class EncryptedContentInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Version(univ.Integer): pass # overrides x509.Version
class Version(univ.Integer): # overrides x509.Version
pass
class EncryptedData(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -51,36 +69,50 @@ class EncryptedData(univ.Sequence):
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo())
)
class DigestAlgorithmIdentifier(AlgorithmIdentifier): pass
class DigestAlgorithmIdentifier(AlgorithmIdentifier):
pass
class DigestAlgorithmIdentifiers(univ.SetOf):
componentType = DigestAlgorithmIdentifier()
class Digest(univ.OctetString): pass
class Digest(univ.OctetString):
pass
class ContentInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.OptionalNamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.OptionalNamedType('content', univ.Any().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class DigestedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('contentInfo', ContentInfo()),
namedtype.NamedType('digest', Digest)
namedtype.NamedType('digest', Digest())
)
class IssuerAndSerialNumber(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', Name()),
namedtype.NamedType('serialNumber', CertificateSerialNumber())
)
class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass
class EncryptedKey(univ.OctetString): pass
class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
pass
class EncryptedKey(univ.OctetString):
pass
class RecipientInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -90,12 +122,15 @@ class RecipientInfo(univ.Sequence):
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientInfos(univ.SetOf):
componentType = RecipientInfo()
class Attributes(univ.SetOf):
componentType = Attribute()
class ExtendedCertificateInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
@ -103,9 +138,14 @@ class ExtendedCertificateInfo(univ.Sequence):
namedtype.NamedType('attributes', Attributes())
)
class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass
class Signature(univ.BitString): pass
class SignatureAlgorithmIdentifier(AlgorithmIdentifier):
pass
class Signature(univ.BitString):
pass
class ExtendedCertificate(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -114,16 +154,22 @@ class ExtendedCertificate(univ.Sequence):
namedtype.NamedType('signature', Signature())
)
class ExtendedCertificateOrCertificate(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class ExtendedCertificatesAndCertificates(univ.SetOf):
componentType = ExtendedCertificateOrCertificate()
class SerialNumber(univ.Integer): pass
class SerialNumber(univ.Integer):
pass
class CRLEntry(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -131,6 +177,7 @@ class CRLEntry(univ.Sequence):
namedtype.NamedType('revocationDate', useful.UTCTime())
)
class TBSCertificateRevocationList(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signature', AlgorithmIdentifier()),
@ -140,6 +187,7 @@ class TBSCertificateRevocationList(univ.Sequence):
namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry()))
)
class CertificateRevocationList(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()),
@ -147,38 +195,51 @@ class CertificateRevocationList(univ.Sequence):
namedtype.NamedType('signature', univ.BitString())
)
class CertificateRevocationLists(univ.SetOf):
componentType = CertificateRevocationList()
class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass
class EncryptedDigest(univ.OctetString): pass
class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
pass
class EncryptedDigest(univ.OctetString):
pass
class SignerInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedDigest', EncryptedDigest()),
namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class SignerInfos(univ.SetOf):
componentType = SignerInfo()
class SignedAndEnvelopedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
class EnvelopedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
@ -186,20 +247,26 @@ class EnvelopedData(univ.Sequence):
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo())
)
class DigestInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('digest', Digest())
)
class SignedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('contentInfo', ContentInfo()),
namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
class Data(univ.OctetString): pass
class Data(univ.OctetString):
pass

25
src/pyasn1_modules/rfc2437.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# PKCS#1 syntax
#
# ASN.1 source from:
@ -6,7 +11,7 @@
#
# Sample captures could be obtained with "openssl genrsa" command
#
from pyasn1.type import tag, namedtype, namedval, univ, constraint
from pyasn1.type import tag, namedtype, univ
from pyasn1_modules.rfc2459 import AlgorithmIdentifier
pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1')
@ -21,9 +26,12 @@ id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8')
id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9')
id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26')
MAX = 16
MAX = float('inf')
class Version(univ.Integer):
pass
class Version(univ.Integer): pass
class RSAPrivateKey(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -38,16 +46,21 @@ class RSAPrivateKey(univ.Sequence):
namedtype.NamedType('coefficient', univ.Integer())
)
class RSAPublicKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer())
)
# XXX defaults not set
class RSAES_OAEP_params(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)

717
src/pyasn1_modules/rfc2459.py
View File

File diff suppressed because it is too large Load Diff

170
src/pyasn1_modules/rfc2511.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# X.509 certificate Request Message Format (CRMF) syntax
#
# ASN.1 source from:
@ -6,11 +11,10 @@
#
# Sample captures could be obtained with OpenSSL
#
from pyasn1.type import tag, namedtype, namedval, univ, constraint, char,useful
from pyasn1_modules.rfc2459 import *
from pyasn1_modules import rfc2315
MAX=16
MAX = float('inf')
id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7')
id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5')
@ -25,15 +29,22 @@ id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2')
id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1')
id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2')
# This should be in PKIX Certificate Extensions module
class GeneralName(univ.OctetString): pass
class GeneralName(univ.OctetString):
pass
# end of PKIX Certificate Extensions module
class UTF8Pairs(char.UTF8String): pass
class UTF8Pairs(char.UTF8String):
pass
class ProtocolEncrKey(SubjectPublicKeyInfo):
pass
class ProtocolEncrKey(SubjectPublicKeyInfo): pass
class CertId(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -41,47 +52,74 @@ class CertId(univ.Sequence):
namedtype.NamedType('serialNumber', univ.Integer())
)
class OldCertId(CertId): pass
class KeyGenParameters(univ.OctetString): pass
class OldCertId(CertId):
pass
class KeyGenParameters(univ.OctetString):
pass
class EncryptedValue(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('encValue', univ.BitString())
)
class EncryptedKey(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedValue', EncryptedValue()),
namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class PKIArchiveOptions(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('archiveRemGenPrivKey',
univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class SinglePubInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('pubMethod', univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))),
namedtype.NamedType('pubMethod', univ.Integer(
namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))),
namedtype.OptionalNamedType('pubLocation', GeneralName())
)
class PKIPublicationInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
namedtype.NamedType('action',
univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class Authenticator(char.UTF8String): pass
class RegToken(char.UTF8String): pass
class Authenticator(char.UTF8String):
pass
class RegToken(char.UTF8String):
pass
class SubsequentMessage(univ.Integer):
namedValues = namedval.NamedValues(
@ -89,13 +127,18 @@ class SubsequentMessage(univ.Integer):
('challengeResp', 1)
)
class POPOPrivKey(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
namedtype.NamedType('thisMessage',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('dhMAC',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class PBMParameter(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('salt', univ.OctetString()),
@ -104,57 +147,91 @@ class PBMParameter(univ.Sequence):
namedtype.NamedType('mac', AlgorithmIdentifier())
)
class PKMACValue(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('algId', AlgorithmIdentifier()),
namedtype.NamedType('value', univ.BitString())
)
class POPOSigningKeyInput(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('publicKeyMAC', PKMACValue())))),
namedtype.NamedType(
'authInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
),
namedtype.NamedType('publicKeyMAC', PKMACValue())
)
)
),
namedtype.NamedType('publicKey', SubjectPublicKeyInfo())
)
class POPOSigningKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class ProofOfPossession(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signature', POPOSigningKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
namedtype.NamedType('raVerified',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signature', POPOSigningKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class Controls(univ.SequenceOf):
componentType = AttributeTypeAndValue()
subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
class OptionalValidity(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('notBefore', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('notAfter', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
namedtype.OptionalNamedType('notBefore',
Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('notAfter',
Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class CertTemplate(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('version', Version().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('validity', OptionalValidity().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
namedtype.OptionalNamedType('version', Version().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('issuer', Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('validity', OptionalValidity().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('subject', Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
namedtype.OptionalNamedType('extensions', Extensions().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
class CertRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
@ -162,15 +239,20 @@ class CertRequest(univ.Sequence):
namedtype.OptionalNamedType('controls', Controls())
)
class CertReq(CertRequest): pass
class CertReq(CertRequest):
pass
class CertReqMsg(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReq', CertRequest()),
namedtype.OptionalNamedType('pop', ProofOfPossession()),
namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class CertReqMessages(univ.SequenceOf):
componentType = CertReqMsg()
subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)

99
src/pyasn1_modules/rfc2560.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# OCSP request/response syntax
#
# Derived from a minimal OCSP library (RFC2560) code written by
@ -16,9 +21,10 @@
# * dates are left as strings in GeneralizedTime format -- datetime.datetime
# would be nicer
#
from pyasn1.type import tag, namedtype, namedval, univ, constraint, useful
from pyasn1.type import tag, namedtype, namedval, univ, useful
from pyasn1_modules import rfc2459
# Start of OCSP module definitions
# This should be in directory Authentication Framework (X.509) module
@ -37,11 +43,14 @@ class CRLReason(univ.Enumerated):
('aACompromise', 10)
)
# end of directory Authentication Framework (X.509) module
# This should be in PKIX Certificate Extensions module
class GeneralName(univ.OctetString): pass
class GeneralName(univ.OctetString):
pass
# end of PKIX Certificate Extensions module
@ -55,19 +64,27 @@ id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5))
id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6))
id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7))
class AcceptableResponses(univ.SequenceOf):
componentType = univ.ObjectIdentifier()
class ArchiveCutoff(useful.GeneralizedTime): pass
class UnknownInfo(univ.Null): pass
class ArchiveCutoff(useful.GeneralizedTime):
pass
class UnknownInfo(univ.Null):
pass
class RevokedInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('revocationTime', useful.GeneralizedTime()),
namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class CertID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()),
@ -76,56 +93,76 @@ class CertID(univ.Sequence):
namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber())
)
class CertStatus(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('good', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('revoked', RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('unknown', UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
namedtype.NamedType('good',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('revoked',
RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('unknown',
UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class SingleResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certID', CertID()),
namedtype.NamedType('certStatus', CertStatus()),
namedtype.NamedType('thisUpdate', useful.GeneralizedTime()),
namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class KeyHash(univ.OctetString): pass
class KeyHash(univ.OctetString):
pass
class ResponderID(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('byName', rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('byKey', KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
namedtype.NamedType('byName',
rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('byKey',
KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class Version(univ.Integer):
namedValues = namedval.NamedValues(('v1', 0))
class ResponseData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.DefaultedNamedType('version', Version('v1').subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('responderID', ResponderID()),
namedtype.NamedType('producedAt', useful.GeneralizedTime()),
namedtype.NamedType('responses', univ.SequenceOf(SingleResponse())),
namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
namedtype.NamedType('responses', univ.SequenceOf(componentType=SingleResponse())),
namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class BasicOCSPResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsResponseData', ResponseData()),
namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()),
namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class ResponseBytes(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('responseType', univ.ObjectIdentifier()),
namedtype.NamedType('response', univ.OctetString())
)
class OCSPResponseStatus(univ.Enumerated):
namedValues = namedval.NamedValues(
('successful', 0),
@ -137,35 +174,47 @@ class OCSPResponseStatus(univ.Enumerated):
('unauthorized', 6)
)
class OCSPResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('responseStatus', OCSPResponseStatus()),
namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Request(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('reqCert', CertID()),
namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Signature(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()),
namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class TBSRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestorName', GeneralName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('requestList', univ.SequenceOf(Request())),
namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
namedtype.DefaultedNamedType('version', Version('v1').subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestorName', GeneralName().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('requestList', univ.SequenceOf(componentType=Request())),
namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class OCSPRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsRequest', TBSRequest()),
namedtype.OptionalNamedType('optionalSignature', Signature().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
namedtype.OptionalNamedType('optionalSignature', Signature().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)

231
src/pyasn1_modules/rfc3279.py Normal file
View File

@ -0,0 +1,231 @@
#
# This file is part of pyasn1-modules.
#
# Copyright (c) 2017, Danielle Madeley <danielle@madeley.id.au>
# License: http://pyasn1.sf.net/license.html
#
# Derived from RFC 3279
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
md2 = _OID(1, 2, 840, 113549, 2, 2)
md5 = _OID(1, 2, 840, 113549, 2, 5)
id_sha1 = _OID(1, 3, 14, 3, 2, 26)
id_dsa = _OID(1, 2, 840, 10040, 4, 1)
class DSAPublicKey(univ.Integer):
pass
class Dss_Parms(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('p', univ.Integer()),
namedtype.NamedType('q', univ.Integer()),
namedtype.NamedType('g', univ.Integer())
)
id_dsa_with_sha1 = _OID(1, 2, 840, 10040, 4, 3)
class Dss_Sig_Value(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('r', univ.Integer()),
namedtype.NamedType('s', univ.Integer())
)
pkcs_1 = _OID(1, 2, 840, 113549, 1, 1)
rsaEncryption = _OID(pkcs_1, 1)
md2WithRSAEncryption = _OID(pkcs_1, 2)
md5WithRSAEncryption = _OID(pkcs_1, 4)
sha1WithRSAEncryption = _OID(pkcs_1, 5)
class RSAPublicKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer())
)
dhpublicnumber = _OID(1, 2, 840, 10046, 2, 1)
class DHPublicKey(univ.Integer):
pass
class ValidationParms(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('seed', univ.BitString()),
namedtype.NamedType('pgenCounter', univ.Integer())
)
class DomainParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('p', univ.Integer()),
namedtype.NamedType('g', univ.Integer()),
namedtype.NamedType('q', univ.Integer()),
namedtype.OptionalNamedType('j', univ.Integer()),
namedtype.OptionalNamedType('validationParms', ValidationParms())
)
id_keyExchangeAlgorithm = _OID(2, 16, 840, 1, 101, 2, 1, 1, 22)
class KEA_Parms_Id(univ.OctetString):
pass
ansi_X9_62 = _OID(1, 2, 840, 10045)
class FieldID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('fieldType', univ.ObjectIdentifier()),
namedtype.NamedType('parameters', univ.Any())
)
id_ecSigType = _OID(ansi_X9_62, 4)
ecdsa_with_SHA1 = _OID(id_ecSigType, 1)
class ECDSA_Sig_Value(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('r', univ.Integer()),
namedtype.NamedType('s', univ.Integer())
)
id_fieldType = _OID(ansi_X9_62, 1)
prime_field = _OID(id_fieldType, 1)
class Prime_p(univ.Integer):
pass
characteristic_two_field = _OID(id_fieldType, 2)
class Characteristic_two(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('m', univ.Integer()),
namedtype.NamedType('basis', univ.ObjectIdentifier()),
namedtype.NamedType('parameters', univ.Any())
)
id_characteristic_two_basis = _OID(characteristic_two_field, 3)
gnBasis = _OID(id_characteristic_two_basis, 1)
tpBasis = _OID(id_characteristic_two_basis, 2)
class Trinomial(univ.Integer):
pass
ppBasis = _OID(id_characteristic_two_basis, 3)
class Pentanomial(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('k1', univ.Integer()),
namedtype.NamedType('k2', univ.Integer()),
namedtype.NamedType('k3', univ.Integer())
)
class FieldElement(univ.OctetString):
pass
class ECPoint(univ.OctetString):
pass
class Curve(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('a', FieldElement()),
namedtype.NamedType('b', FieldElement()),
namedtype.OptionalNamedType('seed', univ.BitString())
)
class ECPVer(univ.Integer):
namedValues = namedval.NamedValues(
('ecpVer1', 1)
)
class ECParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', ECPVer()),
namedtype.NamedType('fieldID', FieldID()),
namedtype.NamedType('curve', Curve()),
namedtype.NamedType('base', ECPoint()),
namedtype.NamedType('order', univ.Integer()),
namedtype.OptionalNamedType('cofactor', univ.Integer())
)
class EcpkParameters(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ecParameters', ECParameters()),
namedtype.NamedType('namedCurve', univ.ObjectIdentifier()),
namedtype.NamedType('implicitlyCA', univ.Null())
)
id_publicKeyType = _OID(ansi_X9_62, 2)
id_ecPublicKey = _OID(id_publicKeyType, 1)
ellipticCurve = _OID(ansi_X9_62, 3)
c_TwoCurve = _OID(ellipticCurve, 0)
c2pnb163v1 = _OID(c_TwoCurve, 1)
c2pnb163v2 = _OID(c_TwoCurve, 2)
c2pnb163v3 = _OID(c_TwoCurve, 3)
c2pnb176w1 = _OID(c_TwoCurve, 4)
c2tnb191v1 = _OID(c_TwoCurve, 5)
c2tnb191v2 = _OID(c_TwoCurve, 6)
c2tnb191v3 = _OID(c_TwoCurve, 7)
c2onb191v4 = _OID(c_TwoCurve, 8)
c2onb191v5 = _OID(c_TwoCurve, 9)
c2pnb208w1 = _OID(c_TwoCurve, 10)
c2tnb239v1 = _OID(c_TwoCurve, 11)
c2tnb239v2 = _OID(c_TwoCurve, 12)
c2tnb239v3 = _OID(c_TwoCurve, 13)
c2onb239v4 = _OID(c_TwoCurve, 14)
c2onb239v5 = _OID(c_TwoCurve, 15)
c2pnb272w1 = _OID(c_TwoCurve, 16)
c2pnb304w1 = _OID(c_TwoCurve, 17)
c2tnb359v1 = _OID(c_TwoCurve, 18)
c2pnb368w1 = _OID(c_TwoCurve, 19)
c2tnb431r1 = _OID(c_TwoCurve, 20)
primeCurve = _OID(ellipticCurve, 1)
prime192v1 = _OID(primeCurve, 1)
prime192v2 = _OID(primeCurve, 2)
prime192v3 = _OID(primeCurve, 3)
prime239v1 = _OID(primeCurve, 4)
prime239v2 = _OID(primeCurve, 5)
prime239v3 = _OID(primeCurve, 6)
prime256v1 = _OID(primeCurve, 7)

1537
src/pyasn1_modules/rfc3280.py Normal file
View File

File diff suppressed because it is too large Load Diff

331
src/pyasn1_modules/rfc3281.py Normal file
View File

@ -0,0 +1,331 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# An Internet Attribute Certificate Profile for Authorization
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3281.txt
#
from pyasn1.type import univ
from pyasn1.type import char
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import constraint
from pyasn1.type import useful
from pyasn1_modules import rfc3280
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class ObjectDigestInfo(univ.Sequence):
pass
ObjectDigestInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('digestedObjectType', univ.Enumerated(
namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))),
namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()),
namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('objectDigest', univ.BitString())
)
class IssuerSerial(univ.Sequence):
pass
IssuerSerial.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.GeneralNames()),
namedtype.NamedType('serial', rfc3280.CertificateSerialNumber()),
namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier())
)
class TargetCert(univ.Sequence):
pass
TargetCert.componentType = namedtype.NamedTypes(
namedtype.NamedType('targetCertificate', IssuerSerial()),
namedtype.OptionalNamedType('targetName', rfc3280.GeneralName()),
namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo())
)
class Target(univ.Choice):
pass
Target.componentType = namedtype.NamedTypes(
namedtype.NamedType('targetName', rfc3280.GeneralName().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('targetCert',
TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class Targets(univ.SequenceOf):
pass
Targets.componentType = Target()
class ProxyInfo(univ.SequenceOf):
pass
ProxyInfo.componentType = Targets()
id_at_role = _buildOid(rfc3280.id_at, 72)
id_pe_aaControls = _buildOid(rfc3280.id_pe, 6)
id_ce_targetInformation = _buildOid(rfc3280.id_ce, 55)
id_pe_ac_auditIdentity = _buildOid(rfc3280.id_pe, 4)
class ClassList(univ.BitString):
pass
ClassList.namedValues = namedval.NamedValues(
('unmarked', 0),
('unclassified', 1),
('restricted', 2),
('confidential', 3),
('secret', 4),
('topSecret', 5)
)
class SecurityCategory(univ.Sequence):
pass
SecurityCategory.componentType = namedtype.NamedTypes(
namedtype.NamedType('type', univ.ObjectIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class Clearance(univ.Sequence):
pass
Clearance.componentType = namedtype.NamedTypes(
namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.DefaultedNamedType('classList',
ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)).subtype(
value="unclassified")),
namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class AttCertVersion(univ.Integer):
pass
AttCertVersion.namedValues = namedval.NamedValues(
('v2', 1)
)
id_aca = _buildOid(rfc3280.id_pkix, 10)
id_at_clearance = _buildOid(2, 5, 1, 5, 55)
class AttrSpec(univ.SequenceOf):
pass
AttrSpec.componentType = univ.ObjectIdentifier()
class AAControls(univ.Sequence):
pass
AAControls.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pathLenConstraint',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.OptionalNamedType('permittedAttrs',
AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('excludedAttrs',
AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1))
)
class AttCertValidityPeriod(univ.Sequence):
pass
AttCertValidityPeriod.componentType = namedtype.NamedTypes(
namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()),
namedtype.NamedType('notAfterTime', useful.GeneralizedTime())
)
id_aca_authenticationInfo = _buildOid(id_aca, 1)
class V2Form(univ.Sequence):
pass
V2Form.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('issuerName', rfc3280.GeneralNames()),
namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class AttCertIssuer(univ.Choice):
pass
AttCertIssuer.componentType = namedtype.NamedTypes(
namedtype.NamedType('v1Form', rfc3280.GeneralNames()),
namedtype.NamedType('v2Form',
V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Holder(univ.Sequence):
pass
Holder.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class AttributeCertificateInfo(univ.Sequence):
pass
AttributeCertificateInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', AttCertVersion()),
namedtype.NamedType('holder', Holder()),
namedtype.NamedType('issuer', AttCertIssuer()),
namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()),
namedtype.NamedType('attrCertValidityPeriod', AttCertValidityPeriod()),
namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc3280.Extensions())
)
class AttributeCertificate(univ.Sequence):
pass
AttributeCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('acinfo', AttributeCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('signatureValue', univ.BitString())
)
id_mod = _buildOid(rfc3280.id_pkix, 0)
id_mod_attribute_cert = _buildOid(id_mod, 12)
id_aca_accessIdentity = _buildOid(id_aca, 2)
class RoleSyntax(univ.Sequence):
pass
RoleSyntax.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('roleName',
rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_aca_chargingIdentity = _buildOid(id_aca, 3)
class ACClearAttrs(univ.Sequence):
pass
ACClearAttrs.componentType = namedtype.NamedTypes(
namedtype.NamedType('acIssuer', rfc3280.GeneralName()),
namedtype.NamedType('acSerial', univ.Integer()),
namedtype.NamedType('attrs', univ.SequenceOf(componentType=rfc3280.Attribute()))
)
id_aca_group = _buildOid(id_aca, 4)
id_pe_ac_proxying = _buildOid(rfc3280.id_pe, 10)
class SvceAuthInfo(univ.Sequence):
pass
SvceAuthInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('service', rfc3280.GeneralName()),
namedtype.NamedType('ident', rfc3280.GeneralName()),
namedtype.OptionalNamedType('authInfo', univ.OctetString())
)
class IetfAttrSyntax(univ.Sequence):
pass
IetfAttrSyntax.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType(
'policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
),
namedtype.NamedType(
'values', univ.SequenceOf(
componentType=univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('octets', univ.OctetString()),
namedtype.NamedType('oid', univ.ObjectIdentifier()),
namedtype.NamedType('string', char.UTF8String())
)
)
)
)
)
id_aca_encAttrs = _buildOid(id_aca, 6)

24
src/pyasn1_modules/rfc3412.py
View File

@ -1,12 +1,18 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv3 message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3412.txt
#
from pyasn1.type import univ, namedtype, namedval, tag, constraint
from pyasn1.type import univ, namedtype, constraint
from pyasn1_modules import rfc1905
class ScopedPDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contextEngineId', univ.OctetString()),
@ -14,25 +20,31 @@ class ScopedPDU(univ.Sequence):
namedtype.NamedType('data', rfc1905.PDUs())
)
class ScopedPduData(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('plaintext', ScopedPDU()),
namedtype.NamedType('encryptedPDU', univ.OctetString()),
)
class HeaderData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('msgID', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgMaxSize', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))),
namedtype.NamedType('msgID',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgMaxSize',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))),
namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))),
namedtype.NamedType('msgSecurityModel', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647)))
namedtype.NamedType('msgSecurityModel',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647)))
)
class SNMPv3Message(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('msgVersion', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgVersion',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgGlobalData', HeaderData()),
namedtype.NamedType('msgSecurityParameters', univ.OctetString()),
namedtype.NamedType('msgData', ScopedPduData())
)

17
src/pyasn1_modules/rfc3414.py
View File

@ -1,17 +1,26 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# SNMPv3 message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3414.txt
#
from pyasn1.type import univ, namedtype, namedval, tag, constraint
from pyasn1.type import univ, namedtype, constraint
class UsmSecurityParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()),
namedtype.NamedType('msgAuthoritativeEngineBoots', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgAuthoritativeEngineTime', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgUserName', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))),
namedtype.NamedType('msgAuthoritativeEngineBoots',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgAuthoritativeEngineTime',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgUserName',
univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))),
namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()),
namedtype.NamedType('msgPrivacyParameters', univ.OctetString())
)

12
src/pyasn1_modules/rfc3447.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# PKCS#1 syntax
#
# ASN.1 source from:
@ -6,8 +11,10 @@
#
# Sample captures could be obtained with "openssl genrsa" command
#
from pyasn1.type import constraint, namedval
from pyasn1_modules.rfc2437 import *
class OtherPrimeInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('prime', univ.Integer()),
@ -15,10 +22,11 @@ class OtherPrimeInfo(univ.Sequence):
namedtype.NamedType('coefficient', univ.Integer())
)
class OtherPrimeInfos(univ.SequenceOf):
componentType = OtherPrimeInfo()
subtypeSpec = univ.SequenceOf.subtypeSpec + \
constraint.ValueSizeConstraint(1, MAX)
subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
class RSAPrivateKey(univ.Sequence):
componentType = namedtype.NamedTypes(

701
src/pyasn1_modules/rfc3852.py Normal file
View File

@ -0,0 +1,701 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3852.txt
#
from pyasn1.type import univ, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc3280
from pyasn1_modules import rfc3281
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class AttributeValue(univ.Any):
pass
class Attribute(univ.Sequence):
pass
Attribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', univ.ObjectIdentifier()),
namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()))
)
class SignedAttributes(univ.SetOf):
pass
SignedAttributes.componentType = Attribute()
SignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class OtherRevocationInfoFormat(univ.Sequence):
pass
OtherRevocationInfoFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherRevInfo', univ.Any())
)
class RevocationInfoChoice(univ.Choice):
pass
RevocationInfoChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('crl', rfc3280.CertificateList()),
namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class RevocationInfoChoices(univ.SetOf):
pass
RevocationInfoChoices.componentType = RevocationInfoChoice()
class OtherKeyAttribute(univ.Sequence):
pass
OtherKeyAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('keyAttr', univ.Any())
)
id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2)
class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class EncryptedKey(univ.OctetString):
pass
class CMSVersion(univ.Integer):
pass
CMSVersion.namedValues = namedval.NamedValues(
('v0', 0),
('v1', 1),
('v2', 2),
('v3', 3),
('v4', 4),
('v5', 5)
)
class KEKIdentifier(univ.Sequence):
pass
KEKIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyIdentifier', univ.OctetString()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KEKRecipientInfo(univ.Sequence):
pass
KEKRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('kekid', KEKIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class PasswordRecipientInfo(univ.Sequence):
pass
PasswordRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class OtherRecipientInfo(univ.Sequence):
pass
OtherRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('oriType', univ.ObjectIdentifier()),
namedtype.NamedType('oriValue', univ.Any())
)
class IssuerAndSerialNumber(univ.Sequence):
pass
IssuerAndSerialNumber.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.Name()),
namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber())
)
class SubjectKeyIdentifier(univ.OctetString):
pass
class RecipientKeyIdentifier(univ.Sequence):
pass
RecipientKeyIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KeyAgreeRecipientIdentifier(univ.Choice):
pass
KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class RecipientEncryptedKey(univ.Sequence):
pass
RecipientEncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientEncryptedKeys(univ.SequenceOf):
pass
RecipientEncryptedKeys.componentType = RecipientEncryptedKey()
class UserKeyingMaterial(univ.OctetString):
pass
class OriginatorPublicKey(univ.Sequence):
pass
OriginatorPublicKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('publicKey', univ.BitString())
)
class OriginatorIdentifierOrKey(univ.Choice):
pass
OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class KeyAgreeRecipientInfo(univ.Sequence):
pass
KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys())
)
class RecipientIdentifier(univ.Choice):
pass
RecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class KeyTransRecipientInfo(univ.Sequence):
pass
KeyTransRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('rid', RecipientIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientInfo(univ.Choice):
pass
RecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('ktri', KeyTransRecipientInfo()),
namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('kekri', KEKRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('ori', OtherRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)))
)
class RecipientInfos(univ.SetOf):
pass
RecipientInfos.componentType = RecipientInfo()
RecipientInfos.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class Signature(univ.BitString):
pass
class SignerIdentifier(univ.Choice):
pass
SignerIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class UnprotectedAttributes(univ.SetOf):
pass
UnprotectedAttributes.componentType = Attribute()
UnprotectedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class ContentType(univ.ObjectIdentifier):
pass
class EncryptedContent(univ.OctetString):
pass
class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class EncryptedContentInfo(univ.Sequence):
pass
EncryptedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class EncryptedData(univ.Sequence):
pass
EncryptedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3)
id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1)
id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4)
class DigestAlgorithmIdentifiers(univ.SetOf):
pass
DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier()
class EncapsulatedContentInfo(univ.Sequence):
pass
EncapsulatedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('eContentType', ContentType()),
namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Digest(univ.OctetString):
pass
class DigestedData(univ.Sequence):
pass
DigestedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.NamedType('digest', Digest())
)
class ContentInfo(univ.Sequence):
pass
ContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class UnauthAttributes(univ.SetOf):
pass
UnauthAttributes.componentType = Attribute()
UnauthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class ExtendedCertificateInfo(univ.Sequence):
pass
ExtendedCertificateInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('certificate', rfc3280.Certificate()),
namedtype.NamedType('attributes', UnauthAttributes())
)
class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class ExtendedCertificate(univ.Sequence):
pass
ExtendedCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', Signature())
)
class OtherCertificateFormat(univ.Sequence):
pass
OtherCertificateFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherCert', univ.Any())
)
class AttributeCertificateV2(rfc3281.AttributeCertificate):
pass
class AttCertVersionV1(univ.Integer):
pass
AttCertVersionV1.namedValues = namedval.NamedValues(
('v1', 0)
)
class AttributeCertificateInfoV1(univ.Sequence):
pass
AttributeCertificateInfoV1.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")),
namedtype.NamedType(
'subject', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
)
),
namedtype.NamedType('issuer', rfc3280.GeneralNames()),
namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()),
namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()),
namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc3280.Extensions())
)
class AttributeCertificateV1(univ.Sequence):
pass
AttributeCertificateV1.componentType = namedtype.NamedTypes(
namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class CertificateChoices(univ.Choice):
pass
CertificateChoices.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc3280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('other', OtherCertificateFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class CertificateSet(univ.SetOf):
pass
CertificateSet.componentType = CertificateChoices()
class MessageAuthenticationCode(univ.OctetString):
pass
class UnsignedAttributes(univ.SetOf):
pass
UnsignedAttributes.componentType = Attribute()
UnsignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class SignatureValue(univ.OctetString):
pass
class SignerInfo(univ.Sequence):
pass
SignerInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('sid', SignerIdentifier()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', SignatureValue()),
namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class SignerInfos(univ.SetOf):
pass
SignerInfos.componentType = SignerInfo()
class SignedData(univ.Sequence):
pass
SignedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('certificates', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier):
pass
class MessageDigest(univ.OctetString):
pass
class Time(univ.Choice):
pass
Time.componentType = namedtype.NamedTypes(
namedtype.NamedType('utcTime', useful.UTCTime()),
namedtype.NamedType('generalTime', useful.GeneralizedTime())
)
class OriginatorInfo(univ.Sequence):
pass
OriginatorInfo.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('certs', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class AuthAttributes(univ.SetOf):
pass
AuthAttributes.componentType = Attribute()
AuthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class AuthenticatedData(univ.Sequence):
pass
AuthenticatedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()),
namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('mac', MessageAuthenticationCode()),
namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6)
id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3)
class EnvelopedData(univ.Sequence):
pass
EnvelopedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class Countersignature(SignerInfo):
pass
id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5)
id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5)
class ExtendedCertificateOrCertificate(univ.Choice):
pass
ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc3280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6)
id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2)
class SigningTime(Time):
pass
id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6)

330
src/pyasn1_modules/rfc4210.py
View File

@ -1,20 +1,34 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# Certificate Management Protocol structures as per RFC4210
#
# Based on Alex Railean's work
#
from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful
from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful
from pyasn1_modules import rfc2459, rfc2511, rfc2314
MAX = 64
MAX = float('inf')
class KeyIdentifier(univ.OctetString): pass
class CMPCertificate(rfc2459.Certificate): pass
class KeyIdentifier(univ.OctetString):
pass
class OOBCert(CMPCertificate): pass
class CertAnnContent(CMPCertificate): pass
class CMPCertificate(rfc2459.Certificate):
pass
class OOBCert(CMPCertificate):
pass
class CertAnnContent(CMPCertificate):
pass
class PKIFreeText(univ.SequenceOf):
"""
@ -23,6 +37,7 @@ class PKIFreeText(univ.SequenceOf):
componentType = char.UTF8String()
subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
class PollRepContent(univ.SequenceOf):
"""
PollRepContent ::= SEQUENCE OF SEQUENCE {
@ -31,14 +46,17 @@ class PollRepContent(univ.SequenceOf):
reason PKIFreeText OPTIONAL
}
"""
class CertReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('checkAfter', univ.Integer()),
namedtype.OptionalNamedType('reason', PKIFreeText())
)
componentType = CertReq()
class PollReqContent(univ.SequenceOf):
"""
PollReqContent ::= SEQUENCE OF SEQUENCE {
@ -46,12 +64,15 @@ class PollReqContent(univ.SequenceOf):
}
"""
class CertReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer())
)
componentType = CertReq()
class InfoTypeAndValue(univ.Sequence):
"""
InfoTypeAndValue ::= SEQUENCE {
@ -63,17 +84,23 @@ class InfoTypeAndValue(univ.Sequence):
namedtype.OptionalNamedType('infoValue', univ.Any())
)
class GenRepContent(univ.SequenceOf):
componentType = InfoTypeAndValue()
class GenMsgContent(univ.SequenceOf):
componentType = InfoTypeAndValue()
class PKIConfirmContent(univ.Null): pass
class PKIConfirmContent(univ.Null):
pass
class CRLAnnContent(univ.SequenceOf):
componentType = rfc2459.CertificateList()
class CAKeyUpdAnnContent(univ.Sequence):
"""
CAKeyUpdAnnContent ::= SEQUENCE {
@ -88,6 +115,7 @@ class CAKeyUpdAnnContent(univ.Sequence):
namedtype.NamedType('newWithNew', CMPCertificate())
)
class RevDetails(univ.Sequence):
"""
RevDetails ::= SEQUENCE {
@ -100,9 +128,11 @@ class RevDetails(univ.Sequence):
namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions())
)
class RevReqContent(univ.SequenceOf):
componentType = RevDetails()
class CertOrEncCert(univ.Choice):
"""
CertOrEncCert ::= CHOICE {
@ -111,16 +141,11 @@ class CertOrEncCert(univ.Choice):
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', CMPCertificate().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
)
namedtype.NamedType('certificate', CMPCertificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class CertifiedKeyPair(univ.Sequence):
"""
CertifiedKeyPair ::= SEQUENCE {
@ -131,20 +156,15 @@ class CertifiedKeyPair(univ.Sequence):
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certOrEncCert', CertOrEncCert()),
namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
)
namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class POPODecKeyRespContent(univ.SequenceOf):
componentType = univ.Integer()
class Challenge(univ.Sequence):
"""
Challenge ::= SEQUENCE {
@ -159,6 +179,7 @@ class Challenge(univ.Sequence):
namedtype.NamedType('challenge', univ.OctetString())
)
class PKIStatus(univ.Integer):
"""
PKIStatus ::= INTEGER {
@ -181,6 +202,7 @@ class PKIStatus(univ.Integer):
('keyUpdateWarning', 6)
)
class PKIFailureInfo(univ.BitString):
"""
PKIFailureInfo ::= BIT STRING {
@ -242,6 +264,7 @@ class PKIFailureInfo(univ.BitString):
('duplicateCertReq', 26)
)
class PKIStatusInfo(univ.Sequence):
"""
PKIStatusInfo ::= SEQUENCE {
@ -256,6 +279,7 @@ class PKIStatusInfo(univ.Sequence):
namedtype.OptionalNamedType('failInfo', PKIFailureInfo())
)
class ErrorMsgContent(univ.Sequence):
"""
ErrorMsgContent ::= SEQUENCE {
@ -272,6 +296,7 @@ class ErrorMsgContent(univ.Sequence):
namedtype.OptionalNamedType('errorDetails', PKIFreeText())
)
class CertStatus(univ.Sequence):
"""
CertStatus ::= SEQUENCE {
@ -286,9 +311,11 @@ class CertStatus(univ.Sequence):
namedtype.OptionalNamedType('statusInfo', PKIStatusInfo())
)
class CertConfirmContent(univ.SequenceOf):
componentType = CertStatus()
class RevAnnContent(univ.Sequence):
"""
RevAnnContent ::= SEQUENCE {
@ -307,6 +334,7 @@ class RevAnnContent(univ.Sequence):
namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions())
)
class RevRepContent(univ.Sequence):
"""
RevRepContent ::= SEQUENCE {
@ -318,22 +346,21 @@ class RevRepContent(univ.Sequence):
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatusInfo()),
namedtype.OptionalNamedType('revCerts', univ.SequenceOf(
componentType=rfc2511.CertId()
).subtype(
namedtype.OptionalNamedType(
'revCerts', univ.SequenceOf(componentType=rfc2511.CertId()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.OptionalNamedType('crls', univ.SequenceOf(
componentType=rfc2459.CertificateList()
).subtype(
namedtype.OptionalNamedType(
'crls', univ.SequenceOf(componentType=rfc2459.CertificateList()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
)
)
class KeyRecRepContent(univ.Sequence):
"""
KeyRecRepContent ::= SEQUENCE {
@ -347,26 +374,24 @@ class KeyRecRepContent(univ.Sequence):
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatusInfo()),
namedtype.OptionalNamedType('newSigCert', CMPCertificate().subtype(
namedtype.OptionalNamedType(
'newSigCert', CMPCertificate().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.OptionalNamedType('caCerts', univ.SequenceOf(
componentType=CMPCertificate()
).subtype(
namedtype.OptionalNamedType(
'caCerts', univ.SequenceOf(componentType=CMPCertificate()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1),
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
)
),
namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf(
componentType=CertifiedKeyPair()
).subtype(
namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf(componentType=CertifiedKeyPair()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2),
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
)
subtypeSpec=constraint.ValueSizeConstraint(1, MAX))
)
)
class CertResponse(univ.Sequence):
"""
CertResponse ::= SEQUENCE {
@ -383,6 +408,7 @@ class CertResponse(univ.Sequence):
namedtype.OptionalNamedType('rspInfo', univ.OctetString())
)
class CertRepMessage(univ.Sequence):
"""
CertRepMessage ::= SEQUENCE {
@ -392,21 +418,19 @@ class CertRepMessage(univ.Sequence):
}
"""
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('caPubs', univ.SequenceOf(
namedtype.OptionalNamedType(
'caPubs', univ.SequenceOf(
componentType=CMPCertificate()
).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1)
)
).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))
),
namedtype.NamedType('response', univ.SequenceOf(
componentType=CertResponse())
)
namedtype.NamedType('response', univ.SequenceOf(componentType=CertResponse()))
)
class POPODecKeyChallContent(univ.SequenceOf):
componentType = Challenge()
class OOBCertHash(univ.Sequence):
"""
OOBCertHash ::= SEQUENCE {
@ -416,18 +440,16 @@ class OOBCertHash(univ.Sequence):
}
"""
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('hashAlg',
rfc2459.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0)
)
namedtype.OptionalNamedType(
'hashAlg', rfc2459.AlgorithmIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
),
namedtype.OptionalNamedType('certId', rfc2511.CertId().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1)
)
namedtype.OptionalNamedType(
'certId', rfc2511.CertId().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))
),
namedtype.NamedType('hashVal', univ.BitString())
)
# pyasn1 does not naturally handle recursive definitions, thus this hack:
# NestedMessageContent ::= PKIMessages
class NestedMessageContent(univ.SequenceOf):
@ -436,6 +458,7 @@ class NestedMessageContent(univ.SequenceOf):
"""
componentType = univ.Any()
class DHBMParameter(univ.Sequence):
"""
DHBMParameter ::= SEQUENCE {
@ -450,8 +473,10 @@ class DHBMParameter(univ.Sequence):
namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier())
)
id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30')
class PBMParameter(univ.Sequence):
"""
PBMParameter ::= SEQUENCE {
@ -462,22 +487,27 @@ class PBMParameter(univ.Sequence):
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('salt', univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(0, 128)
)
namedtype.NamedType(
'salt', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 128))
),
namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('iterationCount', univ.Integer()),
namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier())
)
id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13')
class PKIProtection(univ.BitString): pass
class PKIProtection(univ.BitString):
pass
# pyasn1 does not naturally handle recursive definitions, thus this hack:
# NestedMessageContent ::= PKIMessages
nestedMessageContent = NestedMessageContent().subtype(explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20))
nestedMessageContent = NestedMessageContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 20))
class PKIBody(univ.Choice):
"""
@ -512,113 +542,141 @@ class PKIBody(univ.Choice):
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('ir', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,0)
namedtype.NamedType(
'ir', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.NamedType('ip', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,1)
namedtype.NamedType(
'ip', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
),
namedtype.NamedType('cr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,2)
namedtype.NamedType(
'cr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)
)
),
namedtype.NamedType('cp', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,3)
namedtype.NamedType(
'cp', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)
)
),
namedtype.NamedType('p10cr', rfc2314.CertificationRequest().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,4)
namedtype.NamedType(
'p10cr', rfc2314.CertificationRequest().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)
)
),
namedtype.NamedType('popdecc', POPODecKeyChallContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,5)
namedtype.NamedType(
'popdecc', POPODecKeyChallContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5)
)
),
namedtype.NamedType('popdecr', POPODecKeyRespContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,6)
namedtype.NamedType(
'popdecr', POPODecKeyRespContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6)
)
),
namedtype.NamedType('kur', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,7)
namedtype.NamedType(
'kur', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)
)
),
namedtype.NamedType('kup', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,8)
namedtype.NamedType(
'kup', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8)
)
),
namedtype.NamedType('krr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,9)
namedtype.NamedType(
'krr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)
)
),
namedtype.NamedType('krp', KeyRecRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,10)
namedtype.NamedType(
'krp', KeyRecRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10)
)
),
namedtype.NamedType('rr', RevReqContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,11)
namedtype.NamedType(
'rr', RevReqContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11)
)
),
namedtype.NamedType('rp', RevRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,12)
namedtype.NamedType(
'rp', RevRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12)
)
),
namedtype.NamedType('ccr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,13)
namedtype.NamedType(
'ccr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13)
)
),
namedtype.NamedType('ccp', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,14)
namedtype.NamedType(
'ccp', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14)
)
),
namedtype.NamedType('ckuann', CAKeyUpdAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,15)
namedtype.NamedType(
'ckuann', CAKeyUpdAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15)
)
),
namedtype.NamedType('cann', CertAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,16)
namedtype.NamedType(
'cann', CertAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16)
)
),
namedtype.NamedType('rann', RevAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,17)
namedtype.NamedType(
'rann', RevAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17)
)
),
namedtype.NamedType('crlann', CRLAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,18)
namedtype.NamedType(
'crlann', CRLAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18)
)
),
namedtype.NamedType('pkiconf', PKIConfirmContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,19)
namedtype.NamedType(
'pkiconf', PKIConfirmContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19)
)
),
namedtype.NamedType('nested', nestedMessageContent),
# namedtype.NamedType('nested', NestedMessageContent().subtype(
# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)
# )
# ),
namedtype.NamedType('genm', GenMsgContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,21)
namedtype.NamedType(
'nested', nestedMessageContent
),
# namedtype.NamedType('nested', NestedMessageContent().subtype(
# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)
# )
# ),
namedtype.NamedType(
'genm', GenMsgContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21)
)
),
namedtype.NamedType('gen', GenRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,22)
namedtype.NamedType(
'gen', GenRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22)
)
),
namedtype.NamedType('error', ErrorMsgContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,23)
namedtype.NamedType(
'error', ErrorMsgContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23)
)
),
namedtype.NamedType('certConf', CertConfirmContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,24)
namedtype.NamedType(
'certConf', CertConfirmContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24)
)
),
namedtype.NamedType('pollReq', PollReqContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,25)
namedtype.NamedType(
'pollReq', PollReqContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25)
)
),
namedtype.NamedType('pollRep', PollRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,26)
namedtype.NamedType(
'pollRep', PollRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26)
)
)
)
@ -644,24 +702,29 @@ class PKIHeader(univ.Sequence):
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('pvno', univ.Integer(
namedValues=namedval.NamedValues(
('cmp1999', 1),
('cmp2000', 2)
)
namedtype.NamedType(
'pvno', univ.Integer(
namedValues=namedval.NamedValues(('cmp1999', 1), ('cmp2000', 2))
)
),
namedtype.NamedType('sender', rfc2459.GeneralName()),
namedtype.NamedType('recipient', rfc2459.GeneralName()),
namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))),
namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))),
namedtype.OptionalNamedType('generalInfo',
univ.SequenceOf(
componentType=InfoTypeAndValue().subtype(
@ -672,6 +735,7 @@ class PKIHeader(univ.Sequence):
)
)
class ProtectedPart(univ.Sequence):
"""
ProtectedPart ::= SEQUENCE {
@ -684,6 +748,7 @@ class ProtectedPart(univ.Sequence):
namedtype.NamedType('infoValue', PKIBody())
)
class PKIMessage(univ.Sequence):
"""
PKIMessage ::= SEQUENCE {
@ -696,8 +761,9 @@ class PKIMessage(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('header', PKIHeader()),
namedtype.NamedType('body', PKIBody()),
namedtype.OptionalNamedType('protection', PKIProtection().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType( 'extraCerts',
namedtype.OptionalNamedType('protection', PKIProtection().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('extraCerts',
univ.SequenceOf(
componentType=CMPCertificate()
).subtype(
@ -707,6 +773,7 @@ class PKIMessage(univ.Sequence):
)
)
class PKIMessages(univ.SequenceOf):
"""
PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage
@ -714,7 +781,8 @@ class PKIMessages(univ.SequenceOf):
componentType = PKIMessage()
subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
# pyasn1 does not naturally handle recursive definitions, thus this hack:
# NestedMessageContent ::= PKIMessages
NestedMessageContent.componentType = PKIMessages()
nestedMessageContent.componentType = PKIMessages()
NestedMessageContent._componentType = PKIMessages()
nestedMessageContent._componentType = PKIMessages()

391
src/pyasn1_modules/rfc4211.py Normal file
View File

@ -0,0 +1,391 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# Internet X.509 Public Key Infrastructure Certificate Request
# Message Format (CRMF)
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc4211.txt
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint
from pyasn1_modules import rfc3280
from pyasn1_modules import rfc3852
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7)
id_pkip = _buildOid(id_pkix, 5)
id_regCtrl = _buildOid(id_pkip, 1)
class SinglePubInfo(univ.Sequence):
pass
SinglePubInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('pubMethod', univ.Integer(
namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))),
namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName())
)
class UTF8Pairs(char.UTF8String):
pass
class PKMACValue(univ.Sequence):
pass
PKMACValue.componentType = namedtype.NamedTypes(
namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('value', univ.BitString())
)
class POPOSigningKeyInput(univ.Sequence):
pass
POPOSigningKeyInput.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'authInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
),
namedtype.NamedType(
'publicKeyMAC', PKMACValue()
)
)
)
),
namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo())
)
class POPOSigningKey(univ.Sequence):
pass
POPOSigningKey.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class Attributes(univ.SetOf):
pass
Attributes.componentType = rfc3280.Attribute()
class PrivateKeyInfo(univ.Sequence):
pass
PrivateKeyInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer()),
namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('privateKey', univ.OctetString()),
namedtype.OptionalNamedType('attributes',
Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class EncryptedValue(univ.Sequence):
pass
EncryptedValue.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.NamedType('encValue', univ.BitString())
)
class EncryptedKey(univ.Choice):
pass
EncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedValue', EncryptedValue()),
namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class KeyGenParameters(univ.OctetString):
pass
class PKIArchiveOptions(univ.Choice):
pass
PKIArchiveOptions.componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedPrivKey',
EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('keyGenParameters',
KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('archiveRemGenPrivKey',
univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
id_regCtrl_authenticator = _buildOid(id_regCtrl, 2)
id_regInfo = _buildOid(id_pkip, 2)
id_regInfo_certReq = _buildOid(id_regInfo, 2)
class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo):
pass
class Authenticator(char.UTF8String):
pass
class SubsequentMessage(univ.Integer):
pass
SubsequentMessage.namedValues = namedval.NamedValues(
('encrCert', 0),
('challengeResp', 1)
)
class AttributeTypeAndValue(univ.Sequence):
pass
AttributeTypeAndValue.componentType = namedtype.NamedTypes(
namedtype.NamedType('type', univ.ObjectIdentifier()),
namedtype.NamedType('value', univ.Any())
)
class POPOPrivKey(univ.Choice):
pass
POPOPrivKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('thisMessage',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subsequentMessage',
SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('dhMAC',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('agreeMAC',
PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class ProofOfPossession(univ.Choice):
pass
ProofOfPossession.componentType = namedtype.NamedTypes(
namedtype.NamedType('raVerified',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signature', POPOSigningKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('keyEncipherment',
POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('keyAgreement',
POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class OptionalValidity(univ.Sequence):
pass
OptionalValidity.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class CertTemplate(univ.Sequence):
pass
CertTemplate.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('version', rfc3280.Version().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('validity', OptionalValidity().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('subject', rfc3280.Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9)))
)
class Controls(univ.SequenceOf):
pass
Controls.componentType = AttributeTypeAndValue()
Controls.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class CertRequest(univ.Sequence):
pass
CertRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('certTemplate', CertTemplate()),
namedtype.OptionalNamedType('controls', Controls())
)
class CertReqMsg(univ.Sequence):
pass
CertReqMsg.componentType = namedtype.NamedTypes(
namedtype.NamedType('certReq', CertRequest()),
namedtype.OptionalNamedType('popo', ProofOfPossession()),
namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()))
)
class CertReqMessages(univ.SequenceOf):
pass
CertReqMessages.componentType = CertReqMsg()
CertReqMessages.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class CertReq(CertRequest):
pass
id_regCtrl_pkiPublicationInfo = _buildOid(id_regCtrl, 3)
class CertId(univ.Sequence):
pass
CertId.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.GeneralName()),
namedtype.NamedType('serialNumber', univ.Integer())
)
class OldCertId(CertId):
pass
class PKIPublicationInfo(univ.Sequence):
pass
PKIPublicationInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('action',
univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()))
)
class EncKeyWithID(univ.Sequence):
pass
EncKeyWithID.componentType = namedtype.NamedTypes(
namedtype.NamedType('privateKey', PrivateKeyInfo()),
namedtype.OptionalNamedType(
'identifier', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('string', char.UTF8String()),
namedtype.NamedType('generalName', rfc3280.GeneralName())
)
)
)
)
id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6)
id_regCtrl_oldCertID = _buildOid(id_regCtrl, 5)
id_smime = _buildOid(1, 2, 840, 113549, 1, 9, 16)
class PBMParameter(univ.Sequence):
pass
PBMParameter.componentType = namedtype.NamedTypes(
namedtype.NamedType('salt', univ.OctetString()),
namedtype.NamedType('owf', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('iterationCount', univ.Integer()),
namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier())
)
id_regCtrl_regToken = _buildOid(id_regCtrl, 1)
id_regCtrl_pkiArchiveOptions = _buildOid(id_regCtrl, 4)
id_regInfo_utf8Pairs = _buildOid(id_regInfo, 1)
id_ct = _buildOid(id_smime, 1)
id_ct_encKeyWithID = _buildOid(id_ct, 21)
class RegToken(char.UTF8String):
pass

29
src/pyasn1_modules/rfc5208.py
View File

@ -1,4 +1,9 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# PKCS#8 syntax
#
# ASN.1 source from:
@ -6,15 +11,21 @@
#
# Sample captures could be obtained with "openssl pkcs8 -topk8" command
#
from pyasn1.type import tag, namedtype, namedval, univ, constraint
from pyasn1_modules.rfc2459 import *
from pyasn1_modules import rfc2251
class KeyEncryptionAlgorithms(AlgorithmIdentifier): pass
class PrivateKeyAlgorithms(AlgorithmIdentifier): pass
class KeyEncryptionAlgorithms(AlgorithmIdentifier):
pass
class PrivateKeyAlgorithms(AlgorithmIdentifier):
pass
class EncryptedData(univ.OctetString):
pass
class EncryptedData(univ.OctetString): pass
class EncryptedPrivateKeyInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
@ -22,18 +33,24 @@ class EncryptedPrivateKeyInfo(univ.Sequence):
namedtype.NamedType('encryptedData', EncryptedData())
)
class PrivateKey(univ.OctetString): pass
class PrivateKey(univ.OctetString):
pass
class Attributes(univ.SetOf):
componentType = rfc2251.Attribute()
class Version(univ.Integer):
namedValues = namedval.NamedValues(('v1', 0), ('v2', 1))
class PrivateKeyInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('privateKey', PrivateKey()),
namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
namedtype.OptionalNamedType('attributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)

1597
src/pyasn1_modules/rfc5280.py Normal file
View File

File diff suppressed because it is too large Load Diff

706
src/pyasn1_modules/rfc5652.py Normal file
View File

@ -0,0 +1,706 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc5652.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc3281
from pyasn1_modules import rfc5280
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class AttCertVersionV1(univ.Integer):
pass
AttCertVersionV1.namedValues = namedval.NamedValues(
('v1', 0)
)
class AttributeCertificateInfoV1(univ.Sequence):
pass
AttributeCertificateInfoV1.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")),
namedtype.NamedType(
'subject', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
)
),
namedtype.NamedType('issuer', rfc5280.GeneralNames()),
namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()),
namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()),
namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc5280.Extensions())
)
class AttributeCertificateV1(univ.Sequence):
pass
AttributeCertificateV1.componentType = namedtype.NamedTypes(
namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class AttributeValue(univ.Any):
pass
class Attribute(univ.Sequence):
pass
Attribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', univ.ObjectIdentifier()),
namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()))
)
class SignedAttributes(univ.SetOf):
pass
SignedAttributes.componentType = Attribute()
SignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class AttributeCertificateV2(rfc3281.AttributeCertificate):
pass
class OtherKeyAttribute(univ.Sequence):
pass
OtherKeyAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('keyAttr', univ.Any())
)
class UnauthAttributes(univ.SetOf):
pass
UnauthAttributes.componentType = Attribute()
UnauthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6)
class SignatureValue(univ.OctetString):
pass
class IssuerAndSerialNumber(univ.Sequence):
pass
IssuerAndSerialNumber.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc5280.Name()),
namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber())
)
class SubjectKeyIdentifier(univ.OctetString):
pass
class RecipientKeyIdentifier(univ.Sequence):
pass
RecipientKeyIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KeyAgreeRecipientIdentifier(univ.Choice):
pass
KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class EncryptedKey(univ.OctetString):
pass
class RecipientEncryptedKey(univ.Sequence):
pass
RecipientEncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientEncryptedKeys(univ.SequenceOf):
pass
RecipientEncryptedKeys.componentType = RecipientEncryptedKey()
class MessageAuthenticationCode(univ.OctetString):
pass
class CMSVersion(univ.Integer):
pass
CMSVersion.namedValues = namedval.NamedValues(
('v0', 0),
('v1', 1),
('v2', 2),
('v3', 3),
('v4', 4),
('v5', 5)
)
class OtherCertificateFormat(univ.Sequence):
pass
OtherCertificateFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherCert', univ.Any())
)
class ExtendedCertificateInfo(univ.Sequence):
pass
ExtendedCertificateInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('certificate', rfc5280.Certificate()),
namedtype.NamedType('attributes', UnauthAttributes())
)
class Signature(univ.BitString):
pass
class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class ExtendedCertificate(univ.Sequence):
pass
ExtendedCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', Signature())
)
class CertificateChoices(univ.Choice):
pass
CertificateChoices.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc5280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('other', OtherCertificateFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class CertificateSet(univ.SetOf):
pass
CertificateSet.componentType = CertificateChoices()
class OtherRevocationInfoFormat(univ.Sequence):
pass
OtherRevocationInfoFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherRevInfo', univ.Any())
)
class RevocationInfoChoice(univ.Choice):
pass
RevocationInfoChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('crl', rfc5280.CertificateList()),
namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class RevocationInfoChoices(univ.SetOf):
pass
RevocationInfoChoices.componentType = RevocationInfoChoice()
class OriginatorInfo(univ.Sequence):
pass
OriginatorInfo.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('certs', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class ContentType(univ.ObjectIdentifier):
pass
class EncryptedContent(univ.OctetString):
pass
class ContentEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class EncryptedContentInfo(univ.Sequence):
pass
EncryptedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class UnprotectedAttributes(univ.SetOf):
pass
UnprotectedAttributes.componentType = Attribute()
UnprotectedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class KEKIdentifier(univ.Sequence):
pass
KEKIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyIdentifier', univ.OctetString()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KEKRecipientInfo(univ.Sequence):
pass
KEKRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('kekid', KEKIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class KeyDerivationAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class PasswordRecipientInfo(univ.Sequence):
pass
PasswordRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientIdentifier(univ.Choice):
pass
RecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class KeyTransRecipientInfo(univ.Sequence):
pass
KeyTransRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('rid', RecipientIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class UserKeyingMaterial(univ.OctetString):
pass
class OriginatorPublicKey(univ.Sequence):
pass
OriginatorPublicKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('publicKey', univ.BitString())
)
class OriginatorIdentifierOrKey(univ.Choice):
pass
OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class KeyAgreeRecipientInfo(univ.Sequence):
pass
KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys())
)
class OtherRecipientInfo(univ.Sequence):
pass
OtherRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('oriType', univ.ObjectIdentifier()),
namedtype.NamedType('oriValue', univ.Any())
)
class RecipientInfo(univ.Choice):
pass
RecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('ktri', KeyTransRecipientInfo()),
namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('kekri', KEKRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('ori', OtherRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)))
)
class RecipientInfos(univ.SetOf):
pass
RecipientInfos.componentType = RecipientInfo()
RecipientInfos.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class EnvelopedData(univ.Sequence):
pass
EnvelopedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6)
id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5)
class EncryptedData(univ.Sequence):
pass
EncryptedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4)
id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2)
class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier):
pass
class UnsignedAttributes(univ.SetOf):
pass
UnsignedAttributes.componentType = Attribute()
UnsignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class SignerIdentifier(univ.Choice):
pass
SignerIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class SignerInfo(univ.Sequence):
pass
SignerInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('sid', SignerIdentifier()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', SignatureValue()),
namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class SignerInfos(univ.SetOf):
pass
SignerInfos.componentType = SignerInfo()
class Countersignature(SignerInfo):
pass
class ContentInfo(univ.Sequence):
pass
ContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class EncapsulatedContentInfo(univ.Sequence):
pass
EncapsulatedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('eContentType', ContentType()),
namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6)
id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1)
class MessageDigest(univ.OctetString):
pass
class AuthAttributes(univ.SetOf):
pass
AuthAttributes.componentType = Attribute()
AuthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class Time(univ.Choice):
pass
Time.componentType = namedtype.NamedTypes(
namedtype.NamedType('utcTime', useful.UTCTime()),
namedtype.NamedType('generalTime', useful.GeneralizedTime())
)
class AuthenticatedData(univ.Sequence):
pass
AuthenticatedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()),
namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('mac', MessageAuthenticationCode()),
namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3)
class ExtendedCertificateOrCertificate(univ.Choice):
pass
ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc5280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Digest(univ.OctetString):
pass
class DigestedData(univ.Sequence):
pass
DigestedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.NamedType('digest', Digest())
)
id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3)
class DigestAlgorithmIdentifiers(univ.SetOf):
pass
DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier()
class SignedData(univ.Sequence):
pass
SignedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('certificates', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5)
class SigningTime(Time):
pass
id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2)

561
src/pyasn1_modules/rfc6402.py Normal file
View File

@ -0,0 +1,561 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com>
# License: http://pyasn1.sf.net/license.html
#
# Certificate Management over CMS (CMC) Updates
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc6402.txt
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc4211
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class ChangeSubjectName(univ.Sequence):
pass
ChangeSubjectName.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('subject', rfc5280.Name()),
namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames())
)
class AttributeValue(univ.Any):
pass
class CMCStatus(univ.Integer):
pass
CMCStatus.namedValues = namedval.NamedValues(
('success', 0),
('failed', 2),
('pending', 3),
('noSupport', 4),
('confirmRequired', 5),
('popRequired', 6),
('partial', 7)
)
class PendInfo(univ.Sequence):
pass
PendInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('pendToken', univ.OctetString()),
namedtype.NamedType('pendTime', useful.GeneralizedTime())
)
bodyIdMax = univ.Integer(4294967295)
class BodyPartID(univ.Integer):
pass
BodyPartID.subtypeSpec = constraint.ValueRangeConstraint(0, bodyIdMax)
class BodyPartPath(univ.SequenceOf):
pass
BodyPartPath.componentType = BodyPartID()
BodyPartPath.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class BodyPartReference(univ.Choice):
pass
BodyPartReference.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('bodyPartPath', BodyPartPath())
)
class CMCFailInfo(univ.Integer):
pass
CMCFailInfo.namedValues = namedval.NamedValues(
('badAlg', 0),
('badMessageCheck', 1),
('badRequest', 2),
('badTime', 3),
('badCertId', 4),
('unsupportedExt', 5),
('mustArchiveKeys', 6),
('badIdentity', 7),
('popRequired', 8),
('popFailed', 9),
('noKeyReuse', 10),
('internalCAError', 11),
('tryLater', 12),
('authDataFail', 13)
)
class CMCStatusInfoV2(univ.Sequence):
pass
CMCStatusInfoV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('cMCStatus', CMCStatus()),
namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())),
namedtype.OptionalNamedType('statusString', char.UTF8String()),
namedtype.OptionalNamedType(
'otherInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('failInfo', CMCFailInfo()),
namedtype.NamedType('pendInfo', PendInfo()),
namedtype.NamedType(
'extendedFailInfo', univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()),
namedtype.NamedType('failInfoValue', AttributeValue()))
)
)
)
)
)
)
class GetCRL(univ.Sequence):
pass
GetCRL.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerName', rfc5280.Name()),
namedtype.OptionalNamedType('cRLName', rfc5280.GeneralName()),
namedtype.OptionalNamedType('time', useful.GeneralizedTime()),
namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags())
)
id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7)
id_cmc = _buildOid(id_pkix, 7)
id_cmc_batchResponses = _buildOid(id_cmc, 29)
id_cmc_popLinkWitness = _buildOid(id_cmc, 23)
class PopLinkWitnessV2(univ.Sequence):
pass
PopLinkWitnessV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyGenAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('macAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
id_cmc_popLinkWitnessV2 = _buildOid(id_cmc, 33)
id_cmc_identityProofV2 = _buildOid(id_cmc, 34)
id_cmc_revokeRequest = _buildOid(id_cmc, 17)
id_cmc_recipientNonce = _buildOid(id_cmc, 7)
class ControlsProcessed(univ.Sequence):
pass
ControlsProcessed.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference()))
)
class CertificationRequest(univ.Sequence):
pass
CertificationRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'certificationRequestInfo', univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer()),
namedtype.NamedType('subject', rfc5280.Name()),
namedtype.NamedType(
'subjectPublicKeyInfo', univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('subjectPublicKey', univ.BitString())
)
)
),
namedtype.NamedType(
'attributes', univ.SetOf(
componentType=rfc5652.Attribute()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
)
)
)
),
namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class TaggedCertificationRequest(univ.Sequence):
pass
TaggedCertificationRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('certificationRequest', CertificationRequest())
)
class TaggedRequest(univ.Choice):
pass
TaggedRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('tcr', TaggedCertificationRequest().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('crm',
rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()),
namedtype.NamedType('requestMessageValue', univ.Any())
))
.subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
id_cmc_popLinkRandom = _buildOid(id_cmc, 22)
id_cmc_statusInfo = _buildOid(id_cmc, 1)
id_cmc_trustedAnchors = _buildOid(id_cmc, 26)
id_cmc_transactionId = _buildOid(id_cmc, 5)
id_cmc_encryptedPOP = _buildOid(id_cmc, 9)
class PublishTrustAnchors(univ.Sequence):
pass
PublishTrustAnchors.componentType = namedtype.NamedTypes(
namedtype.NamedType('seqNumber', univ.Integer()),
namedtype.NamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('anchorHashes', univ.SequenceOf(componentType=univ.OctetString()))
)
class RevokeRequest(univ.Sequence):
pass
RevokeRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerName', rfc5280.Name()),
namedtype.NamedType('serialNumber', univ.Integer()),
namedtype.NamedType('reason', rfc5280.CRLReason()),
namedtype.OptionalNamedType('invalidityDate', useful.GeneralizedTime()),
namedtype.OptionalNamedType('passphrase', univ.OctetString()),
namedtype.OptionalNamedType('comment', char.UTF8String())
)
id_cmc_senderNonce = _buildOid(id_cmc, 6)
id_cmc_authData = _buildOid(id_cmc, 27)
class TaggedContentInfo(univ.Sequence):
pass
TaggedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('contentInfo', rfc5652.ContentInfo())
)
class IdentifyProofV2(univ.Sequence):
pass
IdentifyProofV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
class CMCPublicationInfo(univ.Sequence):
pass
CMCPublicationInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('certHashes', univ.SequenceOf(componentType=univ.OctetString())),
namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo())
)
id_kp_cmcCA = _buildOid(rfc5280.id_kp, 27)
id_cmc_confirmCertAcceptance = _buildOid(id_cmc, 24)
id_cmc_raIdentityWitness = _buildOid(id_cmc, 35)
id_ExtensionReq = _buildOid(1, 2, 840, 113549, 1, 9, 14)
id_cct = _buildOid(id_pkix, 12)
id_cct_PKIData = _buildOid(id_cct, 2)
id_kp_cmcRA = _buildOid(rfc5280.id_kp, 28)
class CMCStatusInfo(univ.Sequence):
pass
CMCStatusInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('cMCStatus', CMCStatus()),
namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())),
namedtype.OptionalNamedType('statusString', char.UTF8String()),
namedtype.OptionalNamedType(
'otherInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('failInfo', CMCFailInfo()),
namedtype.NamedType('pendInfo', PendInfo())
)
)
)
)
class DecryptedPOP(univ.Sequence):
pass
DecryptedPOP.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('thePOP', univ.OctetString())
)
id_cmc_addExtensions = _buildOid(id_cmc, 8)
id_cmc_modCertTemplate = _buildOid(id_cmc, 31)
class TaggedAttribute(univ.Sequence):
pass
TaggedAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('attrType', univ.ObjectIdentifier()),
namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()))
)
class OtherMsg(univ.Sequence):
pass
OtherMsg.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('otherMsgType', univ.ObjectIdentifier()),
namedtype.NamedType('otherMsgValue', univ.Any())
)
class PKIData(univ.Sequence):
pass
PKIData.componentType = namedtype.NamedTypes(
namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())),
namedtype.NamedType('reqSequence', univ.SequenceOf(componentType=TaggedRequest())),
namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())),
namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg()))
)
class BodyPartList(univ.SequenceOf):
pass
BodyPartList.componentType = BodyPartID()
BodyPartList.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
id_cmc_responseBody = _buildOid(id_cmc, 37)
class AuthPublish(BodyPartID):
pass
class CMCUnsignedData(univ.Sequence):
pass
CMCUnsignedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartPath', BodyPartPath()),
namedtype.NamedType('identifier', univ.ObjectIdentifier()),
namedtype.NamedType('content', univ.Any())
)
class CMCCertId(rfc5652.IssuerAndSerialNumber):
pass
class PKIResponse(univ.Sequence):
pass
PKIResponse.componentType = namedtype.NamedTypes(
namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())),
namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())),
namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg()))
)
class ResponseBody(PKIResponse):
pass
id_cmc_statusInfoV2 = _buildOid(id_cmc, 25)
id_cmc_lraPOPWitness = _buildOid(id_cmc, 11)
class ModCertTemplate(univ.Sequence):
pass
ModCertTemplate.componentType = namedtype.NamedTypes(
namedtype.NamedType('pkiDataReference', BodyPartPath()),
namedtype.NamedType('certReferences', BodyPartList()),
namedtype.DefaultedNamedType('replace', univ.Boolean().subtype(value=1)),
namedtype.NamedType('certTemplate', rfc4211.CertTemplate())
)
id_cmc_regInfo = _buildOid(id_cmc, 18)
id_cmc_identityProof = _buildOid(id_cmc, 3)
class ExtensionReq(univ.SequenceOf):
pass
ExtensionReq.componentType = rfc5280.Extension()
ExtensionReq.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
id_kp_cmcArchive = _buildOid(rfc5280.id_kp, 28)
id_cmc_publishCert = _buildOid(id_cmc, 30)
id_cmc_dataReturn = _buildOid(id_cmc, 4)
class LraPopWitness(univ.Sequence):
pass
LraPopWitness.componentType = namedtype.NamedTypes(
namedtype.NamedType('pkiDataBodyid', BodyPartID()),
namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID()))
)
id_aa = _buildOid(1, 2, 840, 113549, 1, 9, 16, 2)
id_aa_cmc_unsignedData = _buildOid(id_aa, 34)
id_cmc_getCert = _buildOid(id_cmc, 15)
id_cmc_batchRequests = _buildOid(id_cmc, 28)
id_cmc_decryptedPOP = _buildOid(id_cmc, 10)
id_cmc_responseInfo = _buildOid(id_cmc, 19)
id_cmc_changeSubjectName = _buildOid(id_cmc, 36)
class GetCert(univ.Sequence):
pass
GetCert.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerName', rfc5280.GeneralName()),
namedtype.NamedType('serialNumber', univ.Integer())
)
id_cmc_identification = _buildOid(id_cmc, 2)
id_cmc_queryPending = _buildOid(id_cmc, 21)
class AddExtensions(univ.Sequence):
pass
AddExtensions.componentType = namedtype.NamedTypes(
namedtype.NamedType('pkiDataReference', BodyPartID()),
namedtype.NamedType('certReferences', univ.SequenceOf(componentType=BodyPartID())),
namedtype.NamedType('extensions', univ.SequenceOf(componentType=rfc5280.Extension()))
)
class EncryptedPOP(univ.Sequence):
pass
EncryptedPOP.componentType = namedtype.NamedTypes(
namedtype.NamedType('request', TaggedRequest()),
namedtype.NamedType('cms', rfc5652.ContentInfo()),
namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witnessAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
id_cmc_getCRL = _buildOid(id_cmc, 16)
id_cct_PKIResponse = _buildOid(id_cct, 3)
id_cmc_controlProcessed = _buildOid(id_cmc, 32)
class NoSignatureValue(univ.OctetString):
pass
id_ad_cmc = _buildOid(rfc5280.id_ad, 12)
id_alg_noSignature = _buildOid(id_pkix, 6, 2)