pacnpal/thrillwiki_django_no_react
1
1
Fork 0
mirror of https://github.com/pacnpal/thrillwiki_django_no_react.git synced 2025-12-21 15:51:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

okay fine

Browse Source
This commit is contained in:
pacnpal
2024-11-03 17:47:26 +00:00
parent 01c6004a79
commit 27eb239e97
10020 changed files with 1935769 additions and 2364 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.venv/lib/python3.12/site-packages/pyasn1_modules/__init__.py Normal file
View File

@@ -0,0 +1,2 @@
# http://www.python.org/dev/peps/pep-0396/
__version__ = '0.4.1'

58
.venv/lib/python3.12/site-packages/pyasn1_modules/pem.py Normal file
View File

@@ -0,0 +1,58 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
import base64
stSpam, stHam, stDump = 0, 1, 2
# The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')...
# Return is (marker-index, substrate)
def readPemBlocksFromFile(fileObj, *markers):
startMarkers = dict(map(lambda x: (x[1], x[0]),
enumerate(map(lambda y: y[0], markers))))
stopMarkers = dict(map(lambda x: (x[1], x[0]),
enumerate(map(lambda y: y[1], markers))))
idx = -1
substrate = ''
certLines = []
state = stSpam
while True:
certLine = fileObj.readline()
if not certLine:
break
certLine = certLine.strip()
if state == stSpam:
if certLine in startMarkers:
certLines = []
idx = startMarkers[certLine]
state = stHam
continue
if state == stHam:
if certLine in stopMarkers and stopMarkers[certLine] == idx:
state = stDump
else:
certLines.append(certLine)
if state == stDump:
substrate = ''.encode().join([base64.b64decode(x.encode()) for x in certLines])
break
return idx, substrate
# Backward compatibility routine
def readPemFromFile(fileObj,
startMarker='-----BEGIN CERTIFICATE-----',
endMarker='-----END CERTIFICATE-----'):
idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker))
return substrate
def readBase64fromText(text):
return base64.b64decode(text.encode())
def readBase64FromFile(fileObj):
return readBase64fromText(fileObj.read())

96
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc1155.py Normal file
View File

@@ -0,0 +1,96 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv1 message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc1155.txt
#
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
class ObjectName(univ.ObjectIdentifier):
pass
class SimpleSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('number', univ.Integer()),
namedtype.NamedType('string', univ.OctetString()),
namedtype.NamedType('object', univ.ObjectIdentifier()),
namedtype.NamedType('empty', univ.Null())
)
class IpAddress(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(
4, 4
)
class NetworkAddress(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('internet', IpAddress())
)
class Counter(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Gauge(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class TimeTicks(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Opaque(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4)
)
class ApplicationSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('address', NetworkAddress()),
namedtype.NamedType('counter', Counter()),
namedtype.NamedType('gauge', Gauge()),
namedtype.NamedType('ticks', TimeTicks()),
namedtype.NamedType('arbitrary', Opaque())
)
class ObjectSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('simple', SimpleSyntax()),
namedtype.NamedType('application-wide', ApplicationSyntax())
)

126
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc1157.py Normal file
View File

@@ -0,0 +1,126 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv1 message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc1157.txt
#
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc1155
class Version(univ.Integer):
namedValues = namedval.NamedValues(
('version-1', 0)
)
defaultValue = 0
class Community(univ.OctetString):
pass
class RequestID(univ.Integer):
pass
class ErrorStatus(univ.Integer):
namedValues = namedval.NamedValues(
('noError', 0),
('tooBig', 1),
('noSuchName', 2),
('badValue', 3),
('readOnly', 4),
('genErr', 5)
)
class ErrorIndex(univ.Integer):
pass
class VarBind(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('name', rfc1155.ObjectName()),
namedtype.NamedType('value', rfc1155.ObjectSyntax())
)
class VarBindList(univ.SequenceOf):
componentType = VarBind()
class _RequestBase(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('request-id', RequestID()),
namedtype.NamedType('error-status', ErrorStatus()),
namedtype.NamedType('error-index', ErrorIndex()),
namedtype.NamedType('variable-bindings', VarBindList())
)
class GetRequestPDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
class GetNextRequestPDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
class GetResponsePDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)
)
class SetRequestPDU(_RequestBase):
tagSet = _RequestBase.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)
)
class TrapPDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('enterprise', univ.ObjectIdentifier()),
namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()),
namedtype.NamedType('generic-trap', univ.Integer().clone(
namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3),
('authenticationFailure', 4), ('egpNeighborLoss', 5),
('enterpriseSpecific', 6)))),
namedtype.NamedType('specific-trap', univ.Integer()),
namedtype.NamedType('time-stamp', rfc1155.TimeTicks()),
namedtype.NamedType('variable-bindings', VarBindList())
)
class Pdus(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('get-request', GetRequestPDU()),
namedtype.NamedType('get-next-request', GetNextRequestPDU()),
namedtype.NamedType('get-response', GetResponsePDU()),
namedtype.NamedType('set-request', SetRequestPDU()),
namedtype.NamedType('trap', TrapPDU())
)
class Message(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('community', Community()),
namedtype.NamedType('data', Pdus())
)

22
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc1901.py Normal file
View File

@@ -0,0 +1,22 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv2c message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc1901.txt
#
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import univ
class Message(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('version-2c', 1)))),
namedtype.NamedType('community', univ.OctetString()),
namedtype.NamedType('data', univ.Any())
)

129
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc1902.py Normal file
View File

@@ -0,0 +1,129 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv2c message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc1902.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
class Integer(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
-2147483648, 2147483647
)
class Integer32(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
-2147483648, 2147483647
)
class OctetString(univ.OctetString):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(
0, 65535
)
class IpAddress(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00)
)
subtypeSpec = univ.OctetString.subtypeSpec + constraint.ValueSizeConstraint(
4, 4
)
class Counter32(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Gauge32(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Unsigned32(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class TimeTicks(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 4294967295
)
class Opaque(univ.OctetString):
tagSet = univ.OctetString.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04)
)
class Counter64(univ.Integer):
tagSet = univ.Integer.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06)
)
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, 18446744073709551615
)
class Bits(univ.OctetString):
pass
class ObjectName(univ.ObjectIdentifier):
pass
class SimpleSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('integer-value', Integer()),
namedtype.NamedType('string-value', OctetString()),
namedtype.NamedType('objectID-value', univ.ObjectIdentifier())
)
class ApplicationSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ipAddress-value', IpAddress()),
namedtype.NamedType('counter-value', Counter32()),
namedtype.NamedType('timeticks-value', TimeTicks()),
namedtype.NamedType('arbitrary-value', Opaque()),
namedtype.NamedType('big-counter-value', Counter64()),
# This conflicts with Counter32
# namedtype.NamedType('unsigned-integer-value', Unsigned32()),
namedtype.NamedType('gauge32-value', Gauge32())
) # BITS misplaced?
class ObjectSyntax(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('simple', SimpleSyntax()),
namedtype.NamedType('application-wide', ApplicationSyntax())
)

135
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc1905.py Normal file
View File

@@ -0,0 +1,135 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv2c PDU syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc1905.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc1902
max_bindings = rfc1902.Integer(2147483647)
class _BindValue(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('value', rfc1902.ObjectSyntax()),
namedtype.NamedType('unSpecified', univ.Null()),
namedtype.NamedType('noSuchObject',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('noSuchInstance',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('endOfMibView',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class VarBind(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('name', rfc1902.ObjectName()),
namedtype.NamedType('', _BindValue())
)
class VarBindList(univ.SequenceOf):
componentType = VarBind()
sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(
0, max_bindings
)
class PDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('request-id', rfc1902.Integer32()),
namedtype.NamedType('error-status', univ.Integer(
namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3),
('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7),
('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10),
('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13),
('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16),
('notWritable', 17), ('inconsistentName', 18)))),
namedtype.NamedType('error-index',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('variable-bindings', VarBindList())
)
class BulkPDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('request-id', rfc1902.Integer32()),
namedtype.NamedType('non-repeaters',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('max-repetitions',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))),
namedtype.NamedType('variable-bindings', VarBindList())
)
class GetRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
class GetNextRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
class ResponsePDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)
)
class SetRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)
)
class GetBulkRequestPDU(BulkPDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5)
)
class InformRequestPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6)
)
class SNMPv2TrapPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)
)
class ReportPDU(PDU):
tagSet = PDU.tagSet.tagImplicitly(
tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8)
)
class PDUs(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('get-request', GetRequestPDU()),
namedtype.NamedType('get-next-request', GetNextRequestPDU()),
namedtype.NamedType('get-bulk-request', GetBulkRequestPDU()),
namedtype.NamedType('response', ResponsePDU()),
namedtype.NamedType('set-request', SetRequestPDU()),
namedtype.NamedType('inform-request', InformRequestPDU()),
namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()),
namedtype.NamedType('report', ReportPDU())
)

563
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2251.py Normal file
View File

@@ -0,0 +1,563 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# LDAP message syntax
#
# ASN.1 source from:
# http://www.trl.ibm.[AWS-SECRET-REMOVED]s/ldap.asn
#
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
maxInt = univ.Integer(2147483647)
class LDAPString(univ.OctetString):
pass
class LDAPOID(univ.OctetString):
pass
class LDAPDN(LDAPString):
pass
class RelativeLDAPDN(LDAPString):
pass
class AttributeType(LDAPString):
pass
class AttributeDescription(LDAPString):
pass
class AttributeDescriptionList(univ.SequenceOf):
componentType = AttributeDescription()
class AttributeValue(univ.OctetString):
pass
class AssertionValue(univ.OctetString):
pass
class AttributeValueAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('attributeDesc', AttributeDescription()),
namedtype.NamedType('assertionValue', AssertionValue())
)
class Attribute(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
class MatchingRuleId(LDAPString):
pass
class Control(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('controlType', LDAPOID()),
namedtype.DefaultedNamedType('criticality', univ.Boolean('False')),
namedtype.OptionalNamedType('controlValue', univ.OctetString())
)
class Controls(univ.SequenceOf):
componentType = Control()
class LDAPURL(LDAPString):
pass
class Referral(univ.SequenceOf):
componentType = LDAPURL()
class SaslCredentials(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('mechanism', LDAPString()),
namedtype.OptionalNamedType('credentials', univ.OctetString())
)
class AuthenticationChoice(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('simple', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('reserved-1', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('reserved-2', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('sasl',
SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
class BindRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))),
namedtype.NamedType('name', LDAPDN()),
namedtype.NamedType('authentication', AuthenticationChoice())
)
class PartialAttributeList(univ.SequenceOf):
componentType = univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
)
class SearchResultEntry(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('objectName', LDAPDN()),
namedtype.NamedType('attributes', PartialAttributeList())
)
class MatchingRuleAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('type', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('matchValue',
AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class SubstringFilter(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('substrings',
univ.SequenceOf(
componentType=univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
),
namedtype.NamedType(
'any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))
),
namedtype.NamedType(
'final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))
)
)
)
)
)
)
# Ugly hack to handle recursive Filter reference (up to 3-levels deep).
class Filter3(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
class Filter2(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('not',
Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
class Filter(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('not',
Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('substrings', SubstringFilter().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.NamedType('present', AttributeDescription().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
# End of Filter hack
class SearchRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('baseObject', LDAPDN()),
namedtype.NamedType('scope', univ.Enumerated(
namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))),
namedtype.NamedType('derefAliases', univ.Enumerated(
namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1),
('derefFindingBaseObj', 2), ('derefAlways', 3)))),
namedtype.NamedType('sizeLimit',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
namedtype.NamedType('timeLimit',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
namedtype.NamedType('typesOnly', univ.Boolean()),
namedtype.NamedType('filter', Filter()),
namedtype.NamedType('attributes', AttributeDescriptionList())
)
class UnbindRequest(univ.Null):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2)
)
class BindResponse(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('resultCode', univ.Enumerated(
namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
('compareTrue', 6), ('authMethodNotSupported', 7),
('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
('confidentialityRequired', 13), ('saslBindInProgress', 14),
('noSuchAttribute', 16), ('undefinedAttributeType', 17),
('inappropriateMatching', 18), ('constraintViolation', 19),
('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
('reserved-35', 35), ('aliasDereferencingProblem', 36),
('inappropriateAuthentication', 48), ('invalidCredentials', 49),
('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
('objectClassModsProhibited', 69), ('reserved-70', 70),
('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('matchedDN', LDAPDN()),
namedtype.NamedType('errorMessage', LDAPString()),
namedtype.OptionalNamedType('referral', Referral().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)))
)
class LDAPResult(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('resultCode', univ.Enumerated(
namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
('compareTrue', 6), ('authMethodNotSupported', 7),
('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
('confidentialityRequired', 13), ('saslBindInProgress', 14),
('noSuchAttribute', 16), ('undefinedAttributeType', 17),
('inappropriateMatching', 18), ('constraintViolation', 19),
('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
('reserved-35', 35), ('aliasDereferencingProblem', 36),
('inappropriateAuthentication', 48), ('invalidCredentials', 49),
('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
('objectClassModsProhibited', 69), ('reserved-70', 70),
('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('matchedDN', LDAPDN()),
namedtype.NamedType('errorMessage', LDAPString()),
namedtype.OptionalNamedType('referral', Referral().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class SearchResultReference(univ.SequenceOf):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19)
)
componentType = LDAPURL()
class SearchResultDone(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5)
)
class AttributeTypeAndValues(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
class ModifyRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('object', LDAPDN()),
namedtype.NamedType('modification',
univ.SequenceOf(
componentType=univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))
),
namedtype.NamedType('modification', AttributeTypeAndValues())))
)
)
)
class ModifyResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7)
)
class AttributeList(univ.SequenceOf):
componentType = univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('type', AttributeDescription()),
namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
)
)
class AddRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('entry', LDAPDN()),
namedtype.NamedType('attributes', AttributeList())
)
class AddResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9)
)
class DelRequest(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10)
)
class DelResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11)
)
class ModifyDNRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('entry', LDAPDN()),
namedtype.NamedType('newrdn', RelativeLDAPDN()),
namedtype.NamedType('deleteoldrdn', univ.Boolean()),
namedtype.OptionalNamedType('newSuperior',
LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class ModifyDNResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13)
)
class CompareRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('entry', LDAPDN()),
namedtype.NamedType('ava', AttributeValueAssertion())
)
class CompareResponse(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15)
)
class AbandonRequest(LDAPResult):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16)
)
class ExtendedRequest(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('requestName',
LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class ExtendedResponse(univ.Sequence):
tagSet = univ.Sequence.tagSet.tagImplicitly(
tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24)
)
componentType = namedtype.NamedTypes(
namedtype.NamedType('resultCode', univ.Enumerated(
namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
('compareTrue', 6), ('authMethodNotSupported', 7),
('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
('confidentialityRequired', 13), ('saslBindInProgress', 14),
('noSuchAttribute', 16), ('undefinedAttributeType', 17),
('inappropriateMatching', 18), ('constraintViolation', 19),
('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
('reserved-35', 35), ('aliasDereferencingProblem', 36),
('inappropriateAuthentication', 48), ('invalidCredentials', 49),
('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
('objectClassModsProhibited', 69), ('reserved-70', 70),
('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
namedtype.NamedType('matchedDN', LDAPDN()),
namedtype.NamedType('errorMessage', LDAPString()),
namedtype.OptionalNamedType('referral', Referral().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('responseName', LDAPOID().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))),
namedtype.OptionalNamedType('response', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)))
)
class MessageID(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
0, maxInt
)
class LDAPMessage(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('messageID', MessageID()),
namedtype.NamedType(
'protocolOp', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('bindRequest', BindRequest()),
namedtype.NamedType('bindResponse', BindResponse()),
namedtype.NamedType('unbindRequest', UnbindRequest()),
namedtype.NamedType('searchRequest', SearchRequest()),
namedtype.NamedType('searchResEntry', SearchResultEntry()),
namedtype.NamedType('searchResDone', SearchResultDone()),
namedtype.NamedType('searchResRef', SearchResultReference()),
namedtype.NamedType('modifyRequest', ModifyRequest()),
namedtype.NamedType('modifyResponse', ModifyResponse()),
namedtype.NamedType('addRequest', AddRequest()),
namedtype.NamedType('addResponse', AddResponse()),
namedtype.NamedType('delRequest', DelRequest()),
namedtype.NamedType('delResponse', DelResponse()),
namedtype.NamedType('modDNRequest', ModifyDNRequest()),
namedtype.NamedType('modDNResponse', ModifyDNResponse()),
namedtype.NamedType('compareRequest', CompareRequest()),
namedtype.NamedType('compareResponse', CompareResponse()),
namedtype.NamedType('abandonRequest', AbandonRequest()),
namedtype.NamedType('extendedReq', ExtendedRequest()),
namedtype.NamedType('extendedResp', ExtendedResponse())
)
)
),
namedtype.OptionalNamedType('controls', Controls().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)

48
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2314.py Normal file
View File

@@ -0,0 +1,48 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS#10 syntax
#
# ASN.1 source from:
# http://tools.ietf.org/html/rfc2314
#
# Sample captures could be obtained with "openssl req" command
#
from pyasn1_modules.rfc2459 import *
class Attributes(univ.SetOf):
componentType = Attribute()
class Version(univ.Integer):
pass
class CertificationRequestInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('subject', Name()),
namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
namedtype.NamedType('attributes',
Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Signature(univ.BitString):
pass
class SignatureAlgorithmIdentifier(AlgorithmIdentifier):
pass
class CertificationRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', Signature())
)

294
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2315.py Normal file
View File

@@ -0,0 +1,294 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS#7 message syntax
#
# ASN.1 source from:
# https://opensource.apple.com/source/Security/Security-55179.1/libsecurity_asn1/asn1/pkcs7.asn.auto.html
#
# Sample captures from:
# openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b
#
from pyasn1_modules.rfc2459 import *
class Attribute(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeType()),
namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue()))
)
class AttributeValueAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('attributeType', AttributeType()),
namedtype.NamedType('attributeValue', AttributeValue(),
openType=opentype.OpenType('type', certificateAttributesMap))
)
pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7')
data = univ.ObjectIdentifier('1.2.840.113549.1.7.1')
signedData = univ.ObjectIdentifier('1.2.840.113549.1.7.2')
envelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.3')
signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4')
digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5')
encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6')
class ContentType(univ.ObjectIdentifier):
pass
class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
pass
class EncryptedContent(univ.OctetString):
pass
contentTypeMap = {}
class EncryptedContentInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
namedtype.OptionalNamedType(
'encryptedContent', EncryptedContent().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
),
openType=opentype.OpenType('contentType', contentTypeMap)
)
)
class Version(univ.Integer): # overrides x509.Version
pass
class EncryptedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo())
)
class DigestAlgorithmIdentifier(AlgorithmIdentifier):
pass
class DigestAlgorithmIdentifiers(univ.SetOf):
componentType = DigestAlgorithmIdentifier()
class Digest(univ.OctetString):
pass
class ContentInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.OptionalNamedType(
'content',
univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)),
openType=opentype.OpenType('contentType', contentTypeMap)
)
)
class DigestedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('contentInfo', ContentInfo()),
namedtype.NamedType('digest', Digest())
)
class IssuerAndSerialNumber(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', Name()),
namedtype.NamedType('serialNumber', CertificateSerialNumber())
)
class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
pass
class EncryptedKey(univ.OctetString):
pass
class RecipientInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientInfos(univ.SetOf):
componentType = RecipientInfo()
class Attributes(univ.SetOf):
componentType = Attribute()
class ExtendedCertificateInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('certificate', Certificate()),
namedtype.NamedType('attributes', Attributes())
)
class SignatureAlgorithmIdentifier(AlgorithmIdentifier):
pass
class Signature(univ.BitString):
pass
class ExtendedCertificate(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', Signature())
)
class ExtendedCertificateOrCertificate(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class ExtendedCertificatesAndCertificates(univ.SetOf):
componentType = ExtendedCertificateOrCertificate()
class SerialNumber(univ.Integer):
pass
class CRLEntry(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('userCertificate', SerialNumber()),
namedtype.NamedType('revocationDate', useful.UTCTime())
)
class TBSCertificateRevocationList(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signature', AlgorithmIdentifier()),
namedtype.NamedType('issuer', Name()),
namedtype.NamedType('lastUpdate', useful.UTCTime()),
namedtype.NamedType('nextUpdate', useful.UTCTime()),
namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry()))
)
class CertificateRevocationList(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()),
namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class CertificateRevocationLists(univ.SetOf):
componentType = CertificateRevocationList()
class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
pass
class EncryptedDigest(univ.OctetString):
pass
class SignerInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedDigest', EncryptedDigest()),
namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class SignerInfos(univ.SetOf):
componentType = SignerInfo()
class SignedAndEnvelopedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
class EnvelopedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo())
)
class DigestInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('digest', Digest())
)
class SignedData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.OptionalNamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('contentInfo', ContentInfo()),
namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('signerInfos', SignerInfos())
)
class Data(univ.OctetString):
pass
_contentTypeMapUpdate = {
data: Data(),
signedData: SignedData(),
envelopedData: EnvelopedData(),
signedAndEnvelopedData: SignedAndEnvelopedData(),
digestedData: DigestedData(),
encryptedData: EncryptedData()
}
contentTypeMap.update(_contentTypeMapUpdate)

69
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2437.py Normal file
View File

@@ -0,0 +1,69 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS#1 syntax
#
# ASN.1 source from:
# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2.asn
#
# Sample captures could be obtained with "openssl genrsa" command
#
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules.rfc2459 import AlgorithmIdentifier
pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1')
rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1')
md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2')
md4WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.3')
md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4')
sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5')
rsaOAEPEncryptionSET = univ.ObjectIdentifier('1.2.840.113549.1.1.6')
id_RSAES_OAEP = univ.ObjectIdentifier('1.2.840.113549.1.1.7')
id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8')
id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9')
id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26')
MAX = float('inf')
class Version(univ.Integer):
pass
class RSAPrivateKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer()),
namedtype.NamedType('privateExponent', univ.Integer()),
namedtype.NamedType('prime1', univ.Integer()),
namedtype.NamedType('prime2', univ.Integer()),
namedtype.NamedType('exponent1', univ.Integer()),
namedtype.NamedType('exponent2', univ.Integer()),
namedtype.NamedType('coefficient', univ.Integer())
)
class RSAPublicKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer())
)
# XXX defaults not set
class RSAES_OAEP_params(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)

1339
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2459.py Normal file
View File

File diff suppressed because it is too large Load Diff

258
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2511.py Normal file
View File

@@ -0,0 +1,258 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# X.509 certificate Request Message Format (CRMF) syntax
#
# ASN.1 source from:
# http://tools.ietf.org/html/rfc2511
#
# Sample captures could be obtained with OpenSSL
#
from pyasn1_modules import rfc2315
from pyasn1_modules.rfc2459 import *
MAX = float('inf')
id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7')
id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5')
id_regCtrl = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1')
id_regCtrl_regToken = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.1')
id_regCtrl_authenticator = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.2')
id_regCtrl_pkiPublicationInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.3')
id_regCtrl_pkiArchiveOptions = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.4')
id_regCtrl_oldCertID = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.5')
id_regCtrl_protocolEncrKey = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.6')
id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2')
id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1')
id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2')
# This should be in PKIX Certificate Extensions module
class GeneralName(univ.OctetString):
pass
# end of PKIX Certificate Extensions module
class UTF8Pairs(char.UTF8String):
pass
class ProtocolEncrKey(SubjectPublicKeyInfo):
pass
class CertId(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', GeneralName()),
namedtype.NamedType('serialNumber', univ.Integer())
)
class OldCertId(CertId):
pass
class KeyGenParameters(univ.OctetString):
pass
class EncryptedValue(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.NamedType('encValue', univ.BitString())
)
class EncryptedKey(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedValue', EncryptedValue()),
namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class PKIArchiveOptions(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('archiveRemGenPrivKey',
univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class SinglePubInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('pubMethod', univ.Integer(
namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))),
namedtype.OptionalNamedType('pubLocation', GeneralName())
)
class PKIPublicationInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('action',
univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class Authenticator(char.UTF8String):
pass
class RegToken(char.UTF8String):
pass
class SubsequentMessage(univ.Integer):
namedValues = namedval.NamedValues(
('encrCert', 0),
('challengeResp', 1)
)
class POPOPrivKey(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('thisMessage',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('dhMAC',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class PBMParameter(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('salt', univ.OctetString()),
namedtype.NamedType('owf', AlgorithmIdentifier()),
namedtype.NamedType('iterationCount', univ.Integer()),
namedtype.NamedType('mac', AlgorithmIdentifier())
)
class PKMACValue(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('algId', AlgorithmIdentifier()),
namedtype.NamedType('value', univ.BitString())
)
class POPOSigningKeyInput(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'authInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
),
namedtype.NamedType('publicKeyMAC', PKMACValue())
)
)
),
namedtype.NamedType('publicKey', SubjectPublicKeyInfo())
)
class POPOSigningKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class ProofOfPossession(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('raVerified',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signature', POPOSigningKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class Controls(univ.SequenceOf):
componentType = AttributeTypeAndValue()
sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
class OptionalValidity(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('notBefore',
Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('notAfter',
Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class CertTemplate(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('version', Version().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('issuer', Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('validity', OptionalValidity().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('subject', Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
namedtype.OptionalNamedType('extensions', Extensions().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
)
class CertRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('certTemplate', CertTemplate()),
namedtype.OptionalNamedType('controls', Controls())
)
class CertReq(CertRequest):
pass
class CertReqMsg(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReq', CertRequest()),
namedtype.OptionalNamedType('pop', ProofOfPossession()),
namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class CertReqMessages(univ.SequenceOf):
componentType = CertReqMsg()
sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)

225
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2560.py Normal file
View File

@@ -0,0 +1,225 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# OCSP request/response syntax
#
# Derived from a minimal OCSP library (RFC2560) code written by
# Bud P. Bruegger <bud@ancitel.it>
# Copyright: Ancitel, S.p.a, Rome, Italy
# License: BSD
#
#
# current limitations:
# * request and response works only for a single certificate
# * only some values are parsed out of the response
# * the request does't set a nonce nor signature
# * there is no signature validation of the response
# * dates are left as strings in GeneralizedTime format -- datetime.datetime
# would be nicer
#
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc2459
# Start of OCSP module definitions
# This should be in directory Authentication Framework (X.509) module
class CRLReason(univ.Enumerated):
namedValues = namedval.NamedValues(
('unspecified', 0),
('keyCompromise', 1),
('cACompromise', 2),
('affiliationChanged', 3),
('superseded', 4),
('cessationOfOperation', 5),
('certificateHold', 6),
('removeFromCRL', 8),
('privilegeWithdrawn', 9),
('aACompromise', 10)
)
# end of directory Authentication Framework (X.509) module
# This should be in PKIX Certificate Extensions module
class GeneralName(univ.OctetString):
pass
# end of PKIX Certificate Extensions module
id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9))
id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1))
id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1))
id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2))
id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3))
id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4))
id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5))
id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6))
id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7))
class AcceptableResponses(univ.SequenceOf):
componentType = univ.ObjectIdentifier()
class ArchiveCutoff(useful.GeneralizedTime):
pass
class UnknownInfo(univ.Null):
pass
class RevokedInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('revocationTime', useful.GeneralizedTime()),
namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class CertID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('issuerNameHash', univ.OctetString()),
namedtype.NamedType('issuerKeyHash', univ.OctetString()),
namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber())
)
class CertStatus(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('good',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('revoked',
RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('unknown',
UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class SingleResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certID', CertID()),
namedtype.NamedType('certStatus', CertStatus()),
namedtype.NamedType('thisUpdate', useful.GeneralizedTime()),
namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class KeyHash(univ.OctetString):
pass
class ResponderID(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('byName',
rfc2459.Name().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('byKey',
KeyHash().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class Version(univ.Integer):
namedValues = namedval.NamedValues(('v1', 0))
class ResponseData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', Version('v1').subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('responderID', ResponderID()),
namedtype.NamedType('producedAt', useful.GeneralizedTime()),
namedtype.NamedType('responses', univ.SequenceOf(componentType=SingleResponse())),
namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class BasicOCSPResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsResponseData', ResponseData()),
namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()),
namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class ResponseBytes(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('responseType', univ.ObjectIdentifier()),
namedtype.NamedType('response', univ.OctetString())
)
class OCSPResponseStatus(univ.Enumerated):
namedValues = namedval.NamedValues(
('successful', 0),
('malformedRequest', 1),
('internalError', 2),
('tryLater', 3),
('undefinedStatus', 4), # should never occur
('sigRequired', 5),
('unauthorized', 6)
)
class OCSPResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('responseStatus', OCSPResponseStatus()),
namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Request(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('reqCert', CertID()),
namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Signature(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()),
namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class TBSRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', Version('v1').subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestorName', GeneralName().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('requestList', univ.SequenceOf(componentType=Request())),
namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class OCSPRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsRequest', TBSRequest()),
namedtype.OptionalNamedType('optionalSignature', Signature().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)

37
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2631.py Normal file
View File

@@ -0,0 +1,37 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Diffie-Hellman Key Agreement
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc2631.txt
# https://www.rfc-editor.org/errata/eid5897
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
class KeySpecificInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
namedtype.NamedType('counter', univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(4, 4)))
)
class OtherInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('keyInfo', KeySpecificInfo()),
namedtype.OptionalNamedType('partyAInfo', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('suppPubInfo', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)

336
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2634.py Normal file
View File

@@ -0,0 +1,336 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add a map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Enhanced Security Services for S/MIME
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc2634.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedval
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5280
MAX = float('inf')
ContentType = rfc5652.ContentType
IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier
PolicyInformation = rfc5280.PolicyInformation
GeneralNames = rfc5280.GeneralNames
CertificateSerialNumber = rfc5280.CertificateSerialNumber
# Signing Certificate Attribute
# Warning: It is better to use SigningCertificateV2 from RFC 5035
id_aa_signingCertificate = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.12')
class Hash(univ.OctetString):
pass # SHA-1 hash of entire certificate; RFC 5035 supports other hash algorithms
class IssuerSerial(univ.Sequence):
pass
IssuerSerial.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', GeneralNames()),
namedtype.NamedType('serialNumber', CertificateSerialNumber())
)
class ESSCertID(univ.Sequence):
pass
ESSCertID.componentType = namedtype.NamedTypes(
namedtype.NamedType('certHash', Hash()),
namedtype.OptionalNamedType('issuerSerial', IssuerSerial())
)
class SigningCertificate(univ.Sequence):
pass
SigningCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('certs', univ.SequenceOf(
componentType=ESSCertID())),
namedtype.OptionalNamedType('policies', univ.SequenceOf(
componentType=PolicyInformation()))
)
# Mail List Expansion History Attribute
id_aa_mlExpandHistory = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.3')
ub_ml_expansion_history = univ.Integer(64)
class EntityIdentifier(univ.Choice):
pass
EntityIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier())
)
class MLReceiptPolicy(univ.Choice):
pass
MLReceiptPolicy.componentType = namedtype.NamedTypes(
namedtype.NamedType('none', univ.Null().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('insteadOf', univ.SequenceOf(
componentType=GeneralNames()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('inAdditionTo', univ.SequenceOf(
componentType=GeneralNames()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class MLData(univ.Sequence):
pass
MLData.componentType = namedtype.NamedTypes(
namedtype.NamedType('mailListIdentifier', EntityIdentifier()),
namedtype.NamedType('expansionTime', useful.GeneralizedTime()),
namedtype.OptionalNamedType('mlReceiptPolicy', MLReceiptPolicy())
)
class MLExpansionHistory(univ.SequenceOf):
pass
MLExpansionHistory.componentType = MLData()
MLExpansionHistory.sizeSpec = constraint.ValueSizeConstraint(1, ub_ml_expansion_history)
# ESS Security Label Attribute
id_aa_securityLabel = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.2')
ub_privacy_mark_length = univ.Integer(128)
ub_security_categories = univ.Integer(64)
ub_integer_options = univ.Integer(256)
class ESSPrivacyMark(univ.Choice):
pass
ESSPrivacyMark.componentType = namedtype.NamedTypes(
namedtype.NamedType('pString', char.PrintableString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, ub_privacy_mark_length))),
namedtype.NamedType('utf8String', char.UTF8String().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class SecurityClassification(univ.Integer):
pass
SecurityClassification.subtypeSpec=constraint.ValueRangeConstraint(0, ub_integer_options)
SecurityClassification.namedValues = namedval.NamedValues(
('unmarked', 0),
('unclassified', 1),
('restricted', 2),
('confidential', 3),
('secret', 4),
('top-secret', 5)
)
class SecurityPolicyIdentifier(univ.ObjectIdentifier):
pass
class SecurityCategory(univ.Sequence):
pass
SecurityCategory.componentType = namedtype.NamedTypes(
namedtype.NamedType('type', univ.ObjectIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class SecurityCategories(univ.SetOf):
pass
SecurityCategories.componentType = SecurityCategory()
SecurityCategories.sizeSpec = constraint.ValueSizeConstraint(1, ub_security_categories)
class ESSSecurityLabel(univ.Set):
pass
ESSSecurityLabel.componentType = namedtype.NamedTypes(
namedtype.NamedType('security-policy-identifier', SecurityPolicyIdentifier()),
namedtype.OptionalNamedType('security-classification', SecurityClassification()),
namedtype.OptionalNamedType('privacy-mark', ESSPrivacyMark()),
namedtype.OptionalNamedType('security-categories', SecurityCategories())
)
# Equivalent Labels Attribute
id_aa_equivalentLabels = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.9')
class EquivalentLabels(univ.SequenceOf):
pass
EquivalentLabels.componentType = ESSSecurityLabel()
# Content Identifier Attribute
id_aa_contentIdentifier = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.7')
class ContentIdentifier(univ.OctetString):
pass
# Content Reference Attribute
id_aa_contentReference = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.10')
class ContentReference(univ.Sequence):
pass
ContentReference.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
namedtype.NamedType('originatorSignatureValue', univ.OctetString())
)
# Message Signature Digest Attribute
id_aa_msgSigDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.5')
class MsgSigDigest(univ.OctetString):
pass
# Content Hints Attribute
id_aa_contentHint = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.4')
class ContentHints(univ.Sequence):
pass
ContentHints.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('contentDescription', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
namedtype.NamedType('contentType', ContentType())
)
# Receipt Request Attribute
class AllOrFirstTier(univ.Integer):
pass
AllOrFirstTier.namedValues = namedval.NamedValues(
('allReceipts', 0),
('firstTierRecipients', 1)
)
class ReceiptsFrom(univ.Choice):
pass
ReceiptsFrom.componentType = namedtype.NamedTypes(
namedtype.NamedType('allOrFirstTier', AllOrFirstTier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('receiptList', univ.SequenceOf(
componentType=GeneralNames()).subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_aa_receiptRequest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.1')
ub_receiptsTo = univ.Integer(16)
class ReceiptRequest(univ.Sequence):
pass
ReceiptRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
namedtype.NamedType('receiptsFrom', ReceiptsFrom()),
namedtype.NamedType('receiptsTo', univ.SequenceOf(componentType=GeneralNames()).subtype(sizeSpec=constraint.ValueSizeConstraint(1, ub_receiptsTo)))
)
# Receipt Content Type
class ESSVersion(univ.Integer):
pass
ESSVersion.namedValues = namedval.NamedValues(
('v1', 1)
)
id_ct_receipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.1')
class Receipt(univ.Sequence):
pass
Receipt.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', ESSVersion()),
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
namedtype.NamedType('originatorSignatureValue', univ.OctetString())
)
# Map of Attribute Type to the Attribute structure is added to the
# ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_signingCertificate: SigningCertificate(),
id_aa_mlExpandHistory: MLExpansionHistory(),
id_aa_securityLabel: ESSSecurityLabel(),
id_aa_equivalentLabels: EquivalentLabels(),
id_aa_contentIdentifier: ContentIdentifier(),
id_aa_contentReference: ContentReference(),
id_aa_msgSigDigest: MsgSigDigest(),
id_aa_contentHint: ContentHints(),
id_aa_receiptRequest: ReceiptRequest(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# Map of Content Type OIDs to Content Types is added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_receipt: Receipt(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

56
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2876.py Normal file
View File

@@ -0,0 +1,56 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# KEA and SKIPJACK Algorithms in CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc2876.txt
#
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5751
id_fortezzaConfidentialityAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.4')
id_fortezzaWrap80 = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.23')
id_kEAKeyEncryptionAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.24')
id_keyExchangeAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.22')
class Skipjack_Parm(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('initialization-vector', univ.OctetString())
)
# Update the Algorithm Identifier map in rfc5280.py.
_algorithmIdentifierMapUpdate = {
id_fortezzaConfidentialityAlgorithm: Skipjack_Parm(),
id_kEAKeyEncryptionAlgorithm: rfc5280.AlgorithmIdentifier(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
# Update the SMIMECapabilities Attribute map in rfc5751.py
_smimeCapabilityMapUpdate = {
id_kEAKeyEncryptionAlgorithm: rfc5280.AlgorithmIdentifier(),
}
rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

588
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2985.py Normal file
View File

@@ -0,0 +1,588 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS#9: Selected Attribute Types (Version 2.0)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc2985.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc7292
from pyasn1_modules import rfc5958
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5280
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
MAX = float('inf')
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
Attribute = rfc5280.Attribute
EmailAddress = rfc5280.EmailAddress
Extensions = rfc5280.Extensions
Time = rfc5280.Time
X520countryName = rfc5280.X520countryName
X520SerialNumber = rfc5280.X520SerialNumber
# Imports from RFC 5652
ContentInfo = rfc5652.ContentInfo
ContentType = rfc5652.ContentType
Countersignature = rfc5652.Countersignature
MessageDigest = rfc5652.MessageDigest
SignerInfo = rfc5652.SignerInfo
SigningTime = rfc5652.SigningTime
# Imports from RFC 5958
EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo
# Imports from RFC 7292
PFX = rfc7292.PFX
# TODO:
# Need a place to import PKCS15Token; it does not yet appear in an RFC
# SingleAttribute is the same as Attribute in RFC 5280, except that the
# attrValues SET must have one and only one member
class AttributeType(univ.ObjectIdentifier):
pass
class AttributeValue(univ.Any):
pass
class AttributeValues(univ.SetOf):
pass
AttributeValues.componentType = AttributeValue()
class SingleAttributeValues(univ.SetOf):
pass
SingleAttributeValues.componentType = AttributeValue()
class SingleAttribute(univ.Sequence):
pass
SingleAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('type', AttributeType()),
namedtype.NamedType('values',
AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)),
openType=opentype.OpenType('type', rfc5280.certificateAttributesMap)
)
)
# CMSAttribute is the same as Attribute in RFC 5652, and CMSSingleAttribute
# is the companion where the attrValues SET must have one and only one member
CMSAttribute = rfc5652.Attribute
class CMSSingleAttribute(univ.Sequence):
pass
CMSSingleAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', AttributeType()),
namedtype.NamedType('attrValues',
AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)),
openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap)
)
)
# DirectoryString is the same as RFC 5280, except the length is limited to 255
class DirectoryString(univ.Choice):
pass
DirectoryString.componentType = namedtype.NamedTypes(
namedtype.NamedType('teletexString', char.TeletexString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 255))),
namedtype.NamedType('printableString', char.PrintableString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 255))),
namedtype.NamedType('universalString', char.UniversalString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 255))),
namedtype.NamedType('utf8String', char.UTF8String().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 255))),
namedtype.NamedType('bmpString', char.BMPString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 255)))
)
# PKCS9String is DirectoryString with an additional choice of IA5String,
# and the SIZE is limited to 255
class PKCS9String(univ.Choice):
pass
PKCS9String.componentType = namedtype.NamedTypes(
namedtype.NamedType('ia5String', char.IA5String().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 255))),
namedtype.NamedType('directoryString', DirectoryString())
)
# Upper Bounds
pkcs_9_ub_pkcs9String = univ.Integer(255)
pkcs_9_ub_challengePassword = univ.Integer(pkcs_9_ub_pkcs9String)
pkcs_9_ub_emailAddress = univ.Integer(pkcs_9_ub_pkcs9String)
pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String)
pkcs_9_ub_match = univ.Integer(pkcs_9_ub_pkcs9String)
pkcs_9_ub_signingDescription = univ.Integer(pkcs_9_ub_pkcs9String)
pkcs_9_ub_unstructuredAddress = univ.Integer(pkcs_9_ub_pkcs9String)
pkcs_9_ub_unstructuredName = univ.Integer(pkcs_9_ub_pkcs9String)
ub_name = univ.Integer(32768)
pkcs_9_ub_placeOfBirth = univ.Integer(ub_name)
pkcs_9_ub_pseudonym = univ.Integer(ub_name)
# Object Identifier Arcs
ietf_at = _OID(1, 3, 6, 1, 5, 5, 7, 9)
id_at = _OID(2, 5, 4)
pkcs_9 = _OID(1, 2, 840, 113549, 1, 9)
pkcs_9_mo = _OID(pkcs_9, 0)
smime = _OID(pkcs_9, 16)
certTypes = _OID(pkcs_9, 22)
crlTypes = _OID(pkcs_9, 23)
pkcs_9_oc = _OID(pkcs_9, 24)
pkcs_9_at = _OID(pkcs_9, 25)
pkcs_9_sx = _OID(pkcs_9, 26)
pkcs_9_mr = _OID(pkcs_9, 27)
# Object Identifiers for Syntaxes for use with LDAP-accessible directories
pkcs_9_sx_pkcs9String = _OID(pkcs_9_sx, 1)
pkcs_9_sx_signingTime = _OID(pkcs_9_sx, 2)
# Object Identifiers for object classes
pkcs_9_oc_pkcsEntity = _OID(pkcs_9_oc, 1)
pkcs_9_oc_naturalPerson = _OID(pkcs_9_oc, 2)
# Object Identifiers for matching rules
pkcs_9_mr_caseIgnoreMatch = _OID(pkcs_9_mr, 1)
pkcs_9_mr_signingTimeMatch = _OID(pkcs_9_mr, 2)
# PKCS #7 PDU
pkcs_9_at_pkcs7PDU = _OID(pkcs_9_at, 5)
pKCS7PDU = Attribute()
pKCS7PDU['type'] = pkcs_9_at_pkcs7PDU
pKCS7PDU['values'][0] = ContentInfo()
# PKCS #12 token
pkcs_9_at_userPKCS12 = _OID(2, 16, 840, 1, 113730, 3, 1, 216)
userPKCS12 = Attribute()
userPKCS12['type'] = pkcs_9_at_userPKCS12
userPKCS12['values'][0] = PFX()
# PKCS #15 token
pkcs_9_at_pkcs15Token = _OID(pkcs_9_at, 1)
# TODO: Once PKCS15Token can be imported, this can be included
#
# pKCS15Token = Attribute()
# userPKCS12['type'] = pkcs_9_at_pkcs15Token
# userPKCS12['values'][0] = PKCS15Token()
# PKCS #8 encrypted private key information
pkcs_9_at_encryptedPrivateKeyInfo = _OID(pkcs_9_at, 2)
encryptedPrivateKeyInfo = Attribute()
encryptedPrivateKeyInfo['type'] = pkcs_9_at_encryptedPrivateKeyInfo
encryptedPrivateKeyInfo['values'][0] = EncryptedPrivateKeyInfo()
# Electronic-mail address
pkcs_9_at_emailAddress = rfc5280.id_emailAddress
emailAddress = Attribute()
emailAddress['type'] = pkcs_9_at_emailAddress
emailAddress['values'][0] = EmailAddress()
# Unstructured name
pkcs_9_at_unstructuredName = _OID(pkcs_9, 2)
unstructuredName = Attribute()
unstructuredName['type'] = pkcs_9_at_unstructuredName
unstructuredName['values'][0] = PKCS9String()
# Unstructured address
pkcs_9_at_unstructuredAddress = _OID(pkcs_9, 8)
unstructuredAddress = Attribute()
unstructuredAddress['type'] = pkcs_9_at_unstructuredAddress
unstructuredAddress['values'][0] = DirectoryString()
# Date of birth
pkcs_9_at_dateOfBirth = _OID(ietf_at, 1)
dateOfBirth = SingleAttribute()
dateOfBirth['type'] = pkcs_9_at_dateOfBirth
dateOfBirth['values'][0] = useful.GeneralizedTime()
# Place of birth
pkcs_9_at_placeOfBirth = _OID(ietf_at, 2)
placeOfBirth = SingleAttribute()
placeOfBirth['type'] = pkcs_9_at_placeOfBirth
placeOfBirth['values'][0] = DirectoryString()
# Gender
class GenderString(char.PrintableString):
pass
GenderString.subtypeSpec = constraint.ValueSizeConstraint(1, 1)
GenderString.subtypeSpec = constraint.SingleValueConstraint("M", "F", "m", "f")
pkcs_9_at_gender = _OID(ietf_at, 3)
gender = SingleAttribute()
gender['type'] = pkcs_9_at_gender
gender['values'][0] = GenderString()
# Country of citizenship
pkcs_9_at_countryOfCitizenship = _OID(ietf_at, 4)
countryOfCitizenship = Attribute()
countryOfCitizenship['type'] = pkcs_9_at_countryOfCitizenship
countryOfCitizenship['values'][0] = X520countryName()
# Country of residence
pkcs_9_at_countryOfResidence = _OID(ietf_at, 5)
countryOfResidence = Attribute()
countryOfResidence['type'] = pkcs_9_at_countryOfResidence
countryOfResidence['values'][0] = X520countryName()
# Pseudonym
id_at_pseudonym = _OID(2, 5, 4, 65)
pseudonym = Attribute()
pseudonym['type'] = id_at_pseudonym
pseudonym['values'][0] = DirectoryString()
# Serial number
id_at_serialNumber = rfc5280.id_at_serialNumber
serialNumber = Attribute()
serialNumber['type'] = id_at_serialNumber
serialNumber['values'][0] = X520SerialNumber()
# Content type
pkcs_9_at_contentType = rfc5652.id_contentType
contentType = CMSSingleAttribute()
contentType['attrType'] = pkcs_9_at_contentType
contentType['attrValues'][0] = ContentType()
# Message digest
pkcs_9_at_messageDigest = rfc5652.id_messageDigest
messageDigest = CMSSingleAttribute()
messageDigest['attrType'] = pkcs_9_at_messageDigest
messageDigest['attrValues'][0] = MessageDigest()
# Signing time
pkcs_9_at_signingTime = rfc5652.id_signingTime
signingTime = CMSSingleAttribute()
signingTime['attrType'] = pkcs_9_at_signingTime
signingTime['attrValues'][0] = SigningTime()
# Random nonce
class RandomNonce(univ.OctetString):
pass
RandomNonce.subtypeSpec = constraint.ValueSizeConstraint(4, MAX)
pkcs_9_at_randomNonce = _OID(pkcs_9_at, 3)
randomNonce = CMSSingleAttribute()
randomNonce['attrType'] = pkcs_9_at_randomNonce
randomNonce['attrValues'][0] = RandomNonce()
# Sequence number
class SequenceNumber(univ.Integer):
pass
SequenceNumber.subtypeSpec = constraint.ValueRangeConstraint(1, MAX)
pkcs_9_at_sequenceNumber = _OID(pkcs_9_at, 4)
sequenceNumber = CMSSingleAttribute()
sequenceNumber['attrType'] = pkcs_9_at_sequenceNumber
sequenceNumber['attrValues'][0] = SequenceNumber()
# Countersignature
pkcs_9_at_counterSignature = rfc5652.id_countersignature
counterSignature = CMSAttribute()
counterSignature['attrType'] = pkcs_9_at_counterSignature
counterSignature['attrValues'][0] = Countersignature()
# Challenge password
pkcs_9_at_challengePassword = _OID(pkcs_9, 7)
challengePassword = SingleAttribute()
challengePassword['type'] = pkcs_9_at_challengePassword
challengePassword['values'][0] = DirectoryString()
# Extension request
class ExtensionRequest(Extensions):
pass
pkcs_9_at_extensionRequest = _OID(pkcs_9, 14)
extensionRequest = SingleAttribute()
extensionRequest['type'] = pkcs_9_at_extensionRequest
extensionRequest['values'][0] = ExtensionRequest()
# Extended-certificate attributes (deprecated)
class AttributeSet(univ.SetOf):
pass
AttributeSet.componentType = Attribute()
pkcs_9_at_extendedCertificateAttributes = _OID(pkcs_9, 9)
extendedCertificateAttributes = SingleAttribute()
extendedCertificateAttributes['type'] = pkcs_9_at_extendedCertificateAttributes
extendedCertificateAttributes['values'][0] = AttributeSet()
# Friendly name
class FriendlyName(char.BMPString):
pass
FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName)
pkcs_9_at_friendlyName = _OID(pkcs_9, 20)
friendlyName = SingleAttribute()
friendlyName['type'] = pkcs_9_at_friendlyName
friendlyName['values'][0] = FriendlyName()
# Local key identifier
pkcs_9_at_localKeyId = _OID(pkcs_9, 21)
localKeyId = SingleAttribute()
localKeyId['type'] = pkcs_9_at_localKeyId
localKeyId['values'][0] = univ.OctetString()
# Signing description
pkcs_9_at_signingDescription = _OID(pkcs_9, 13)
signingDescription = CMSSingleAttribute()
signingDescription['attrType'] = pkcs_9_at_signingDescription
signingDescription['attrValues'][0] = DirectoryString()
# S/MIME capabilities
class SMIMECapability(AlgorithmIdentifier):
pass
class SMIMECapabilities(univ.SequenceOf):
pass
SMIMECapabilities.componentType = SMIMECapability()
pkcs_9_at_smimeCapabilities = _OID(pkcs_9, 15)
smimeCapabilities = CMSSingleAttribute()
smimeCapabilities['attrType'] = pkcs_9_at_smimeCapabilities
smimeCapabilities['attrValues'][0] = SMIMECapabilities()
# Certificate Attribute Map
_certificateAttributesMapUpdate = {
# Attribute types for use with the "pkcsEntity" object class
pkcs_9_at_pkcs7PDU: ContentInfo(),
pkcs_9_at_userPKCS12: PFX(),
# TODO: Once PKCS15Token can be imported, this can be included
# pkcs_9_at_pkcs15Token: PKCS15Token(),
pkcs_9_at_encryptedPrivateKeyInfo: EncryptedPrivateKeyInfo(),
# Attribute types for use with the "naturalPerson" object class
pkcs_9_at_emailAddress: EmailAddress(),
pkcs_9_at_unstructuredName: PKCS9String(),
pkcs_9_at_unstructuredAddress: DirectoryString(),
pkcs_9_at_dateOfBirth: useful.GeneralizedTime(),
pkcs_9_at_placeOfBirth: DirectoryString(),
pkcs_9_at_gender: GenderString(),
pkcs_9_at_countryOfCitizenship: X520countryName(),
pkcs_9_at_countryOfResidence: X520countryName(),
id_at_pseudonym: DirectoryString(),
id_at_serialNumber: X520SerialNumber(),
# Attribute types for use with PKCS #10 certificate requests
pkcs_9_at_challengePassword: DirectoryString(),
pkcs_9_at_extensionRequest: ExtensionRequest(),
pkcs_9_at_extendedCertificateAttributes: AttributeSet(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)
# CMS Attribute Map
# Note: pkcs_9_at_smimeCapabilities is not included in the map because
# the definition in RFC 5751 is preferred, which produces the same
# encoding, but it allows different parameters for SMIMECapability
# and AlgorithmIdentifier.
_cmsAttributesMapUpdate = {
# Attribute types for use in PKCS #7 data (a.k.a. CMS)
pkcs_9_at_contentType: ContentType(),
pkcs_9_at_messageDigest: MessageDigest(),
pkcs_9_at_signingTime: SigningTime(),
pkcs_9_at_randomNonce: RandomNonce(),
pkcs_9_at_sequenceNumber: SequenceNumber(),
pkcs_9_at_counterSignature: Countersignature(),
# Attributes for use in PKCS #12 "PFX" PDUs or PKCS #15 tokens
pkcs_9_at_friendlyName: FriendlyName(),
pkcs_9_at_localKeyId: univ.OctetString(),
pkcs_9_at_signingDescription: DirectoryString(),
# pkcs_9_at_smimeCapabilities: SMIMECapabilities(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)

75
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc2986.py Normal file
View File

@@ -0,0 +1,75 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Joel Johnson with asn1ate tool.
# Modified by Russ Housley to add support for opentypes by importing
# definitions from rfc5280 so that the same maps are used.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS #10: Certification Request Syntax Specification
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc2986.txt
#
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
AttributeType = rfc5280.AttributeType
AttributeValue = rfc5280.AttributeValue
AttributeTypeAndValue = rfc5280.AttributeTypeAndValue
Attribute = rfc5280.Attribute
RelativeDistinguishedName = rfc5280.RelativeDistinguishedName
RDNSequence = rfc5280.RDNSequence
Name = rfc5280.Name
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
class Attributes(univ.SetOf):
pass
Attributes.componentType = Attribute()
class CertificationRequestInfo(univ.Sequence):
pass
CertificationRequestInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer()),
namedtype.NamedType('subject', Name()),
namedtype.NamedType('subjectPKInfo', SubjectPublicKeyInfo()),
namedtype.NamedType('attributes',
Attributes().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))
)
)
class CertificationRequest(univ.Sequence):
pass
CertificationRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()),
namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)

42
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3058.py Normal file
View File

@@ -0,0 +1,42 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# IDEA Encryption Algorithm in CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3058.txt
# https://www.rfc-editor.org/errata/eid5913
#
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
id_IDEA_CBC = univ.ObjectIdentifier('1.3.6.1.4.1.188.7.1.1.2')
id_alg_CMSIDEAwrap = univ.ObjectIdentifier('1.3.6.1.4.1.188.7.1.1.6')
class IDEA_CBCPar(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('iv', univ.OctetString())
# exactly 8 octets, when present
)
# Update the Algorithm Identifier map in rfc5280.py.
_algorithmIdentifierMapUpdate = {
id_IDEA_CBC: IDEA_CBCPar(),
id_alg_CMSIDEAwrap: univ.Null("")
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

77
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3114.py Normal file
View File

@@ -0,0 +1,77 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# TEST Company Classification Policies
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3114.txt
#
from pyasn1.type import char
from pyasn1.type import namedval
from pyasn1.type import univ
from pyasn1_modules import rfc5755
id_smime = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, ))
id_tsp = id_smime + (7, )
id_tsp_TEST_Amoco = id_tsp + (1, )
class Amoco_SecurityClassification(univ.Integer):
namedValues = namedval.NamedValues(
('amoco-general', 6),
('amoco-confidential', 7),
('amoco-highly-confidential', 8)
)
id_tsp_TEST_Caterpillar = id_tsp + (2, )
class Caterpillar_SecurityClassification(univ.Integer):
namedValues = namedval.NamedValues(
('caterpillar-public', 6),
('caterpillar-green', 7),
('caterpillar-yellow', 8),
('caterpillar-red', 9)
)
id_tsp_TEST_Whirlpool = id_tsp + (3, )
class Whirlpool_SecurityClassification(univ.Integer):
namedValues = namedval.NamedValues(
('whirlpool-public', 6),
('whirlpool-internal', 7),
('whirlpool-confidential', 8)
)
id_tsp_TEST_Whirlpool_Categories = id_tsp + (4, )
class SecurityCategoryValues(univ.SequenceOf):
componentType = char.UTF8String()
# Example SecurityCategoryValues: "LAW DEPARTMENT USE ONLY"
# Example SecurityCategoryValues: "HUMAN RESOURCES USE ONLY"
# Also, the privacy mark in the security label can contain a string,
# such as: "ATTORNEY-CLIENT PRIVILEGED INFORMATION"
# Map of security category type OIDs to security category added
# to the ones that are in rfc5755.py
_securityCategoryMapUpdate = {
id_tsp_TEST_Whirlpool_Categories: SecurityCategoryValues(),
}
rfc5755.securityCategoryMap.update(_securityCategoryMapUpdate)

469
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3125.py Normal file
View File

@@ -0,0 +1,469 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Electronic Signature Policies
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3125.txt
# https://www.rfc-editor.org/errata/eid5901
# https://www.rfc-editor.org/errata/eid5902
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import useful
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
Attribute = rfc5280.Attribute
AttributeType = rfc5280.AttributeType
AttributeTypeAndValue = rfc5280.AttributeTypeAndValue
AttributeValue = rfc5280.AttributeValue
Certificate = rfc5280.Certificate
CertificateList = rfc5280.CertificateList
DirectoryString = rfc5280.DirectoryString
GeneralName = rfc5280.GeneralName
GeneralNames = rfc5280.GeneralNames
Name = rfc5280.Name
PolicyInformation = rfc5280.PolicyInformation
# Electronic Signature Policies
class CertPolicyId(univ.ObjectIdentifier):
pass
class AcceptablePolicySet(univ.SequenceOf):
componentType = CertPolicyId()
class SignPolExtn(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('extnID', univ.ObjectIdentifier()),
namedtype.NamedType('extnValue', univ.OctetString())
)
class SignPolExtensions(univ.SequenceOf):
componentType = SignPolExtn()
class AlgAndLength(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('algID', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('minKeyLength', univ.Integer()),
namedtype.OptionalNamedType('other', SignPolExtensions())
)
class AlgorithmConstraints(univ.SequenceOf):
componentType = AlgAndLength()
class AlgorithmConstraintSet(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('signerAlgorithmConstraints',
AlgorithmConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('eeCertAlgorithmConstraints',
AlgorithmConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('caCertAlgorithmConstraints',
AlgorithmConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('aaCertAlgorithmConstraints',
AlgorithmConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('tsaCertAlgorithmConstraints',
AlgorithmConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class AttributeValueConstraints(univ.SequenceOf):
componentType = AttributeTypeAndValue()
class AttributeTypeConstraints(univ.SequenceOf):
componentType = AttributeType()
class AttributeConstraints(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('attributeTypeConstarints',
AttributeTypeConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('attributeValueConstarints',
AttributeValueConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class HowCertAttribute(univ.Enumerated):
namedValues = namedval.NamedValues(
('claimedAttribute', 0),
('certifiedAttribtes', 1),
('either', 2)
)
class SkipCerts(univ.Integer):
subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
class PolicyConstraints(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('requireExplicitPolicy',
SkipCerts().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('inhibitPolicyMapping',
SkipCerts().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class BaseDistance(univ.Integer):
subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
class GeneralSubtree(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('base', GeneralName()),
namedtype.DefaultedNamedType('minimum',
BaseDistance().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(
value=0)),
namedtype.OptionalNamedType('maximum',
BaseDistance().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class GeneralSubtrees(univ.SequenceOf):
componentType = GeneralSubtree()
subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
class NameConstraints(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('permittedSubtrees',
GeneralSubtrees().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('excludedSubtrees',
GeneralSubtrees().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class PathLenConstraint(univ.Integer):
subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
class CertificateTrustPoint(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('trustpoint', Certificate()),
namedtype.OptionalNamedType('pathLenConstraint',
PathLenConstraint().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('acceptablePolicySet',
AcceptablePolicySet().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('nameConstraints',
NameConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('policyConstraints',
PolicyConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class CertificateTrustTrees(univ.SequenceOf):
componentType = CertificateTrustPoint()
class EnuRevReq(univ.Enumerated):
namedValues = namedval.NamedValues(
('clrCheck', 0),
('ocspCheck', 1),
('bothCheck', 2),
('eitherCheck', 3),
('noCheck', 4),
('other', 5)
)
class RevReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('enuRevReq', EnuRevReq()),
namedtype.OptionalNamedType('exRevReq', SignPolExtensions())
)
class CertRevReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('endCertRevReq', RevReq()),
namedtype.NamedType('caCerts',
RevReq().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class AttributeTrustCondition(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('attributeMandated', univ.Boolean()),
namedtype.NamedType('howCertAttribute', HowCertAttribute()),
namedtype.OptionalNamedType('attrCertificateTrustTrees',
CertificateTrustTrees().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('attrRevReq',
CertRevReq().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('attributeConstraints',
AttributeConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class CMSAttrs(univ.SequenceOf):
componentType = univ.ObjectIdentifier()
class CertInfoReq(univ.Enumerated):
namedValues = namedval.NamedValues(
('none', 0),
('signerOnly', 1),
('fullPath', 2)
)
class CertRefReq(univ.Enumerated):
namedValues = namedval.NamedValues(
('signerOnly', 1),
('fullPath', 2)
)
class DeltaTime(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('deltaSeconds', univ.Integer()),
namedtype.NamedType('deltaMinutes', univ.Integer()),
namedtype.NamedType('deltaHours', univ.Integer()),
namedtype.NamedType('deltaDays', univ.Integer())
)
class TimestampTrustCondition(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('ttsCertificateTrustTrees',
CertificateTrustTrees().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('ttsRevReq',
CertRevReq().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('ttsNameConstraints',
NameConstraints().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('cautionPeriod',
DeltaTime().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('signatureTimestampDelay',
DeltaTime().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 4)))
)
class SignerRules(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('externalSignedData', univ.Boolean()),
namedtype.NamedType('mandatedSignedAttr', CMSAttrs()),
namedtype.NamedType('mandatedUnsignedAttr', CMSAttrs()),
namedtype.DefaultedNamedType('mandatedCertificateRef',
CertRefReq().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(
value='signerOnly')),
namedtype.DefaultedNamedType('mandatedCertificateInfo',
CertInfoReq().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(
value='none')),
namedtype.OptionalNamedType('signPolExtensions',
SignPolExtensions().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class MandatedUnsignedAttr(CMSAttrs):
pass
class VerifierRules(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('mandatedUnsignedAttr', MandatedUnsignedAttr()),
namedtype.OptionalNamedType('signPolExtensions', SignPolExtensions())
)
class SignerAndVerifierRules(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signerRules', SignerRules()),
namedtype.NamedType('verifierRules', VerifierRules())
)
class SigningCertTrustCondition(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signerTrustTrees', CertificateTrustTrees()),
namedtype.NamedType('signerRevReq', CertRevReq())
)
class CommitmentTypeIdentifier(univ.ObjectIdentifier):
pass
class FieldOfApplication(DirectoryString):
pass
class CommitmentType(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('identifier', CommitmentTypeIdentifier()),
namedtype.OptionalNamedType('fieldOfApplication',
FieldOfApplication().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('semantics',
DirectoryString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class SelectedCommitmentTypes(univ.SequenceOf):
componentType = univ.Choice(componentType=namedtype.NamedTypes(
namedtype.NamedType('empty', univ.Null()),
namedtype.NamedType('recognizedCommitmentType', CommitmentType())
))
class CommitmentRule(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('selCommitmentTypes', SelectedCommitmentTypes()),
namedtype.OptionalNamedType('signerAndVeriferRules',
SignerAndVerifierRules().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('signingCertTrustCondition',
SigningCertTrustCondition().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('timeStampTrustCondition',
TimestampTrustCondition().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('attributeTrustCondition',
AttributeTrustCondition().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('algorithmConstraintSet',
AlgorithmConstraintSet().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('signPolExtensions',
SignPolExtensions().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 5)))
)
class CommitmentRules(univ.SequenceOf):
componentType = CommitmentRule()
class CommonRules(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('signerAndVeriferRules',
SignerAndVerifierRules().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('signingCertTrustCondition',
SigningCertTrustCondition().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('timeStampTrustCondition',
TimestampTrustCondition().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('attributeTrustCondition',
AttributeTrustCondition().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('algorithmConstraintSet',
AlgorithmConstraintSet().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('signPolExtensions',
SignPolExtensions().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 5)))
)
class PolicyIssuerName(GeneralNames):
pass
class SignPolicyHash(univ.OctetString):
pass
class SignPolicyId(univ.ObjectIdentifier):
pass
class SigningPeriod(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('notBefore', useful.GeneralizedTime()),
namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime())
)
class SignatureValidationPolicy(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signingPeriod', SigningPeriod()),
namedtype.NamedType('commonRules', CommonRules()),
namedtype.NamedType('commitmentRules', CommitmentRules()),
namedtype.OptionalNamedType('signPolExtensions', SignPolExtensions())
)
class SignPolicyInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signPolicyIdentifier', SignPolicyId()),
namedtype.NamedType('dateOfIssue', useful.GeneralizedTime()),
namedtype.NamedType('policyIssuerName', PolicyIssuerName()),
namedtype.NamedType('fieldOfApplication', FieldOfApplication()),
namedtype.NamedType('signatureValidationPolicy', SignatureValidationPolicy()),
namedtype.OptionalNamedType('signPolExtensions', SignPolExtensions())
)
class SignaturePolicy(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signPolicyHashAlg', AlgorithmIdentifier()),
namedtype.NamedType('signPolicyInfo', SignPolicyInfo()),
namedtype.OptionalNamedType('signPolicyHash', SignPolicyHash())
)

142
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3161.py Normal file
View File

@@ -0,0 +1,142 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Time-Stamp Protocol (TSP)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3161.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc4210
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
Extensions = rfc5280.Extensions
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
GeneralName = rfc5280.GeneralName
ContentInfo = rfc5652.ContentInfo
PKIFreeText = rfc4210.PKIFreeText
id_ct_TSTInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.4')
class Accuracy(univ.Sequence):
pass
Accuracy.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('seconds', univ.Integer()),
namedtype.OptionalNamedType('millis', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 999)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('micros', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 999)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class MessageImprint(univ.Sequence):
pass
MessageImprint.componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('hashedMessage', univ.OctetString())
)
class PKIFailureInfo(univ.BitString):
pass
PKIFailureInfo.namedValues = namedval.NamedValues(
('badAlg', 0),
('badRequest', 2),
('badDataFormat', 5),
('timeNotAvailable', 14),
('unacceptedPolicy', 15),
('unacceptedExtension', 16),
('addInfoNotAvailable', 17),
('systemFailure', 25)
)
class PKIStatus(univ.Integer):
pass
PKIStatus.namedValues = namedval.NamedValues(
('granted', 0),
('grantedWithMods', 1),
('rejection', 2),
('waiting', 3),
('revocationWarning', 4),
('revocationNotification', 5)
)
class PKIStatusInfo(univ.Sequence):
pass
PKIStatusInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatus()),
namedtype.OptionalNamedType('statusString', PKIFreeText()),
namedtype.OptionalNamedType('failInfo', PKIFailureInfo())
)
class TSAPolicyId(univ.ObjectIdentifier):
pass
class TSTInfo(univ.Sequence):
pass
TSTInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))),
namedtype.NamedType('policy', TSAPolicyId()),
namedtype.NamedType('messageImprint', MessageImprint()),
namedtype.NamedType('serialNumber', univ.Integer()),
namedtype.NamedType('genTime', useful.GeneralizedTime()),
namedtype.OptionalNamedType('accuracy', Accuracy()),
namedtype.DefaultedNamedType('ordering', univ.Boolean().subtype(value=0)),
namedtype.OptionalNamedType('nonce', univ.Integer()),
namedtype.OptionalNamedType('tsa', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class TimeStampReq(univ.Sequence):
pass
TimeStampReq.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))),
namedtype.NamedType('messageImprint', MessageImprint()),
namedtype.OptionalNamedType('reqPolicy', TSAPolicyId()),
namedtype.OptionalNamedType('nonce', univ.Integer()),
namedtype.DefaultedNamedType('certReq', univ.Boolean().subtype(value=0)),
namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class TimeStampToken(ContentInfo):
pass
class TimeStampResp(univ.Sequence):
pass
TimeStampResp.componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatusInfo()),
namedtype.OptionalNamedType('timeStampToken', TimeStampToken())
)

59
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3274.py Normal file
View File

@@ -0,0 +1,59 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add a map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# CMS Compressed Data Content Type
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3274.txt
#
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
class CompressionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
# The CMS Compressed Data Content Type
id_ct_compressedData = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.9')
class CompressedData(univ.Sequence):
pass
CompressedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', rfc5652.CMSVersion()), # Always set to 0
namedtype.NamedType('compressionAlgorithm', CompressionAlgorithmIdentifier()),
namedtype.NamedType('encapContentInfo', rfc5652.EncapsulatedContentInfo())
)
# Algorithm identifier for the zLib Compression Algorithm
# This includes cpa_zlibCompress as defined in RFC 6268,
# from https://www.rfc-editor.org/rfc/rfc6268.txt
id_alg_zlibCompress = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.8')
cpa_zlibCompress = rfc5280.AlgorithmIdentifier()
cpa_zlibCompress['algorithm'] = id_alg_zlibCompress
# cpa_zlibCompress['parameters'] are absent
# Map of Content Type OIDs to Content Types is added to thr
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_compressedData: CompressedData(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

260
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3279.py Normal file
View File

@@ -0,0 +1,260 @@
#
# This file is part of pyasn1-modules.
#
# Copyright (c) 2017, Danielle Madeley <danielle@madeley.id.au>
# License: http://snmplabs.com/pyasn1/license.html
#
# Modified by Russ Housley to add maps for use with opentypes.
#
# Algorithms and Identifiers for Internet X.509 Certificates and CRLs
#
# Derived from RFC 3279:
# https://www.rfc-editor.org/rfc/rfc3279.txt
#
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import univ
from pyasn1_modules import rfc5280
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
md2 = _OID(1, 2, 840, 113549, 2, 2)
md5 = _OID(1, 2, 840, 113549, 2, 5)
id_sha1 = _OID(1, 3, 14, 3, 2, 26)
***REMOVED*** = _OID(1, 2, 840, 10040, 4, 1)
class DSAPublicKey(univ.Integer):
pass
class Dss_Parms(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('p', univ.Integer()),
namedtype.NamedType('q', univ.Integer()),
namedtype.NamedType('g', univ.Integer())
)
***REMOVED***_with_sha1 = _OID(1, 2, 840, 10040, 4, 3)
class Dss_Sig_Value(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('r', univ.Integer()),
namedtype.NamedType('s', univ.Integer())
)
pkcs_1 = _OID(1, 2, 840, 113549, 1, 1)
rsaEncryption = _OID(pkcs_1, 1)
md2WithRSAEncryption = _OID(pkcs_1, 2)
md5WithRSAEncryption = _OID(pkcs_1, 4)
sha1WithRSAEncryption = _OID(pkcs_1, 5)
class RSAPublicKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer())
)
dhpublicnumber = _OID(1, 2, 840, 10046, 2, 1)
class DHPublicKey(univ.Integer):
pass
class ValidationParms(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('seed', univ.BitString()),
namedtype.NamedType('pgenCounter', univ.Integer())
)
class DomainParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('p', univ.Integer()),
namedtype.NamedType('g', univ.Integer()),
namedtype.NamedType('q', univ.Integer()),
namedtype.OptionalNamedType('j', univ.Integer()),
namedtype.OptionalNamedType('validationParms', ValidationParms())
)
id_keyExchangeAlgorithm = _OID(2, 16, 840, 1, 101, 2, 1, 1, 22)
class KEA_Parms_Id(univ.OctetString):
pass
ansi_X9_62 = _OID(1, 2, 840, 10045)
class FieldID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('fieldType', univ.ObjectIdentifier()),
namedtype.NamedType('parameters', univ.Any())
)
id_ecSigType = _OID(ansi_X9_62, 4)
ecdsa_with_SHA1 = _OID(id_ecSigType, 1)
class ECDSA_Sig_Value(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('r', univ.Integer()),
namedtype.NamedType('s', univ.Integer())
)
id_fieldType = _OID(ansi_X9_62, 1)
prime_field = _OID(id_fieldType, 1)
class Prime_p(univ.Integer):
pass
characteristic_two_field = _OID(id_fieldType, 2)
class Characteristic_two(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('m', univ.Integer()),
namedtype.NamedType('basis', univ.ObjectIdentifier()),
namedtype.NamedType('parameters', univ.Any())
)
id_characteristic_two_basis = _OID(characteristic_two_field, 3)
gnBasis = _OID(id_characteristic_two_basis, 1)
tpBasis = _OID(id_characteristic_two_basis, 2)
class Trinomial(univ.Integer):
pass
ppBasis = _OID(id_characteristic_two_basis, 3)
class Pentanomial(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('k1', univ.Integer()),
namedtype.NamedType('k2', univ.Integer()),
namedtype.NamedType('k3', univ.Integer())
)
class FieldElement(univ.OctetString):
pass
class ECPoint(univ.OctetString):
pass
class Curve(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('a', FieldElement()),
namedtype.NamedType('b', FieldElement()),
namedtype.OptionalNamedType('seed', univ.BitString())
)
class ECPVer(univ.Integer):
namedValues = namedval.NamedValues(
('ecpVer1', 1)
)
class ECParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', ECPVer()),
namedtype.NamedType('fieldID', FieldID()),
namedtype.NamedType('curve', Curve()),
namedtype.NamedType('base', ECPoint()),
namedtype.NamedType('order', univ.Integer()),
namedtype.OptionalNamedType('cofactor', univ.Integer())
)
class EcpkParameters(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ecParameters', ECParameters()),
namedtype.NamedType('namedCurve', univ.ObjectIdentifier()),
namedtype.NamedType('implicitlyCA', univ.Null())
)
id_publicKeyType = _OID(ansi_X9_62, 2)
id_ecPublicKey = _OID(id_publicKeyType, 1)
ellipticCurve = _OID(ansi_X9_62, 3)
c_TwoCurve = _OID(ellipticCurve, 0)
c2pnb163v1 = _OID(c_TwoCurve, 1)
c2pnb163v2 = _OID(c_TwoCurve, 2)
c2pnb163v3 = _OID(c_TwoCurve, 3)
c2pnb176w1 = _OID(c_TwoCurve, 4)
c2tnb191v1 = _OID(c_TwoCurve, 5)
c2tnb191v2 = _OID(c_TwoCurve, 6)
c2tnb191v3 = _OID(c_TwoCurve, 7)
c2onb191v4 = _OID(c_TwoCurve, 8)
c2onb191v5 = _OID(c_TwoCurve, 9)
c2pnb208w1 = _OID(c_TwoCurve, 10)
c2tnb239v1 = _OID(c_TwoCurve, 11)
c2tnb239v2 = _OID(c_TwoCurve, 12)
c2tnb239v3 = _OID(c_TwoCurve, 13)
c2onb239v4 = _OID(c_TwoCurve, 14)
c2onb239v5 = _OID(c_TwoCurve, 15)
c2pnb272w1 = _OID(c_TwoCurve, 16)
c2pnb304w1 = _OID(c_TwoCurve, 17)
c2tnb359v1 = _OID(c_TwoCurve, 18)
c2pnb368w1 = _OID(c_TwoCurve, 19)
c2tnb431r1 = _OID(c_TwoCurve, 20)
primeCurve = _OID(ellipticCurve, 1)
prime192v1 = _OID(primeCurve, 1)
prime192v2 = _OID(primeCurve, 2)
prime192v3 = _OID(primeCurve, 3)
prime239v1 = _OID(primeCurve, 4)
prime239v2 = _OID(primeCurve, 5)
prime239v3 = _OID(primeCurve, 6)
prime256v1 = _OID(primeCurve, 7)
# Map of Algorithm Identifier OIDs to Parameters added to the
# ones in rfc5280.py. Do not add OIDs with absent paramaters.
_algorithmIdentifierMapUpdate = {
md2: univ.Null(""),
md5: univ.Null(""),
id_sha1: univ.Null(""),
***REMOVED***: Dss_Parms(),
rsaEncryption: univ.Null(""),
md2WithRSAEncryption: univ.Null(""),
md5WithRSAEncryption: univ.Null(""),
sha1WithRSAEncryption: univ.Null(""),
dhpublicnumber: DomainParameters(),
id_keyExchangeAlgorithm: KEA_Parms_Id(),
id_ecPublicKey: EcpkParameters(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

1543
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3280.py Normal file
View File

File diff suppressed because it is too large Load Diff

331
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3281.py Normal file
View File

@@ -0,0 +1,331 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# An Internet Attribute Certificate Profile for Authorization
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3281.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc3280
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class ObjectDigestInfo(univ.Sequence):
pass
ObjectDigestInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('digestedObjectType', univ.Enumerated(
namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))),
namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()),
namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('objectDigest', univ.BitString())
)
class IssuerSerial(univ.Sequence):
pass
IssuerSerial.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.GeneralNames()),
namedtype.NamedType('serial', rfc3280.CertificateSerialNumber()),
namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier())
)
class TargetCert(univ.Sequence):
pass
TargetCert.componentType = namedtype.NamedTypes(
namedtype.NamedType('targetCertificate', IssuerSerial()),
namedtype.OptionalNamedType('targetName', rfc3280.GeneralName()),
namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo())
)
class Target(univ.Choice):
pass
Target.componentType = namedtype.NamedTypes(
namedtype.NamedType('targetName', rfc3280.GeneralName().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('targetCert',
TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class Targets(univ.SequenceOf):
pass
Targets.componentType = Target()
class ProxyInfo(univ.SequenceOf):
pass
ProxyInfo.componentType = Targets()
id_at_role = _buildOid(rfc3280.id_at, 72)
id_pe_aaControls = _buildOid(rfc3280.id_pe, 6)
id_ce_targetInformation = _buildOid(rfc3280.id_ce, 55)
id_pe_ac_auditIdentity = _buildOid(rfc3280.id_pe, 4)
class ClassList(univ.BitString):
pass
ClassList.namedValues = namedval.NamedValues(
('unmarked', 0),
('unclassified', 1),
('restricted', 2),
('confidential', 3),
('secret', 4),
('topSecret', 5)
)
class SecurityCategory(univ.Sequence):
pass
SecurityCategory.componentType = namedtype.NamedTypes(
namedtype.NamedType('type', univ.ObjectIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class Clearance(univ.Sequence):
pass
Clearance.componentType = namedtype.NamedTypes(
namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.DefaultedNamedType('classList',
ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)).subtype(
value="unclassified")),
namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class AttCertVersion(univ.Integer):
pass
AttCertVersion.namedValues = namedval.NamedValues(
('v2', 1)
)
id_aca = _buildOid(rfc3280.id_pkix, 10)
id_at_clearance = _buildOid(2, 5, 1, 5, 55)
class AttrSpec(univ.SequenceOf):
pass
AttrSpec.componentType = univ.ObjectIdentifier()
class AAControls(univ.Sequence):
pass
AAControls.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pathLenConstraint',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.OptionalNamedType('permittedAttrs',
AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('excludedAttrs',
AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1))
)
class AttCertValidityPeriod(univ.Sequence):
pass
AttCertValidityPeriod.componentType = namedtype.NamedTypes(
namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()),
namedtype.NamedType('notAfterTime', useful.GeneralizedTime())
)
id_aca_authenticationInfo = _buildOid(id_aca, 1)
class V2Form(univ.Sequence):
pass
V2Form.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('issuerName', rfc3280.GeneralNames()),
namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class AttCertIssuer(univ.Choice):
pass
AttCertIssuer.componentType = namedtype.NamedTypes(
namedtype.NamedType('v1Form', rfc3280.GeneralNames()),
namedtype.NamedType('v2Form',
V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Holder(univ.Sequence):
pass
Holder.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class AttributeCertificateInfo(univ.Sequence):
pass
AttributeCertificateInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', AttCertVersion()),
namedtype.NamedType('holder', Holder()),
namedtype.NamedType('issuer', AttCertIssuer()),
namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()),
namedtype.NamedType('attrCertValidityPeriod', AttCertValidityPeriod()),
namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc3280.Extensions())
)
class AttributeCertificate(univ.Sequence):
pass
AttributeCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('acinfo', AttributeCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('signatureValue', univ.BitString())
)
id_mod = _buildOid(rfc3280.id_pkix, 0)
id_mod_attribute_cert = _buildOid(id_mod, 12)
id_aca_accessIdentity = _buildOid(id_aca, 2)
class RoleSyntax(univ.Sequence):
pass
RoleSyntax.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('roleName',
rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_aca_chargingIdentity = _buildOid(id_aca, 3)
class ACClearAttrs(univ.Sequence):
pass
ACClearAttrs.componentType = namedtype.NamedTypes(
namedtype.NamedType('acIssuer', rfc3280.GeneralName()),
namedtype.NamedType('acSerial', univ.Integer()),
namedtype.NamedType('attrs', univ.SequenceOf(componentType=rfc3280.Attribute()))
)
id_aca_group = _buildOid(id_aca, 4)
id_pe_ac_proxying = _buildOid(rfc3280.id_pe, 10)
class SvceAuthInfo(univ.Sequence):
pass
SvceAuthInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('service', rfc3280.GeneralName()),
namedtype.NamedType('ident', rfc3280.GeneralName()),
namedtype.OptionalNamedType('authInfo', univ.OctetString())
)
class IetfAttrSyntax(univ.Sequence):
pass
IetfAttrSyntax.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType(
'policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
),
namedtype.NamedType(
'values', univ.SequenceOf(
componentType=univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('octets', univ.OctetString()),
namedtype.NamedType('oid', univ.ObjectIdentifier()),
namedtype.NamedType('string', char.UTF8String())
)
)
)
)
)
id_aca_encAttrs = _buildOid(id_aca, 6)

146
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3370.py Normal file
View File

@@ -0,0 +1,146 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Cryptographic Message Syntax (CMS) Algorithms
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3370.txt
#
from pyasn1.type import univ
from pyasn1_modules import rfc3279
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5751
from pyasn1_modules import rfc5753
from pyasn1_modules import rfc5990
from pyasn1_modules import rfc8018
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
# Imports from RFC 3279
dhpublicnumber = rfc3279.dhpublicnumber
dh_public_number = dhpublicnumber
DHPublicKey = rfc3279.DHPublicKey
DomainParameters = rfc3279.DomainParameters
DHDomainParameters = DomainParameters
Dss_Parms = rfc3279.Dss_Parms
Dss_Sig_Value = rfc3279.Dss_Sig_Value
md5 = rfc3279.md5
md5WithRSAEncryption = rfc3279.md5WithRSAEncryption
RSAPublicKey = rfc3279.RSAPublicKey
rsaEncryption = rfc3279.rsaEncryption
ValidationParms = rfc3279.ValidationParms
***REMOVED*** = rfc3279.***REMOVED***
***REMOVED***_with_sha1 = rfc3279.***REMOVED***_with_sha1
id_sha1 = rfc3279.id_sha1
sha_1 = id_sha1
sha1WithRSAEncryption = rfc3279.sha1WithRSAEncryption
# Imports from RFC 5753
CBCParameter = rfc5753.CBCParameter
CBCParameter = rfc5753.IV
KeyWrapAlgorithm = rfc5753.KeyWrapAlgorithm
# Imports from RFC 5990
id_alg_CMS3DESwrap = rfc5990.id_alg_CMS3DESwrap
# Imports from RFC 8018
des_EDE3_CBC = rfc8018.des_EDE3_CBC
des_ede3_cbc = des_EDE3_CBC
rc2CBC = rfc8018.rc2CBC
rc2_cbc = rc2CBC
RC2_CBC_Parameter = rfc8018.RC2_CBC_Parameter
RC2CBCParameter = RC2_CBC_Parameter
PBKDF2_params = rfc8018.PBKDF2_params
id_PBKDF2 = rfc8018.id_PBKDF2
# The few things that are not already defined elsewhere
hMAC_SHA1 = univ.ObjectIdentifier('1.3.6.1.5.5.8.1.2')
id_alg_ESDH = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.5')
id_alg_SSDH = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.10')
id_alg_CMSRC2wrap = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.7')
class RC2ParameterVersion(univ.Integer):
pass
class RC2wrapParameter(RC2ParameterVersion):
pass
class Dss_Pub_Key(univ.Integer):
pass
# Update the Algorithm Identifier map in rfc5280.py.
_algorithmIdentifierMapUpdate = {
hMAC_SHA1: univ.Null(""),
id_alg_CMSRC2wrap: RC2wrapParameter(),
id_alg_ESDH: KeyWrapAlgorithm(),
id_alg_SSDH: KeyWrapAlgorithm(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
# Update the S/MIME Capabilities map in rfc5751.py.
_smimeCapabilityMapUpdate = {
id_alg_CMSRC2wrap: RC2wrapParameter(),
id_alg_ESDH: KeyWrapAlgorithm(),
id_alg_SSDH: KeyWrapAlgorithm(),
}
rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

53
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3412.py Normal file
View File

@@ -0,0 +1,53 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv3 message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3412.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc1905
class ScopedPDU(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contextEngineId', univ.OctetString()),
namedtype.NamedType('contextName', univ.OctetString()),
namedtype.NamedType('data', rfc1905.PDUs())
)
class ScopedPduData(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('plaintext', ScopedPDU()),
namedtype.NamedType('encryptedPDU', univ.OctetString()),
)
class HeaderData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('msgID',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgMaxSize',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))),
namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))),
namedtype.NamedType('msgSecurityModel',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647)))
)
class SNMPv3Message(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('msgVersion',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgGlobalData', HeaderData()),
namedtype.NamedType('msgSecurityParameters', univ.OctetString()),
namedtype.NamedType('msgData', ScopedPduData())
)

28
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3414.py Normal file
View File

@@ -0,0 +1,28 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# SNMPv3 message syntax
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3414.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
class UsmSecurityParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()),
namedtype.NamedType('msgAuthoritativeEngineBoots',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgAuthoritativeEngineTime',
univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))),
namedtype.NamedType('msgUserName',
univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))),
namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()),
namedtype.NamedType('msgPrivacyParameters', univ.OctetString())
)

45
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3447.py Normal file
View File

@@ -0,0 +1,45 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS#1 syntax
#
# ASN.1 source from:
# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn
#
# Sample captures could be obtained with "openssl genrsa" command
#
from pyasn1.type import constraint
from pyasn1.type import namedval
from pyasn1_modules.rfc2437 import *
class OtherPrimeInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('prime', univ.Integer()),
namedtype.NamedType('exponent', univ.Integer()),
namedtype.NamedType('coefficient', univ.Integer())
)
class OtherPrimeInfos(univ.SequenceOf):
componentType = OtherPrimeInfo()
sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
class RSAPrivateKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('two-prime', 0), ('multi', 1)))),
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer()),
namedtype.NamedType('privateExponent', univ.Integer()),
namedtype.NamedType('prime1', univ.Integer()),
namedtype.NamedType('prime2', univ.Integer()),
namedtype.NamedType('exponent1', univ.Integer()),
namedtype.NamedType('exponent2', univ.Integer()),
namedtype.NamedType('coefficient', univ.Integer()),
namedtype.OptionalNamedType('otherPrimeInfos', OtherPrimeInfos())
)

34
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3537.py Normal file
View File

@@ -0,0 +1,34 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# SEED Encryption Algorithm in CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4010.txt
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
id_alg_HMACwith3DESwrap = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.11')
id_alg_HMACwithAESwrap = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.12')
# Update the Algorithm Identifier map in rfc5280.py.
_algorithmIdentifierMapUpdate = {
id_alg_HMACwith3DESwrap: univ.Null(""),
id_alg_HMACwithAESwrap: univ.Null(""),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

74
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3560.py Normal file
View File

@@ -0,0 +1,74 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# RSAES-OAEP Key Transport Algorithm in CMS
#
# Notice that all of the things needed in RFC 3560 are also defined
# in RFC 4055. So, they are all pulled from the RFC 4055 module into
# this one so that people looking a RFC 3560 can easily find them.
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3560.txt
#
from pyasn1_modules import rfc4055
id_sha1 = rfc4055.id_sha1
id_sha256 = rfc4055.id_sha256
id_sha384 = rfc4055.id_sha384
id_sha512 = rfc4055.id_sha512
id_mgf1 = rfc4055.id_mgf1
rsaEncryption = rfc4055.rsaEncryption
id_RSAES_OAEP = rfc4055.id_RSAES_OAEP
id_pSpecified = rfc4055.id_pSpecified
sha1Identifier = rfc4055.sha1Identifier
sha256Identifier = rfc4055.sha256Identifier
sha384Identifier = rfc4055.sha384Identifier
sha512Identifier = rfc4055.sha512Identifier
mgf1SHA1Identifier = rfc4055.mgf1SHA1Identifier
mgf1SHA256Identifier = rfc4055.mgf1SHA256Identifier
mgf1SHA384Identifier = rfc4055.mgf1SHA384Identifier
mgf1SHA512Identifier = rfc4055.mgf1SHA512Identifier
pSpecifiedEmptyIdentifier = rfc4055.pSpecifiedEmptyIdentifier
class RSAES_OAEP_params(rfc4055.RSAES_OAEP_params):
pass
rSAES_OAEP_Default_Params = RSAES_OAEP_params()
rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier
rSAES_OAEP_SHA256_Params = rfc4055.rSAES_OAEP_SHA256_Params
rSAES_OAEP_SHA256_Identifier = rfc4055.rSAES_OAEP_SHA256_Identifier
rSAES_OAEP_SHA384_Params = rfc4055.rSAES_OAEP_SHA384_Params
rSAES_OAEP_SHA384_Identifier = rfc4055.rSAES_OAEP_SHA384_Identifier
rSAES_OAEP_SHA512_Params = rfc4055.rSAES_OAEP_SHA512_Params
rSAES_OAEP_SHA512_Identifier = rfc4055.rSAES_OAEP_SHA512_Identifier

57
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3565.py Normal file
View File

@@ -0,0 +1,57 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
# Modified by Russ Housley to add maps for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Use of the Advanced Encryption Standard (AES) Encryption
# Algorithm in the Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3565.txt
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class AES_IV(univ.OctetString):
pass
AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16)
id_aes128_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.2')
id_aes192_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.22')
id_aes256_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.42')
id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5')
id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25')
id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45')
# Update the Algorithm Identifier map
_algorithmIdentifierMapUpdate = {
id_aes128_CBC: AES_IV(),
id_aes192_CBC: AES_IV(),
id_aes256_CBC: AES_IV(),
id_aes128_wrap: univ.Null(),
id_aes192_wrap: univ.Null(),
id_aes256_wrap: univ.Null(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

66
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3657.py Normal file
View File

@@ -0,0 +1,66 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Camellia Algorithm in CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3657.txt
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5751
id_camellia128_cbc = univ.ObjectIdentifier('1.2.392.200011.61.1.1.1.2')
id_camellia192_cbc = univ.ObjectIdentifier('1.2.392.200011.61.1.1.1.3')
id_camellia256_cbc = univ.ObjectIdentifier('1.2.392.200011.61.1.1.1.4')
id_camellia128_wrap = univ.ObjectIdentifier('1.2.392.200011.61.1.1.3.2')
id_camellia192_wrap = univ.ObjectIdentifier('1.2.392.200011.61.1.1.3.3')
id_camellia256_wrap = univ.ObjectIdentifier('1.2.392.200011.61.1.1.3.4')
class Camellia_IV(univ.OctetString):
subtypeSpec = constraint.ValueSizeConstraint(16, 16)
class CamelliaSMimeCapability(univ.Null):
pass
# Update the Algorithm Identifier map in rfc5280.py.
_algorithmIdentifierMapUpdate = {
id_camellia128_cbc: Camellia_IV(),
id_camellia192_cbc: Camellia_IV(),
id_camellia256_cbc: Camellia_IV(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
# Update the SMIMECapabilities Attribute map in rfc5751.py
_smimeCapabilityMapUpdate = {
id_camellia128_cbc: CamelliaSMimeCapability(),
id_camellia192_cbc: CamelliaSMimeCapability(),
id_camellia256_cbc: CamelliaSMimeCapability(),
id_camellia128_wrap: CamelliaSMimeCapability(),
id_camellia192_wrap: CamelliaSMimeCapability(),
id_camellia256_wrap: CamelliaSMimeCapability(),
}
rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

207
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3709.py Normal file
View File

@@ -0,0 +1,207 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add maps for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Logotypes in X.509 Certificates
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3709.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc6170
MAX = float('inf')
class HashAlgAndValue(univ.Sequence):
pass
HashAlgAndValue.componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('hashValue', univ.OctetString())
)
class LogotypeDetails(univ.Sequence):
pass
LogotypeDetails.componentType = namedtype.NamedTypes(
namedtype.NamedType('mediaType', char.IA5String()),
namedtype.NamedType('logotypeHash', univ.SequenceOf(
componentType=HashAlgAndValue()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX))),
namedtype.NamedType('logotypeURI', univ.SequenceOf(
componentType=char.IA5String()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class LogotypeAudioInfo(univ.Sequence):
pass
LogotypeAudioInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('fileSize', univ.Integer()),
namedtype.NamedType('playTime', univ.Integer()),
namedtype.NamedType('channels', univ.Integer()),
namedtype.OptionalNamedType('sampleRate', univ.Integer().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('language', char.IA5String().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class LogotypeAudio(univ.Sequence):
pass
LogotypeAudio.componentType = namedtype.NamedTypes(
namedtype.NamedType('audioDetails', LogotypeDetails()),
namedtype.OptionalNamedType('audioInfo', LogotypeAudioInfo())
)
class LogotypeImageType(univ.Integer):
pass
LogotypeImageType.namedValues = namedval.NamedValues(
('grayScale', 0),
('color', 1)
)
class LogotypeImageResolution(univ.Choice):
pass
LogotypeImageResolution.componentType = namedtype.NamedTypes(
namedtype.NamedType('numBits',
univ.Integer().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('tableSize',
univ.Integer().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class LogotypeImageInfo(univ.Sequence):
pass
LogotypeImageInfo.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('type', LogotypeImageType().subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='color')),
namedtype.NamedType('fileSize', univ.Integer()),
namedtype.NamedType('xSize', univ.Integer()),
namedtype.NamedType('ySize', univ.Integer()),
namedtype.OptionalNamedType('resolution', LogotypeImageResolution()),
namedtype.OptionalNamedType('language', char.IA5String().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class LogotypeImage(univ.Sequence):
pass
LogotypeImage.componentType = namedtype.NamedTypes(
namedtype.NamedType('imageDetails', LogotypeDetails()),
namedtype.OptionalNamedType('imageInfo', LogotypeImageInfo())
)
class LogotypeData(univ.Sequence):
pass
LogotypeData.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('image', univ.SequenceOf(
componentType=LogotypeImage())),
namedtype.OptionalNamedType('audio', univ.SequenceOf(
componentType=LogotypeAudio()).subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)))
)
class LogotypeReference(univ.Sequence):
pass
LogotypeReference.componentType = namedtype.NamedTypes(
namedtype.NamedType('refStructHash', univ.SequenceOf(
componentType=HashAlgAndValue()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX))),
namedtype.NamedType('refStructURI', univ.SequenceOf(
componentType=char.IA5String()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class LogotypeInfo(univ.Choice):
pass
LogotypeInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('direct',
LogotypeData().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 0))),
namedtype.NamedType('indirect', LogotypeReference().subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1)))
)
# Other logotype type and associated object identifiers
id_logo_background = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.2')
id_logo_loyalty = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.1')
id_logo_certImage = rfc6170.id_logo_certImage
class OtherLogotypeInfo(univ.Sequence):
pass
OtherLogotypeInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('logotypeType', univ.ObjectIdentifier()),
namedtype.NamedType('info', LogotypeInfo())
)
# Logotype Certificate Extension
id_pe_logotype = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.12')
class LogotypeExtn(univ.Sequence):
pass
LogotypeExtn.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('communityLogos', univ.SequenceOf(
componentType=LogotypeInfo()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('issuerLogo', LogotypeInfo().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('subjectLogo', LogotypeInfo().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.OptionalNamedType('otherLogos', univ.SequenceOf(
componentType=OtherLogotypeInfo()).subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 3)))
)
# Map of Certificate Extension OIDs to Extensions added to the
# ones that are in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_logotype: LogotypeExtn(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

203
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3739.py Normal file
View File

@@ -0,0 +1,203 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add WithComponentsConstraints to
# enforce the requirements that are indicated in comments.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Qualified Certificates
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3739.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc5280
MAX = float('inf')
# Initialize the qcStatement map
qcStatementMap = { }
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
AttributeType = rfc5280.AttributeType
DirectoryString = rfc5280.DirectoryString
GeneralName = rfc5280.GeneralName
id_pkix = rfc5280.id_pkix
id_pe = rfc5280.id_pe
# Arc for QC personal data attributes
id_pda = id_pkix + (9, )
# Arc for QC statements
id_qcs = id_pkix + (11, )
# Personal data attributes
id_pda_dateOfBirth = id_pda + (1, )
class DateOfBirth(useful.GeneralizedTime):
pass
id_pda_placeOfBirth = id_pda + (2, )
class PlaceOfBirth(DirectoryString):
pass
id_pda_gender = id_pda + (3, )
class Gender(char.PrintableString):
subtypeSpec = constraint.ConstraintsIntersection(
constraint.ValueSizeConstraint(1, 1),
constraint.SingleValueConstraint('M', 'F', 'm', 'f')
)
id_pda_countryOfCitizenship = id_pda + (4, )
class CountryOfCitizenship(char.PrintableString):
subtypeSpec = constraint.ValueSizeConstraint(2, 2)
# ISO 3166 Country Code
id_pda_countryOfResidence = id_pda + (5, )
class CountryOfResidence(char.PrintableString):
subtypeSpec = constraint.ValueSizeConstraint(2, 2)
# ISO 3166 Country Code
# Biometric info certificate extension
id_pe_biometricInfo = id_pe + (2, )
class PredefinedBiometricType(univ.Integer):
namedValues = namedval.NamedValues(
('picture', 0),
('handwritten-signature', 1)
)
subtypeSpec = constraint.SingleValueConstraint(0, 1)
class TypeOfBiometricData(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('predefinedBiometricType', PredefinedBiometricType()),
namedtype.NamedType('biometricDataOid', univ.ObjectIdentifier())
)
class BiometricData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('typeOfBiometricData', TypeOfBiometricData()),
namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('biometricDataHash', univ.OctetString()),
namedtype.OptionalNamedType('sourceDataUri', char.IA5String())
)
class BiometricSyntax(univ.SequenceOf):
componentType = BiometricData()
# QC Statements certificate extension
# NOTE: This extension does not allow to mix critical and
# non-critical Qualified Certificate Statements. Either all
# statements must be critical or all statements must be
# non-critical.
id_pe_qcStatements = id_pe + (3, )
class NameRegistrationAuthorities(univ.SequenceOf):
componentType = GeneralName()
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class QCStatement(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('statementId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('statementInfo', univ.Any(),
openType=opentype.OpenType('statementId', qcStatementMap))
)
class QCStatements(univ.SequenceOf):
componentType = QCStatement()
class SemanticsInformation(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('semanticsIndentifier',
univ.ObjectIdentifier()),
namedtype.OptionalNamedType('nameRegistrationAuthorities',
NameRegistrationAuthorities())
)
subtypeSpec = constraint.ConstraintsUnion(
constraint.WithComponentsConstraint(
('semanticsIndentifier', constraint.ComponentPresentConstraint())),
constraint.WithComponentsConstraint(
('nameRegistrationAuthorities', constraint.ComponentPresentConstraint()))
)
id_qcs = id_pkix + (11, )
id_qcs_pkixQCSyntax_v1 = id_qcs + (1, )
id_qcs_pkixQCSyntax_v2 = id_qcs + (2, )
# Map of Certificate Extension OIDs to Extensions
# To be added to the ones that are in rfc5280.py
_certificateExtensionsMap = {
id_pe_biometricInfo: BiometricSyntax(),
id_pe_qcStatements: QCStatements(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap)
# Map of AttributeType OIDs to AttributeValue added to the
# ones that are in rfc5280.py
_certificateAttributesMapUpdate = {
id_pda_dateOfBirth: DateOfBirth(),
id_pda_placeOfBirth: PlaceOfBirth(),
id_pda_gender: Gender(),
id_pda_countryOfCitizenship: CountryOfCitizenship(),
id_pda_countryOfResidence: CountryOfResidence(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)

75
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3770.py Normal file
View File

@@ -0,0 +1,75 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Extensions and Attributes Supporting Authentication
# in PPP and Wireless LAN Networks
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3770.txt
# https://www.rfc-editor.org/errata/eid234
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
# Extended Key Usage Values
id_kp_eapOverLAN = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.14')
id_kp_eapOverPPP = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.13')
# Wireless LAN SSID Extension
id_pe_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.13')
class SSID(univ.OctetString):
pass
SSID.subtypeSpec = constraint.ValueSizeConstraint(1, 32)
class SSIDList(univ.SequenceOf):
pass
SSIDList.componentType = SSID()
SSIDList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
# Wireless LAN SSID Attribute Certificate Attribute
# Uses same syntax as the certificate extension: SSIDList
# Correction for https://www.rfc-editor.org/errata/eid234
id_aca_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.10.7')
# Map of Certificate Extension OIDs to Extensions
# To be added to the ones that are in rfc5280.py
_certificateExtensionsMap = {
id_pe_wlanSSID: SSIDList(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap)
# Map of AttributeType OIDs to AttributeValue added to the
# ones that are in rfc5280.py
_certificateAttributesMapUpdate = {
id_aca_wlanSSID: SSIDList(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)

137
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3779.py Normal file
View File

@@ -0,0 +1,137 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add maps for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# X.509 Extensions for IP Addresses and AS Identifiers
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3779.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
# IP Address Delegation Extension
id_pe_ipAddrBlocks = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.7')
class IPAddress(univ.BitString):
pass
class IPAddressRange(univ.Sequence):
pass
IPAddressRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('min', IPAddress()),
namedtype.NamedType('max', IPAddress())
)
class IPAddressOrRange(univ.Choice):
pass
IPAddressOrRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('addressPrefix', IPAddress()),
namedtype.NamedType('addressRange', IPAddressRange())
)
class IPAddressChoice(univ.Choice):
pass
IPAddressChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('inherit', univ.Null()),
namedtype.NamedType('addressesOrRanges', univ.SequenceOf(
componentType=IPAddressOrRange())
)
)
class IPAddressFamily(univ.Sequence):
pass
IPAddressFamily.componentType = namedtype.NamedTypes(
namedtype.NamedType('addressFamily', univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(2, 3))),
namedtype.NamedType('ipAddressChoice', IPAddressChoice())
)
class IPAddrBlocks(univ.SequenceOf):
pass
IPAddrBlocks.componentType = IPAddressFamily()
# Autonomous System Identifier Delegation Extension
id_pe_autonomousSysIds = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.8')
class ASId(univ.Integer):
pass
class ASRange(univ.Sequence):
pass
ASRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('min', ASId()),
namedtype.NamedType('max', ASId())
)
class ASIdOrRange(univ.Choice):
pass
ASIdOrRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('id', ASId()),
namedtype.NamedType('range', ASRange())
)
class ASIdentifierChoice(univ.Choice):
pass
ASIdentifierChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('inherit', univ.Null()),
namedtype.NamedType('asIdsOrRanges', univ.SequenceOf(
componentType=ASIdOrRange())
)
)
class ASIdentifiers(univ.Sequence):
pass
ASIdentifiers.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('asnum', ASIdentifierChoice().subtype(
explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('rdi', ASIdentifierChoice().subtype(
explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1)))
)
# Map of Certificate Extension OIDs to Extensions is added to the
# ones that are in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_ipAddrBlocks: IPAddrBlocks(),
id_pe_autonomousSysIds: ASIdentifiers(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

65
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3820.py Normal file
View File

@@ -0,0 +1,65 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Diffie-Hellman Key Agreement
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3820.txt
#
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
class ProxyCertPathLengthConstraint(univ.Integer):
pass
class ProxyPolicy(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('policyLanguage', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('policy', univ.OctetString())
)
class ProxyCertInfoExtension(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pCPathLenConstraint',
ProxyCertPathLengthConstraint()),
namedtype.NamedType('proxyPolicy', ProxyPolicy())
)
id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, ))
id_pe = id_pkix + (1, )
id_pe_proxyCertInfo = id_pe + (14, )
id_ppl = id_pkix + (21, )
id_ppl_anyLanguage = id_ppl + (0, )
id_ppl_inheritAll = id_ppl + (1, )
id_ppl_independent = id_ppl + (2, )
# Map of Certificate Extension OIDs to Extensions added to the
# ones that are in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_proxyCertInfo: ProxyCertInfoExtension(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

706
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc3852.py Normal file
View File

@@ -0,0 +1,706 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc3852.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc3280
from pyasn1_modules import rfc3281
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class AttributeValue(univ.Any):
pass
class Attribute(univ.Sequence):
pass
Attribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', univ.ObjectIdentifier()),
namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()))
)
class SignedAttributes(univ.SetOf):
pass
SignedAttributes.componentType = Attribute()
SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class OtherRevocationInfoFormat(univ.Sequence):
pass
OtherRevocationInfoFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherRevInfo', univ.Any())
)
class RevocationInfoChoice(univ.Choice):
pass
RevocationInfoChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('crl', rfc3280.CertificateList()),
namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class RevocationInfoChoices(univ.SetOf):
pass
RevocationInfoChoices.componentType = RevocationInfoChoice()
class OtherKeyAttribute(univ.Sequence):
pass
OtherKeyAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('keyAttr', univ.Any())
)
id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2)
class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class EncryptedKey(univ.OctetString):
pass
class CMSVersion(univ.Integer):
pass
CMSVersion.namedValues = namedval.NamedValues(
('v0', 0),
('v1', 1),
('v2', 2),
('v3', 3),
('v4', 4),
('v5', 5)
)
class KEKIdentifier(univ.Sequence):
pass
KEKIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyIdentifier', univ.OctetString()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KEKRecipientInfo(univ.Sequence):
pass
KEKRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('kekid', KEKIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class PasswordRecipientInfo(univ.Sequence):
pass
PasswordRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class OtherRecipientInfo(univ.Sequence):
pass
OtherRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('oriType', univ.ObjectIdentifier()),
namedtype.NamedType('oriValue', univ.Any())
)
class IssuerAndSerialNumber(univ.Sequence):
pass
IssuerAndSerialNumber.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.Name()),
namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber())
)
class SubjectKeyIdentifier(univ.OctetString):
pass
class RecipientKeyIdentifier(univ.Sequence):
pass
RecipientKeyIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KeyAgreeRecipientIdentifier(univ.Choice):
pass
KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class RecipientEncryptedKey(univ.Sequence):
pass
RecipientEncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientEncryptedKeys(univ.SequenceOf):
pass
RecipientEncryptedKeys.componentType = RecipientEncryptedKey()
class UserKeyingMaterial(univ.OctetString):
pass
class OriginatorPublicKey(univ.Sequence):
pass
OriginatorPublicKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('publicKey', univ.BitString())
)
class OriginatorIdentifierOrKey(univ.Choice):
pass
OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class KeyAgreeRecipientInfo(univ.Sequence):
pass
KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys())
)
class RecipientIdentifier(univ.Choice):
pass
RecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class KeyTransRecipientInfo(univ.Sequence):
pass
KeyTransRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('rid', RecipientIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientInfo(univ.Choice):
pass
RecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('ktri', KeyTransRecipientInfo()),
namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('kekri', KEKRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('ori', OtherRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)))
)
class RecipientInfos(univ.SetOf):
pass
RecipientInfos.componentType = RecipientInfo()
RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class Signature(univ.BitString):
pass
class SignerIdentifier(univ.Choice):
pass
SignerIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class UnprotectedAttributes(univ.SetOf):
pass
UnprotectedAttributes.componentType = Attribute()
UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class ContentType(univ.ObjectIdentifier):
pass
class EncryptedContent(univ.OctetString):
pass
class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class EncryptedContentInfo(univ.Sequence):
pass
EncryptedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class EncryptedData(univ.Sequence):
pass
EncryptedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3)
id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1)
id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4)
class DigestAlgorithmIdentifiers(univ.SetOf):
pass
DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier()
class EncapsulatedContentInfo(univ.Sequence):
pass
EncapsulatedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('eContentType', ContentType()),
namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Digest(univ.OctetString):
pass
class DigestedData(univ.Sequence):
pass
DigestedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.NamedType('digest', Digest())
)
class ContentInfo(univ.Sequence):
pass
ContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class UnauthAttributes(univ.SetOf):
pass
UnauthAttributes.componentType = Attribute()
UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class ExtendedCertificateInfo(univ.Sequence):
pass
ExtendedCertificateInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('certificate', rfc3280.Certificate()),
namedtype.NamedType('attributes', UnauthAttributes())
)
class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
pass
class ExtendedCertificate(univ.Sequence):
pass
ExtendedCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', Signature())
)
class OtherCertificateFormat(univ.Sequence):
pass
OtherCertificateFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherCert', univ.Any())
)
class AttributeCertificateV2(rfc3281.AttributeCertificate):
pass
class AttCertVersionV1(univ.Integer):
pass
AttCertVersionV1.namedValues = namedval.NamedValues(
('v1', 0)
)
class AttributeCertificateInfoV1(univ.Sequence):
pass
AttributeCertificateInfoV1.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")),
namedtype.NamedType(
'subject', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
)
),
namedtype.NamedType('issuer', rfc3280.GeneralNames()),
namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()),
namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()),
namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc3280.Extensions())
)
class AttributeCertificateV1(univ.Sequence):
pass
AttributeCertificateV1.componentType = namedtype.NamedTypes(
namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class CertificateChoices(univ.Choice):
pass
CertificateChoices.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc3280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('other', OtherCertificateFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class CertificateSet(univ.SetOf):
pass
CertificateSet.componentType = CertificateChoices()
class MessageAuthenticationCode(univ.OctetString):
pass
class UnsignedAttributes(univ.SetOf):
pass
UnsignedAttributes.componentType = Attribute()
UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class SignatureValue(univ.OctetString):
pass
class SignerInfo(univ.Sequence):
pass
SignerInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('sid', SignerIdentifier()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', SignatureValue()),
namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class SignerInfos(univ.SetOf):
pass
SignerInfos.componentType = SignerInfo()
class SignedData(univ.Sequence):
pass
SignedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('certificates', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier):
pass
class MessageDigest(univ.OctetString):
pass
class Time(univ.Choice):
pass
Time.componentType = namedtype.NamedTypes(
namedtype.NamedType('utcTime', useful.UTCTime()),
namedtype.NamedType('generalTime', useful.GeneralizedTime())
)
class OriginatorInfo(univ.Sequence):
pass
OriginatorInfo.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('certs', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class AuthAttributes(univ.SetOf):
pass
AuthAttributes.componentType = Attribute()
AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class AuthenticatedData(univ.Sequence):
pass
AuthenticatedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()),
namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('mac', MessageAuthenticationCode()),
namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6)
id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3)
class EnvelopedData(univ.Sequence):
pass
EnvelopedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class Countersignature(SignerInfo):
pass
id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5)
id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5)
class ExtendedCertificateOrCertificate(univ.Choice):
pass
ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc3280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6)
id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2)
class SigningTime(Time):
pass
id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6)

58
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4010.py Normal file
View File

@@ -0,0 +1,58 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# SEED Encryption Algorithm in CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4010.txt
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5751
id_seedCBC = univ.ObjectIdentifier('1.2.410.200004.1.4')
id_npki_app_cmsSeed_wrap = univ.ObjectIdentifier('1.2.410.200004.7.1.1.1')
class SeedIV(univ.OctetString):
subtypeSpec = constraint.ValueSizeConstraint(16, 16)
class SeedCBCParameter(SeedIV):
pass
class SeedSMimeCapability(univ.Null):
pass
# Update the Algorithm Identifier map in rfc5280.py.
_algorithmIdentifierMapUpdate = {
id_seedCBC: SeedCBCParameter(),
id_npki_app_cmsSeed_wrap: univ.Null(""),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
# Update the SMIMECapabilities Attribute map in rfc5751.py
_smimeCapabilityMapUpdate = {
id_seedCBC: SeedSMimeCapability(),
id_npki_app_cmsSeed_wrap: SeedSMimeCapability(),
}
rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

43
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4043.py Normal file
View File

@@ -0,0 +1,43 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Internet X.509 Public Key Infrastructure Permanent Identifier
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4043.txt
#
from pyasn1.type import char
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, ))
id_on = id_pkix + (8, )
id_on_permanentIdentifier = id_on + (3, )
class PermanentIdentifier(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('identifierValue', char.UTF8String()),
namedtype.OptionalNamedType('assigner', univ.ObjectIdentifier())
)
# Map of Other Name OIDs to Other Name is added to the
# ones that are in rfc5280.py
_anotherNameMapUpdate = {
id_on_permanentIdentifier: PermanentIdentifier(),
}
rfc5280.anotherNameMap.update(_anotherNameMapUpdate)

258
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4055.py Normal file
View File

@@ -0,0 +1,258 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with a very small amount of assistance from
# asn1ate v.0.6.0.
# Modified by Russ Housley to add maps for opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Additional Algorithms and Identifiers for RSA Cryptography
# for use in Certificates and CRLs
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4055.txt
#
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
id_sha1 = _OID(1, 3, 14, 3, 2, 26)
id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1)
id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2)
id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3)
id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4)
rsaEncryption = _OID(1, 2, 840, 113549, 1, 1, 1)
id_mgf1 = _OID(1, 2, 840, 113549, 1, 1, 8)
id_RSAES_OAEP = _OID(1, 2, 840, 113549, 1, 1, 7)
id_pSpecified = _OID(1, 2, 840, 113549, 1, 1, 9)
id_RSASSA_PSS = _OID(1, 2, 840, 113549, 1, 1, 10)
sha256WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 11)
sha384WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 12)
sha512WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 13)
sha224WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 14)
sha1Identifier = rfc5280.AlgorithmIdentifier()
sha1Identifier['algorithm'] = id_sha1
sha1Identifier['parameters'] = univ.Null("")
sha224Identifier = rfc5280.AlgorithmIdentifier()
sha224Identifier['algorithm'] = id_sha224
sha224Identifier['parameters'] = univ.Null("")
sha256Identifier = rfc5280.AlgorithmIdentifier()
sha256Identifier['algorithm'] = id_sha256
sha256Identifier['parameters'] = univ.Null("")
sha384Identifier = rfc5280.AlgorithmIdentifier()
sha384Identifier['algorithm'] = id_sha384
sha384Identifier['parameters'] = univ.Null("")
sha512Identifier = rfc5280.AlgorithmIdentifier()
sha512Identifier['algorithm'] = id_sha512
sha512Identifier['parameters'] = univ.Null("")
mgf1SHA1Identifier = rfc5280.AlgorithmIdentifier()
mgf1SHA1Identifier['algorithm'] = id_mgf1
mgf1SHA1Identifier['parameters'] = sha1Identifier
mgf1SHA224Identifier = rfc5280.AlgorithmIdentifier()
mgf1SHA224Identifier['algorithm'] = id_mgf1
mgf1SHA224Identifier['parameters'] = sha224Identifier
mgf1SHA256Identifier = rfc5280.AlgorithmIdentifier()
mgf1SHA256Identifier['algorithm'] = id_mgf1
mgf1SHA256Identifier['parameters'] = sha256Identifier
mgf1SHA384Identifier = rfc5280.AlgorithmIdentifier()
mgf1SHA384Identifier['algorithm'] = id_mgf1
mgf1SHA384Identifier['parameters'] = sha384Identifier
mgf1SHA512Identifier = rfc5280.AlgorithmIdentifier()
mgf1SHA512Identifier['algorithm'] = id_mgf1
mgf1SHA512Identifier['parameters'] = sha512Identifier
pSpecifiedEmptyIdentifier = rfc5280.AlgorithmIdentifier()
pSpecifiedEmptyIdentifier['algorithm'] = id_pSpecified
pSpecifiedEmptyIdentifier['parameters'] = univ.OctetString(value='')
class RSAPublicKey(univ.Sequence):
pass
RSAPublicKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('modulus', univ.Integer()),
namedtype.NamedType('publicExponent', univ.Integer())
)
class HashAlgorithm(rfc5280.AlgorithmIdentifier):
pass
class MaskGenAlgorithm(rfc5280.AlgorithmIdentifier):
pass
class RSAES_OAEP_params(univ.Sequence):
pass
RSAES_OAEP_params.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('hashFunc', rfc5280.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('maskGenFunc', rfc5280.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('pSourceFunc', rfc5280.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
rSAES_OAEP_Default_Params = RSAES_OAEP_params()
rSAES_OAEP_Default_Identifier = rfc5280.AlgorithmIdentifier()
rSAES_OAEP_Default_Identifier['algorithm'] = id_RSAES_OAEP
rSAES_OAEP_Default_Identifier['parameters'] = rSAES_OAEP_Default_Params
rSAES_OAEP_SHA224_Params = RSAES_OAEP_params()
rSAES_OAEP_SHA224_Params['hashFunc'] = sha224Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSAES_OAEP_SHA224_Params['maskGenFunc'] = mgf1SHA224Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSAES_OAEP_SHA224_Identifier = rfc5280.AlgorithmIdentifier()
rSAES_OAEP_SHA224_Identifier['algorithm'] = id_RSAES_OAEP
rSAES_OAEP_SHA224_Identifier['parameters'] = rSAES_OAEP_SHA224_Params
rSAES_OAEP_SHA256_Params = RSAES_OAEP_params()
rSAES_OAEP_SHA256_Params['hashFunc'] = sha256Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSAES_OAEP_SHA256_Params['maskGenFunc'] = mgf1SHA256Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSAES_OAEP_SHA256_Identifier = rfc5280.AlgorithmIdentifier()
rSAES_OAEP_SHA256_Identifier['algorithm'] = id_RSAES_OAEP
rSAES_OAEP_SHA256_Identifier['parameters'] = rSAES_OAEP_SHA256_Params
rSAES_OAEP_SHA384_Params = RSAES_OAEP_params()
rSAES_OAEP_SHA384_Params['hashFunc'] = sha384Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSAES_OAEP_SHA384_Params['maskGenFunc'] = mgf1SHA384Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSAES_OAEP_SHA384_Identifier = rfc5280.AlgorithmIdentifier()
rSAES_OAEP_SHA384_Identifier['algorithm'] = id_RSAES_OAEP
rSAES_OAEP_SHA384_Identifier['parameters'] = rSAES_OAEP_SHA384_Params
rSAES_OAEP_SHA512_Params = RSAES_OAEP_params()
rSAES_OAEP_SHA512_Params['hashFunc'] = sha512Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSAES_OAEP_SHA512_Params['maskGenFunc'] = mgf1SHA512Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSAES_OAEP_SHA512_Identifier = rfc5280.AlgorithmIdentifier()
rSAES_OAEP_SHA512_Identifier['algorithm'] = id_RSAES_OAEP
rSAES_OAEP_SHA512_Identifier['parameters'] = rSAES_OAEP_SHA512_Params
class RSASSA_PSS_params(univ.Sequence):
pass
RSASSA_PSS_params.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('maskGenAlgorithm', rfc5280.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.DefaultedNamedType('saltLength', univ.Integer(value=20).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.DefaultedNamedType('trailerField', univ.Integer(value=1).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
rSASSA_PSS_Default_Params = RSASSA_PSS_params()
rSASSA_PSS_Default_Identifier = rfc5280.AlgorithmIdentifier()
rSASSA_PSS_Default_Identifier['algorithm'] = id_RSASSA_PSS
rSASSA_PSS_Default_Identifier['parameters'] = rSASSA_PSS_Default_Params
rSASSA_PSS_SHA224_Params = RSASSA_PSS_params()
rSASSA_PSS_SHA224_Params['hashAlgorithm'] = sha224Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSASSA_PSS_SHA224_Params['maskGenAlgorithm'] = mgf1SHA224Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSASSA_PSS_SHA224_Identifier = rfc5280.AlgorithmIdentifier()
rSASSA_PSS_SHA224_Identifier['algorithm'] = id_RSASSA_PSS
rSASSA_PSS_SHA224_Identifier['parameters'] = rSASSA_PSS_SHA224_Params
rSASSA_PSS_SHA256_Params = RSASSA_PSS_params()
rSASSA_PSS_SHA256_Params['hashAlgorithm'] = sha256Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSASSA_PSS_SHA256_Params['maskGenAlgorithm'] = mgf1SHA256Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSASSA_PSS_SHA256_Identifier = rfc5280.AlgorithmIdentifier()
rSASSA_PSS_SHA256_Identifier['algorithm'] = id_RSASSA_PSS
rSASSA_PSS_SHA256_Identifier['parameters'] = rSASSA_PSS_SHA256_Params
rSASSA_PSS_SHA384_Params = RSASSA_PSS_params()
rSASSA_PSS_SHA384_Params['hashAlgorithm'] = sha384Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSASSA_PSS_SHA384_Params['maskGenAlgorithm'] = mgf1SHA384Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSASSA_PSS_SHA384_Identifier = rfc5280.AlgorithmIdentifier()
rSASSA_PSS_SHA384_Identifier['algorithm'] = id_RSASSA_PSS
rSASSA_PSS_SHA384_Identifier['parameters'] = rSASSA_PSS_SHA384_Params
rSASSA_PSS_SHA512_Params = RSASSA_PSS_params()
rSASSA_PSS_SHA512_Params['hashAlgorithm'] = sha512Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True)
rSASSA_PSS_SHA512_Params['maskGenAlgorithm'] = mgf1SHA512Identifier.subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True)
rSASSA_PSS_SHA512_Identifier = rfc5280.AlgorithmIdentifier()
rSASSA_PSS_SHA512_Identifier['algorithm'] = id_RSASSA_PSS
rSASSA_PSS_SHA512_Identifier['parameters'] = rSASSA_PSS_SHA512_Params
# Update the Algorithm Identifier map
_algorithmIdentifierMapUpdate = {
id_sha1: univ.Null(),
id_sha224: univ.Null(),
id_sha256: univ.Null(),
id_sha384: univ.Null(),
id_sha512: univ.Null(),
id_mgf1: rfc5280.AlgorithmIdentifier(),
id_pSpecified: univ.OctetString(),
id_RSAES_OAEP: RSAES_OAEP_params(),
id_RSASSA_PSS: RSASSA_PSS_params(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

59
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4073.py Normal file
View File

@@ -0,0 +1,59 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with some assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add a map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Protecting Multiple Contents with the CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4073.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5652
MAX = float('inf')
# Content Collection Content Type and Object Identifier
id_ct_contentCollection = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.19')
class ContentCollection(univ.SequenceOf):
pass
ContentCollection.componentType = rfc5652.ContentInfo()
ContentCollection.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
# Content With Attributes Content Type and Object Identifier
id_ct_contentWithAttrs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.20')
class ContentWithAttributes(univ.Sequence):
pass
ContentWithAttributes.componentType = namedtype.NamedTypes(
namedtype.NamedType('content', rfc5652.ContentInfo()),
namedtype.NamedType('attrs', univ.SequenceOf(
componentType=rfc5652.Attribute()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
# Map of Content Type OIDs to Content Types is added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_contentCollection: ContentCollection(),
id_ct_contentWithAttrs: ContentWithAttributes(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

350
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4108.py Normal file
View File

@@ -0,0 +1,350 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add items from the verified errata.
# Modified by Russ Housley to add maps for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# CMS Firmware Wrapper
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4108.txt
# https://www.rfc-editor.org/errata_search.php?rfc=4108
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
MAX = float('inf')
class HardwareSerialEntry(univ.Choice):
pass
HardwareSerialEntry.componentType = namedtype.NamedTypes(
namedtype.NamedType('all', univ.Null()),
namedtype.NamedType('single', univ.OctetString()),
namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes(
namedtype.NamedType('low', univ.OctetString()),
namedtype.NamedType('high', univ.OctetString())
))
)
)
class HardwareModules(univ.Sequence):
pass
HardwareModules.componentType = namedtype.NamedTypes(
namedtype.NamedType('hwType', univ.ObjectIdentifier()),
namedtype.NamedType('hwSerialEntries', univ.SequenceOf(componentType=HardwareSerialEntry()))
)
class CommunityIdentifier(univ.Choice):
pass
CommunityIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('communityOID', univ.ObjectIdentifier()),
namedtype.NamedType('hwModuleList', HardwareModules())
)
class PreferredPackageIdentifier(univ.Sequence):
pass
PreferredPackageIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('fwPkgID', univ.ObjectIdentifier()),
namedtype.NamedType('verNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX)))
)
class PreferredOrLegacyPackageIdentifier(univ.Choice):
pass
PreferredOrLegacyPackageIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('preferred', PreferredPackageIdentifier()),
namedtype.NamedType('legacy', univ.OctetString())
)
class CurrentFWConfig(univ.Sequence):
pass
CurrentFWConfig.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('fwPkgType', univ.Integer()),
namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier())
)
class PreferredOrLegacyStalePackageIdentifier(univ.Choice):
pass
PreferredOrLegacyStalePackageIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('preferredStaleVerNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.NamedType('legacyStaleVersion', univ.OctetString())
)
class FirmwarePackageLoadErrorCode(univ.Enumerated):
pass
FirmwarePackageLoadErrorCode.namedValues = namedval.NamedValues(
('decodeFailure', 1),
('badContentInfo', 2),
('badSignedData', 3),
('badEncapContent', 4),
('badCertificate', 5),
('badSignerInfo', 6),
('badSignedAttrs', 7),
('badUnsignedAttrs', 8),
('missingContent', 9),
('noTrustAnchor', 10),
('notAuthorized', 11),
('badDigestAlgorithm', 12),
('badSignatureAlgorithm', 13),
('unsupportedKeySize', 14),
('signatureFailure', 15),
('contentTypeMismatch', 16),
('badEncryptedData', 17),
('unprotectedAttrsPresent', 18),
('badEncryptContent', 19),
('badEncryptAlgorithm', 20),
('missingCiphertext', 21),
('noDecryptKey', 22),
('decryptFailure', 23),
('badCompressAlgorithm', 24),
('missingCompressedContent', 25),
('decompressFailure', 26),
('wrongHardware', 27),
('stalePackage', 28),
('notInCommunity', 29),
('unsupportedPackageType', 30),
('missingDependency', 31),
('wrongDependencyVersion', 32),
('insufficientMemory', 33),
('badFirmware', 34),
('unsupportedParameters', 35),
('breaksDependency', 36),
('otherError', 99)
)
class VendorLoadErrorCode(univ.Integer):
pass
# Wrapped Firmware Key Unsigned Attribute and Object Identifier
id_aa_wrappedFirmwareKey = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.39')
class WrappedFirmwareKey(rfc5652.EnvelopedData):
pass
# Firmware Package Information Signed Attribute and Object Identifier
id_aa_firmwarePackageInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.42')
class FirmwarePackageInfo(univ.Sequence):
pass
FirmwarePackageInfo.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('fwPkgType', univ.Integer()),
namedtype.OptionalNamedType('dependencies', univ.SequenceOf([AWS-SECRET-REMOVED]entifier()))
)
FirmwarePackageInfo.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2)
# Community Identifiers Signed Attribute and Object Identifier
id_aa_communityIdentifiers = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.40')
class CommunityIdentifiers(univ.SequenceOf):
pass
CommunityIdentifiers.componentType = CommunityIdentifier()
# Implemented Compression Algorithms Signed Attribute and Object Identifier
id_aa_implCompressAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.43')
class ImplementedCompressAlgorithms(univ.SequenceOf):
pass
ImplementedCompressAlgorithms.componentType = univ.ObjectIdentifier()
# Implemented Cryptographic Algorithms Signed Attribute and Object Identifier
id_aa_implCryptoAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.38')
class ImplementedCryptoAlgorithms(univ.SequenceOf):
pass
ImplementedCryptoAlgorithms.componentType = univ.ObjectIdentifier()
# Decrypt Key Identifier Signed Attribute and Object Identifier
id_aa_decryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.37')
class DecryptKeyIdentifier(univ.OctetString):
pass
# Target Hardware Identifier Signed Attribute and Object Identifier
id_aa_targetHardwareIDs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.36')
class TargetHardwareIdentifiers(univ.SequenceOf):
pass
TargetHardwareIdentifiers.componentType = univ.ObjectIdentifier()
# Firmware Package Identifier Signed Attribute and Object Identifier
id_aa_firmwarePackageID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.35')
class FirmwarePackageIdentifier(univ.Sequence):
pass
FirmwarePackageIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('name', PreferredOrLegacyPackageIdentifier()),
namedtype.OptionalNamedType('stale', PreferredOrLegacyStalePackageIdentifier())
)
# Firmware Package Message Digest Signed Attribute and Object Identifier
id_aa_fwPkgMessageDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.41')
class FirmwarePackageMessageDigest(univ.Sequence):
pass
FirmwarePackageMessageDigest.componentType = namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('msgDigest', univ.OctetString())
)
# Firmware Package Load Error Report Content Type and Object Identifier
class FWErrorVersion(univ.Integer):
pass
FWErrorVersion.namedValues = namedval.NamedValues(
('v1', 1)
)
id_ct_firmwareLoadError = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.18')
class FirmwarePackageLoadError(univ.Sequence):
pass
FirmwarePackageLoadError.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', FWErrorVersion().subtype(value='v1')),
namedtype.NamedType('hwType', univ.ObjectIdentifier()),
namedtype.NamedType('hwSerialNum', univ.OctetString()),
namedtype.NamedType('errorCode', FirmwarePackageLoadErrorCode()),
namedtype.OptionalNamedType('vendorErrorCode', VendorLoadErrorCode()),
namedtype.OptionalNamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()),
namedtype.OptionalNamedType('config', univ.SequenceOf(componentType=CurrentFWConfig()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
# Firmware Package Load Receipt Content Type and Object Identifier
class FWReceiptVersion(univ.Integer):
pass
FWReceiptVersion.namedValues = namedval.NamedValues(
('v1', 1)
)
id_ct_firmwareLoadReceipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.17')
class FirmwarePackageLoadReceipt(univ.Sequence):
pass
FirmwarePackageLoadReceipt.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', FWReceiptVersion().subtype(value='v1')),
namedtype.NamedType('hwType', univ.ObjectIdentifier()),
namedtype.NamedType('hwSerialNum', univ.OctetString()),
namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()),
namedtype.OptionalNamedType('trustAnchorKeyID', univ.OctetString()),
namedtype.OptionalNamedType('decryptKeyID', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
# Firmware Package Content Type and Object Identifier
id_ct_firmwarePackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.16')
class FirmwarePkgData(univ.OctetString):
pass
# Other Name syntax for Hardware Module Name
id_on_hardwareModuleName = univ.ObjectIdentifier('1.3.6.1.5.5.7.8.4')
class HardwareModuleName(univ.Sequence):
pass
HardwareModuleName.componentType = namedtype.NamedTypes(
namedtype.NamedType('hwType', univ.ObjectIdentifier()),
namedtype.NamedType('hwSerialNum', univ.OctetString())
)
# Map of Attribute Type OIDs to Attributes is added to the
# ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_wrappedFirmwareKey: WrappedFirmwareKey(),
id_aa_firmwarePackageInfo: FirmwarePackageInfo(),
id_aa_communityIdentifiers: CommunityIdentifiers(),
id_aa_implCompressAlgs: ImplementedCompressAlgorithms(),
id_aa_implCryptoAlgs: ImplementedCryptoAlgorithms(),
id_aa_decryptKeyID: DecryptKeyIdentifier(),
id_aa_targetHardwareIDs: TargetHardwareIdentifiers(),
id_aa_firmwarePackageID: FirmwarePackageIdentifier(),
id_aa_fwPkgMessageDigest: FirmwarePackageMessageDigest(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# Map of Content Type OIDs to Content Types is added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_firmwareLoadError: FirmwarePackageLoadError(),
id_ct_firmwareLoadReceipt: FirmwarePackageLoadReceipt(),
id_ct_firmwarePackage: FirmwarePkgData(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)
# Map of Other Name OIDs to Other Name is added to the
# ones that are in rfc5280.py
_anotherNameMapUpdate = {
id_on_hardwareModuleName: HardwareModuleName(),
}
rfc5280.anotherNameMap.update(_anotherNameMapUpdate)

803
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4210.py Normal file
View File

@@ -0,0 +1,803 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Management Protocol structures as per RFC4210
#
# Based on Alex Railean's work
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc2314
from pyasn1_modules import rfc2459
from pyasn1_modules import rfc2511
MAX = float('inf')
class KeyIdentifier(univ.OctetString):
pass
class CMPCertificate(rfc2459.Certificate):
pass
class OOBCert(CMPCertificate):
pass
class CertAnnContent(CMPCertificate):
pass
class PKIFreeText(univ.SequenceOf):
"""
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
"""
componentType = char.UTF8String()
sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
class PollRepContent(univ.SequenceOf):
"""
PollRepContent ::= SEQUENCE OF SEQUENCE {
certReqId INTEGER,
checkAfter INTEGER, -- time in seconds
reason PKIFreeText OPTIONAL
}
"""
class CertReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('checkAfter', univ.Integer()),
namedtype.OptionalNamedType('reason', PKIFreeText())
)
componentType = CertReq()
class PollReqContent(univ.SequenceOf):
"""
PollReqContent ::= SEQUENCE OF SEQUENCE {
certReqId INTEGER
}
"""
class CertReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer())
)
componentType = CertReq()
class InfoTypeAndValue(univ.Sequence):
"""
InfoTypeAndValue ::= SEQUENCE {
infoType OBJECT IDENTIFIER,
infoValue ANY DEFINED BY infoType OPTIONAL
}"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('infoType', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('infoValue', univ.Any())
)
class GenRepContent(univ.SequenceOf):
componentType = InfoTypeAndValue()
class GenMsgContent(univ.SequenceOf):
componentType = InfoTypeAndValue()
class PKIConfirmContent(univ.Null):
pass
class CRLAnnContent(univ.SequenceOf):
componentType = rfc2459.CertificateList()
class CAKeyUpdAnnContent(univ.Sequence):
"""
CAKeyUpdAnnContent ::= SEQUENCE {
oldWithNew CMPCertificate,
newWithOld CMPCertificate,
newWithNew CMPCertificate
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('oldWithNew', CMPCertificate()),
namedtype.NamedType('newWithOld', CMPCertificate()),
namedtype.NamedType('newWithNew', CMPCertificate())
)
class RevDetails(univ.Sequence):
"""
RevDetails ::= SEQUENCE {
certDetails CertTemplate,
crlEntryDetails Extensions OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certDetails', rfc2511.CertTemplate()),
namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions())
)
class RevReqContent(univ.SequenceOf):
componentType = RevDetails()
class CertOrEncCert(univ.Choice):
"""
CertOrEncCert ::= CHOICE {
certificate [0] CMPCertificate,
encryptedCert [1] EncryptedValue
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', CMPCertificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class CertifiedKeyPair(univ.Sequence):
"""
CertifiedKeyPair ::= SEQUENCE {
certOrEncCert CertOrEncCert,
privateKey [0] EncryptedValue OPTIONAL,
publicationInfo [1] PKIPublicationInfo OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certOrEncCert', CertOrEncCert()),
namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class POPODecKeyRespContent(univ.SequenceOf):
componentType = univ.Integer()
class Challenge(univ.Sequence):
"""
Challenge ::= SEQUENCE {
owf AlgorithmIdentifier OPTIONAL,
witness OCTET STRING,
challenge OCTET STRING
}
"""
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('owf', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString()),
namedtype.NamedType('challenge', univ.OctetString())
)
class PKIStatus(univ.Integer):
"""
PKIStatus ::= INTEGER {
accepted (0),
grantedWithMods (1),
rejection (2),
waiting (3),
revocationWarning (4),
revocationNotification (5),
keyUpdateWarning (6)
}
"""
namedValues = namedval.NamedValues(
('accepted', 0),
('grantedWithMods', 1),
('rejection', 2),
('waiting', 3),
('revocationWarning', 4),
('revocationNotification', 5),
('keyUpdateWarning', 6)
)
class PKIFailureInfo(univ.BitString):
"""
PKIFailureInfo ::= BIT STRING {
badAlg (0),
badMessageCheck (1),
badRequest (2),
badTime (3),
badCertId (4),
badDataFormat (5),
wrongAuthority (6),
incorrectData (7),
missingTimeStamp (8),
badPOP (9),
certRevoked (10),
certConfirmed (11),
wrongIntegrity (12),
badRecipientNonce (13),
timeNotAvailable (14),
unacceptedPolicy (15),
unacceptedExtension (16),
addInfoNotAvailable (17),
badSenderNonce (18),
badCertTemplate (19),
signerNotTrusted (20),
transactionIdInUse (21),
unsupportedVersion (22),
notAuthorized (23),
systemUnavail (24),
systemFailure (25),
duplicateCertReq (26)
"""
namedValues = namedval.NamedValues(
('badAlg', 0),
('badMessageCheck', 1),
('badRequest', 2),
('badTime', 3),
('badCertId', 4),
('badDataFormat', 5),
('wrongAuthority', 6),
('incorrectData', 7),
('missingTimeStamp', 8),
('badPOP', 9),
('certRevoked', 10),
('certConfirmed', 11),
('wrongIntegrity', 12),
('badRecipientNonce', 13),
('timeNotAvailable', 14),
('unacceptedPolicy', 15),
('unacceptedExtension', 16),
('addInfoNotAvailable', 17),
('badSenderNonce', 18),
('badCertTemplate', 19),
('signerNotTrusted', 20),
('transactionIdInUse', 21),
('unsupportedVersion', 22),
('notAuthorized', 23),
('systemUnavail', 24),
('systemFailure', 25),
('duplicateCertReq', 26)
)
class PKIStatusInfo(univ.Sequence):
"""
PKIStatusInfo ::= SEQUENCE {
status PKIStatus,
statusString PKIFreeText OPTIONAL,
failInfo PKIFailureInfo OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatus()),
namedtype.OptionalNamedType('statusString', PKIFreeText()),
namedtype.OptionalNamedType('failInfo', PKIFailureInfo())
)
class ErrorMsgContent(univ.Sequence):
"""
ErrorMsgContent ::= SEQUENCE {
pKIStatusInfo PKIStatusInfo,
errorCode INTEGER OPTIONAL,
-- implementation-specific error codes
errorDetails PKIFreeText OPTIONAL
-- implementation-specific error details
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('pKIStatusInfo', PKIStatusInfo()),
namedtype.OptionalNamedType('errorCode', univ.Integer()),
namedtype.OptionalNamedType('errorDetails', PKIFreeText())
)
class CertStatus(univ.Sequence):
"""
CertStatus ::= SEQUENCE {
certHash OCTET STRING,
certReqId INTEGER,
statusInfo PKIStatusInfo OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certHash', univ.OctetString()),
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.OptionalNamedType('statusInfo', PKIStatusInfo())
)
class CertConfirmContent(univ.SequenceOf):
componentType = CertStatus()
class RevAnnContent(univ.Sequence):
"""
RevAnnContent ::= SEQUENCE {
status PKIStatus,
certId CertId,
willBeRevokedAt GeneralizedTime,
badSinceDate GeneralizedTime,
crlDetails Extensions OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatus()),
namedtype.NamedType('certId', rfc2511.CertId()),
namedtype.NamedType('willBeRevokedAt', useful.GeneralizedTime()),
namedtype.NamedType('badSinceDate', useful.GeneralizedTime()),
namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions())
)
class RevRepContent(univ.Sequence):
"""
RevRepContent ::= SEQUENCE {
status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId
OPTIONAL,
crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList
OPTIONAL
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'status', univ.SequenceOf(
componentType=PKIStatusInfo(),
sizeSpec=constraint.ValueSizeConstraint(1, MAX)
)
),
namedtype.OptionalNamedType(
'revCerts', univ.SequenceOf(componentType=rfc2511.CertId()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.OptionalNamedType(
'crls', univ.SequenceOf(componentType=rfc2459.CertificateList()).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
)
)
class KeyRecRepContent(univ.Sequence):
"""
KeyRecRepContent ::= SEQUENCE {
status PKIStatusInfo,
newSigCert [0] CMPCertificate OPTIONAL,
caCerts [1] SEQUENCE SIZE (1..MAX) OF
CMPCertificate OPTIONAL,
keyPairHist [2] SEQUENCE SIZE (1..MAX) OF
CertifiedKeyPair OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('status', PKIStatusInfo()),
namedtype.OptionalNamedType(
'newSigCert', CMPCertificate().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.OptionalNamedType(
'caCerts', univ.SequenceOf(componentType=CMPCertificate()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1),
sizeSpec=constraint.ValueSizeConstraint(1, MAX)
)
),
namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf(componentType=CertifiedKeyPair()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2),
sizeSpec=constraint.ValueSizeConstraint(1, MAX))
)
)
class CertResponse(univ.Sequence):
"""
CertResponse ::= SEQUENCE {
certReqId INTEGER,
status PKIStatusInfo,
certifiedKeyPair CertifiedKeyPair OPTIONAL,
rspInfo OCTET STRING OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('status', PKIStatusInfo()),
namedtype.OptionalNamedType('certifiedKeyPair', CertifiedKeyPair()),
namedtype.OptionalNamedType('rspInfo', univ.OctetString())
)
class CertRepMessage(univ.Sequence):
"""
CertRepMessage ::= SEQUENCE {
caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
OPTIONAL,
response SEQUENCE OF CertResponse
}
"""
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType(
'caPubs', univ.SequenceOf(
componentType=CMPCertificate()
).subtype(sizeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))
),
namedtype.NamedType('response', univ.SequenceOf(componentType=CertResponse()))
)
class POPODecKeyChallContent(univ.SequenceOf):
componentType = Challenge()
class OOBCertHash(univ.Sequence):
"""
OOBCertHash ::= SEQUENCE {
hashAlg [0] AlgorithmIdentifier OPTIONAL,
certId [1] CertId OPTIONAL,
hashVal BIT STRING
}
"""
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType(
'hashAlg', rfc2459.AlgorithmIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
),
namedtype.OptionalNamedType(
'certId', rfc2511.CertId().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))
),
namedtype.NamedType('hashVal', univ.BitString())
)
# pyasn1 does not naturally handle recursive definitions, thus this hack:
# NestedMessageContent ::= PKIMessages
class NestedMessageContent(univ.SequenceOf):
"""
NestedMessageContent ::= PKIMessages
"""
componentType = univ.Any()
class DHBMParameter(univ.Sequence):
"""
DHBMParameter ::= SEQUENCE {
owf AlgorithmIdentifier,
-- AlgId for a One-Way Function (SHA-1 recommended)
mac AlgorithmIdentifier
-- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
} -- or HMAC [RFC2104, RFC2202])
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier())
)
id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30')
class PBMParameter(univ.Sequence):
"""
PBMParameter ::= SEQUENCE {
salt OCTET STRING,
owf AlgorithmIdentifier,
iterationCount INTEGER,
mac AlgorithmIdentifier
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'salt', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 128))
),
namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()),
namedtype.NamedType('iterationCount', univ.Integer()),
namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier())
)
id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13')
class PKIProtection(univ.BitString):
pass
# pyasn1 does not naturally handle recursive definitions, thus this hack:
# NestedMessageContent ::= PKIMessages
nestedMessageContent = NestedMessageContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 20))
class PKIBody(univ.Choice):
"""
PKIBody ::= CHOICE { -- message-specific body elements
ir [0] CertReqMessages, --Initialization Request
ip [1] CertRepMessage, --Initialization Response
cr [2] CertReqMessages, --Certification Request
cp [3] CertRepMessage, --Certification Response
p10cr [4] CertificationRequest, --imported from [PKCS10]
popdecc [5] POPODecKeyChallContent, --pop Challenge
popdecr [6] POPODecKeyRespContent, --pop Response
kur [7] CertReqMessages, --Key Update Request
kup [8] CertRepMessage, --Key Update Response
krr [9] CertReqMessages, --Key Recovery Request
krp [10] KeyRecRepContent, --Key Recovery Response
rr [11] RevReqContent, --Revocation Request
rp [12] RevRepContent, --Revocation Response
ccr [13] CertReqMessages, --Cross-Cert. Request
ccp [14] CertRepMessage, --Cross-Cert. Response
ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann.
cann [16] CertAnnContent, --Certificate Ann.
rann [17] RevAnnContent, --Revocation Ann.
crlann [18] CRLAnnContent, --CRL Announcement
pkiconf [19] PKIConfirmContent, --Confirmation
nested [20] NestedMessageContent, --Nested Message
genm [21] GenMsgContent, --General Message
genp [22] GenRepContent, --General Response
error [23] ErrorMsgContent, --Error Message
certConf [24] CertConfirmContent, --Certificate confirm
pollReq [25] PollReqContent, --Polling request
pollRep [26] PollRepContent --Polling response
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'ir', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
)
),
namedtype.NamedType(
'ip', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
),
namedtype.NamedType(
'cr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)
)
),
namedtype.NamedType(
'cp', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)
)
),
namedtype.NamedType(
'p10cr', rfc2314.CertificationRequest().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)
)
),
namedtype.NamedType(
'popdecc', POPODecKeyChallContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5)
)
),
namedtype.NamedType(
'popdecr', POPODecKeyRespContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6)
)
),
namedtype.NamedType(
'kur', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)
)
),
namedtype.NamedType(
'kup', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8)
)
),
namedtype.NamedType(
'krr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)
)
),
namedtype.NamedType(
'krp', KeyRecRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10)
)
),
namedtype.NamedType(
'rr', RevReqContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11)
)
),
namedtype.NamedType(
'rp', RevRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12)
)
),
namedtype.NamedType(
'ccr', rfc2511.CertReqMessages().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13)
)
),
namedtype.NamedType(
'ccp', CertRepMessage().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14)
)
),
namedtype.NamedType(
'ckuann', CAKeyUpdAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15)
)
),
namedtype.NamedType(
'cann', CertAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16)
)
),
namedtype.NamedType(
'rann', RevAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17)
)
),
namedtype.NamedType(
'crlann', CRLAnnContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18)
)
),
namedtype.NamedType(
'pkiconf', PKIConfirmContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19)
)
),
namedtype.NamedType(
'nested', nestedMessageContent
),
# namedtype.NamedType('nested', NestedMessageContent().subtype(
# explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20)
# )
# ),
namedtype.NamedType(
'genm', GenMsgContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21)
)
),
namedtype.NamedType(
'gen', GenRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22)
)
),
namedtype.NamedType(
'error', ErrorMsgContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23)
)
),
namedtype.NamedType(
'certConf', CertConfirmContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24)
)
),
namedtype.NamedType(
'pollReq', PollReqContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25)
)
),
namedtype.NamedType(
'pollRep', PollRepContent().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26)
)
)
)
class PKIHeader(univ.Sequence):
"""
PKIHeader ::= SEQUENCE {
pvno INTEGER { cmp1999(1), cmp2000(2) },
sender GeneralName,
recipient GeneralName,
messageTime [0] GeneralizedTime OPTIONAL,
protectionAlg [1] AlgorithmIdentifier OPTIONAL,
senderKID [2] KeyIdentifier OPTIONAL,
recipKID [3] KeyIdentifier OPTIONAL,
transactionID [4] OCTET STRING OPTIONAL,
senderNonce [5] OCTET STRING OPTIONAL,
recipNonce [6] OCTET STRING OPTIONAL,
freeText [7] PKIFreeText OPTIONAL,
generalInfo [8] SEQUENCE SIZE (1..MAX) OF
InfoTypeAndValue OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'pvno', univ.Integer(
namedValues=namedval.NamedValues(('cmp1999', 1), ('cmp2000', 2))
)
),
namedtype.NamedType('sender', rfc2459.GeneralName()),
namedtype.NamedType('recipient', rfc2459.GeneralName()),
namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
namedtype.OptionalNamedType('freeText', PKIFreeText().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))),
namedtype.OptionalNamedType('generalInfo',
univ.SequenceOf(
componentType=InfoTypeAndValue().subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX)
)
).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))
)
)
class ProtectedPart(univ.Sequence):
"""
ProtectedPart ::= SEQUENCE {
header PKIHeader,
body PKIBody
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('header', PKIHeader()),
namedtype.NamedType('infoValue', PKIBody())
)
class PKIMessage(univ.Sequence):
"""
PKIMessage ::= SEQUENCE {
header PKIHeader,
body PKIBody,
protection [0] PKIProtection OPTIONAL,
extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
OPTIONAL
}"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('header', PKIHeader()),
namedtype.NamedType('body', PKIBody()),
namedtype.OptionalNamedType('protection', PKIProtection().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('extraCerts',
univ.SequenceOf(
componentType=CMPCertificate()
).subtype(
sizeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
)
)
)
class PKIMessages(univ.SequenceOf):
"""
PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage
"""
componentType = PKIMessage()
sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
# pyasn1 does not naturally handle recursive definitions, thus this hack:
# NestedMessageContent ::= PKIMessages
NestedMessageContent._componentType = PKIMessages()
nestedMessageContent._componentType = PKIMessages()

396
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4211.py Normal file
View File

@@ -0,0 +1,396 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# Internet X.509 Public Key Infrastructure Certificate Request
# Message Format (CRMF)
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc4211.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc3280
from pyasn1_modules import rfc3852
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7)
id_pkip = _buildOid(id_pkix, 5)
id_regCtrl = _buildOid(id_pkip, 1)
class SinglePubInfo(univ.Sequence):
pass
SinglePubInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('pubMethod', univ.Integer(
namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))),
namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName())
)
class UTF8Pairs(char.UTF8String):
pass
class PKMACValue(univ.Sequence):
pass
PKMACValue.componentType = namedtype.NamedTypes(
namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('value', univ.BitString())
)
class POPOSigningKeyInput(univ.Sequence):
pass
POPOSigningKeyInput.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'authInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType(
'sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))
),
namedtype.NamedType(
'publicKeyMAC', PKMACValue()
)
)
)
),
namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo())
)
class POPOSigningKey(univ.Sequence):
pass
POPOSigningKey.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class Attributes(univ.SetOf):
pass
Attributes.componentType = rfc3280.Attribute()
class PrivateKeyInfo(univ.Sequence):
pass
PrivateKeyInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer()),
namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('privateKey', univ.OctetString()),
namedtype.OptionalNamedType('attributes',
Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class EncryptedValue(univ.Sequence):
pass
EncryptedValue.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.NamedType('encValue', univ.BitString())
)
class EncryptedKey(univ.Choice):
pass
EncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedValue', EncryptedValue()),
namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class KeyGenParameters(univ.OctetString):
pass
class PKIArchiveOptions(univ.Choice):
pass
PKIArchiveOptions.componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedPrivKey',
EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('keyGenParameters',
KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('archiveRemGenPrivKey',
univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
id_regCtrl_authenticator = _buildOid(id_regCtrl, 2)
id_regInfo = _buildOid(id_pkip, 2)
id_regInfo_certReq = _buildOid(id_regInfo, 2)
class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo):
pass
class Authenticator(char.UTF8String):
pass
class SubsequentMessage(univ.Integer):
pass
SubsequentMessage.namedValues = namedval.NamedValues(
('encrCert', 0),
('challengeResp', 1)
)
class AttributeTypeAndValue(univ.Sequence):
pass
AttributeTypeAndValue.componentType = namedtype.NamedTypes(
namedtype.NamedType('type', univ.ObjectIdentifier()),
namedtype.NamedType('value', univ.Any())
)
class POPOPrivKey(univ.Choice):
pass
POPOPrivKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('thisMessage',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subsequentMessage',
SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('dhMAC',
univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('agreeMAC',
PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class ProofOfPossession(univ.Choice):
pass
ProofOfPossession.componentType = namedtype.NamedTypes(
namedtype.NamedType('raVerified',
univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signature', POPOSigningKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('keyEncipherment',
POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('keyAgreement',
POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class OptionalValidity(univ.Sequence):
pass
OptionalValidity.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class CertTemplate(univ.Sequence):
pass
CertTemplate.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('version', rfc3280.Version().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.OptionalNamedType('validity', OptionalValidity().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
namedtype.OptionalNamedType('subject', rfc3280.Name().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9)))
)
class Controls(univ.SequenceOf):
pass
Controls.componentType = AttributeTypeAndValue()
Controls.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class CertRequest(univ.Sequence):
pass
CertRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('certTemplate', CertTemplate()),
namedtype.OptionalNamedType('controls', Controls())
)
class CertReqMsg(univ.Sequence):
pass
CertReqMsg.componentType = namedtype.NamedTypes(
namedtype.NamedType('certReq', CertRequest()),
namedtype.OptionalNamedType('popo', ProofOfPossession()),
namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()))
)
class CertReqMessages(univ.SequenceOf):
pass
CertReqMessages.componentType = CertReqMsg()
CertReqMessages.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class CertReq(CertRequest):
pass
id_regCtrl_pkiPublicationInfo = _buildOid(id_regCtrl, 3)
class CertId(univ.Sequence):
pass
CertId.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.GeneralName()),
namedtype.NamedType('serialNumber', univ.Integer())
)
class OldCertId(CertId):
pass
class PKIPublicationInfo(univ.Sequence):
pass
PKIPublicationInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('action',
univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()))
)
class EncKeyWithID(univ.Sequence):
pass
EncKeyWithID.componentType = namedtype.NamedTypes(
namedtype.NamedType('privateKey', PrivateKeyInfo()),
namedtype.OptionalNamedType(
'identifier', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('string', char.UTF8String()),
namedtype.NamedType('generalName', rfc3280.GeneralName())
)
)
)
)
id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6)
id_regCtrl_oldCertID = _buildOid(id_regCtrl, 5)
id_smime = _buildOid(1, 2, 840, 113549, 1, 9, 16)
class PBMParameter(univ.Sequence):
pass
PBMParameter.componentType = namedtype.NamedTypes(
namedtype.NamedType('salt', univ.OctetString()),
namedtype.NamedType('owf', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('iterationCount', univ.Integer()),
namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier())
)
id_regCtrl_regToken = _buildOid(id_regCtrl, 1)
id_regCtrl_pkiArchiveOptions = _buildOid(id_regCtrl, 4)
id_regInfo_utf8Pairs = _buildOid(id_regInfo, 1)
id_ct = _buildOid(id_smime, 1)
id_ct_encKeyWithID = _buildOid(id_ct, 21)
class RegToken(char.UTF8String):
pass

75
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4334.py Normal file
View File

@@ -0,0 +1,75 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Extensions and Attributes Supporting Authentication
# in PPP and Wireless LAN Networks
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4334.txt
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
# OID Arcs
id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1')
id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3')
id_aca = univ.ObjectIdentifier('1.3.6.1.5.5.7.10')
# Extended Key Usage Values
id_kp_eapOverPPP = id_kp + (13, )
id_kp_eapOverLAN = id_kp + (14, )
# Wireless LAN SSID Extension
id_pe_wlanSSID = id_pe + (13, )
class SSID(univ.OctetString):
constraint.ValueSizeConstraint(1, 32)
class SSIDList(univ.SequenceOf):
componentType = SSID()
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
# Wireless LAN SSID Attribute Certificate Attribute
id_aca_wlanSSID = id_aca + (7, )
# Map of Certificate Extension OIDs to Extensions
# To be added to the ones that are in rfc5280.py
_certificateExtensionsMap = {
id_pe_wlanSSID: SSIDList(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap)
# Map of AttributeType OIDs to AttributeValue added to the
# ones that are in rfc5280.py
_certificateAttributesMapUpdate = {
id_aca_wlanSSID: SSIDList(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)

477
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4357.py Normal file
View File

@@ -0,0 +1,477 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Additional Cryptographic Algorithms for Use with GOST 28147-89,
# GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 Algorithms
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4357.txt
# https://www.rfc-editor.org/errata/eid5927
# https://www.rfc-editor.org/errata/eid5928
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
# Import from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
# Object Identifiers
id_CryptoPro = univ.ObjectIdentifier((1, 2, 643, 2, 2,))
id_CryptoPro_modules = id_CryptoPro + (1, 1,)
id_CryptoPro_extensions = id_CryptoPro + (34,)
id_CryptoPro_policyIds = id_CryptoPro + (38,)
id_CryptoPro_policyQt = id_CryptoPro + (39,)
cryptographic_Gost_Useful_Definitions = id_CryptoPro_modules + (0, 1,)
gostR3411_94_DigestSyntax = id_CryptoPro_modules + (1, 1,)
gostR3410_94_PKISyntax = id_CryptoPro_modules + (2, 1,)
gostR3410_94_SignatureSyntax = id_CryptoPro_modules + (3, 1,)
gost28147_89_EncryptionSyntax = id_CryptoPro_modules + (4, 1,)
gostR3410_EncryptionSyntax = id_CryptoPro_modules + (5, 2,)
gost28147_89_ParamSetSyntax = id_CryptoPro_modules + (6, 1,)
gostR3411_94_ParamSetSyntax = id_CryptoPro_modules + (7, 1,)
gostR3410_94_ParamSetSyntax = id_CryptoPro_modules + (8, 1, 1)
gostR3410_2001_PKISyntax = id_CryptoPro_modules + (9, 1,)
gostR3410_2001_SignatureSyntax = id_CryptoPro_modules + (10, 1,)
gostR3410_2001_ParamSetSyntax = id_CryptoPro_modules + (12, 1,)
gost_CryptoPro_ExtendedKeyUsage = id_CryptoPro_modules + (13, 1,)
gost_CryptoPro_PrivateKey = id_CryptoPro_modules + (14, 1,)
gost_CryptoPro_PKIXCMP = id_CryptoPro_modules + (15, 1,)
gost_CryptoPro_TLS = id_CryptoPro_modules + (16, 1,)
gost_CryptoPro_Policy = id_CryptoPro_modules + (17, 1,)
gost_CryptoPro_Constants = id_CryptoPro_modules + (18, 1,)
id_CryptoPro_algorithms = id_CryptoPro
id_GostR3411_94_with_GostR3410_2001 = id_CryptoPro_algorithms + (3,)
id_GostR3411_94_with_GostR3410_94 = id_CryptoPro_algorithms + (4,)
id_GostR3411_94 = id_CryptoPro_algorithms + (9,)
id_Gost28147_89_None_KeyMeshing = id_CryptoPro_algorithms + (14, 0,)
id_Gost28147_89_CryptoPro_KeyMeshing = id_CryptoPro_algorithms + (14, 1,)
id_GostR3410_2001 = id_CryptoPro_algorithms + (19,)
id_GostR3410_94 = id_CryptoPro_algorithms + (20,)
id_Gost28147_89 = id_CryptoPro_algorithms + (21,)
id_Gost28147_89_MAC = id_CryptoPro_algorithms + (22,)
id_CryptoPro_hashes = id_CryptoPro_algorithms + (30,)
id_CryptoPro_encrypts = id_CryptoPro_algorithms + (31,)
id_CryptoPro_signs = id_CryptoPro_algorithms + (32,)
id_CryptoPro_exchanges = id_CryptoPro_algorithms + (33,)
id_CryptoPro_ecc_signs = id_CryptoPro_algorithms + (35,)
id_CryptoPro_ecc_exchanges = id_CryptoPro_algorithms + (36,)
id_CryptoPro_private_keys = id_CryptoPro_algorithms + (37,)
id_CryptoPro_pkixcmp_infos = id_CryptoPro_algorithms + (41,)
id_CryptoPro_audit_service_types = id_CryptoPro_algorithms + (42,)
id_CryptoPro_audit_record_types = id_CryptoPro_algorithms + (43,)
id_CryptoPro_attributes = id_CryptoPro_algorithms + (44,)
id_CryptoPro_name_service_types = id_CryptoPro_algorithms + (45,)
id_GostR3410_2001DH = id_CryptoPro_algorithms + (98,)
id_GostR3410_94DH = id_CryptoPro_algorithms + (99,)
id_Gost28147_89_TestParamSet = id_CryptoPro_encrypts + (0,)
id_Gost28147_89_CryptoPro_A_ParamSet = id_CryptoPro_encrypts + (1,)
id_Gost28147_89_CryptoPro_B_ParamSet = id_CryptoPro_encrypts + (2,)
id_Gost28147_89_CryptoPro_C_ParamSet = id_CryptoPro_encrypts + (3,)
id_Gost28147_89_CryptoPro_D_ParamSet = id_CryptoPro_encrypts + (4,)
id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = id_CryptoPro_encrypts + (5,)
id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = id_CryptoPro_encrypts + (6,)
id_Gost28147_89_CryptoPro_RIC_1_ParamSet = id_CryptoPro_encrypts + (7,)
id_GostR3410_2001_TestParamSet = id_CryptoPro_ecc_signs + (0,)
id_GostR3410_2001_CryptoPro_A_ParamSet = id_CryptoPro_ecc_signs + (1,)
id_GostR3410_2001_CryptoPro_B_ParamSet = id_CryptoPro_ecc_signs + (2,)
id_GostR3410_2001_CryptoPro_C_ParamSet = id_CryptoPro_ecc_signs + (3,)
id_GostR3410_2001_CryptoPro_XchA_ParamSet = id_CryptoPro_ecc_exchanges + (0,)
id_GostR3410_2001_CryptoPro_XchB_ParamSet = id_CryptoPro_ecc_exchanges + (1,)
id_GostR3410_94_TestParamSet = id_CryptoPro_signs + (0,)
id_GostR3410_94_CryptoPro_A_ParamSet = id_CryptoPro_signs + (2,)
id_GostR3410_94_CryptoPro_B_ParamSet = id_CryptoPro_signs + (3,)
id_GostR3410_94_CryptoPro_C_ParamSet = id_CryptoPro_signs + (4,)
id_GostR3410_94_CryptoPro_D_ParamSet = id_CryptoPro_signs + (5,)
id_GostR3410_94_CryptoPro_XchA_ParamSet = id_CryptoPro_exchanges + (1,)
id_GostR3410_94_CryptoPro_XchB_ParamSet = id_CryptoPro_exchanges + (2,)
id_GostR3410_94_CryptoPro_XchC_ParamSet = id_CryptoPro_exchanges + (3,)
id_GostR3410_94_a = id_GostR3410_94 + (1,)
id_GostR3410_94_aBis = id_GostR3410_94 + (2,)
id_GostR3410_94_b = id_GostR3410_94 + (3,)
id_GostR3410_94_bBis = id_GostR3410_94 + (4,)
id_GostR3411_94_TestParamSet = id_CryptoPro_hashes + (0,)
id_GostR3411_94_CryptoProParamSet = id_CryptoPro_hashes + (1,)
class Gost28147_89_ParamSet(univ.ObjectIdentifier):
pass
Gost28147_89_ParamSet.subtypeSpec = constraint.SingleValueConstraint(
id_Gost28147_89_TestParamSet,
id_Gost28147_89_CryptoPro_A_ParamSet,
id_Gost28147_89_CryptoPro_B_ParamSet,
id_Gost28147_89_CryptoPro_C_ParamSet,
id_Gost28147_89_CryptoPro_D_ParamSet,
id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,
id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,
id_Gost28147_89_CryptoPro_RIC_1_ParamSet
)
class Gost28147_89_BlobParameters(univ.Sequence):
pass
Gost28147_89_BlobParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet())
)
class Gost28147_89_MAC(univ.OctetString):
pass
Gost28147_89_MAC.subtypeSpec = constraint.ValueSizeConstraint(1, 4)
class Gost28147_89_Key(univ.OctetString):
pass
Gost28147_89_Key.subtypeSpec = constraint.ValueSizeConstraint(32, 32)
class Gost28147_89_EncryptedKey(univ.Sequence):
pass
Gost28147_89_EncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptedKey', Gost28147_89_Key()),
namedtype.OptionalNamedType('maskKey', Gost28147_89_Key().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('macKey', Gost28147_89_MAC())
)
class Gost28147_89_IV(univ.OctetString):
pass
Gost28147_89_IV.subtypeSpec = constraint.ValueSizeConstraint(8, 8)
class Gost28147_89_UZ(univ.OctetString):
pass
Gost28147_89_UZ.subtypeSpec = constraint.ValueSizeConstraint(64, 64)
class Gost28147_89_ParamSetParameters(univ.Sequence):
pass
Gost28147_89_ParamSetParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('eUZ', Gost28147_89_UZ()),
namedtype.NamedType('mode',
univ.Integer(namedValues=namedval.NamedValues(
('gost28147-89-CNT', 0),
('gost28147-89-CFB', 1),
('cryptoPro-CBC', 2)
))),
namedtype.NamedType('shiftBits',
univ.Integer(namedValues=namedval.NamedValues(
('gost28147-89-block', 64)
))),
namedtype.NamedType('keyMeshing', AlgorithmIdentifier())
)
class Gost28147_89_Parameters(univ.Sequence):
pass
Gost28147_89_Parameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('iv', Gost28147_89_IV()),
namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet())
)
class GostR3410_2001_CertificateSignature(univ.BitString):
pass
GostR3410_2001_CertificateSignature.subtypeSpec=constraint.ValueSizeConstraint(256, 512)
class GostR3410_2001_ParamSetParameters(univ.Sequence):
pass
GostR3410_2001_ParamSetParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('a', univ.Integer()),
namedtype.NamedType('b', univ.Integer()),
namedtype.NamedType('p', univ.Integer()),
namedtype.NamedType('q', univ.Integer()),
namedtype.NamedType('x', univ.Integer()),
namedtype.NamedType('y', univ.Integer())
)
class GostR3410_2001_PublicKey(univ.OctetString):
pass
GostR3410_2001_PublicKey.subtypeSpec = constraint.ValueSizeConstraint(64, 64)
class GostR3410_2001_PublicKeyParameters(univ.Sequence):
pass
GostR3410_2001_PublicKeyParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('publicKeyParamSet', univ.ObjectIdentifier().subtype(
subtypeSpec=constraint.SingleValueConstraint(
id_GostR3410_2001_TestParamSet,
id_GostR3410_2001_CryptoPro_A_ParamSet,
id_GostR3410_2001_CryptoPro_B_ParamSet,
id_GostR3410_2001_CryptoPro_C_ParamSet,
id_GostR3410_2001_CryptoPro_XchA_ParamSet,
id_GostR3410_2001_CryptoPro_XchB_ParamSet
))),
namedtype.NamedType('digestParamSet', univ.ObjectIdentifier().subtype(
subtypeSpec=constraint.SingleValueConstraint(
id_GostR3411_94_TestParamSet,
id_GostR3411_94_CryptoProParamSet
))),
namedtype.DefaultedNamedType('encryptionParamSet',
Gost28147_89_ParamSet().subtype(value=id_Gost28147_89_CryptoPro_A_ParamSet
))
)
class GostR3410_94_CertificateSignature(univ.BitString):
pass
GostR3410_94_CertificateSignature.subtypeSpec = constraint.ValueSizeConstraint(256, 512)
class GostR3410_94_ParamSetParameters_t(univ.Integer):
pass
GostR3410_94_ParamSetParameters_t.subtypeSpec = constraint.SingleValueConstraint(512, 1024)
class GostR3410_94_ParamSetParameters(univ.Sequence):
pass
GostR3410_94_ParamSetParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('t', GostR3410_94_ParamSetParameters_t()),
namedtype.NamedType('p', univ.Integer()),
namedtype.NamedType('q', univ.Integer()),
namedtype.NamedType('a', univ.Integer()),
namedtype.OptionalNamedType('validationAlgorithm', AlgorithmIdentifier())
)
class GostR3410_94_PublicKey(univ.OctetString):
pass
GostR3410_94_PublicKey.subtypeSpec = constraint.ConstraintsUnion(
constraint.ValueSizeConstraint(64, 64),
constraint.ValueSizeConstraint(128, 128)
)
class GostR3410_94_PublicKeyParameters(univ.Sequence):
pass
GostR3410_94_PublicKeyParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('publicKeyParamSet', univ.ObjectIdentifier().subtype(
subtypeSpec=constraint.SingleValueConstraint(
id_GostR3410_94_TestParamSet,
id_GostR3410_94_CryptoPro_A_ParamSet,
id_GostR3410_94_CryptoPro_B_ParamSet,
id_GostR3410_94_CryptoPro_C_ParamSet,
id_GostR3410_94_CryptoPro_D_ParamSet,
id_GostR3410_94_CryptoPro_XchA_ParamSet,
id_GostR3410_94_CryptoPro_XchB_ParamSet,
id_GostR3410_94_CryptoPro_XchC_ParamSet
))),
namedtype.NamedType('digestParamSet', univ.ObjectIdentifier().subtype(
subtypeSpec=constraint.SingleValueConstraint(
id_GostR3411_94_TestParamSet,
id_GostR3411_94_CryptoProParamSet
))),
namedtype.DefaultedNamedType('encryptionParamSet',
Gost28147_89_ParamSet().subtype(value=id_Gost28147_89_CryptoPro_A_ParamSet
))
)
class GostR3410_94_ValidationBisParameters_c(univ.Integer):
pass
GostR3410_94_ValidationBisParameters_c.subtypeSpec = constraint.ValueRangeConstraint(0, 4294967295)
class GostR3410_94_ValidationBisParameters(univ.Sequence):
pass
GostR3410_94_ValidationBisParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('x0', GostR3410_94_ValidationBisParameters_c()),
namedtype.NamedType('c', GostR3410_94_ValidationBisParameters_c()),
namedtype.OptionalNamedType('d', univ.Integer())
)
class GostR3410_94_ValidationParameters_c(univ.Integer):
pass
GostR3410_94_ValidationParameters_c.subtypeSpec = constraint.ValueRangeConstraint(0, 65535)
class GostR3410_94_ValidationParameters(univ.Sequence):
pass
GostR3410_94_ValidationParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('x0', GostR3410_94_ValidationParameters_c()),
namedtype.NamedType('c', GostR3410_94_ValidationParameters_c()),
namedtype.OptionalNamedType('d', univ.Integer())
)
class GostR3411_94_Digest(univ.OctetString):
pass
GostR3411_94_Digest.subtypeSpec = constraint.ValueSizeConstraint(32, 32)
class GostR3411_94_DigestParameters(univ.ObjectIdentifier):
pass
GostR3411_94_DigestParameters.subtypeSpec = constraint.ConstraintsUnion(
constraint.SingleValueConstraint(id_GostR3411_94_TestParamSet),
constraint.SingleValueConstraint(id_GostR3411_94_CryptoProParamSet),
)
class GostR3411_94_ParamSetParameters(univ.Sequence):
pass
GostR3411_94_ParamSetParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('hUZ', Gost28147_89_UZ()),
namedtype.NamedType('h0', GostR3411_94_Digest())
)
# Update the Algorithm Identifier map in rfc5280.py
_algorithmIdentifierMapUpdate = {
id_Gost28147_89: Gost28147_89_Parameters(),
id_Gost28147_89_TestParamSet: Gost28147_89_ParamSetParameters(),
id_Gost28147_89_CryptoPro_A_ParamSet: Gost28147_89_ParamSetParameters(),
id_Gost28147_89_CryptoPro_B_ParamSet: Gost28147_89_ParamSetParameters(),
id_Gost28147_89_CryptoPro_C_ParamSet: Gost28147_89_ParamSetParameters(),
id_Gost28147_89_CryptoPro_D_ParamSet: Gost28147_89_ParamSetParameters(),
id_Gost28147_89_CryptoPro_KeyMeshing: univ.Null(""),
id_Gost28147_89_None_KeyMeshing: univ.Null(""),
id_GostR3410_94: GostR3410_94_PublicKeyParameters(),
id_GostR3410_94_TestParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_A_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_B_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_C_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_D_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_XchA_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_XchB_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_CryptoPro_XchC_ParamSet: GostR3410_94_ParamSetParameters(),
id_GostR3410_94_a: GostR3410_94_ValidationParameters(),
id_GostR3410_94_aBis: GostR3410_94_ValidationBisParameters(),
id_GostR3410_94_b: GostR3410_94_ValidationParameters(),
id_GostR3410_94_bBis: GostR3410_94_ValidationBisParameters(),
id_GostR3410_2001: univ.Null(""),
id_GostR3411_94: univ.Null(""),
id_GostR3411_94_TestParamSet: GostR3411_94_ParamSetParameters(),
id_GostR3411_94_CryptoProParamSet: GostR3411_94_ParamSetParameters(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

23
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4387.py Normal file
View File

@@ -0,0 +1,23 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Store Access via HTTP
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4387.txt
#
from pyasn1.type import univ
id_ad = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, ))
id_ad_http_certs = id_ad + (6, )
id_ad_http_crls = id_ad + (7,)

93
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4476.py Normal file
View File

@@ -0,0 +1,93 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Attribute Certificate Policies Extension
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4476.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
# Imports from RFC 5280
PolicyQualifierId = rfc5280.PolicyQualifierId
PolicyQualifierInfo = rfc5280.PolicyQualifierInfo
UserNotice = rfc5280.UserNotice
id_pkix = rfc5280.id_pkix
# Object Identifiers
id_pe = id_pkix + (1,)
id_pe_acPolicies = id_pe + (15,)
id_qt = id_pkix + (2,)
id_qt_acps = id_qt + (4,)
id_qt_acunotice = id_qt + (5,)
# Attribute Certificate Policies Extension
class ACUserNotice(UserNotice):
pass
class ACPSuri(char.IA5String):
pass
class AcPolicyId(univ.ObjectIdentifier):
pass
class PolicyInformation(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('policyIdentifier', AcPolicyId()),
namedtype.OptionalNamedType('policyQualifiers',
univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class AcPoliciesSyntax(univ.SequenceOf):
componentType = PolicyInformation()
subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
# Update the policy qualifier map in rfc5280.py
_policyQualifierInfoMapUpdate = {
id_qt_acps: ACPSuri(),
id_qt_acunotice: UserNotice(),
}
rfc5280.policyQualifierInfoMap.update(_policyQualifierInfoMapUpdate)
# Update the certificate extension map in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_acPolicies: AcPoliciesSyntax(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

113
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4490.py Normal file
View File

@@ -0,0 +1,113 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94, and
# GOST R 34.10-2001 Algorithms with the CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4490.txt
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc4357
from pyasn1_modules import rfc5280
# Imports from RFC 4357
id_CryptoPro_algorithms = rfc4357.id_CryptoPro_algorithms
id_GostR3410_94 = rfc4357.id_GostR3410_94
id_GostR3410_2001 = rfc4357.id_GostR3410_2001
Gost28147_89_ParamSet = rfc4357.Gost28147_89_ParamSet
Gost28147_89_EncryptedKey = rfc4357.Gost28147_89_EncryptedKey
GostR3410_94_PublicKeyParameters = rfc4357.GostR3410_94_PublicKeyParameters
GostR3410_2001_PublicKeyParameters = rfc4357.GostR3410_2001_PublicKeyParameters
# Imports from RFC 5280
SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
# CMS/PKCS#7 key agreement algorithms & parameters
class Gost28147_89_KeyWrapParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()),
namedtype.OptionalNamedType('ukm', univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(8, 8)))
)
id_Gost28147_89_CryptoPro_KeyWrap = id_CryptoPro_algorithms + (13, 1, )
id_Gost28147_89_None_KeyWrap = id_CryptoPro_algorithms + (13, 0, )
id_GostR3410_2001_CryptoPro_ESDH = id_CryptoPro_algorithms + (96, )
id_GostR3410_94_CryptoPro_ESDH = id_CryptoPro_algorithms + (97, )
# CMS/PKCS#7 key transport algorithms & parameters
id_GostR3410_2001_KeyTransportSMIMECapability = id_GostR3410_2001
id_GostR3410_94_KeyTransportSMIMECapability = id_GostR3410_94
class GostR3410_TransportParameters(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()),
namedtype.OptionalNamedType('ephemeralPublicKey',
SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('ukm', univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(8, 8)))
)
class GostR3410_KeyTransport(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('sessionEncryptedKey', Gost28147_89_EncryptedKey()),
namedtype.OptionalNamedType('transportParameters',
GostR3410_TransportParameters().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
# GOST R 34.10-94 signature algorithm & parameters
class GostR3410_94_Signature(univ.OctetString):
subtypeSpec = constraint.ValueSizeConstraint(64, 64)
# GOST R 34.10-2001 signature algorithms and parameters
class GostR3410_2001_Signature(univ.OctetString):
subtypeSpec = constraint.ValueSizeConstraint(64, 64)
# Update the Algorithm Identifier map in rfc5280.py
_algorithmIdentifierMapUpdate = {
id_Gost28147_89_CryptoPro_KeyWrap: Gost28147_89_KeyWrapParameters(),
id_Gost28147_89_None_KeyWrap: Gost28147_89_KeyWrapParameters(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

44
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4491.py Normal file
View File

@@ -0,0 +1,44 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Using the GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94
# Algorithms with Certificates and CRLs
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4491.txt
#
from pyasn1_modules import rfc4357
# Signature Algorithm GOST R 34.10-94
id_GostR3411_94_with_GostR3410_94 = rfc4357.id_GostR3411_94_with_GostR3410_94
# Signature Algorithm GOST R 34.10-2001
id_GostR3411_94_with_GostR3410_2001 = rfc4357.id_GostR3411_94_with_GostR3410_2001
# GOST R 34.10-94 Keys
id_GostR3410_94 = rfc4357.id_GostR3410_94
GostR3410_2001_PublicKey = rfc4357.GostR3410_2001_PublicKey
GostR3410_2001_PublicKeyParameters = rfc4357.GostR3410_2001_PublicKeyParameters
# GOST R 34.10-2001 Keys
id_GostR3410_2001 = rfc4357.id_GostR3410_2001
GostR3410_94_PublicKey = rfc4357.GostR3410_94_PublicKey
GostR3410_94_PublicKeyParameters = rfc4357.GostR3410_94_PublicKeyParameters

72
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4683.py Normal file
View File

@@ -0,0 +1,72 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Subject Identification Method (SIM)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4683.txt
# https://www.rfc-editor.org/errata/eid1047
#
from pyasn1.type import char
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
# Used to compute the PEPSI value
class HashContent(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('userPassword', char.UTF8String()),
namedtype.NamedType('authorityRandom', univ.OctetString()),
namedtype.NamedType('identifierType', univ.ObjectIdentifier()),
namedtype.NamedType('identifier', char.UTF8String())
)
# Used to encode the PEPSI value as the SIM Other Name
id_pkix = rfc5280.id_pkix
id_on = id_pkix + (8,)
id_on_SIM = id_on + (6,)
class SIM(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('authorityRandom', univ.OctetString()),
namedtype.NamedType('pEPSI', univ.OctetString())
)
# Used to encrypt the PEPSI value during certificate request
id_pkip = id_pkix + (5,)
id_regEPEPSI = id_pkip + (3,)
class EncryptedPEPSI(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('identifierType', univ.ObjectIdentifier()),
namedtype.NamedType('identifier', char.UTF8String()),
namedtype.NamedType('sIM', SIM())
)
# Update the map of Other Name OIDs to Other Names in rfc5280.py
_anotherNameMapUpdate = {
id_on_SIM: SIM(),
}
rfc5280.anotherNameMap.update(_anotherNameMapUpdate)

49
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc4985.py Normal file
View File

@@ -0,0 +1,49 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Expression of Service Names in X.509 Certificates
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc4985.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
# As specified in Appendix A.2 of RFC 4985
id_pkix = rfc5280.id_pkix
id_on = id_pkix + (8, )
id_on_dnsSRV = id_on + (7, )
class SRVName(char.IA5String):
subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
srvName = rfc5280.AnotherName()
srvName['type-id'] = id_on_dnsSRV
srvName['value'] = SRVName()
# Map of Other Name OIDs to Other Name is added to the
# ones that are in rfc5280.py
_anotherNameMapUpdate = {
id_on_dnsSRV: SRVName(),
}
rfc5280.anotherNameMap.update(_anotherNameMapUpdate)

199
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5035.py Normal file
View File

@@ -0,0 +1,199 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add a map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Update to Enhanced Security Services for S/MIME
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5035.txt
#
from pyasn1.codec.der.encoder import encode as der_encode
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc2634
from pyasn1_modules import rfc4055
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5280
ContentType = rfc5652.ContentType
IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
PolicyInformation = rfc5280.PolicyInformation
GeneralNames = rfc5280.GeneralNames
CertificateSerialNumber = rfc5280.CertificateSerialNumber
# Signing Certificate Attribute V1 and V2
id_aa_signingCertificate = rfc2634.id_aa_signingCertificate
id_aa_signingCertificateV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.47')
Hash = rfc2634.Hash
IssuerSerial = rfc2634.IssuerSerial
ESSCertID = rfc2634.ESSCertID
SigningCertificate = rfc2634.SigningCertificate
sha256AlgId = AlgorithmIdentifier()
sha256AlgId['algorithm'] = rfc4055.id_sha256
# A non-schema object for sha256AlgId['parameters'] as absent
sha256AlgId['parameters'] = der_encode(univ.OctetString(''))
class ESSCertIDv2(univ.Sequence):
pass
ESSCertIDv2.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('hashAlgorithm', sha256AlgId),
namedtype.NamedType('certHash', Hash()),
namedtype.OptionalNamedType('issuerSerial', IssuerSerial())
)
class SigningCertificateV2(univ.Sequence):
pass
SigningCertificateV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('certs', univ.SequenceOf(
componentType=ESSCertIDv2())),
namedtype.OptionalNamedType('policies', univ.SequenceOf(
componentType=PolicyInformation()))
)
# Mail List Expansion History Attribute
id_aa_mlExpandHistory = rfc2634.id_aa_mlExpandHistory
ub_ml_expansion_history = rfc2634.ub_ml_expansion_history
EntityIdentifier = rfc2634.EntityIdentifier
MLReceiptPolicy = rfc2634.MLReceiptPolicy
MLData = rfc2634.MLData
MLExpansionHistory = rfc2634.MLExpansionHistory
# ESS Security Label Attribute
id_aa_securityLabel = rfc2634.id_aa_securityLabel
ub_privacy_mark_length = rfc2634.ub_privacy_mark_length
ub_security_categories = rfc2634.ub_security_categories
ub_integer_options = rfc2634.ub_integer_options
ESSPrivacyMark = rfc2634.ESSPrivacyMark
SecurityClassification = rfc2634.SecurityClassification
SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier
SecurityCategory = rfc2634.SecurityCategory
SecurityCategories = rfc2634.SecurityCategories
ESSSecurityLabel = rfc2634.ESSSecurityLabel
# Equivalent Labels Attribute
id_aa_equivalentLabels = rfc2634.id_aa_equivalentLabels
EquivalentLabels = rfc2634.EquivalentLabels
# Content Identifier Attribute
id_aa_contentIdentifier = rfc2634.id_aa_contentIdentifier
ContentIdentifier = rfc2634.ContentIdentifier
# Content Reference Attribute
id_aa_contentReference = rfc2634.id_aa_contentReference
ContentReference = rfc2634.ContentReference
# Message Signature Digest Attribute
id_aa_msgSigDigest = rfc2634.id_aa_msgSigDigest
MsgSigDigest = rfc2634.MsgSigDigest
# Content Hints Attribute
id_aa_contentHint = rfc2634.id_aa_contentHint
ContentHints = rfc2634.ContentHints
# Receipt Request Attribute
AllOrFirstTier = rfc2634.AllOrFirstTier
ReceiptsFrom = rfc2634.ReceiptsFrom
id_aa_receiptRequest = rfc2634.id_aa_receiptRequest
ub_receiptsTo = rfc2634.ub_receiptsTo
ReceiptRequest = rfc2634.ReceiptRequest
# Receipt Content Type
ESSVersion = rfc2634.ESSVersion
id_ct_receipt = rfc2634.id_ct_receipt
Receipt = rfc2634.Receipt
ub_receiptsTo = rfc2634.ub_receiptsTo
ReceiptRequest = rfc2634.ReceiptRequest
# Map of Attribute Type to the Attribute structure is added to the
# ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_signingCertificateV2: SigningCertificateV2(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# Map of Content Type OIDs to Content Types is added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_receipt: Receipt(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

52
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5083.py Normal file
View File

@@ -0,0 +1,52 @@
# This file is being contributed to of pyasn1-modules software.
#
# Created by Russ Housley without assistance from the asn1ate tool.
# Modified by Russ Housley to add a map for use with opentypes and
# simplify the code for the object identifier assignment.
#
# Copyright (c) 2018, 2019 Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Authenticated-Enveloped-Data for the Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5083.txt
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5652
MAX = float('inf')
# CMS Authenticated-Enveloped-Data Content Type
id_ct_authEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.23')
class AuthEnvelopedData(univ.Sequence):
pass
AuthEnvelopedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', rfc5652.CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', rfc5652.OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', rfc5652.RecipientInfos()),
namedtype.NamedType('authEncryptedContentInfo', rfc5652.EncryptedContentInfo()),
namedtype.OptionalNamedType('authAttrs', rfc5652.AuthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('mac', rfc5652.MessageAuthenticationCode()),
namedtype.OptionalNamedType('unauthAttrs', rfc5652.UnauthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
# Map of Content Type OIDs to Content Types is added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_authEnvelopedData: AuthEnvelopedData(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

97
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5084.py Normal file
View File

@@ -0,0 +1,97 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley with assistance from the asn1ate tool, with manual
# changes to AES_CCM_ICVlen.subtypeSpec and added comments
#
# Copyright (c) 2018-2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# AES-CCM and AES-GCM Algorithms fo use with the Authenticated-Enveloped-Data
# protecting content type for the Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5084.txt
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class AES_CCM_ICVlen(univ.Integer):
pass
class AES_GCM_ICVlen(univ.Integer):
pass
AES_CCM_ICVlen.subtypeSpec = constraint.SingleValueConstraint(4, 6, 8, 10, 12, 14, 16)
AES_GCM_ICVlen.subtypeSpec = constraint.ValueRangeConstraint(12, 16)
class CCMParameters(univ.Sequence):
pass
CCMParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('aes-nonce', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(7, 13))),
# The aes-nonce parameter contains 15-L octets, where L is the size of the length field. L=8 is RECOMMENDED.
# Within the scope of any content-authenticated-encryption key, the nonce value MUST be unique.
namedtype.DefaultedNamedType('aes-ICVlen', AES_CCM_ICVlen().subtype(value=12))
)
class GCMParameters(univ.Sequence):
pass
GCMParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('aes-nonce', univ.OctetString()),
# The aes-nonce may have any number of bits between 8 and 2^64, but it MUST be a multiple of 8 bits.
# Within the scope of any content-authenticated-encryption key, the nonce value MUST be unique.
# A nonce value of 12 octets can be processed more efficiently, so that length is RECOMMENDED.
namedtype.DefaultedNamedType('aes-ICVlen', AES_GCM_ICVlen().subtype(value=12))
)
aes = _OID(2, 16, 840, 1, 101, 3, 4, 1)
id_aes128_CCM = _OID(aes, 7)
id_aes128_GCM = _OID(aes, 6)
id_aes192_CCM = _OID(aes, 27)
id_aes192_GCM = _OID(aes, 26)
id_aes256_CCM = _OID(aes, 47)
id_aes256_GCM = _OID(aes, 46)
# Map of Algorithm Identifier OIDs to Parameters is added to the
# ones in rfc5280.py
_algorithmIdentifierMapUpdate = {
id_aes128_CCM: CCMParameters(),
id_aes128_GCM: GCMParameters(),
id_aes192_CCM: CCMParameters(),
id_aes192_GCM: GCMParameters(),
id_aes256_CCM: CCMParameters(),
id_aes256_GCM: GCMParameters(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

577
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5126.py Normal file
View File

@@ -0,0 +1,577 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# CMS Advanced Electronic Signatures (CAdES)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5126.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import useful
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5035
from pyasn1_modules import rfc5755
from pyasn1_modules import rfc6960
from pyasn1_modules import rfc3161
MAX = float('inf')
# Maps for OpenTypes
commitmentQualifierMap = { }
sigQualifiersMap = { }
otherRevRefMap = { }
otherRevValMap = { }
# Imports from RFC 5652
ContentInfo = rfc5652.ContentInfo
ContentType = rfc5652.ContentType
SignedData = rfc5652.SignedData
EncapsulatedContentInfo = rfc5652.EncapsulatedContentInfo
SignerInfo = rfc5652.SignerInfo
MessageDigest = rfc5652.MessageDigest
SigningTime = rfc5652.SigningTime
Countersignature = rfc5652.Countersignature
id_data = rfc5652.id_data
id_signedData = rfc5652.id_signedData
id_contentType= rfc5652.id_contentType
id_messageDigest = rfc5652.id_messageDigest
id_signingTime = rfc5652.id_signingTime
id_countersignature = rfc5652.id_countersignature
# Imports from RFC 5035
SigningCertificate = rfc5035.SigningCertificate
IssuerSerial = rfc5035.IssuerSerial
ContentReference = rfc5035.ContentReference
ContentIdentifier = rfc5035.ContentIdentifier
id_aa_contentReference = rfc5035.id_aa_contentReference
id_aa_contentIdentifier = rfc5035.id_aa_contentIdentifier
id_aa_signingCertificate = rfc5035.id_aa_signingCertificate
id_aa_signingCertificateV2 = rfc5035.id_aa_signingCertificateV2
# Imports from RFC 5280
Certificate = rfc5280.Certificate
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
CertificateList = rfc5280.CertificateList
Name = rfc5280.Name
Attribute = rfc5280.Attribute
GeneralNames = rfc5280.GeneralNames
GeneralName = rfc5280.GeneralName
PolicyInformation = rfc5280.PolicyInformation
DirectoryString = rfc5280.DirectoryString
# Imports from RFC 5755
AttributeCertificate = rfc5755.AttributeCertificate
# Imports from RFC 6960
BasicOCSPResponse = rfc6960.BasicOCSPResponse
ResponderID = rfc6960.ResponderID
# Imports from RFC 3161
TimeStampToken = rfc3161.TimeStampToken
# OID used referencing electronic signature mechanisms
id_etsi_es_IDUP_Mechanism_v1 = univ.ObjectIdentifier('0.4.0.1733.1.4.1')
# OtherSigningCertificate - deprecated
id_aa_ets_otherSigCert = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.19')
class OtherHashValue(univ.OctetString):
pass
class OtherHashAlgAndValue(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('hashValue', OtherHashValue())
)
class OtherHash(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('sha1Hash', OtherHashValue()),
namedtype.NamedType('otherHash', OtherHashAlgAndValue())
)
class OtherCertID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('otherCertHash', OtherHash()),
namedtype.OptionalNamedType('issuerSerial', IssuerSerial())
)
class OtherSigningCertificate(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certs',
univ.SequenceOf(componentType=OtherCertID())),
namedtype.OptionalNamedType('policies',
univ.SequenceOf(componentType=PolicyInformation()))
)
# Signature Policy Identifier
id_aa_ets_sigPolicyId = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.15')
class SigPolicyId(univ.ObjectIdentifier):
pass
class SigPolicyHash(OtherHashAlgAndValue):
pass
class SigPolicyQualifierId(univ.ObjectIdentifier):
pass
class SigPolicyQualifierInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('sigPolicyQualifierId', SigPolicyQualifierId()),
namedtype.NamedType('sigQualifier', univ.Any(),
openType=opentype.OpenType('sigPolicyQualifierId', sigQualifiersMap))
)
class SignaturePolicyId(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('sigPolicyId', SigPolicyId()),
namedtype.NamedType('sigPolicyHash', SigPolicyHash()),
namedtype.OptionalNamedType('sigPolicyQualifiers',
univ.SequenceOf(componentType=SigPolicyQualifierInfo()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class SignaturePolicyImplied(univ.Null):
pass
class SignaturePolicy(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signaturePolicyId', SignaturePolicyId()),
namedtype.NamedType('signaturePolicyImplied', SignaturePolicyImplied())
)
id_spq_ets_unotice = univ.ObjectIdentifier('1.2.840.113549.1.9.16.5.2')
class DisplayText(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('visibleString', char.VisibleString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
namedtype.NamedType('bmpString', char.BMPString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
namedtype.NamedType('utf8String', char.UTF8String().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 200)))
)
class NoticeReference(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('organization', DisplayText()),
namedtype.NamedType('noticeNumbers',
univ.SequenceOf(componentType=univ.Integer()))
)
class SPUserNotice(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('noticeRef', NoticeReference()),
namedtype.OptionalNamedType('explicitText', DisplayText())
)
noticeToUser = SigPolicyQualifierInfo()
noticeToUser['sigPolicyQualifierId'] = id_spq_ets_unotice
noticeToUser['sigQualifier'] = SPUserNotice()
id_spq_ets_uri = univ.ObjectIdentifier('1.2.840.113549.1.9.16.5.1')
class SPuri(char.IA5String):
pass
pointerToSigPolSpec = SigPolicyQualifierInfo()
pointerToSigPolSpec['sigPolicyQualifierId'] = id_spq_ets_uri
pointerToSigPolSpec['sigQualifier'] = SPuri()
# Commitment Type
id_aa_ets_commitmentType = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.16')
class CommitmentTypeIdentifier(univ.ObjectIdentifier):
pass
class CommitmentTypeQualifier(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('commitmentTypeIdentifier',
CommitmentTypeIdentifier()),
namedtype.NamedType('qualifier', univ.Any(),
openType=opentype.OpenType('commitmentTypeIdentifier',
commitmentQualifierMap))
)
class CommitmentTypeIndication(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('commitmentTypeId', CommitmentTypeIdentifier()),
namedtype.OptionalNamedType('commitmentTypeQualifier',
univ.SequenceOf(componentType=CommitmentTypeQualifier()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
id_cti_ets_proofOfOrigin = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.1')
id_cti_ets_proofOfReceipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.2')
id_cti_ets_proofOfDelivery = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.3')
id_cti_ets_proofOfSender = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.4')
id_cti_ets_proofOfApproval = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.5')
id_cti_ets_proofOfCreation = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.6')
# Signer Location
id_aa_ets_signerLocation = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.17')
class PostalAddress(univ.SequenceOf):
componentType = DirectoryString()
subtypeSpec = constraint.ValueSizeConstraint(1, 6)
class SignerLocation(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('countryName',
DirectoryString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('localityName',
DirectoryString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('postalAdddress',
PostalAddress().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
# Signature Timestamp
id_aa_signatureTimeStampToken = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.14')
class SignatureTimeStampToken(TimeStampToken):
pass
# Content Timestamp
id_aa_ets_contentTimestamp = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.20')
class ContentTimestamp(TimeStampToken):
pass
# Signer Attributes
id_aa_ets_signerAttr = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.18')
class ClaimedAttributes(univ.SequenceOf):
componentType = Attribute()
class CertifiedAttributes(AttributeCertificate):
pass
class SignerAttribute(univ.SequenceOf):
componentType = univ.Choice(componentType=namedtype.NamedTypes(
namedtype.NamedType('claimedAttributes',
ClaimedAttributes().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('certifiedAttributes',
CertifiedAttributes().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
))
# Complete Certificate Refs
id_aa_ets_certificateRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.21')
class CompleteCertificateRefs(univ.SequenceOf):
componentType = OtherCertID()
# Complete Revocation Refs
id_aa_ets_revocationRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.22')
class CrlIdentifier(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('crlissuer', Name()),
namedtype.NamedType('crlIssuedTime', useful.UTCTime()),
namedtype.OptionalNamedType('crlNumber', univ.Integer())
)
class CrlValidatedID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('crlHash', OtherHash()),
namedtype.OptionalNamedType('crlIdentifier', CrlIdentifier())
)
class CRLListID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('crls',
univ.SequenceOf(componentType=CrlValidatedID()))
)
class OcspIdentifier(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ocspResponderID', ResponderID()),
namedtype.NamedType('producedAt', useful.GeneralizedTime())
)
class OcspResponsesID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ocspIdentifier', OcspIdentifier()),
namedtype.OptionalNamedType('ocspRepHash', OtherHash())
)
class OcspListID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ocspResponses',
univ.SequenceOf(componentType=OcspResponsesID()))
)
class OtherRevRefType(univ.ObjectIdentifier):
pass
class OtherRevRefs(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('otherRevRefType', OtherRevRefType()),
namedtype.NamedType('otherRevRefs', univ.Any(),
openType=opentype.OpenType('otherRevRefType', otherRevRefMap))
)
class CrlOcspRef(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('crlids',
CRLListID().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('ocspids',
OcspListID().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType('otherRev',
OtherRevRefs().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class CompleteRevocationRefs(univ.SequenceOf):
componentType = CrlOcspRef()
# Certificate Values
id_aa_ets_certValues = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.23')
class CertificateValues(univ.SequenceOf):
componentType = Certificate()
# Certificate Revocation Values
id_aa_ets_revocationValues = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.24')
class OtherRevValType(univ.ObjectIdentifier):
pass
class OtherRevVals(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('otherRevValType', OtherRevValType()),
namedtype.NamedType('otherRevVals', univ.Any(),
openType=opentype.OpenType('otherRevValType', otherRevValMap))
)
class RevocationValues(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('crlVals',
univ.SequenceOf(componentType=CertificateList()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('ocspVals',
univ.SequenceOf(componentType=BasicOCSPResponse()).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('otherRevVals',
OtherRevVals().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
# CAdES-C Timestamp
id_aa_ets_escTimeStamp = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.25')
class ESCTimeStampToken(TimeStampToken):
pass
# Time-Stamped Certificates and CRLs
id_aa_ets_certCRLTimestamp = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.26')
class TimestampedCertsCRLs(TimeStampToken):
pass
# Archive Timestamp
id_aa_ets_archiveTimestampV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.48')
class ArchiveTimeStampToken(TimeStampToken):
pass
# Attribute certificate references
id_aa_ets_attrCertificateRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.44')
class AttributeCertificateRefs(univ.SequenceOf):
componentType = OtherCertID()
# Attribute revocation references
id_aa_ets_attrRevocationRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.45')
class AttributeRevocationRefs(univ.SequenceOf):
componentType = CrlOcspRef()
# Update the sigQualifiersMap
_sigQualifiersMapUpdate = {
id_spq_ets_unotice: SPUserNotice(),
id_spq_ets_uri: SPuri(),
}
sigQualifiersMap.update(_sigQualifiersMapUpdate)
# Update the CMS Attribute Map in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_ets_otherSigCert: OtherSigningCertificate(),
id_aa_ets_sigPolicyId: SignaturePolicy(),
id_aa_ets_commitmentType: CommitmentTypeIndication(),
id_aa_ets_signerLocation: SignerLocation(),
id_aa_signatureTimeStampToken: SignatureTimeStampToken(),
id_aa_ets_contentTimestamp: ContentTimestamp(),
id_aa_ets_signerAttr: SignerAttribute(),
id_aa_ets_certificateRefs: CompleteCertificateRefs(),
id_aa_ets_revocationRefs: CompleteRevocationRefs(),
id_aa_ets_certValues: CertificateValues(),
id_aa_ets_revocationValues: RevocationValues(),
id_aa_ets_escTimeStamp: ESCTimeStampToken(),
id_aa_ets_certCRLTimestamp: TimestampedCertsCRLs(),
id_aa_ets_archiveTimestampV2: ArchiveTimeStampToken(),
id_aa_ets_attrCertificateRefs: AttributeCertificateRefs(),
id_aa_ets_attrRevocationRefs: AttributeRevocationRefs(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)

56
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5208.py Normal file
View File

@@ -0,0 +1,56 @@
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# PKCS#8 syntax
#
# ASN.1 source from:
# http://tools.ietf.org/html/rfc5208
#
# Sample captures could be obtained with "openssl pkcs8 -topk8" command
#
from pyasn1_modules import rfc2251
from pyasn1_modules.rfc2459 import *
class KeyEncryptionAlgorithms(AlgorithmIdentifier):
pass
class PrivateKeyAlgorithms(AlgorithmIdentifier):
pass
class EncryptedData(univ.OctetString):
pass
class EncryptedPrivateKeyInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptionAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('encryptedData', EncryptedData())
)
class PrivateKey(univ.OctetString):
pass
class Attributes(univ.SetOf):
componentType = rfc2251.Attribute()
class Version(univ.Integer):
namedValues = namedval.NamedValues(('v1', 0), ('v2', 1))
class PrivateKeyInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('privateKey', PrivateKey()),
namedtype.OptionalNamedType('attributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)

404
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5275.py Normal file
View File

@@ -0,0 +1,404 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# An Internet Attribute Certificate Profile for Authorization
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5275.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc3565
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5751
from pyasn1_modules import rfc5755
MAX = float('inf')
# Initialize the map for GLAQueryRequests and GLAQueryResponses
glaQueryRRMap = { }
# Imports from RFC 3565
id_aes128_wrap = rfc3565.id_aes128_wrap
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
Certificate = rfc5280.Certificate
GeneralName = rfc5280.GeneralName
# Imports from RFC 5652
CertificateSet = rfc5652.CertificateSet
KEKIdentifier = rfc5652.KEKIdentifier
RecipientInfos = rfc5652.RecipientInfos
# Imports from RFC 5751
SMIMECapability = rfc5751.SMIMECapability
# Imports from RFC 5755
AttributeCertificate = rfc5755.AttributeCertificate
# The GL symmetric key distribution object identifier arc
id_skd = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, 8,))
# The GL Use KEK control attribute
id_skd_glUseKEK = id_skd + (1,)
class Certificates(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pKC',
Certificate().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('aC',
univ.SequenceOf(componentType=AttributeCertificate()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('certPath',
CertificateSet().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class GLInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('glAddress', GeneralName())
)
class GLOwnerInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glOwnerName', GeneralName()),
namedtype.NamedType('glOwnerAddress', GeneralName()),
namedtype.OptionalNamedType('certificates', Certificates())
)
class GLAdministration(univ.Integer):
namedValues = namedval.NamedValues(
('unmanaged', 0),
('managed', 1),
('closed', 2)
)
requested_algorithm = SMIMECapability().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
requested_algorithm['capabilityID'] = id_aes128_wrap
class GLKeyAttributes(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('rekeyControlledByGLO',
univ.Boolean().subtype(value=0,
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.DefaultedNamedType('recipientsNotMutuallyAware',
univ.Boolean().subtype(value=1,
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.DefaultedNamedType('duration',
univ.Integer().subtype(value=0,
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.DefaultedNamedType('generationCounter',
univ.Integer().subtype(value=2,
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.DefaultedNamedType('requestedAlgorithm', requested_algorithm)
)
class GLUseKEK(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glInfo', GLInfo()),
namedtype.NamedType('glOwnerInfo',
univ.SequenceOf(componentType=GLOwnerInfo()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
namedtype.DefaultedNamedType('glAdministration',
GLAdministration().subtype(value=1)),
namedtype.OptionalNamedType('glKeyAttributes', GLKeyAttributes())
)
# The Delete GL control attribute
id_skd_glDelete = id_skd + (2,)
class DeleteGL(GeneralName):
pass
# The Add GL Member control attribute
id_skd_glAddMember = id_skd + (3,)
class GLMember(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glMemberName', GeneralName()),
namedtype.OptionalNamedType('glMemberAddress', GeneralName()),
namedtype.OptionalNamedType('certificates', Certificates())
)
class GLAddMember(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('glMember', GLMember())
)
# The Delete GL Member control attribute
id_skd_glDeleteMember = id_skd + (4,)
class GLDeleteMember(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('glMemberToDelete', GeneralName())
)
# The GL Rekey control attribute
id_skd_glRekey = id_skd + (5,)
class GLNewKeyAttributes(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('rekeyControlledByGLO',
univ.Boolean().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('recipientsNotMutuallyAware',
univ.Boolean().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('duration',
univ.Integer().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('generationCounter',
univ.Integer().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('requestedAlgorithm',
AlgorithmIdentifier().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class GLRekey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.OptionalNamedType('glAdministration', GLAdministration()),
namedtype.OptionalNamedType('glNewKeyAttributes', GLNewKeyAttributes()),
namedtype.OptionalNamedType('glRekeyAllGLKeys', univ.Boolean())
)
# The Add and Delete GL Owner control attributes
id_skd_glAddOwner = id_skd + (6,)
id_skd_glRemoveOwner = id_skd + (7,)
class GLOwnerAdministration(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('glOwnerInfo', GLOwnerInfo())
)
# The GL Key Compromise control attribute
id_skd_glKeyCompromise = id_skd + (8,)
class GLKCompromise(GeneralName):
pass
# The GL Key Refresh control attribute
id_skd_glkRefresh = id_skd + (9,)
class Date(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('start', useful.GeneralizedTime()),
namedtype.OptionalNamedType('end', useful.GeneralizedTime())
)
class GLKRefresh(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('dates',
univ.SequenceOf(componentType=Date()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
# The GLA Query Request control attribute
id_skd_glaQueryRequest = id_skd + (11,)
class GLAQueryRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glaRequestType', univ.ObjectIdentifier()),
namedtype.NamedType('glaRequestValue', univ.Any(),
openType=opentype.OpenType('glaRequestType', glaQueryRRMap))
)
# The GLA Query Response control attribute
id_skd_glaQueryResponse = id_skd + (12,)
class GLAQueryResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glaResponseType', univ.ObjectIdentifier()),
namedtype.NamedType('glaResponseValue', univ.Any(),
openType=opentype.OpenType('glaResponseType', glaQueryRRMap))
)
# The GLA Request/Response (glaRR) arc for glaRequestType/glaResponseType
id_cmc_glaRR = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 7, 99,))
# The Algorithm Request
id_cmc_gla_skdAlgRequest = id_cmc_glaRR + (1,)
class SKDAlgRequest(univ.Null):
pass
# The Algorithm Response
id_cmc_gla_skdAlgResponse = id_cmc_glaRR + (2,)
SMIMECapabilities = rfc5751.SMIMECapabilities
# The control attribute to request an updated certificate to the GLA and
# the control attribute to return an updated certificate to the GLA
id_skd_glProvideCert = id_skd + (13,)
id_skd_glManageCert = id_skd + (14,)
class GLManageCert(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('glMember', GLMember())
)
# The control attribute to distribute the GL shared KEK
id_skd_glKey = id_skd + (15,)
class GLKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('glName', GeneralName()),
namedtype.NamedType('glIdentifier', KEKIdentifier()),
namedtype.NamedType('glkWrapped', RecipientInfos()),
namedtype.NamedType('glkAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('glkNotBefore', useful.GeneralizedTime()),
namedtype.NamedType('glkNotAfter', useful.GeneralizedTime())
)
# The CMC error types
id_cet_skdFailInfo = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 15, 1,))
class SKDFailInfo(univ.Integer):
namedValues = namedval.NamedValues(
('unspecified', 0),
('closedGL', 1),
('unsupportedDuration', 2),
('noGLACertificate', 3),
('invalidCert', 4),
('unsupportedAlgorithm', 5),
('noGLONameMatch', 6),
('invalidGLName', 7),
('nameAlreadyInUse', 8),
('noSpam', 9),
('alreadyAMember', 11),
('notAMember', 12),
('alreadyAnOwner', 13),
('notAnOwner', 14)
)
# Update the map for GLAQueryRequests and GLAQueryResponses
_glaQueryRRMapUpdate = {
id_cmc_gla_skdAlgRequest: univ.Null(""),
id_cmc_gla_skdAlgResponse: SMIMECapabilities(),
}
glaQueryRRMap.update(_glaQueryRRMapUpdate)
# Update the map for CMC control attributes; since CMS Attributes and
# CMC Controls both use 'attrType', one map is used for both
_cmcControlAttributesMapUpdate = {
id_skd_glUseKEK: GLUseKEK(),
id_skd_glDelete: DeleteGL(),
id_skd_glAddMember: GLAddMember(),
id_skd_glDeleteMember: GLDeleteMember(),
id_skd_glRekey: GLRekey(),
id_skd_glAddOwner: GLOwnerAdministration(),
id_skd_glRemoveOwner: GLOwnerAdministration(),
id_skd_glKeyCompromise: GLKCompromise(),
id_skd_glkRefresh: GLKRefresh(),
id_skd_glaQueryRequest: GLAQueryRequest(),
id_skd_glaQueryResponse: GLAQueryResponse(),
id_skd_glProvideCert: GLManageCert(),
id_skd_glManageCert: GLManageCert(),
id_skd_glKey: GLKey(),
}
rfc5652.cmsAttributesMap.update(_cmcControlAttributesMapUpdate)

1658
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5280.py Normal file
View File

File diff suppressed because it is too large Load Diff

190
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5480.py Normal file
View File

@@ -0,0 +1,190 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add maps for opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Elliptic Curve Cryptography Subject Public Key Information
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5480.txt
# What can be imported from rfc4055.py ?
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc3279
from pyasn1_modules import rfc5280
# These structures are the same as RFC 3279.
DHPublicKey = rfc3279.DHPublicKey
DSAPublicKey = rfc3279.DSAPublicKey
ValidationParms = rfc3279.ValidationParms
DomainParameters = rfc3279.DomainParameters
ECDSA_Sig_Value = rfc3279.ECDSA_Sig_Value
ECPoint = rfc3279.ECPoint
KEA_Parms_Id = rfc3279.KEA_Parms_Id
RSAPublicKey = rfc3279.RSAPublicKey
# RFC 5480 changed the names of these structures from RFC 3279.
DSS_Parms = rfc3279.Dss_Parms
DSA_Sig_Value = rfc3279.Dss_Sig_Value
# RFC 3279 defines a more complex alternative for ECParameters.
# RFC 5480 narrows the definition to a single CHOICE: namedCurve.
class ECParameters(univ.Choice):
pass
ECParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('namedCurve', univ.ObjectIdentifier())
)
# OIDs for Message Digest Algorithms
id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2')
id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5')
id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26')
id_sha224 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.4')
id_sha256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.1')
id_sha384 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.2')
id_sha512 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.3')
# OID for RSA PK Algorithm and Key
rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1')
# OID for DSA PK Algorithm, Key, and Parameters
***REMOVED*** = univ.ObjectIdentifier('1.2.840.10040.4.1')
# OID for Diffie-Hellman PK Algorithm, Key, and Parameters
dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1')
# OID for KEA PK Algorithm and Parameters
id_keyExchangeAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.22')
# OIDs for Elliptic Curve Algorithm ID, Key, and Parameters
# Note that ECDSA keys always use this OID
id_ecPublicKey = univ.ObjectIdentifier('1.2.840.10045.2.1')
id_ecDH = univ.ObjectIdentifier('1.3.132.1.12')
id_ecMQV = univ.ObjectIdentifier('1.3.132.1.13')
# OIDs for RSA Signature Algorithms
md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2')
md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4')
sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5')
# OIDs for DSA Signature Algorithms
***REMOVED***_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3')
***REMOVED***_with_sha224 = univ.ObjectIdentifier('2.16.840.1.101.3.4.3.1')
***REMOVED***_with_sha256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.3.2')
# OIDs for ECDSA Signature Algorithms
ecdsa_with_SHA1 = univ.ObjectIdentifier('1.2.840.10045.4.1')
ecdsa_with_SHA224 = univ.ObjectIdentifier('1.2.840.10045.4.3.1')
ecdsa_with_SHA256 = univ.ObjectIdentifier('1.2.840.10045.4.3.2')
ecdsa_with_SHA384 = univ.ObjectIdentifier('1.2.840.10045.4.3.3')
ecdsa_with_SHA512 = univ.ObjectIdentifier('1.2.840.10045.4.3.4')
# OIDs for Named Elliptic Curves
secp192r1 = univ.ObjectIdentifier('1.2.840.10045.3.1.1')
sect163k1 = univ.ObjectIdentifier('1.3.132.0.1')
sect163r2 = univ.ObjectIdentifier('1.3.132.0.15')
secp224r1 = univ.ObjectIdentifier('1.3.132.0.33')
sect233k1 = univ.ObjectIdentifier('1.3.132.0.26')
sect233r1 = univ.ObjectIdentifier('1.3.132.0.27')
secp256r1 = univ.ObjectIdentifier('1.2.840.10045.3.1.7')
sect283k1 = univ.ObjectIdentifier('1.3.132.0.16')
sect283r1 = univ.ObjectIdentifier('1.3.132.0.17')
secp384r1 = univ.ObjectIdentifier('1.3.132.0.34')
sect409k1 = univ.ObjectIdentifier('1.3.132.0.36')
sect409r1 = univ.ObjectIdentifier('1.3.132.0.37')
secp521r1 = univ.ObjectIdentifier('1.3.132.0.35')
sect571k1 = univ.ObjectIdentifier('1.3.132.0.38')
sect571r1 = univ.ObjectIdentifier('1.3.132.0.39')
# Map of Algorithm Identifier OIDs to Parameters
# The algorithm is not included if the parameters MUST be absent
_algorithmIdentifierMapUpdate = {
rsaEncryption: univ.Null(),
md2WithRSAEncryption: univ.Null(),
md5WithRSAEncryption: univ.Null(),
sha1WithRSAEncryption: univ.Null(),
***REMOVED***: DSS_Parms(),
dhpublicnumber: DomainParameters(),
id_keyExchangeAlgorithm: KEA_Parms_Id(),
id_ecPublicKey: ECParameters(),
id_ecDH: ECParameters(),
id_ecMQV: ECParameters(),
}
# Add these Algorithm Identifier map entries to the ones in rfc5280.py
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

113
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5636.py Normal file
View File

@@ -0,0 +1,113 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Traceable Anonymous Certificate
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5480.txt
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc5652
# Imports from RFC 5652
ContentInfo = rfc5652.ContentInfo
EncapsulatedContentInfo = rfc5652.EncapsulatedContentInfo
id_data = rfc5652.id_data
# Object Identifiers
id_KISA = univ.ObjectIdentifier((1, 2, 410, 200004,))
id_npki = id_KISA + (10,)
id_attribute = id_npki + (1,)
id_kisa_tac = id_attribute + (1,)
id_kisa_tac_token = id_kisa_tac + (1,)
id_kisa_tac_tokenandblindbash = id_kisa_tac + (2,)
id_kisa_tac_tokenandpartially = id_kisa_tac + (3,)
# Structures for Traceable Anonymous Certificate (TAC)
class UserKey(univ.OctetString):
pass
class Timeout(useful.GeneralizedTime):
pass
class BlinedCertificateHash(univ.OctetString):
pass
class PartiallySignedCertificateHash(univ.OctetString):
pass
class Token(ContentInfo):
pass
class TokenandBlindHash(ContentInfo):
pass
class TokenandPartiallySignedCertificateHash(ContentInfo):
pass
# Added to the module in RFC 5636 for the CMS Content Type Map
class TACToken(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('userKey', UserKey()),
namedtype.NamedType('timeout', Timeout())
)
class TACTokenandBlindHash(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('token', Token()),
namedtype.NamedType('blinded', BlinedCertificateHash())
)
class [AWS-SECRET-REMOVED]h(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('token', Token()),
namedtype.NamedType('partially', PartiallySignedCertificateHash())
)
# Add to the CMS Content Type Map in rfc5752.py
_cmsContentTypesMapUpdate = {
id_kisa_tac_token: TACToken(),
id_kisa_tac_tokenandblindbash: TACTokenandBlindHash(),
id_kisa_tac_tokenandpartially: [AWS-SECRET-REMOVED]h(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

49
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5639.py Normal file
View File

@@ -0,0 +1,49 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Elliptic Curve Cryptography Brainpool Standard Curves
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5639.txt
from pyasn1.type import univ
ecStdCurvesAndGeneration = univ.ObjectIdentifier((1, 3, 36, 3, 3, 2, 8,))
ellipticCurve = ecStdCurvesAndGeneration + (1,)
versionOne = ellipticCurve + (1,)
brainpoolP160r1 = versionOne + (1,)
brainpoolP160t1 = versionOne + (2,)
brainpoolP192r1 = versionOne + (3,)
brainpoolP192t1 = versionOne + (4,)
brainpoolP224r1 = versionOne + (5,)
brainpoolP224t1 = versionOne + (6,)
brainpoolP256r1 = versionOne + (7,)
brainpoolP256t1 = versionOne + (8,)
brainpoolP320r1 = versionOne + (9,)
brainpoolP320t1 = versionOne + (10,)
brainpoolP384r1 = versionOne + (11,)
brainpoolP384t1 = versionOne + (12,)
brainpoolP512r1 = versionOne + (13,)
brainpoolP512t1 = versionOne + (14,)

33
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5649.py Normal file
View File

@@ -0,0 +1,33 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# AES Key Wrap with Padding
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5649.txt
from pyasn1.type import univ
from pyasn1_modules import rfc5280
class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5')
id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25')
id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45')
id_aes128_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.8')
id_aes192_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.28')
id_aes256_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.48')

761
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5652.py Normal file
View File

@@ -0,0 +1,761 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Modified by Russ Housley to add support for opentypes.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# http://www.ietf.org/rfc/rfc5652.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc3281
from pyasn1_modules import rfc5280
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
cmsContentTypesMap = { }
cmsAttributesMap = { }
otherKeyAttributesMap = { }
otherCertFormatMap = { }
otherRevInfoFormatMap = { }
otherRecipientInfoMap = { }
class AttCertVersionV1(univ.Integer):
pass
AttCertVersionV1.namedValues = namedval.NamedValues(
('v1', 0)
)
class AttributeCertificateInfoV1(univ.Sequence):
pass
AttributeCertificateInfoV1.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")),
namedtype.NamedType(
'subject', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
)
),
namedtype.NamedType('issuer', rfc5280.GeneralNames()),
namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()),
namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()),
namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc5280.Extensions())
)
class AttributeCertificateV1(univ.Sequence):
pass
AttributeCertificateV1.componentType = namedtype.NamedTypes(
namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class AttributeValue(univ.Any):
pass
class Attribute(univ.Sequence):
pass
Attribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', univ.ObjectIdentifier()),
namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()),
openType=opentype.OpenType('attrType', cmsAttributesMap)
)
)
class SignedAttributes(univ.SetOf):
pass
SignedAttributes.componentType = Attribute()
SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class AttributeCertificateV2(rfc3281.AttributeCertificate):
pass
class OtherKeyAttribute(univ.Sequence):
pass
OtherKeyAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('keyAttr', univ.Any(),
openType=opentype.OpenType('keyAttrId', otherKeyAttributesMap)
)
)
class UnauthAttributes(univ.SetOf):
pass
UnauthAttributes.componentType = Attribute()
UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6)
class SignatureValue(univ.OctetString):
pass
class IssuerAndSerialNumber(univ.Sequence):
pass
IssuerAndSerialNumber.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc5280.Name()),
namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber())
)
class SubjectKeyIdentifier(univ.OctetString):
pass
class RecipientKeyIdentifier(univ.Sequence):
pass
RecipientKeyIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KeyAgreeRecipientIdentifier(univ.Choice):
pass
KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class EncryptedKey(univ.OctetString):
pass
class RecipientEncryptedKey(univ.Sequence):
pass
RecipientEncryptedKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientEncryptedKeys(univ.SequenceOf):
pass
RecipientEncryptedKeys.componentType = RecipientEncryptedKey()
class MessageAuthenticationCode(univ.OctetString):
pass
class CMSVersion(univ.Integer):
pass
CMSVersion.namedValues = namedval.NamedValues(
('v0', 0),
('v1', 1),
('v2', 2),
('v3', 3),
('v4', 4),
('v5', 5)
)
class OtherCertificateFormat(univ.Sequence):
pass
OtherCertificateFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherCert', univ.Any(),
openType=opentype.OpenType('otherCertFormat', otherCertFormatMap)
)
)
class ExtendedCertificateInfo(univ.Sequence):
pass
ExtendedCertificateInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('certificate', rfc5280.Certificate()),
namedtype.NamedType('attributes', UnauthAttributes())
)
class Signature(univ.BitString):
pass
class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class ExtendedCertificate(univ.Sequence):
pass
ExtendedCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', Signature())
)
class CertificateChoices(univ.Choice):
pass
CertificateChoices.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc5280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('other', OtherCertificateFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class CertificateSet(univ.SetOf):
pass
CertificateSet.componentType = CertificateChoices()
class OtherRevocationInfoFormat(univ.Sequence):
pass
OtherRevocationInfoFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()),
namedtype.NamedType('otherRevInfo', univ.Any(),
openType=opentype.OpenType('otherRevInfoFormat', otherRevInfoFormatMap)
)
)
class RevocationInfoChoice(univ.Choice):
pass
RevocationInfoChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('crl', rfc5280.CertificateList()),
namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class RevocationInfoChoices(univ.SetOf):
pass
RevocationInfoChoices.componentType = RevocationInfoChoice()
class OriginatorInfo(univ.Sequence):
pass
OriginatorInfo.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('certs', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class ContentType(univ.ObjectIdentifier):
pass
class EncryptedContent(univ.OctetString):
pass
class ContentEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class EncryptedContentInfo(univ.Sequence):
pass
EncryptedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class UnprotectedAttributes(univ.SetOf):
pass
UnprotectedAttributes.componentType = Attribute()
UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class KEKIdentifier(univ.Sequence):
pass
KEKIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyIdentifier', univ.OctetString()),
namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
namedtype.OptionalNamedType('other', OtherKeyAttribute())
)
class KEKRecipientInfo(univ.Sequence):
pass
KEKRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('kekid', KEKIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class KeyDerivationAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class PasswordRecipientInfo(univ.Sequence):
pass
PasswordRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class RecipientIdentifier(univ.Choice):
pass
RecipientIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class KeyTransRecipientInfo(univ.Sequence):
pass
KeyTransRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('rid', RecipientIdentifier()),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedKey', EncryptedKey())
)
class UserKeyingMaterial(univ.OctetString):
pass
class OriginatorPublicKey(univ.Sequence):
pass
OriginatorPublicKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('publicKey', univ.BitString())
)
class OriginatorIdentifierOrKey(univ.Choice):
pass
OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class KeyAgreeRecipientInfo(univ.Sequence):
pass
KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys())
)
class OtherRecipientInfo(univ.Sequence):
pass
OtherRecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('oriType', univ.ObjectIdentifier()),
namedtype.NamedType('oriValue', univ.Any(),
openType=opentype.OpenType('oriType', otherRecipientInfoMap)
)
)
class RecipientInfo(univ.Choice):
pass
RecipientInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('ktri', KeyTransRecipientInfo()),
namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.NamedType('kekri', KEKRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
namedtype.NamedType('ori', OtherRecipientInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)))
)
class RecipientInfos(univ.SetOf):
pass
RecipientInfos.componentType = RecipientInfo()
RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class EnvelopedData(univ.Sequence):
pass
EnvelopedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6)
id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5)
class EncryptedData(univ.Sequence):
pass
EncryptedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4)
id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2)
class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier):
pass
class UnsignedAttributes(univ.SetOf):
pass
UnsignedAttributes.componentType = Attribute()
UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class SignerIdentifier(univ.Choice):
pass
SignerIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class SignerInfo(univ.Sequence):
pass
SignerInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('sid', SignerIdentifier()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
namedtype.NamedType('signature', SignatureValue()),
namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class SignerInfos(univ.SetOf):
pass
SignerInfos.componentType = SignerInfo()
class Countersignature(SignerInfo):
pass
class ContentInfo(univ.Sequence):
pass
ContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)),
openType=opentype.OpenType('contentType', cmsContentTypesMap)
)
)
class EncapsulatedContentInfo(univ.Sequence):
pass
EncapsulatedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('eContentType', ContentType()),
namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6)
id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1)
class MessageDigest(univ.OctetString):
pass
class AuthAttributes(univ.SetOf):
pass
AuthAttributes.componentType = Attribute()
AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class Time(univ.Choice):
pass
Time.componentType = namedtype.NamedTypes(
namedtype.NamedType('utcTime', useful.UTCTime()),
namedtype.NamedType('generalTime', useful.GeneralizedTime())
)
class AuthenticatedData(univ.Sequence):
pass
AuthenticatedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('recipientInfos', RecipientInfos()),
namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()),
namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('mac', MessageAuthenticationCode()),
namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
)
id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3)
class ExtendedCertificateOrCertificate(univ.Choice):
pass
ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', rfc5280.Certificate()),
namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class Digest(univ.OctetString):
pass
class DigestedData(univ.Sequence):
pass
DigestedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.NamedType('digest', Digest())
)
id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3)
class DigestAlgorithmIdentifiers(univ.SetOf):
pass
DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier()
class SignedData(univ.Sequence):
pass
SignedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', CMSVersion()),
namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
namedtype.OptionalNamedType('certificates', CertificateSet().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('signerInfos', SignerInfos())
)
id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5)
class SigningTime(Time):
pass
id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2)
# CMS Content Type Map
_cmsContentTypesMapUpdate = {
id_ct_contentInfo: ContentInfo(),
id_data: univ.OctetString(),
id_signedData: SignedData(),
id_envelopedData: EnvelopedData(),
id_digestedData: DigestedData(),
id_encryptedData: EncryptedData(),
id_ct_authData: AuthenticatedData(),
}
cmsContentTypesMap.update(_cmsContentTypesMapUpdate)
# CMS Attribute Map
_cmsAttributesMapUpdate = {
id_contentType: ContentType(),
id_messageDigest: MessageDigest(),
id_signingTime: SigningTime(),
id_countersignature: Countersignature(),
}
cmsAttributesMap.update(_cmsAttributesMapUpdate)

70
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5697.py Normal file
View File

@@ -0,0 +1,70 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Other Certificates Extension
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5697.txt
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc4055
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
CertificateSerialNumber = rfc5280.CertificateSerialNumber
GeneralNames = rfc5280.GeneralNames
# Imports from RFC 4055
id_sha1 = rfc4055.id_sha1
# Imports from RFC 5055
# These are defined here because a module for RFC 5055 does not exist yet
class SCVPIssuerSerial(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', GeneralNames()),
namedtype.NamedType('serialNumber', CertificateSerialNumber())
)
sha1_alg_id = AlgorithmIdentifier()
sha1_alg_id['algorithm'] = id_sha1
class SCVPCertID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certHash', univ.OctetString()),
namedtype.NamedType('issuerSerial', SCVPIssuerSerial()),
namedtype.DefaultedNamedType('hashAlgorithm', sha1_alg_id)
)
# Other Certificates Extension
id_pe_otherCerts = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 1, 19,))
class OtherCertificates(univ.SequenceOf):
componentType = SCVPCertID()
# Update of certificate extension map in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_otherCerts: OtherCertificates(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

124
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5751.py Normal file
View File

@@ -0,0 +1,124 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# S/MIME Version 3.2 Message Specification
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5751.txt
from pyasn1.type import namedtype
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc8018
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
# Imports from RFC 5652 and RFC 8018
IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
RecipientKeyIdentifier = rfc5652.RecipientKeyIdentifier
SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier
rc2CBC = rfc8018.rc2CBC
# S/MIME Capabilities Attribute
smimeCapabilities = univ.ObjectIdentifier('1.2.840.113549.1.9.15')
smimeCapabilityMap = { }
class SMIMECapability(univ.Sequence):
pass
SMIMECapability.componentType = namedtype.NamedTypes(
namedtype.NamedType('capabilityID', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('parameters', univ.Any(),
openType=opentype.OpenType('capabilityID', smimeCapabilityMap))
)
class SMIMECapabilities(univ.SequenceOf):
pass
SMIMECapabilities.componentType = SMIMECapability()
class SMIMECapabilitiesParametersForRC2CBC(univ.Integer):
# which carries the RC2 Key Length (number of bits)
pass
# S/MIME Encryption Key Preference Attribute
id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16')
id_aa = _OID(id_smime, 2)
id_aa_encrypKeyPref = _OID(id_aa, 11)
class SMIMEEncryptionKeyPreference(univ.Choice):
pass
SMIMEEncryptionKeyPreference.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerAndSerialNumber',
IssuerAndSerialNumber().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('receipentKeyId',
# Yes, 'receipentKeyId' is spelled incorrectly, but kept
# this way for alignment with the ASN.1 module in the RFC.
RecipientKeyIdentifier().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('subjectAltKeyIdentifier',
SubjectKeyIdentifier().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
# The Prefer Binary Inside SMIMECapabilities attribute
id_cap = _OID(id_smime, 11)
id_cap_preferBinaryInside = _OID(id_cap, 1)
# CMS Attribute Map
_cmsAttributesMapUpdate = {
smimeCapabilities: SMIMECapabilities(),
id_aa_encrypKeyPref: SMIMEEncryptionKeyPreference(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# SMIMECapabilities Attribute Map
#
# Do not include OIDs in the dictionary when the parameters are absent.
_smimeCapabilityMapUpdate = {
rc2CBC: SMIMECapabilitiesParametersForRC2CBC(),
}
smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

49
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5752.py Normal file
View File

@@ -0,0 +1,49 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Multiple Signatures in Cryptographic Message Syntax (CMS)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5752.txt
# https://www.rfc-editor.org/errata/eid4444
#
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5035
from pyasn1_modules import rfc5652
class SignAttrsHash(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('algID', rfc5652.DigestAlgorithmIdentifier()),
namedtype.NamedType('hash', univ.OctetString())
)
class MultipleSignatures(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyHashAlg', rfc5652.DigestAlgorithmIdentifier()),
namedtype.NamedType('signAlg', rfc5652.SignatureAlgorithmIdentifier()),
namedtype.NamedType('signAttrsHash', SignAttrsHash()),
namedtype.OptionalNamedType('cert', rfc5035.ESSCertIDv2())
)
id_aa_multipleSignatures = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.51')
# Map of Attribute Type OIDs to Attributes added to the
# ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_multipleSignatures: MultipleSignatures(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)

157
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5753.py Normal file
View File

@@ -0,0 +1,157 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Elliptic Curve Cryptography (ECC) Algorithms in the CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5753.txt
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5480
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5751
from pyasn1_modules import rfc8018
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
# Imports from RFC 5652
OriginatorPublicKey = rfc5652.OriginatorPublicKey
UserKeyingMaterial = rfc5652.UserKeyingMaterial
# Imports from RFC 5480
ECDSA_Sig_Value = rfc5480.ECDSA_Sig_Value
ECParameters = rfc5480.ECParameters
ECPoint = rfc5480.ECPoint
id_ecPublicKey = rfc5480.id_ecPublicKey
# Imports from RFC 8018
id_hmacWithSHA224 = rfc8018.id_hmacWithSHA224
id_hmacWithSHA256 = rfc8018.id_hmacWithSHA256
id_hmacWithSHA384 = rfc8018.id_hmacWithSHA384
id_hmacWithSHA512 = rfc8018.id_hmacWithSHA512
# Object Identifier arcs
x9_63_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0')
secg_scheme = univ.ObjectIdentifier('1.3.132.1')
# Object Identifiers for the algorithms
dhSinglePass_cofactorDH_sha1kdf_scheme = x9_63_scheme + (3, )
dhSinglePass_cofactorDH_sha224kdf_scheme = secg_scheme + (14, 0, )
dhSinglePass_cofactorDH_sha256kdf_scheme = secg_scheme + (14, 1, )
dhSinglePass_cofactorDH_sha384kdf_scheme = secg_scheme + (14, 2, )
dhSinglePass_cofactorDH_sha512kdf_scheme = secg_scheme + (14, 3, )
dhSinglePass_stdDH_sha1kdf_scheme = x9_63_scheme + (2, )
dhSinglePass_stdDH_sha224kdf_scheme = secg_scheme + (11, 0, )
dhSinglePass_stdDH_sha256kdf_scheme = secg_scheme + (11, 1, )
dhSinglePass_stdDH_sha384kdf_scheme = secg_scheme + (11, 2, )
dhSinglePass_stdDH_sha512kdf_scheme = secg_scheme + (11, 3, )
mqvSinglePass_sha1kdf_scheme = x9_63_scheme + (16, )
mqvSinglePass_sha224kdf_scheme = secg_scheme + (15, 0, )
mqvSinglePass_sha256kdf_scheme = secg_scheme + (15, 1, )
mqvSinglePass_sha384kdf_scheme = secg_scheme + (15, 2, )
mqvSinglePass_sha512kdf_scheme = secg_scheme + (15, 3, )
# Structures for parameters and key derivation
class IV(univ.OctetString):
# Exactly 8 octets
pass
class CBCParameter(IV):
pass
class KeyWrapAlgorithm(AlgorithmIdentifier):
pass
class ECC_CMS_SharedInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('keyInfo', KeyWrapAlgorithm()),
namedtype.OptionalNamedType('entityUInfo',
univ.OctetString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('suppPubInfo',
univ.OctetString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class MQVuserKeyingMaterial(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('ephemeralPublicKey', OriginatorPublicKey()),
namedtype.OptionalNamedType('addedukm',
UserKeyingMaterial().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)))
)
# Update the Algorithm Identifier map in rfc5280.py and
# Update the SMIMECapabilities Attribute Map in rfc5751.py
_algorithmIdentifierMapUpdate = {
dhSinglePass_stdDH_sha1kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_stdDH_sha224kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_stdDH_sha256kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_stdDH_sha384kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_stdDH_sha512kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_cofactorDH_sha1kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_cofactorDH_sha224kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_cofactorDH_sha256kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_cofactorDH_sha384kdf_scheme: KeyWrapAlgorithm(),
dhSinglePass_cofactorDH_sha512kdf_scheme: KeyWrapAlgorithm(),
mqvSinglePass_sha1kdf_scheme: KeyWrapAlgorithm(),
mqvSinglePass_sha224kdf_scheme: KeyWrapAlgorithm(),
mqvSinglePass_sha256kdf_scheme: KeyWrapAlgorithm(),
mqvSinglePass_sha384kdf_scheme: KeyWrapAlgorithm(),
mqvSinglePass_sha512kdf_scheme: KeyWrapAlgorithm(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
rfc5751.smimeCapabilityMap.update(_algorithmIdentifierMapUpdate)

398
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5755.py Normal file
View File

@@ -0,0 +1,398 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# An Internet Attribute Certificate Profile for Authorization
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5755.txt
# https://www.rfc-editor.org/rfc/rfc5912.txt (see Section 13)
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
MAX = float('inf')
# Map for Security Category type to value
securityCategoryMap = { }
# Imports from RFC 5652
ContentInfo = rfc5652.ContentInfo
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
Attribute = rfc5280.Attribute
AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax
AuthorityKeyIdentifier = rfc5280.AuthorityKeyIdentifier
CertificateSerialNumber = rfc5280.CertificateSerialNumber
CRLDistributionPoints = rfc5280.CRLDistributionPoints
Extensions = rfc5280.Extensions
Extension = rfc5280.Extension
GeneralNames = rfc5280.GeneralNames
GeneralName = rfc5280.GeneralName
UniqueIdentifier = rfc5280.UniqueIdentifier
# Object Identifier arcs
id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, ))
id_pe = id_pkix + (1, )
id_kp = id_pkix + (3, )
id_aca = id_pkix + (10, )
id_ad = id_pkix + (48, )
id_at = univ.ObjectIdentifier((2, 5, 4, ))
id_ce = univ.ObjectIdentifier((2, 5, 29, ))
# Attribute Certificate
class AttCertVersion(univ.Integer):
namedValues = namedval.NamedValues(
('v2', 1)
)
class IssuerSerial(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', GeneralNames()),
namedtype.NamedType('serial', CertificateSerialNumber()),
namedtype.OptionalNamedType('issuerUID', UniqueIdentifier())
)
class ObjectDigestInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('digestedObjectType',
univ.Enumerated(namedValues=namedval.NamedValues(
('publicKey', 0),
('publicKeyCert', 1),
('otherObjectTypes', 2)))),
namedtype.OptionalNamedType('otherObjectTypeID',
univ.ObjectIdentifier()),
namedtype.NamedType('digestAlgorithm',
AlgorithmIdentifier()),
namedtype.NamedType('objectDigest',
univ.BitString())
)
class Holder(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('baseCertificateID',
IssuerSerial().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('entityName',
GeneralNames().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('objectDigestInfo',
ObjectDigestInfo().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class V2Form(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('issuerName',
GeneralNames()),
namedtype.OptionalNamedType('baseCertificateID',
IssuerSerial().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('objectDigestInfo',
ObjectDigestInfo().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class AttCertIssuer(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('v1Form', GeneralNames()),
namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 0)))
)
class AttCertValidityPeriod(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()),
namedtype.NamedType('notAfterTime', useful.GeneralizedTime())
)
class AttributeCertificateInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version',
AttCertVersion()),
namedtype.NamedType('holder',
Holder()),
namedtype.NamedType('issuer',
AttCertIssuer()),
namedtype.NamedType('signature',
AlgorithmIdentifier()),
namedtype.NamedType('serialNumber',
CertificateSerialNumber()),
namedtype.NamedType('attrCertValidityPeriod',
AttCertValidityPeriod()),
namedtype.NamedType('attributes',
univ.SequenceOf(componentType=Attribute())),
namedtype.OptionalNamedType('issuerUniqueID',
UniqueIdentifier()),
namedtype.OptionalNamedType('extensions',
Extensions())
)
class AttributeCertificate(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('acinfo', AttributeCertificateInfo()),
namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('signatureValue', univ.BitString())
)
# Attribute Certificate Extensions
id_pe_ac_auditIdentity = id_pe + (4, )
id_ce_noRevAvail = id_ce + (56, )
id_ce_targetInformation = id_ce + (55, )
class TargetCert(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('targetCertificate', IssuerSerial()),
namedtype.OptionalNamedType('targetName', GeneralName()),
namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo())
)
class Target(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('targetName',
GeneralName().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('targetGroup',
GeneralName().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('targetCert',
TargetCert().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
class Targets(univ.SequenceOf):
componentType = Target()
id_pe_ac_proxying = id_pe + (10, )
class ProxyInfo(univ.SequenceOf):
componentType = Targets()
id_pe_aaControls = id_pe + (6, )
class AttrSpec(univ.SequenceOf):
componentType = univ.ObjectIdentifier()
class AAControls(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pathLenConstraint',
univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.OptionalNamedType('permittedAttrs',
AttrSpec().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('excludedAttrs',
AttrSpec().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.DefaultedNamedType('permitUnSpecified',
univ.Boolean().subtype(value=1))
)
# Attribute Certificate Attributes
id_aca_authenticationInfo = id_aca + (1, )
id_aca_accessIdentity = id_aca + (2, )
class SvceAuthInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('service', GeneralName()),
namedtype.NamedType('ident', GeneralName()),
namedtype.OptionalNamedType('authInfo', univ.OctetString())
)
id_aca_chargingIdentity = id_aca + (3, )
id_aca_group = id_aca + (4, )
class IetfAttrSyntax(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('policyAuthority',
GeneralNames().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('values', univ.SequenceOf(
componentType=univ.Choice(componentType=namedtype.NamedTypes(
namedtype.NamedType('octets', univ.OctetString()),
namedtype.NamedType('oid', univ.ObjectIdentifier()),
namedtype.NamedType('string', char.UTF8String())
))
))
)
id_at_role = id_at + (72,)
class RoleSyntax(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('roleAuthority',
GeneralNames().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('roleName',
GeneralName().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class ClassList(univ.BitString):
namedValues = namedval.NamedValues(
('unmarked', 0),
('unclassified', 1),
('restricted', 2),
('confidential', 3),
('secret', 4),
('topSecret', 5)
)
class SecurityCategory(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('type',
univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('value',
univ.Any().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)),
openType=opentype.OpenType('type', securityCategoryMap))
)
id_at_clearance = univ.ObjectIdentifier((2, 5, 4, 55, ))
class Clearance(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('policyId',
univ.ObjectIdentifier()),
namedtype.DefaultedNamedType('classList',
ClassList().subtype(value='unclassified')),
namedtype.OptionalNamedType('securityCategories',
univ.SetOf(componentType=SecurityCategory()))
)
id_at_clearance_rfc3281 = univ.ObjectIdentifier((2, 5, 1, 5, 55, ))
class Clearance_rfc3281(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('policyId',
univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.DefaultedNamedType('classList',
ClassList().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(
value='unclassified')),
namedtype.OptionalNamedType('securityCategories',
univ.SetOf(componentType=SecurityCategory()).subtype(
implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
id_aca_encAttrs = id_aca + (6, )
class ACClearAttrs(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('acIssuer', GeneralName()),
namedtype.NamedType('acSerial', univ.Integer()),
namedtype.NamedType('attrs', univ.SequenceOf(componentType=Attribute()))
)
# Map of Certificate Extension OIDs to Extensions added to the
# ones that are in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_ac_auditIdentity: univ.OctetString(),
id_ce_noRevAvail: univ.Null(),
id_ce_targetInformation: Targets(),
id_pe_ac_proxying: ProxyInfo(),
id_pe_aaControls: AAControls(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)
# Map of AttributeType OIDs to AttributeValue added to the
# ones that are in rfc5280.py
_certificateAttributesMapUpdate = {
id_aca_authenticationInfo: SvceAuthInfo(),
id_aca_accessIdentity: SvceAuthInfo(),
id_aca_chargingIdentity: IetfAttrSyntax(),
id_aca_group: IetfAttrSyntax(),
id_at_role: RoleSyntax(),
id_at_clearance: Clearance(),
id_at_clearance_rfc3281: Clearance_rfc3281(),
id_aca_encAttrs: ContentInfo(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)

44
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5913.py Normal file
View File

@@ -0,0 +1,44 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Authority Clearance Constraints Certificate Extension
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5913.txt
# https://www.rfc-editor.org/errata/eid5890
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5755
MAX = float('inf')
# Authority Clearance Constraints Certificate Extension
id_pe_clearanceConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.21')
id_pe_authorityClearanceConstraints = id_pe_clearanceConstraints
class AuthorityClearanceConstraints(univ.SequenceOf):
componentType = rfc5755.Clearance()
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
# Map of Certificate Extension OIDs to Extensions added to the
# ones that are in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_clearanceConstraints: AuthorityClearanceConstraints(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

119
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5914.py Normal file
View File

@@ -0,0 +1,119 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Trust Anchor Format
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5914.txt
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
Certificate = rfc5280.Certificate
Name = rfc5280.Name
Extensions = rfc5280.Extensions
SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
TBSCertificate = rfc5280.TBSCertificate
CertificatePolicies = rfc5280.CertificatePolicies
KeyIdentifier = rfc5280.KeyIdentifier
NameConstraints = rfc5280.NameConstraints
class CertPolicyFlags(univ.BitString):
pass
CertPolicyFlags.namedValues = namedval.NamedValues(
('inhibitPolicyMapping', 0),
('requireExplicitPolicy', 1),
('inhibitAnyPolicy', 2)
)
class CertPathControls(univ.Sequence):
pass
CertPathControls.componentType = namedtype.NamedTypes(
namedtype.NamedType('taName', Name()),
namedtype.OptionalNamedType('certificate', Certificate().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('policySet', CertificatePolicies().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('policyFlags', CertPolicyFlags().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('nameConstr', NameConstraints().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
)
class TrustAnchorTitle(char.UTF8String):
pass
TrustAnchorTitle.subtypeSpec = constraint.ValueSizeConstraint(1, 64)
class TrustAnchorInfoVersion(univ.Integer):
pass
TrustAnchorInfoVersion.namedValues = namedval.NamedValues(
('v1', 1)
)
class TrustAnchorInfo(univ.Sequence):
pass
TrustAnchorInfo.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', TrustAnchorInfoVersion().subtype(value='v1')),
namedtype.NamedType('pubKey', SubjectPublicKeyInfo()),
namedtype.NamedType('keyId', KeyIdentifier()),
namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()),
namedtype.OptionalNamedType('certPath', CertPathControls()),
namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('taTitleLangTag', char.UTF8String().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class TrustAnchorChoice(univ.Choice):
pass
TrustAnchorChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('certificate', Certificate()),
namedtype.NamedType('tbsCert', TBSCertificate().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('taInfo', TrustAnchorInfo().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
id_ct_trustAnchorList = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.34')
class TrustAnchorList(univ.SequenceOf):
pass
TrustAnchorList.componentType = TrustAnchorChoice()
TrustAnchorList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)

32
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5915.py Normal file
View File

@@ -0,0 +1,32 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Elliptic Curve Private Key
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5915.txt
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5480
class ECPrivateKey(univ.Sequence):
pass
ECPrivateKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer(
namedValues=namedval.NamedValues(('ecPrivkeyVer1', 1)))),
namedtype.NamedType('privateKey', univ.OctetString()),
namedtype.OptionalNamedType('parameters', rfc5480.ECParameters().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('publicKey', univ.BitString().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)

35
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5916.py Normal file
View File

@@ -0,0 +1,35 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Device Owner Attribute
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5916.txt
#
from pyasn1.type import univ
from pyasn1_modules import rfc5280
# Device Owner Attribute
id_deviceOwner = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 69))
at_deviceOwner = rfc5280.Attribute()
at_deviceOwner['type'] = id_deviceOwner
at_deviceOwner['values'][0] = univ.ObjectIdentifier()
# Add to the map of Attribute Type OIDs to Attributes in rfc5280.py.
_certificateAttributesMapUpdate = {
id_deviceOwner: univ.ObjectIdentifier(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)

55
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5917.py Normal file
View File

@@ -0,0 +1,55 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Clearance Sponsor Attribute
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5917.txt
# https://www.rfc-editor.org/errata/eid4558
# https://www.rfc-editor.org/errata/eid5883
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
# DirectoryString is the same as RFC 5280, except for two things:
# 1. the length is limited to 64;
# 2. only the 'utf8String' choice remains because the ASN.1
# specification says: ( WITH COMPONENTS { utf8String PRESENT } )
class DirectoryString(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('utf8String', char.UTF8String().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, 64))),
)
# Clearance Sponsor Attribute
id_clearanceSponsor = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 68))
ub_clearance_sponsor = univ.Integer(64)
at_clearanceSponsor = rfc5280.Attribute()
at_clearanceSponsor['type'] = id_clearanceSponsor
at_clearanceSponsor['values'][0] = DirectoryString()
# Add to the map of Attribute Type OIDs to Attributes in rfc5280.py.
_certificateAttributesMapUpdate = {
id_clearanceSponsor: DirectoryString(),
}
rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)

19
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5924.py Normal file
View File

@@ -0,0 +1,19 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Extended Key Usage (EKU) for Session Initiation Protocol (SIP)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5924.txt
#
from pyasn1.type import univ
id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3')
id_kp_sipDomain = id_kp + (20, )

786
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5934.py Normal file
View File

@@ -0,0 +1,786 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Trust Anchor Format
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5934.txt
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc2985
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5914
MAX = float('inf')
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
# Imports from RFC 2985
SingleAttribute = rfc2985.SingleAttribute
# Imports from RFC5914
CertPathControls = rfc5914.CertPathControls
TrustAnchorChoice = rfc5914.TrustAnchorChoice
TrustAnchorTitle = rfc5914.TrustAnchorTitle
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
AnotherName = rfc5280.AnotherName
Attribute = rfc5280.Attribute
Certificate = rfc5280.Certificate
CertificateSerialNumber = rfc5280.CertificateSerialNumber
Extension = rfc5280.Extension
Extensions = rfc5280.Extensions
KeyIdentifier = rfc5280.KeyIdentifier
Name = rfc5280.Name
SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
TBSCertificate = rfc5280.TBSCertificate
Validity = rfc5280.Validity
# Object Identifier Arc for TAMP Message Content Types
id_tamp = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.77')
# TAMP Status Query Message
id_ct_TAMP_statusQuery = _OID(id_tamp, 1)
class TAMPVersion(univ.Integer):
pass
TAMPVersion.namedValues = namedval.NamedValues(
('v1', 1),
('v2', 2)
)
class TerseOrVerbose(univ.Enumerated):
pass
TerseOrVerbose.namedValues = namedval.NamedValues(
('terse', 1),
('verbose', 2)
)
class HardwareSerialEntry(univ.Choice):
pass
HardwareSerialEntry.componentType = namedtype.NamedTypes(
namedtype.NamedType('all', univ.Null()),
namedtype.NamedType('single', univ.OctetString()),
namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes(
namedtype.NamedType('low', univ.OctetString()),
namedtype.NamedType('high', univ.OctetString())
))
)
)
class HardwareModules(univ.Sequence):
pass
HardwareModules.componentType = namedtype.NamedTypes(
namedtype.NamedType('hwType', univ.ObjectIdentifier()),
namedtype.NamedType('hwSerialEntries', univ.SequenceOf(
componentType=HardwareSerialEntry()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class HardwareModuleIdentifierList(univ.SequenceOf):
pass
HardwareModuleIdentifierList.componentType = HardwareModules()
HardwareModuleIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class Community(univ.ObjectIdentifier):
pass
class CommunityIdentifierList(univ.SequenceOf):
pass
CommunityIdentifierList.componentType = Community()
CommunityIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(0, MAX)
class TargetIdentifier(univ.Choice):
pass
TargetIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('hwModules', HardwareModuleIdentifierList().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('communities', CommunityIdentifierList().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('allModules', univ.Null().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.NamedType('uri', char.IA5String().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.NamedType('otherName', AnotherName().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)))
)
class SeqNumber(univ.Integer):
pass
SeqNumber.subtypeSpec = constraint.ValueRangeConstraint(0, 9223372036854775807)
class TAMPMsgRef(univ.Sequence):
pass
TAMPMsgRef.componentType = namedtype.NamedTypes(
namedtype.NamedType('target', TargetIdentifier()),
namedtype.NamedType('seqNum', SeqNumber())
)
class TAMPStatusQuery(univ.Sequence):
pass
TAMPStatusQuery.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', TAMPVersion().subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)).subtype(value='verbose')),
namedtype.NamedType('query', TAMPMsgRef())
)
tamp_status_query = rfc5652.ContentInfo()
tamp_status_query['contentType'] = id_ct_TAMP_statusQuery
tamp_status_query['content'] = TAMPStatusQuery()
# TAMP Status Response Message
id_ct_TAMP_statusResponse = _OID(id_tamp, 2)
class KeyIdentifiers(univ.SequenceOf):
pass
KeyIdentifiers.componentType = KeyIdentifier()
KeyIdentifiers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class TrustAnchorChoiceList(univ.SequenceOf):
pass
TrustAnchorChoiceList.componentType = TrustAnchorChoice()
TrustAnchorChoiceList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class TAMPSequenceNumber(univ.Sequence):
pass
TAMPSequenceNumber.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyId', KeyIdentifier()),
namedtype.NamedType('seqNumber', SeqNumber())
)
class TAMPSequenceNumbers(univ.SequenceOf):
pass
TAMPSequenceNumbers.componentType = TAMPSequenceNumber()
TAMPSequenceNumbers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class TerseStatusResponse(univ.Sequence):
pass
TerseStatusResponse.componentType = namedtype.NamedTypes(
namedtype.NamedType('taKeyIds', KeyIdentifiers()),
namedtype.OptionalNamedType('communities', CommunityIdentifierList())
)
class VerboseStatusResponse(univ.Sequence):
pass
VerboseStatusResponse.componentType = namedtype.NamedTypes(
namedtype.NamedType('taInfo', TrustAnchorChoiceList()),
namedtype.OptionalNamedType('continPubKeyDecryptAlg',
AlgorithmIdentifier().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('communities',
CommunityIdentifierList().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('tampSeqNumbers',
TAMPSequenceNumbers().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class StatusResponse(univ.Choice):
pass
StatusResponse.componentType = namedtype.NamedTypes(
namedtype.NamedType('terseResponse', TerseStatusResponse().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('verboseResponse', VerboseStatusResponse().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class TAMPStatusResponse(univ.Sequence):
pass
TAMPStatusResponse.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', TAMPVersion().subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('query', TAMPMsgRef()),
namedtype.NamedType('response', StatusResponse()),
namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1))
)
tamp_status_response = rfc5652.ContentInfo()
tamp_status_response['contentType'] = id_ct_TAMP_statusResponse
tamp_status_response['content'] = TAMPStatusResponse()
# Trust Anchor Update Message
id_ct_TAMP_update = _OID(id_tamp, 3)
class TBSCertificateChangeInfo(univ.Sequence):
pass
TBSCertificateChangeInfo.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('serialNumber', CertificateSerialNumber()),
namedtype.OptionalNamedType('signature', AlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('validity', Validity().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 5)))
)
class TrustAnchorChangeInfo(univ.Sequence):
pass
TrustAnchorChangeInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('pubKey', SubjectPublicKeyInfo()),
namedtype.OptionalNamedType('keyId', KeyIdentifier()),
namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()),
namedtype.OptionalNamedType('certPath', CertPathControls()),
namedtype.OptionalNamedType('exts', Extensions().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class TrustAnchorChangeInfoChoice(univ.Choice):
pass
TrustAnchorChangeInfoChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsCertChange', TBSCertificateChangeInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('taChange', TrustAnchorChangeInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class TrustAnchorUpdate(univ.Choice):
pass
TrustAnchorUpdate.componentType = namedtype.NamedTypes(
namedtype.NamedType('add', TrustAnchorChoice().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('remove', SubjectPublicKeyInfo().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.NamedType('change', TrustAnchorChangeInfoChoice().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
)
class TAMPUpdate(univ.Sequence):
pass
TAMPUpdate.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.DefaultedNamedType('terse',
TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)).subtype(value='verbose')),
namedtype.NamedType('msgRef', TAMPMsgRef()),
namedtype.NamedType('updates',
univ.SequenceOf(componentType=TrustAnchorUpdate()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
namedtype.OptionalNamedType('tampSeqNumbers',
TAMPSequenceNumbers().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2)))
)
tamp_update = rfc5652.ContentInfo()
tamp_update['contentType'] = id_ct_TAMP_update
tamp_update['content'] = TAMPUpdate()
# Trust Anchor Update Confirm Message
id_ct_TAMP_updateConfirm = _OID(id_tamp, 4)
class StatusCode(univ.Enumerated):
pass
StatusCode.namedValues = namedval.NamedValues(
('success', 0),
('decodeFailure', 1),
('badContentInfo', 2),
('badSignedData', 3),
('badEncapContent', 4),
('badCertificate', 5),
('badSignerInfo', 6),
('badSignedAttrs', 7),
('badUnsignedAttrs', 8),
('missingContent', 9),
('noTrustAnchor', 10),
('notAuthorized', 11),
('badDigestAlgorithm', 12),
('badSignatureAlgorithm', 13),
('unsupportedKeySize', 14),
('unsupportedParameters', 15),
('signatureFailure', 16),
('insufficientMemory', 17),
('unsupportedTAMPMsgType', 18),
('apexTAMPAnchor', 19),
('improperTAAddition', 20),
('seqNumFailure', 21),
('contingencyPublicKeyDecrypt', 22),
('incorrectTarget', 23),
('communityUpdateFailed', 24),
('trustAnchorNotFound', 25),
('unsupportedTAAlgorithm', 26),
('unsupportedTAKeySize', 27),
('unsupportedContinPubKeyDecryptAlg', 28),
('missingSignature', 29),
('resourcesBusy', 30),
('versionNumberMismatch', 31),
('missingPolicySet', 32),
('revokedCertificate', 33),
('unsupportedTrustAnchorFormat', 34),
('improperTAChange', 35),
('malformed', 36),
('cmsError', 37),
('unsupportedTargetIdentifier', 38),
('other', 127)
)
class StatusCodeList(univ.SequenceOf):
pass
StatusCodeList.componentType = StatusCode()
StatusCodeList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class TerseUpdateConfirm(StatusCodeList):
pass
class VerboseUpdateConfirm(univ.Sequence):
pass
VerboseUpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.NamedType('status', StatusCodeList()),
namedtype.NamedType('taInfo', TrustAnchorChoiceList()),
namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers()),
namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1))
)
class UpdateConfirm(univ.Choice):
pass
UpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.NamedType('terseConfirm', TerseUpdateConfirm().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('verboseConfirm', VerboseUpdateConfirm().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class TAMPUpdateConfirm(univ.Sequence):
pass
TAMPUpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', TAMPVersion().subtype(
implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('update', TAMPMsgRef()),
namedtype.NamedType('confirm', UpdateConfirm())
)
tamp_update_confirm = rfc5652.ContentInfo()
tamp_update_confirm['contentType'] = id_ct_TAMP_updateConfirm
tamp_update_confirm['content'] = TAMPUpdateConfirm()
# Apex Trust Anchor Update Message
id_ct_TAMP_apexUpdate = _OID(id_tamp, 5)
class TAMPApexUpdate(univ.Sequence):
pass
TAMPApexUpdate.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.DefaultedNamedType('terse',
TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)).subtype(value='verbose')),
namedtype.NamedType('msgRef', TAMPMsgRef()),
namedtype.NamedType('clearTrustAnchors', univ.Boolean()),
namedtype.NamedType('clearCommunities', univ.Boolean()),
namedtype.OptionalNamedType('seqNumber', SeqNumber()),
namedtype.NamedType('apexTA', TrustAnchorChoice())
)
tamp_apex_update = rfc5652.ContentInfo()
tamp_apex_update['contentType'] = id_ct_TAMP_apexUpdate
tamp_apex_update['content'] = TAMPApexUpdate()
# Apex Trust Anchor Update Confirm Message
id_ct_TAMP_apexUpdateConfirm = _OID(id_tamp, 6)
class TerseApexUpdateConfirm(StatusCode):
pass
class VerboseApexUpdateConfirm(univ.Sequence):
pass
VerboseApexUpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.NamedType('status', StatusCode()),
namedtype.NamedType('taInfo', TrustAnchorChoiceList()),
namedtype.OptionalNamedType('communities',
CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('tampSeqNumbers',
TAMPSequenceNumbers().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)))
)
class ApexUpdateConfirm(univ.Choice):
pass
ApexUpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.NamedType('terseApexConfirm',
TerseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0))),
namedtype.NamedType('verboseApexConfirm',
VerboseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1)))
)
class TAMPApexUpdateConfirm(univ.Sequence):
pass
TAMPApexUpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('apexReplace', TAMPMsgRef()),
namedtype.NamedType('apexConfirm', ApexUpdateConfirm())
)
tamp_apex_update_confirm = rfc5652.ContentInfo()
tamp_apex_update_confirm['contentType'] = id_ct_TAMP_apexUpdateConfirm
tamp_apex_update_confirm['content'] = TAMPApexUpdateConfirm()
# Community Update Message
id_ct_TAMP_communityUpdate = _OID(id_tamp, 7)
class CommunityUpdates(univ.Sequence):
pass
CommunityUpdates.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('remove',
CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('add',
CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 2)))
)
class TAMPCommunityUpdate(univ.Sequence):
pass
TAMPCommunityUpdate.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.DefaultedNamedType('terse',
TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 1)).subtype(value='verbose')),
namedtype.NamedType('msgRef', TAMPMsgRef()),
namedtype.NamedType('updates', CommunityUpdates())
)
tamp_community_update = rfc5652.ContentInfo()
tamp_community_update['contentType'] = id_ct_TAMP_communityUpdate
tamp_community_update['content'] = TAMPCommunityUpdate()
# Community Update Confirm Message
id_ct_TAMP_communityUpdateConfirm = _OID(id_tamp, 8)
class TerseCommunityConfirm(StatusCode):
pass
class VerboseCommunityConfirm(univ.Sequence):
pass
VerboseCommunityConfirm.componentType = namedtype.NamedTypes(
namedtype.NamedType('status', StatusCode()),
namedtype.OptionalNamedType('communities', CommunityIdentifierList())
)
class CommunityConfirm(univ.Choice):
pass
CommunityConfirm.componentType = namedtype.NamedTypes(
namedtype.NamedType('terseCommConfirm',
TerseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0))),
namedtype.NamedType('verboseCommConfirm',
VerboseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1)))
)
class TAMPCommunityUpdateConfirm(univ.Sequence):
pass
TAMPCommunityUpdateConfirm.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('update', TAMPMsgRef()),
namedtype.NamedType('commConfirm', CommunityConfirm())
)
tamp_community_update_confirm = rfc5652.ContentInfo()
tamp_community_update_confirm['contentType'] = id_ct_TAMP_communityUpdateConfirm
tamp_community_update_confirm['content'] = TAMPCommunityUpdateConfirm()
# Sequence Number Adjust Message
id_ct_TAMP_seqNumAdjust = _OID(id_tamp, 10)
class SequenceNumberAdjust(univ.Sequence):
pass
SequenceNumberAdjust.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('msgRef', TAMPMsgRef())
)
tamp_sequence_number_adjust = rfc5652.ContentInfo()
tamp_sequence_number_adjust['contentType'] = id_ct_TAMP_seqNumAdjust
tamp_sequence_number_adjust['content'] = SequenceNumberAdjust()
# Sequence Number Adjust Confirm Message
id_ct_TAMP_seqNumAdjustConfirm = _OID(id_tamp, 11)
class SequenceNumberAdjustConfirm(univ.Sequence):
pass
SequenceNumberAdjustConfirm.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('adjust', TAMPMsgRef()),
namedtype.NamedType('status', StatusCode())
)
tamp_sequence_number_adjust_confirm = rfc5652.ContentInfo()
tamp_sequence_number_adjust_confirm['contentType'] = id_ct_TAMP_seqNumAdjustConfirm
tamp_sequence_number_adjust_confirm['content'] = SequenceNumberAdjustConfirm()
# TAMP Error Message
id_ct_TAMP_error = _OID(id_tamp, 9)
class TAMPError(univ.Sequence):
pass
TAMPError.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatSimple, 0)).subtype(value='v2')),
namedtype.NamedType('msgType', univ.ObjectIdentifier()),
namedtype.NamedType('status', StatusCode()),
namedtype.OptionalNamedType('msgRef', TAMPMsgRef())
)
tamp_error = rfc5652.ContentInfo()
tamp_error['contentType'] = id_ct_TAMP_error
tamp_error['content'] = TAMPError()
# Object Identifier Arc for Attributes
id_attributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.5')
# contingency-public-key-decrypt-key unsigned attribute
id_aa_TAMP_contingencyPublicKeyDecryptKey = _OID(id_attributes, 63)
class PlaintextSymmetricKey(univ.OctetString):
pass
contingency_public_key_decrypt_key = Attribute()
contingency_public_key_decrypt_key['type'] = id_aa_TAMP_contingencyPublicKeyDecryptKey
contingency_public_key_decrypt_key['values'][0] = PlaintextSymmetricKey()
# id-pe-wrappedApexContinKey extension
id_pe_wrappedApexContinKey =univ.ObjectIdentifier('1.3.6.1.5.5.7.1.20')
class ApexContingencyKey(univ.Sequence):
pass
ApexContingencyKey.componentType = namedtype.NamedTypes(
namedtype.NamedType('wrapAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('wrappedContinPubKey', univ.OctetString())
)
wrappedApexContinKey = Extension()
wrappedApexContinKey['extnID'] = id_pe_wrappedApexContinKey
wrappedApexContinKey['critical'] = 0
wrappedApexContinKey['extnValue'] = univ.OctetString()
# Add to the map of CMS Content Type OIDs to Content Types in
# rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_TAMP_statusQuery: TAMPStatusQuery(),
id_ct_TAMP_statusResponse: TAMPStatusResponse(),
id_ct_TAMP_update: TAMPUpdate(),
id_ct_TAMP_updateConfirm: TAMPUpdateConfirm(),
id_ct_TAMP_apexUpdate: TAMPApexUpdate(),
id_ct_TAMP_apexUpdateConfirm: TAMPApexUpdateConfirm(),
id_ct_TAMP_communityUpdate: TAMPCommunityUpdate(),
id_ct_TAMP_communityUpdateConfirm: TAMPCommunityUpdateConfirm(),
id_ct_TAMP_seqNumAdjust: SequenceNumberAdjust(),
id_ct_TAMP_seqNumAdjustConfirm: SequenceNumberAdjustConfirm(),
id_ct_TAMP_error: TAMPError(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)
# Add to the map of CMS Attribute OIDs to Attribute Values in
# rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_TAMP_contingencyPublicKeyDecryptKey: PlaintextSymmetricKey(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# Add to the map of Certificate Extension OIDs to Extensions in
# rfc5280.py
_certificateExtensionsMap = {
id_pe_wrappedApexContinKey: ApexContingencyKey(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap)

59
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5940.py Normal file
View File

@@ -0,0 +1,59 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Additional CMS Revocation Information Choices
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5940.txt
#
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc2560
from pyasn1_modules import rfc5652
# RevocationInfoChoice for OCSP response:
# The OID is included in otherRevInfoFormat, and
# signed OCSPResponse is included in otherRevInfo
id_ri_ocsp_response = univ.ObjectIdentifier('1.3.6.1.5.5.7.16.2')
OCSPResponse = rfc2560.OCSPResponse
# RevocationInfoChoice for SCVP request/response:
# The OID is included in otherRevInfoFormat, and
# SCVPReqRes is included in otherRevInfo
id_ri_scvp = univ.ObjectIdentifier('1.3.6.1.5.5.7.16.4')
ContentInfo = rfc5652.ContentInfo
class SCVPReqRes(univ.Sequence):
pass
SCVPReqRes.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('request',
ContentInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('response', ContentInfo())
)
# Map of Revocation Info Format OIDs to Revocation Info Format
# is added to the ones that are in rfc5652.py
_otherRevInfoFormatMapUpdate = {
id_ri_ocsp_response: OCSPResponse(),
id_ri_scvp: SCVPReqRes(),
}
rfc5652.otherRevInfoFormatMap.update(_otherRevInfoFormatMapUpdate)

98
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5958.py Normal file
View File

@@ -0,0 +1,98 @@
#
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
# Modified by Russ Housley to add a map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Asymmetric Key Packages, which is essentially version 2 of
# the PrivateKeyInfo structure in PKCS#8 in RFC 5208
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5958.txt
from pyasn1.type import univ, constraint, namedtype, namedval, tag
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
MAX = float('inf')
class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class PrivateKeyAlgorithmIdentifier(rfc5280.AlgorithmIdentifier):
pass
class EncryptedData(univ.OctetString):
pass
class EncryptedPrivateKeyInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('encryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
namedtype.NamedType('encryptedData', EncryptedData())
)
class Version(univ.Integer):
namedValues = namedval.NamedValues(('v1', 0), ('v2', 1))
class PrivateKey(univ.OctetString):
pass
class Attributes(univ.SetOf):
componentType = rfc5652.Attribute()
class PublicKey(univ.BitString):
pass
# OneAsymmetricKey is essentially version 2 of PrivateKeyInfo.
# If publicKey is present, then the version must be v2;
# otherwise, the version should be v1.
class OneAsymmetricKey(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('version', Version()),
namedtype.NamedType('privateKeyAlgorithm', PrivateKeyAlgorithmIdentifier()),
namedtype.NamedType('privateKey', PrivateKey()),
namedtype.OptionalNamedType('attributes', Attributes().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('publicKey', PublicKey().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class PrivateKeyInfo(OneAsymmetricKey):
pass
# The CMS AsymmetricKeyPackage Content Type
id_ct_KP_aKeyPackage = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.5')
class AsymmetricKeyPackage(univ.SequenceOf):
pass
AsymmetricKeyPackage.componentType = OneAsymmetricKey()
AsymmetricKeyPackage.sizeSpec=constraint.ValueSizeConstraint(1, MAX)
# Map of Content Type OIDs to Content Types is added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_KP_aKeyPackage: AsymmetricKeyPackage(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

237
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc5990.py Normal file
View File

@@ -0,0 +1,237 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Use of the RSA-KEM Key Transport Algorithm in the CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc5990.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
# Useful types and definitions
class NullParms(univ.Null):
pass
# Object identifier arcs
is18033_2 = _OID(1, 0, 18033, 2)
nistAlgorithm = _OID(2, 16, 840, 1, 101, 3, 4)
pkcs_1 = _OID(1, 2, 840, 113549, 1, 1)
x9_44 = _OID(1, 3, 133, 16, 840, 9, 44)
x9_44_components = _OID(x9_44, 1)
# Types for algorithm identifiers
class Camellia_KeyWrappingScheme(AlgorithmIdentifier):
pass
class DataEncapsulationMechanism(AlgorithmIdentifier):
pass
class KDF2_HashFunction(AlgorithmIdentifier):
pass
class KDF3_HashFunction(AlgorithmIdentifier):
pass
class KeyDerivationFunction(AlgorithmIdentifier):
pass
class KeyEncapsulationMechanism(AlgorithmIdentifier):
pass
class X9_SymmetricKeyWrappingScheme(AlgorithmIdentifier):
pass
# RSA-KEM Key Transport Algorithm
***REMOVED***_kem = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 14)
class GenericHybridParameters(univ.Sequence):
pass
GenericHybridParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('kem', KeyEncapsulationMechanism()),
namedtype.NamedType('dem', DataEncapsulationMechanism())
)
rsa_kem = AlgorithmIdentifier()
rsa_kem['algorithm'] = ***REMOVED***_kem
rsa_kem['parameters'] = GenericHybridParameters()
# KEM-RSA Key Encapsulation Mechanism
id_kem_rsa = _OID(is18033_2, 2, 4)
class KeyLength(univ.Integer):
pass
KeyLength.subtypeSpec = constraint.ValueRangeConstraint(1, MAX)
class RsaKemParameters(univ.Sequence):
pass
RsaKemParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyDerivationFunction', KeyDerivationFunction()),
namedtype.NamedType('keyLength', KeyLength())
)
kem_rsa = AlgorithmIdentifier()
kem_rsa['algorithm'] = id_kem_rsa
kem_rsa['parameters'] = RsaKemParameters()
# Key Derivation Functions
id_kdf_kdf2 = _OID(x9_44_components, 1)
id_kdf_kdf3 = _OID(x9_44_components, 2)
kdf2 = AlgorithmIdentifier()
kdf2['algorithm'] = id_kdf_kdf2
kdf2['parameters'] = KDF2_HashFunction()
kdf3 = AlgorithmIdentifier()
kdf3['algorithm'] = id_kdf_kdf3
kdf3['parameters'] = KDF3_HashFunction()
# Hash Functions
id_sha1 = _OID(1, 3, 14, 3, 2, 26)
id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4)
id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1)
id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2)
id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3)
sha1 = AlgorithmIdentifier()
sha1['algorithm'] = id_sha1
sha1['parameters'] = univ.Null("")
sha224 = AlgorithmIdentifier()
sha224['algorithm'] = id_sha224
sha224['parameters'] = univ.Null("")
sha256 = AlgorithmIdentifier()
sha256['algorithm'] = id_sha256
sha256['parameters'] = univ.Null("")
sha384 = AlgorithmIdentifier()
sha384['algorithm'] = id_sha384
sha384['parameters'] = univ.Null("")
sha512 = AlgorithmIdentifier()
sha512['algorithm'] = id_sha512
sha512['parameters'] = univ.Null("")
# Symmetric Key-Wrapping Schemes
id_aes128_Wrap = _OID(nistAlgorithm, 1, 5)
id_aes192_Wrap = _OID(nistAlgorithm, 1, 25)
id_aes256_Wrap = _OID(nistAlgorithm, 1, 45)
id_alg_CMS3DESwrap = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 6)
id_camellia128_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 2)
id_camellia192_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 3)
id_camellia256_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 4)
aes128_Wrap = AlgorithmIdentifier()
aes128_Wrap['algorithm'] = id_aes128_Wrap
# aes128_Wrap['parameters'] are absent
aes192_Wrap = AlgorithmIdentifier()
aes192_Wrap['algorithm'] = id_aes128_Wrap
# aes192_Wrap['parameters'] are absent
aes256_Wrap = AlgorithmIdentifier()
aes256_Wrap['algorithm'] = id_sha256
# aes256_Wrap['parameters'] are absent
tdes_Wrap = AlgorithmIdentifier()
tdes_Wrap['algorithm'] = id_alg_CMS3DESwrap
tdes_Wrap['parameters'] = univ.Null("")
camellia128_Wrap = AlgorithmIdentifier()
camellia128_Wrap['algorithm'] = id_camellia128_Wrap
# camellia128_Wrap['parameters'] are absent
camellia192_Wrap = AlgorithmIdentifier()
camellia192_Wrap['algorithm'] = id_camellia192_Wrap
# camellia192_Wrap['parameters'] are absent
camellia256_Wrap = AlgorithmIdentifier()
camellia256_Wrap['algorithm'] = id_camellia256_Wrap
# camellia256_Wrap['parameters'] are absent
# Update the Algorithm Identifier map in rfc5280.py.
# Note that the ones that must not have parameters are not added to the map.
_algorithmIdentifierMapUpdate = {
***REMOVED***_kem: GenericHybridParameters(),
id_kem_rsa: RsaKemParameters(),
id_kdf_kdf2: KDF2_HashFunction(),
id_kdf_kdf3: KDF3_HashFunction(),
id_sha1: univ.Null(),
id_sha224: univ.Null(),
id_sha256: univ.Null(),
id_sha384: univ.Null(),
id_sha512: univ.Null(),
id_alg_CMS3DESwrap: univ.Null(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

88
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6010.py Normal file
View File

@@ -0,0 +1,88 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add maps for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Extension for CMS Content Constraints (CCC)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6010.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
AttributeType = rfc5280.AttributeType
AttributeValue = rfc5280.AttributeValue
id_ct_anyContentType = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.0')
class AttrConstraint(univ.Sequence):
pass
AttrConstraint.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', AttributeType()),
namedtype.NamedType('attrValues', univ.SetOf(
componentType=AttributeValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class AttrConstraintList(univ.SequenceOf):
pass
AttrConstraintList.componentType = AttrConstraint()
AttrConstraintList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class ContentTypeGeneration(univ.Enumerated):
pass
ContentTypeGeneration.namedValues = namedval.NamedValues(
('canSource', 0),
('cannotSource', 1)
)
class ContentTypeConstraint(univ.Sequence):
pass
ContentTypeConstraint.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', univ.ObjectIdentifier()),
namedtype.DefaultedNamedType('canSource', ContentTypeGeneration().subtype(value='canSource')),
namedtype.OptionalNamedType('attrConstraints', AttrConstraintList())
)
# CMS Content Constraints (CCC) Extension and Object Identifier
id_pe_cmsContentConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.18')
class CMSContentConstraints(univ.SequenceOf):
pass
CMSContentConstraints.componentType = ContentTypeConstraint()
CMSContentConstraints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
# Map of Certificate Extension OIDs to Extensions
# To be added to the ones that are in rfc5280.py
_certificateExtensionsMap = {
id_pe_cmsContentConstraints: CMSContentConstraints(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap)

45
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6019.py Normal file
View File

@@ -0,0 +1,45 @@
# This file is being contributed to pyasn1-modules software.
#
# Created by Russ Housley.
# Modified by Russ Housley to add a map for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# BinaryTime: An Alternate Format for Representing Date and Time
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6019.txt
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5652
MAX = float('inf')
# BinaryTime: Represent date and time as an integer
class BinaryTime(univ.Integer):
pass
BinaryTime.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
# CMS Attribute for representing signing time in BinaryTime
id_aa_binarySigningTime = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.46')
class BinarySigningTime(BinaryTime):
pass
# Map of Attribute Type OIDs to Attributes ia added to the
# ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_binarySigningTime: BinarySigningTime(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)

469
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6031.py Normal file
View File

@@ -0,0 +1,469 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# CMS Symmetric Key Package Content Type
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6031.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc6019
def _OID(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
MAX = float('inf')
id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12')
# Symmetric Key Package Attributes
id_pskc_manufacturer = _OID(id_pskc, 1)
class at_pskc_manufacturer(char.UTF8String):
pass
id_pskc_serialNo = _OID(id_pskc, 2)
class at_pskc_serialNo(char.UTF8String):
pass
id_pskc_model = _OID(id_pskc, 3)
class at_pskc_model(char.UTF8String):
pass
id_pskc_issueNo = _OID(id_pskc, 4)
class at_pskc_issueNo(char.UTF8String):
pass
id_pskc_deviceBinding = _OID(id_pskc, 5)
class at_pskc_deviceBinding(char.UTF8String):
pass
id_pskc_deviceStartDate = _OID(id_pskc, 6)
class at_pskc_deviceStartDate(useful.GeneralizedTime):
pass
id_pskc_deviceExpiryDate = _OID(id_pskc, 7)
class at_pskc_deviceExpiryDate(useful.GeneralizedTime):
pass
id_pskc_moduleId = _OID(id_pskc, 8)
class at_pskc_moduleId(char.UTF8String):
pass
id_pskc_deviceUserId = _OID(id_pskc, 26)
class at_pskc_deviceUserId(char.UTF8String):
pass
# Symmetric Key Attributes
id_pskc_keyId = _OID(id_pskc, 9)
class at_pskc_keyUserId(char.UTF8String):
pass
id_pskc_algorithm = _OID(id_pskc, 10)
class at_pskc_algorithm(char.UTF8String):
pass
id_pskc_issuer = _OID(id_pskc, 11)
class at_pskc_issuer(char.UTF8String):
pass
id_pskc_keyProfileId = _OID(id_pskc, 12)
class at_pskc_keyProfileId(char.UTF8String):
pass
id_pskc_keyReference = _OID(id_pskc, 13)
class at_pskc_keyReference(char.UTF8String):
pass
id_pskc_friendlyName = _OID(id_pskc, 14)
class FriendlyName(univ.Sequence):
pass
FriendlyName.componentType = namedtype.NamedTypes(
namedtype.NamedType('friendlyName', char.UTF8String()),
namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String())
)
class at_pskc_friendlyName(FriendlyName):
pass
id_pskc_algorithmParameters = _OID(id_pskc, 15)
class Encoding(char.UTF8String):
pass
Encoding.namedValues = namedval.NamedValues(
('dec', "DECIMAL"),
('hex', "HEXADECIMAL"),
('alpha', "ALPHANUMERIC"),
('b64', "BASE64"),
('bin', "BINARY")
)
Encoding.subtypeSpec = constraint.SingleValueConstraint(
"DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" )
class ChallengeFormat(univ.Sequence):
pass
ChallengeFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('encoding', Encoding()),
namedtype.DefaultedNamedType('checkDigit',
univ.Boolean().subtype(value=0)),
namedtype.NamedType('min', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.NamedType('max', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX)))
)
class ResponseFormat(univ.Sequence):
pass
ResponseFormat.componentType = namedtype.NamedTypes(
namedtype.NamedType('encoding', Encoding()),
namedtype.NamedType('length', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.DefaultedNamedType('checkDigit',
univ.Boolean().subtype(value=0))
)
class PSKCAlgorithmParameters(univ.Choice):
pass
PSKCAlgorithmParameters.componentType = namedtype.NamedTypes(
namedtype.NamedType('suite', char.UTF8String()),
namedtype.NamedType('challengeFormat', ChallengeFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('responseFormat', ResponseFormat().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
class at_pskc_algorithmParameters(PSKCAlgorithmParameters):
pass
id_pskc_counter = _OID(id_pskc, 16)
class at_pskc_counter(univ.Integer):
pass
at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
id_pskc_time = _OID(id_pskc, 17)
class at_pskc_time(rfc6019.BinaryTime):
pass
id_pskc_timeInterval = _OID(id_pskc, 18)
class at_pskc_timeInterval(univ.Integer):
pass
at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
id_pskc_timeDrift = _OID(id_pskc, 19)
class at_pskc_timeDrift(univ.Integer):
pass
at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
id_pskc_valueMAC = _OID(id_pskc, 20)
class ValueMac(univ.Sequence):
pass
ValueMac.componentType = namedtype.NamedTypes(
namedtype.NamedType('macAlgorithm', char.UTF8String()),
namedtype.NamedType('mac', char.UTF8String())
)
class at_pskc_valueMAC(ValueMac):
pass
id_pskc_keyUserId = _OID(id_pskc, 27)
class at_pskc_keyId(char.UTF8String):
pass
id_pskc_keyStartDate = _OID(id_pskc, 21)
class at_pskc_keyStartDate(useful.GeneralizedTime):
pass
id_pskc_keyExpiryDate = _OID(id_pskc, 22)
class at_pskc_keyExpiryDate(useful.GeneralizedTime):
pass
id_pskc_numberOfTransactions = _OID(id_pskc, 23)
class at_pskc_numberOfTransactions(univ.Integer):
pass
at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
id_pskc_keyUsages = _OID(id_pskc, 24)
class PSKCKeyUsage(char.UTF8String):
pass
PSKCKeyUsage.namedValues = namedval.NamedValues(
('otp', "OTP"),
('cr', "CR"),
('encrypt', "Encrypt"),
('integrity', "Integrity"),
('verify', "Verify"),
('unlock', "Unlock"),
('decrypt', "Decrypt"),
('keywrap', "KeyWrap"),
('unwrap', "Unwrap"),
('derive', "Derive"),
('generate', "Generate")
)
PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint(
"OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock",
"Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" )
class PSKCKeyUsages(univ.SequenceOf):
pass
PSKCKeyUsages.componentType = PSKCKeyUsage()
class at_pskc_keyUsage(PSKCKeyUsages):
pass
id_pskc_pinPolicy = _OID(id_pskc, 25)
class PINUsageMode(char.UTF8String):
pass
PINUsageMode.namedValues = namedval.NamedValues(
("local", "Local"),
("prepend", "Prepend"),
("append", "Append"),
("algorithmic", "Algorithmic")
)
PINUsageMode.subtypeSpec = constraint.SingleValueConstraint(
"Local", "Prepend", "Append", "Algorithmic" )
class PINPolicy(univ.Sequence):
pass
PINPolicy.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('pinUsageMode', PINUsageMode().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('minLength', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType('maxLength', univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.OptionalNamedType('pinEncoding', Encoding().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)))
)
class at_pskc_pinPolicy(PINPolicy):
pass
# Map of Symmetric Key Package Attribute OIDs to Attributes
sKeyPkgAttributesMap = {
id_pskc_manufacturer: at_pskc_manufacturer(),
id_pskc_serialNo: at_pskc_serialNo(),
id_pskc_model: at_pskc_model(),
id_pskc_issueNo: at_pskc_issueNo(),
id_pskc_deviceBinding: at_pskc_deviceBinding(),
id_pskc_deviceStartDate: at_pskc_deviceStartDate(),
id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(),
id_pskc_moduleId: at_pskc_moduleId(),
id_pskc_deviceUserId: at_pskc_deviceUserId(),
}
# Map of Symmetric Key Attribute OIDs to Attributes
sKeyAttributesMap = {
id_pskc_keyId: at_pskc_keyId(),
id_pskc_algorithm: at_pskc_algorithm(),
id_pskc_issuer: at_pskc_issuer(),
id_pskc_keyProfileId: at_pskc_keyProfileId(),
id_pskc_keyReference: at_pskc_keyReference(),
id_pskc_friendlyName: at_pskc_friendlyName(),
id_pskc_algorithmParameters: at_pskc_algorithmParameters(),
id_pskc_counter: at_pskc_counter(),
id_pskc_time: at_pskc_time(),
id_pskc_timeInterval: at_pskc_timeInterval(),
id_pskc_timeDrift: at_pskc_timeDrift(),
id_pskc_valueMAC: at_pskc_valueMAC(),
id_pskc_keyUserId: at_pskc_keyUserId(),
id_pskc_keyStartDate: at_pskc_keyStartDate(),
id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(),
id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(),
id_pskc_keyUsages: at_pskc_keyUsage(),
id_pskc_pinPolicy: at_pskc_pinPolicy(),
}
# This definition replaces Attribute() from rfc5652.py; it is the same except
# that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap
class AttributeType(univ.ObjectIdentifier):
pass
class AttributeValue(univ.Any):
pass
class SKeyAttribute(univ.Sequence):
pass
SKeyAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', AttributeType()),
namedtype.NamedType('attrValues',
univ.SetOf(componentType=AttributeValue()),
openType=opentype.OpenType('attrType', sKeyAttributesMap)
)
)
class SKeyPkgAttribute(univ.Sequence):
pass
SKeyPkgAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('attrType', AttributeType()),
namedtype.NamedType('attrValues',
univ.SetOf(componentType=AttributeValue()),
openType=opentype.OpenType('attrType', sKeyPkgAttributesMap)
)
)
# Symmetric Key Package Content Type
id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25')
class KeyPkgVersion(univ.Integer):
pass
KeyPkgVersion.namedValues = namedval.NamedValues(
('v1', 1)
)
class OneSymmetricKey(univ.Sequence):
pass
OneSymmetricKey.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('sKeyAttrs',
univ.SequenceOf(componentType=SKeyAttribute()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
namedtype.OptionalNamedType('sKey', univ.OctetString())
)
OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2)
class SymmetricKeys(univ.SequenceOf):
pass
SymmetricKeys.componentType = OneSymmetricKey()
SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
class SymmetricKeyPackage(univ.Sequence):
pass
SymmetricKeyPackage.componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')),
namedtype.OptionalNamedType('sKeyPkgAttrs',
univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('sKeys', SymmetricKeys())
)
# Map of Content Type OIDs to Content Types are
# added to the ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_KP_sKeyPackage: SymmetricKeyPackage(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

68
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6032.py Normal file
View File

@@ -0,0 +1,68 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# CMS Encrypted Key Package Content Type
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6032.txt
#
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5652
from pyasn1_modules import rfc5083
# Content Decryption Key Identifier attribute
id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66')
class ContentDecryptKeyID(univ.OctetString):
pass
aa_content_decrypt_key_identifier = rfc5652.Attribute()
aa_content_decrypt_key_identifier['attrType'] = id_aa_KP_contentDecryptKeyID
aa_content_decrypt_key_identifier['attrValues'][0] = ContentDecryptKeyID()
# Encrypted Key Package Content Type
id_ct_KP_encryptedKeyPkg = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.2')
class EncryptedKeyPackage(univ.Choice):
pass
EncryptedKeyPackage.componentType = namedtype.NamedTypes(
namedtype.NamedType('encrypted', rfc5652.EncryptedData()),
namedtype.NamedType('enveloped', rfc5652.EnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('authEnveloped', rfc5083.AuthEnvelopedData().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
# Map of Attribute Type OIDs to Attributes are
# added to the ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
# Map of Content Type OIDs to Content Types are
# added to the ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_KP_encryptedKeyPkg: EncryptedKeyPackage(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

43
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6120.py Normal file
View File

@@ -0,0 +1,43 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Extensible Messaging and Presence Protocol (XMPP)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6120.txt
#
from pyasn1.type import char
from pyasn1.type import univ
from pyasn1_modules import rfc5280
MAX = float('inf')
# XmppAddr Identifier Type as specified in Section 13.7.1.4. of RFC 6120
id_pkix = rfc5280.id_pkix
id_on = id_pkix + (8, )
id_on_xmppAddr = id_on + (5, )
class XmppAddr(char.UTF8String):
pass
# Map of Other Name OIDs to Other Name is added to the
# ones that are in rfc5280.py
_anotherNameMapUpdate = {
id_on_xmppAddr: XmppAddr(),
}
rfc5280.anotherNameMap.update(_anotherNameMapUpdate)

17
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6170.py Normal file
View File

@@ -0,0 +1,17 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Image in the Internet X.509 Public Key Infrastructure
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6170.txt
#
from pyasn1.type import univ
id_logo_certImage = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.3')

22
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6187.py Normal file
View File

@@ -0,0 +1,22 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# X.509v3 Certificates for Secure Shell Authentication
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6187.txt
#
from pyasn1.type import univ
id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7')
id_kp = id_pkix + (3, )
id_kp_secureShellClient = id_kp + (21, )
id_kp_secureShellServer = id_kp + (22, )

42
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6210.py Normal file
View File

@@ -0,0 +1,42 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Experiment for Hash Functions with Parameters in the CMS
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6210.txt
#
from pyasn1.type import constraint
from pyasn1.type import univ
from pyasn1_modules import rfc5280
id_alg_MD5_XOR_EXPERIMENT = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.13')
class MD5_XOR_EXPERIMENT(univ.OctetString):
pass
MD5_XOR_EXPERIMENT.subtypeSpec = constraint.ValueSizeConstraint(64, 64)
mda_xor_md5_EXPERIMENT = rfc5280.AlgorithmIdentifier()
mda_xor_md5_EXPERIMENT['algorithm'] = id_alg_MD5_XOR_EXPERIMENT
mda_xor_md5_EXPERIMENT['parameters'] = MD5_XOR_EXPERIMENT()
# Map of Algorithm Identifier OIDs to Parameters added to the
# ones that are in rfc5280.py.
_algorithmIdentifierMapUpdate = {
id_alg_MD5_XOR_EXPERIMENT: MD5_XOR_EXPERIMENT(),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

72
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6211.py Normal file
View File

@@ -0,0 +1,72 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# CMS Algorithm Identifier Protection Attribute
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6211.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5652
# Imports from RFC 5652
DigestAlgorithmIdentifier = rfc5652.DigestAlgorithmIdentifier
MessageAuthenticationCodeAlgorithm = rfc5652.MessageAuthenticationCodeAlgorithm
SignatureAlgorithmIdentifier = rfc5652.SignatureAlgorithmIdentifier
# CMS Algorithm Protection attribute
id_aa_cmsAlgorithmProtect = univ.ObjectIdentifier('1.2.840.113549.1.9.52')
class CMSAlgorithmProtection(univ.Sequence):
pass
CMSAlgorithmProtection.componentType = namedtype.NamedTypes(
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('signatureAlgorithm',
SignatureAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('macAlgorithm',
MessageAuthenticationCodeAlgorithm().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
CMSAlgorithmProtection.subtypeSpec = constraint.ConstraintsUnion(
constraint.WithComponentsConstraint(
('signatureAlgorithm', constraint.ComponentPresentConstraint()),
('macAlgorithm', constraint.ComponentAbsentConstraint())),
constraint.WithComponentsConstraint(
('signatureAlgorithm', constraint.ComponentAbsentConstraint()),
('macAlgorithm', constraint.ComponentPresentConstraint()))
)
aa_cmsAlgorithmProtection = rfc5652.Attribute()
aa_cmsAlgorithmProtection['attrType'] = id_aa_cmsAlgorithmProtect
aa_cmsAlgorithmProtection['attrValues'][0] = CMSAlgorithmProtection()
# Map of Attribute Type OIDs to Attributes are
# added to the ones that are in rfc5652.py
_cmsAttributesMapUpdate = {
id_aa_cmsAlgorithmProtect: CMSAlgorithmProtection(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)

628
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6402.py Normal file
View File

@@ -0,0 +1,628 @@
# coding: utf-8
#
# This file is part of pyasn1-modules software.
#
# Created by Stanisław Pitucha with asn1ate tool.
# Modified by Russ Housley to add a maps for CMC Control Attributes
# and CMC Content Types for use with opentypes.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pyasn1/license.html
#
# Certificate Management over CMS (CMC) Updates
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6402.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import namedval
from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1.type import useful
from pyasn1_modules import rfc4211
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
MAX = float('inf')
def _buildOid(*components):
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
# Since CMS Attributes and CMC Controls both use 'attrType', one map is used
cmcControlAttributesMap = rfc5652.cmsAttributesMap
class ChangeSubjectName(univ.Sequence):
pass
ChangeSubjectName.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('subject', rfc5280.Name()),
namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames())
)
class AttributeValue(univ.Any):
pass
class CMCStatus(univ.Integer):
pass
CMCStatus.namedValues = namedval.NamedValues(
('success', 0),
('failed', 2),
('pending', 3),
('noSupport', 4),
('confirmRequired', 5),
('popRequired', 6),
('partial', 7)
)
class PendInfo(univ.Sequence):
pass
PendInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('pendToken', univ.OctetString()),
namedtype.NamedType('pendTime', useful.GeneralizedTime())
)
bodyIdMax = univ.Integer(4294967295)
class BodyPartID(univ.Integer):
pass
BodyPartID.subtypeSpec = constraint.ValueRangeConstraint(0, bodyIdMax)
class BodyPartPath(univ.SequenceOf):
pass
BodyPartPath.componentType = BodyPartID()
BodyPartPath.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
class BodyPartReference(univ.Choice):
pass
BodyPartReference.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('bodyPartPath', BodyPartPath())
)
class CMCFailInfo(univ.Integer):
pass
CMCFailInfo.namedValues = namedval.NamedValues(
('badAlg', 0),
('badMessageCheck', 1),
('badRequest', 2),
('badTime', 3),
('badCertId', 4),
('unsupportedExt', 5),
('mustArchiveKeys', 6),
('badIdentity', 7),
('popRequired', 8),
('popFailed', 9),
('noKeyReuse', 10),
('internalCAError', 11),
('tryLater', 12),
('authDataFail', 13)
)
class CMCStatusInfoV2(univ.Sequence):
pass
CMCStatusInfoV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('cMCStatus', CMCStatus()),
namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())),
namedtype.OptionalNamedType('statusString', char.UTF8String()),
namedtype.OptionalNamedType(
'otherInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('failInfo', CMCFailInfo()),
namedtype.NamedType('pendInfo', PendInfo()),
namedtype.NamedType(
'extendedFailInfo', univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()),
namedtype.NamedType('failInfoValue', AttributeValue()))
)
)
)
)
)
)
class GetCRL(univ.Sequence):
pass
GetCRL.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerName', rfc5280.Name()),
namedtype.OptionalNamedType('cRLName', rfc5280.GeneralName()),
namedtype.OptionalNamedType('time', useful.GeneralizedTime()),
namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags())
)
id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7)
id_cmc = _buildOid(id_pkix, 7)
id_cmc_batchResponses = _buildOid(id_cmc, 29)
id_cmc_popLinkWitness = _buildOid(id_cmc, 23)
class PopLinkWitnessV2(univ.Sequence):
pass
PopLinkWitnessV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('keyGenAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('macAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
id_cmc_popLinkWitnessV2 = _buildOid(id_cmc, 33)
id_cmc_identityProofV2 = _buildOid(id_cmc, 34)
id_cmc_revokeRequest = _buildOid(id_cmc, 17)
id_cmc_recipientNonce = _buildOid(id_cmc, 7)
class ControlsProcessed(univ.Sequence):
pass
ControlsProcessed.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference()))
)
class CertificationRequest(univ.Sequence):
pass
CertificationRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'certificationRequestInfo', univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('version', univ.Integer()),
namedtype.NamedType('subject', rfc5280.Name()),
namedtype.NamedType(
'subjectPublicKeyInfo', univ.Sequence(
componentType=namedtype.NamedTypes(
namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('subjectPublicKey', univ.BitString())
)
)
),
namedtype.NamedType(
'attributes', univ.SetOf(
componentType=rfc5652.Attribute()).subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
)
)
)
),
namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString())
)
class TaggedCertificationRequest(univ.Sequence):
pass
TaggedCertificationRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('certificationRequest', CertificationRequest())
)
class TaggedRequest(univ.Choice):
pass
TaggedRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('tcr', TaggedCertificationRequest().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('crm',
rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()),
namedtype.NamedType('requestMessageValue', univ.Any())
))
.subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
)
id_cmc_popLinkRandom = _buildOid(id_cmc, 22)
id_cmc_statusInfo = _buildOid(id_cmc, 1)
id_cmc_trustedAnchors = _buildOid(id_cmc, 26)
id_cmc_transactionId = _buildOid(id_cmc, 5)
id_cmc_encryptedPOP = _buildOid(id_cmc, 9)
class PublishTrustAnchors(univ.Sequence):
pass
PublishTrustAnchors.componentType = namedtype.NamedTypes(
namedtype.NamedType('seqNumber', univ.Integer()),
namedtype.NamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('anchorHashes', univ.SequenceOf(componentType=univ.OctetString()))
)
class RevokeRequest(univ.Sequence):
pass
RevokeRequest.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerName', rfc5280.Name()),
namedtype.NamedType('serialNumber', univ.Integer()),
namedtype.NamedType('reason', rfc5280.CRLReason()),
namedtype.OptionalNamedType('invalidityDate', useful.GeneralizedTime()),
namedtype.OptionalNamedType('passphrase', univ.OctetString()),
namedtype.OptionalNamedType('comment', char.UTF8String())
)
id_cmc_senderNonce = _buildOid(id_cmc, 6)
id_cmc_authData = _buildOid(id_cmc, 27)
class TaggedContentInfo(univ.Sequence):
pass
TaggedContentInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('contentInfo', rfc5652.ContentInfo())
)
class IdentifyProofV2(univ.Sequence):
pass
IdentifyProofV2.componentType = namedtype.NamedTypes(
namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
class CMCPublicationInfo(univ.Sequence):
pass
CMCPublicationInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('certHashes', univ.SequenceOf(componentType=univ.OctetString())),
namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo())
)
id_kp_cmcCA = _buildOid(rfc5280.id_kp, 27)
id_cmc_confirmCertAcceptance = _buildOid(id_cmc, 24)
id_cmc_raIdentityWitness = _buildOid(id_cmc, 35)
id_ExtensionReq = _buildOid(1, 2, 840, 113549, 1, 9, 14)
id_cct = _buildOid(id_pkix, 12)
id_cct_PKIData = _buildOid(id_cct, 2)
id_kp_cmcRA = _buildOid(rfc5280.id_kp, 28)
class CMCStatusInfo(univ.Sequence):
pass
CMCStatusInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('cMCStatus', CMCStatus()),
namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())),
namedtype.OptionalNamedType('statusString', char.UTF8String()),
namedtype.OptionalNamedType(
'otherInfo', univ.Choice(
componentType=namedtype.NamedTypes(
namedtype.NamedType('failInfo', CMCFailInfo()),
namedtype.NamedType('pendInfo', PendInfo())
)
)
)
)
class DecryptedPOP(univ.Sequence):
pass
DecryptedPOP.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('thePOP', univ.OctetString())
)
id_cmc_addExtensions = _buildOid(id_cmc, 8)
id_cmc_modCertTemplate = _buildOid(id_cmc, 31)
class TaggedAttribute(univ.Sequence):
pass
TaggedAttribute.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('attrType', univ.ObjectIdentifier()),
namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()),
openType=opentype.OpenType('attrType', cmcControlAttributesMap)
)
)
class OtherMsg(univ.Sequence):
pass
OtherMsg.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartID', BodyPartID()),
namedtype.NamedType('otherMsgType', univ.ObjectIdentifier()),
namedtype.NamedType('otherMsgValue', univ.Any())
)
class PKIData(univ.Sequence):
pass
PKIData.componentType = namedtype.NamedTypes(
namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())),
namedtype.NamedType('reqSequence', univ.SequenceOf(componentType=TaggedRequest())),
namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())),
namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg()))
)
class BodyPartList(univ.SequenceOf):
pass
BodyPartList.componentType = BodyPartID()
BodyPartList.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
id_cmc_responseBody = _buildOid(id_cmc, 37)
class AuthPublish(BodyPartID):
pass
class CMCUnsignedData(univ.Sequence):
pass
CMCUnsignedData.componentType = namedtype.NamedTypes(
namedtype.NamedType('bodyPartPath', BodyPartPath()),
namedtype.NamedType('identifier', univ.ObjectIdentifier()),
namedtype.NamedType('content', univ.Any())
)
class CMCCertId(rfc5652.IssuerAndSerialNumber):
pass
class PKIResponse(univ.Sequence):
pass
PKIResponse.componentType = namedtype.NamedTypes(
namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())),
namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())),
namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg()))
)
class ResponseBody(PKIResponse):
pass
id_cmc_statusInfoV2 = _buildOid(id_cmc, 25)
id_cmc_lraPOPWitness = _buildOid(id_cmc, 11)
class ModCertTemplate(univ.Sequence):
pass
ModCertTemplate.componentType = namedtype.NamedTypes(
namedtype.NamedType('pkiDataReference', BodyPartPath()),
namedtype.NamedType('certReferences', BodyPartList()),
namedtype.DefaultedNamedType('replace', univ.Boolean().subtype(value=1)),
namedtype.NamedType('certTemplate', rfc4211.CertTemplate())
)
id_cmc_regInfo = _buildOid(id_cmc, 18)
id_cmc_identityProof = _buildOid(id_cmc, 3)
class ExtensionReq(univ.SequenceOf):
pass
ExtensionReq.componentType = rfc5280.Extension()
ExtensionReq.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
id_kp_cmcArchive = _buildOid(rfc5280.id_kp, 28)
id_cmc_publishCert = _buildOid(id_cmc, 30)
id_cmc_dataReturn = _buildOid(id_cmc, 4)
class LraPopWitness(univ.Sequence):
pass
LraPopWitness.componentType = namedtype.NamedTypes(
namedtype.NamedType('pkiDataBodyid', BodyPartID()),
namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID()))
)
id_aa = _buildOid(1, 2, 840, 113549, 1, 9, 16, 2)
id_aa_cmc_unsignedData = _buildOid(id_aa, 34)
id_cmc_getCert = _buildOid(id_cmc, 15)
id_cmc_batchRequests = _buildOid(id_cmc, 28)
id_cmc_decryptedPOP = _buildOid(id_cmc, 10)
id_cmc_responseInfo = _buildOid(id_cmc, 19)
id_cmc_changeSubjectName = _buildOid(id_cmc, 36)
class GetCert(univ.Sequence):
pass
GetCert.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuerName', rfc5280.GeneralName()),
namedtype.NamedType('serialNumber', univ.Integer())
)
id_cmc_identification = _buildOid(id_cmc, 2)
id_cmc_queryPending = _buildOid(id_cmc, 21)
class AddExtensions(univ.Sequence):
pass
AddExtensions.componentType = namedtype.NamedTypes(
namedtype.NamedType('pkiDataReference', BodyPartID()),
namedtype.NamedType('certReferences', univ.SequenceOf(componentType=BodyPartID())),
namedtype.NamedType('extensions', univ.SequenceOf(componentType=rfc5280.Extension()))
)
class EncryptedPOP(univ.Sequence):
pass
EncryptedPOP.componentType = namedtype.NamedTypes(
namedtype.NamedType('request', TaggedRequest()),
namedtype.NamedType('cms', rfc5652.ContentInfo()),
namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witnessAlgID', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('witness', univ.OctetString())
)
id_cmc_getCRL = _buildOid(id_cmc, 16)
id_cct_PKIResponse = _buildOid(id_cct, 3)
id_cmc_controlProcessed = _buildOid(id_cmc, 32)
class NoSignatureValue(univ.OctetString):
pass
id_ad_cmc = _buildOid(rfc5280.id_ad, 12)
id_alg_noSignature = _buildOid(id_pkix, 6, 2)
# Map of CMC Control OIDs to CMC Control Attributes
_cmcControlAttributesMapUpdate = {
id_cmc_statusInfo: CMCStatusInfo(),
id_cmc_statusInfoV2: CMCStatusInfoV2(),
id_cmc_identification: char.UTF8String(),
id_cmc_identityProof: univ.OctetString(),
id_cmc_identityProofV2: IdentifyProofV2(),
id_cmc_dataReturn: univ.OctetString(),
id_cmc_transactionId: univ.Integer(),
id_cmc_senderNonce: univ.OctetString(),
id_cmc_recipientNonce: univ.OctetString(),
id_cmc_addExtensions: AddExtensions(),
id_cmc_encryptedPOP: EncryptedPOP(),
id_cmc_decryptedPOP: DecryptedPOP(),
id_cmc_lraPOPWitness: LraPopWitness(),
id_cmc_getCert: GetCert(),
id_cmc_getCRL: GetCRL(),
id_cmc_revokeRequest: RevokeRequest(),
id_cmc_regInfo: univ.OctetString(),
id_cmc_responseInfo: univ.OctetString(),
id_cmc_queryPending: univ.OctetString(),
id_cmc_popLinkRandom: univ.OctetString(),
id_cmc_popLinkWitness: univ.OctetString(),
id_cmc_popLinkWitnessV2: PopLinkWitnessV2(),
id_cmc_confirmCertAcceptance: CMCCertId(),
id_cmc_trustedAnchors: PublishTrustAnchors(),
id_cmc_authData: AuthPublish(),
id_cmc_batchRequests: BodyPartList(),
id_cmc_batchResponses: BodyPartList(),
id_cmc_publishCert: CMCPublicationInfo(),
id_cmc_modCertTemplate: ModCertTemplate(),
id_cmc_controlProcessed: ControlsProcessed(),
id_ExtensionReq: ExtensionReq(),
}
cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate)
# Map of CMC Content Type OIDs to CMC Content Types are added to
# the ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_cct_PKIData: PKIData(),
id_cct_PKIResponse: PKIResponse(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

74
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6482.py Normal file
View File

@@ -0,0 +1,74 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# RPKI Route Origin Authorizations (ROAs)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6482.txt
# https://www.rfc-editor.org/errata/eid5881
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5652
MAX = float('inf')
id_ct_routeOriginAuthz = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.24')
class ASID(univ.Integer):
pass
class IPAddress(univ.BitString):
pass
class ROAIPAddress(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('address', IPAddress()),
namedtype.OptionalNamedType('maxLength', univ.Integer())
)
class ROAIPAddressFamily(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('addressFamily',
univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(2, 3))),
namedtype.NamedType('addresses',
univ.SequenceOf(componentType=ROAIPAddress()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
class RouteOriginAttestation(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
univ.Integer().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)),
namedtype.NamedType('asID', ASID()),
namedtype.NamedType('ipAddrBlocks',
univ.SequenceOf(componentType=ROAIPAddressFamily()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
)
# Map of Content Type OIDs to Content Types added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_routeOriginAuthz: RouteOriginAttestation(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

68
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6486.py Normal file
View File

@@ -0,0 +1,68 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# RPKI Manifests
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6486.txt
#
from pyasn1.type import char
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import useful
from pyasn1.type import univ
from pyasn1_modules import rfc5652
MAX = float('inf')
id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16')
id_ct = id_smime + (1, )
id_ct_rpkiManifest = id_ct + (26, )
class FileAndHash(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('file', char.IA5String()),
namedtype.NamedType('hash', univ.BitString())
)
class Manifest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version',
univ.Integer().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)),
namedtype.NamedType('manifestNumber',
univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.NamedType('thisUpdate',
useful.GeneralizedTime()),
namedtype.NamedType('nextUpdate',
useful.GeneralizedTime()),
namedtype.NamedType('fileHashAlg',
univ.ObjectIdentifier()),
namedtype.NamedType('fileList',
univ.SequenceOf(componentType=FileAndHash()).subtype(
subtypeSpec=constraint.ValueSizeConstraint(0, MAX)))
)
# Map of Content Type OIDs to Content Types added to the
# ones that are in rfc5652.py
_cmsContentTypesMapUpdate = {
id_ct_rpkiManifest: Manifest(),
}
rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

22
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6487.py Normal file
View File

@@ -0,0 +1,22 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Profile for X.509 PKIX Resource Certificates
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6487.txt
#
from pyasn1.type import univ
id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7')
id_ad = id_pkix + (48, )
id_ad_rpkiManifest = id_ad + (10, )
id_ad_signedObject = id_ad + (11, )

147
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6664.py Normal file
View File

@@ -0,0 +1,147 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with some assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# S/MIME Capabilities for Public Key Definitions
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6664.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5751
from pyasn1_modules import rfc5480
from pyasn1_modules import rfc4055
from pyasn1_modules import rfc3279
MAX = float('inf')
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
# Imports from RFC 3279
dhpublicnumber = rfc3279.dhpublicnumber
Dss_Parms = rfc3279.Dss_Parms
***REMOVED*** = rfc3279.***REMOVED***
id_ecPublicKey = rfc3279.id_ecPublicKey
rsaEncryption = rfc3279.rsaEncryption
# Imports from RFC 4055
id_mgf1 = rfc4055.id_mgf1
id_RSAES_OAEP = rfc4055.id_RSAES_OAEP
id_RSASSA_PSS = rfc4055.id_RSASSA_PSS
# Imports from RFC 5480
ECParameters = rfc5480.ECParameters
id_ecDH = rfc5480.id_ecDH
id_ecMQV = rfc5480.id_ecMQV
# RSA
class RSAKeySize(univ.Integer):
# suggested values are 1024, 2048, 3072, 4096, 7680, 8192, and 15360;
# however, the integer value is not limited to these suggestions
pass
class RSAKeyCapabilities(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('minKeySize', RSAKeySize()),
namedtype.OptionalNamedType('maxKeySize', RSAKeySize())
)
class RsaSsa_Pss_sig_caps(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlg', AlgorithmIdentifier()),
namedtype.OptionalNamedType('maskAlg', AlgorithmIdentifier()),
namedtype.DefaultedNamedType('trailerField', univ.Integer().subtype(value=1))
)
# Diffie-Hellman and DSA
class DSAKeySize(univ.Integer):
subtypeSpec = constraint.SingleValueConstraint(1024, 2048, 3072, 7680, 15360)
class DSAKeyCapabilities(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('keySizes', univ.Sequence(componentType=namedtype.NamedTypes(
namedtype.NamedType('minKeySize',
DSAKeySize()),
namedtype.OptionalNamedType('maxKeySize',
DSAKeySize()),
namedtype.OptionalNamedType('maxSizeP',
univ.Integer().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('maxSizeQ',
univ.Integer().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType('maxSizeG',
univ.Integer().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 3)))
)).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
namedtype.NamedType('keyParams',
Dss_Parms().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1)))
)
# Elliptic Curve
class EC_SMimeCaps(univ.SequenceOf):
componentType = ECParameters()
subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
# Update the SMIMECapabilities Attribute Map in rfc5751.py
#
# The map can either include an entry for scap-sa-rsaSSA-PSS or
# scap-pk-rsaSSA-PSS, but not both. One is associated with the
# public key and the other is associated with the signature
# algorithm; however, they use the same OID. If you need the
# other one in your application, copy the map into a local dict,
# adjust as needed, and pass the local dict to the decoder with
# openTypes=your_local_map.
_smimeCapabilityMapUpdate = {
rsaEncryption: RSAKeyCapabilities(),
id_RSASSA_PSS: RSAKeyCapabilities(),
# id_RSASSA_PSS: RsaSsa_Pss_sig_caps(),
id_RSAES_OAEP: RSAKeyCapabilities(),
***REMOVED***: DSAKeyCapabilities(),
dhpublicnumber: DSAKeyCapabilities(),
id_ecPublicKey: EC_SMimeCaps(),
id_ecDH: EC_SMimeCaps(),
id_ecMQV: EC_SMimeCaps(),
id_mgf1: AlgorithmIdentifier(),
}
rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

108
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6955.py Normal file
View File

@@ -0,0 +1,108 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Diffie-Hellman Proof-of-Possession Algorithms
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6955.txt
#
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc3279
from pyasn1_modules import rfc5280
from pyasn1_modules import rfc5652
# Imports from RFC 5652
MessageDigest = rfc5652.MessageDigest
IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
# Imports from RFC 5280
id_pkix = rfc5280.id_pkix
# Imports from RFC 3279
Dss_Sig_Value = rfc3279.Dss_Sig_Value
DomainParameters = rfc3279.DomainParameters
# Static DH Proof-of-Possession
class DhSigStatic(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('issuerAndSerial', IssuerAndSerialNumber()),
namedtype.NamedType('hashValue', MessageDigest())
)
# Object Identifiers
id_dh_sig_hmac_sha1 = id_pkix + (6, 3, )
id_dhPop_static_sha1_hmac_sha1 = univ.ObjectIdentifier(id_dh_sig_hmac_sha1)
id_alg_dh_pop = id_pkix + (6, 4, )
id_alg_dhPop_sha1 = univ.ObjectIdentifier(id_alg_dh_pop)
id_alg_dhPop_sha224 = id_pkix + (6, 5, )
id_alg_dhPop_sha256 = id_pkix + (6, 6, )
id_alg_dhPop_sha384 = id_pkix + (6, 7, )
id_alg_dhPop_sha512 = id_pkix + (6, 8, )
id_alg_dhPop_static_sha224_hmac_sha224 = id_pkix + (6, 15, )
id_alg_dhPop_static_sha256_hmac_sha256 = id_pkix + (6, 16, )
id_alg_dhPop_static_sha384_hmac_sha384 = id_pkix + (6, 17, )
id_alg_dhPop_static_sha512_hmac_sha512 = id_pkix + (6, 18, )
id_alg_ecdhPop_static_sha224_hmac_sha224 = id_pkix + (6, 25, )
id_alg_ecdhPop_static_sha256_hmac_sha256 = id_pkix + (6, 26, )
id_alg_ecdhPop_static_sha384_hmac_sha384 = id_pkix + (6, 27, )
id_alg_ecdhPop_static_sha512_hmac_sha512 = id_pkix + (6, 28, )
# Update the Algorithm Identifier map in rfc5280.py
_algorithmIdentifierMapUpdate = {
id_alg_dh_pop: DomainParameters(),
id_alg_dhPop_sha224: DomainParameters(),
id_alg_dhPop_sha256: DomainParameters(),
id_alg_dhPop_sha384: DomainParameters(),
id_alg_dhPop_sha512: DomainParameters(),
id_dh_sig_hmac_sha1: univ.Null(""),
id_alg_dhPop_static_sha224_hmac_sha224: univ.Null(""),
id_alg_dhPop_static_sha256_hmac_sha256: univ.Null(""),
id_alg_dhPop_static_sha384_hmac_sha384: univ.Null(""),
id_alg_dhPop_static_sha512_hmac_sha512: univ.Null(""),
id_alg_ecdhPop_static_sha224_hmac_sha224: univ.Null(""),
id_alg_ecdhPop_static_sha256_hmac_sha256: univ.Null(""),
id_alg_ecdhPop_static_sha384_hmac_sha384: univ.Null(""),
id_alg_ecdhPop_static_sha512_hmac_sha512: univ.Null(""),
}
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

223
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc6960.py Normal file
View File

@@ -0,0 +1,223 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Online Certificate Status Protocol (OCSP)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc6960.txt
#
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
from pyasn1_modules import rfc2560
from pyasn1_modules import rfc5280
MAX = float('inf')
# Imports from RFC 5280
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax
Certificate = rfc5280.Certificate
CertificateSerialNumber = rfc5280.CertificateSerialNumber
CRLReason = rfc5280.CRLReason
Extensions = rfc5280.Extensions
GeneralName = rfc5280.GeneralName
Name = rfc5280.Name
id_kp = rfc5280.id_kp
id_ad_ocsp = rfc5280.id_ad_ocsp
# Imports from the original OCSP module in RFC 2560
AcceptableResponses = rfc2560.AcceptableResponses
ArchiveCutoff = rfc2560.ArchiveCutoff
CertStatus = rfc2560.CertStatus
KeyHash = rfc2560.KeyHash
OCSPResponse = rfc2560.OCSPResponse
OCSPResponseStatus = rfc2560.OCSPResponseStatus
ResponseBytes = rfc2560.ResponseBytes
RevokedInfo = rfc2560.RevokedInfo
UnknownInfo = rfc2560.UnknownInfo
Version = rfc2560.Version
id_kp_OCSPSigning = rfc2560.id_kp_OCSPSigning
id_pkix_ocsp = rfc2560.id_pkix_ocsp
id_pkix_ocsp_archive_cutoff = rfc2560.id_pkix_ocsp_archive_cutoff
id_pkix_ocsp_basic = rfc2560.id_pkix_ocsp_basic
id_pkix_ocsp_crl = rfc2560.id_pkix_ocsp_crl
id_pkix_ocsp_nocheck = rfc2560.id_pkix_ocsp_nocheck
id_pkix_ocsp_nonce = rfc2560.id_pkix_ocsp_nonce
id_pkix_ocsp_response = rfc2560.id_pkix_ocsp_response
id_pkix_ocsp_service_locator = rfc2560.id_pkix_ocsp_service_locator
# Additional object identifiers
id_pkix_ocsp_pref_sig_algs = id_pkix_ocsp + (8, )
id_pkix_ocsp_extended_revoke = id_pkix_ocsp + (9, )
# Updated structures (mostly to improve openTypes support)
class CertID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('issuerNameHash', univ.OctetString()),
namedtype.NamedType('issuerKeyHash', univ.OctetString()),
namedtype.NamedType('serialNumber', CertificateSerialNumber())
)
class SingleResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certID', CertID()),
namedtype.NamedType('certStatus', CertStatus()),
namedtype.NamedType('thisUpdate', useful.GeneralizedTime()),
namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('singleExtensions', Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class ResponderID(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('byName', Name().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('byKey', KeyHash().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class ResponseData(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', Version('v1').subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType('responderID', ResponderID()),
namedtype.NamedType('producedAt', useful.GeneralizedTime()),
namedtype.NamedType('responses', univ.SequenceOf(
componentType=SingleResponse())),
namedtype.OptionalNamedType('responseExtensions', Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
)
class BasicOCSPResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsResponseData', ResponseData()),
namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()),
namedtype.OptionalNamedType('certs', univ.SequenceOf(
componentType=Certificate()).subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Request(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('reqCert', CertID()),
namedtype.OptionalNamedType('singleRequestExtensions', Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class Signature(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()),
namedtype.OptionalNamedType('certs', univ.SequenceOf(
componentType=Certificate()).subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class TBSRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.DefaultedNamedType('version', Version('v1').subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('requestorName', GeneralName().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.NamedType('requestList', univ.SequenceOf(
componentType=Request())),
namedtype.OptionalNamedType('requestExtensions', Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class OCSPRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsRequest', TBSRequest()),
namedtype.OptionalNamedType('optionalSignature', Signature().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
# Previously omitted structure
class ServiceLocator(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', Name()),
namedtype.NamedType('locator', AuthorityInfoAccessSyntax())
)
# Additional structures
class CrlID(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('crlUrl', char.IA5String().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType('crlNum', univ.Integer().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('crlTime', useful.GeneralizedTime().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
class PreferredSignatureAlgorithm(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('sigIdentifier', AlgorithmIdentifier()),
namedtype.OptionalNamedType('certIdentifier', AlgorithmIdentifier())
)
class PreferredSignatureAlgorithms(univ.SequenceOf):
componentType = PreferredSignatureAlgorithm()
# Response Type OID to Response Map
ocspResponseMap = {
id_pkix_ocsp_basic: BasicOCSPResponse(),
}
# Map of Extension OIDs to Extensions added to the ones
# that are in rfc5280.py
_certificateExtensionsMapUpdate = {
# Certificate Extension
id_pkix_ocsp_nocheck: univ.Null(""),
# OCSP Request Extensions
id_pkix_ocsp_nonce: univ.OctetString(),
id_pkix_ocsp_response: AcceptableResponses(),
id_pkix_ocsp_service_locator: ServiceLocator(),
id_pkix_ocsp_pref_sig_algs: PreferredSignatureAlgorithms(),
# OCSP Response Extensions
id_pkix_ocsp_crl: CrlID(),
id_pkix_ocsp_archive_cutoff: ArchiveCutoff(),
id_pkix_ocsp_extended_revoke: univ.Null(""),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

66
.venv/lib/python3.12/site-packages/pyasn1_modules/rfc7030.py Normal file
View File

@@ -0,0 +1,66 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# Enrollment over Secure Transport (EST)
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc7030.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import univ
from pyasn1_modules import rfc5652
MAX = float('inf')
# Imports from RFC 5652
Attribute = rfc5652.Attribute
# Asymmetric Decrypt Key Identifier Attribute
id_aa_asymmDecryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.54')
class AsymmetricDecryptKeyIdentifier(univ.OctetString):
pass
aa_asymmDecryptKeyID = Attribute()
aa_asymmDecryptKeyID['attrType'] = id_aa_asymmDecryptKeyID
aa_asymmDecryptKeyID['attrValues'][0] = AsymmetricDecryptKeyIdentifier()
# CSR Attributes
class AttrOrOID(univ.Choice):
pass
AttrOrOID.componentType = namedtype.NamedTypes(
namedtype.NamedType('oid', univ.ObjectIdentifier()),
namedtype.NamedType('attribute', Attribute())
)
class CsrAttrs(univ.SequenceOf):
pass
CsrAttrs.componentType = AttrOrOID()
CsrAttrs.subtypeSpec=constraint.ValueSizeConstraint(0, MAX)
# Update CMS Attribute Map
_cmsAttributesMapUpdate = {
id_aa_asymmDecryptKeyID: AsymmetricDecryptKeyIdentifier(),
}
rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)

Some files were not shown because too many files have changed in this diff Show More