pyasn1-modules-0.2.8/0000775006321400632140000000000013605660531016051 5ustar ietingofietingof00000000000000pyasn1-modules-0.2.8/CHANGES.txt0000664006321400632140000003015413605660325017666 0ustar ietingofietingof00000000000000 Revision 0.2.8, released 16-11-2019 ----------------------------------- - Improve test routines for modules that use certificate extensions - Improve test for RFC3709 with a real world certificate - Added RFC7633 providing TLS Features Certificate Extension - Added RFC7229 providing OIDs for Test Certificate Policies - Added tests for RFC3280, RFC3281, RFC3852, and RFC4211 - Added RFC6960 providing Online Certificate Status Protocol (OCSP) - Added RFC6955 providing Diffie-Hellman Proof-of-Possession Algorithms - Updated the handling of maps for use with openType for RFC 3279 - Added RFC6486 providing RPKI Manifests - Added RFC6487 providing Profile for X.509 PKIX Resource Certificates - Added RFC6170 providing Certificate Image in the Internet X.509 Public Key Infrastructure, and import the object identifier into RFC3709. - Added RFC6187 providing Certificates for Secure Shell Authentication - Added RFC6482 providing RPKI Route Origin Authorizations (ROAs) - Added RFC6664 providing S/MIME Capabilities for Public Keys - Added RFC6120 providing Extensible Messaging and Presence Protocol names in certificates - Added RFC4985 providing Subject Alternative Name for expression of service names in certificates - Added RFC5924 providing Extended Key Usage for Session Initiation Protocol (SIP) in X.509 certificates - Added RFC5916 providing Device Owner Attribute - Added RFC7508 providing Securing Header Fields with S/MIME - Update RFC8226 to use ComponentPresentConstraint() instead of the previous work around - Add RFC2631 providing OtherInfo for Diffie-Hellman Key Agreement - Add RFC3114 providing test values for the S/MIME Security Label - Add RFC5755 providing Attribute Certificate Profile for Authorization - Add RFC5913 providing Clearance Attribute and Authority Clearance Constraints Certificate Extension - Add RFC5917 providing Clearance Sponsor Attribute - Add RFC4043 providing Internet X.509 PKI Permanent Identifier - Add RFC7585 providing Network Access Identifier (NAI) Realm Name for Certificates - Update RFC3770 to support openType for attributes and reported errata - Add RFC4334 providing Certificate Extensions and Attributes for Authentication in PPP and Wireless LAN Networks Revision 0.2.7, released 09-10-2019 ----------------------------------- - Added maps for use with openType to RFC 3565 - Added RFC2985 providing PKCS#9 Attributes - Added RFC3770 providing Certificate Extensions and Attributes for Authentication in PPP and Wireless LAN Networks - Added RFC5914 providing Trust Anchor Format - Added RFC6010 providing CMS Content Constraints (CCC) Extension - Added RFC6031 providing CMS Symmetric Key Package Content Type - Added RFC6032 providing CMS Encrypted Key Package Content Type - Added RFC7030 providing Enrollment over Secure Transport (EST) - Added RFC7292 providing PKCS #12, which is the Personal Information Exchange Syntax v1.1 - Added RFC8018 providing PKCS #5, which is the Password-Based Cryptography Specification, Version 2.1 - Automatically update the maps for use with openType for RFC3709, RFC6402, RFC7191, and RFC8226 when the module is imported - Added RFC6211 providing CMS Algorithm Identifier Protection Attribute - Added RFC8449 providing Certificate Extension for Hash Of Root Key - Updated RFC2459 and RFC5280 for TODO in the certificate extension map - Added RFC7906 providing NSA's CMS Key Management Attributes - Added RFC7894 providing EST Alternative Challenge Password Attributes - Updated the handling of maps for use with openType so that just doing an import of the modules is enough in most situations; updates to RFC 2634, RFC 3274, RFC 3779, RFC 4073, RFC 4108, RFC 5035, RFC 5083, RFC 5084, RFC 5480, RFC 5940, RFC 5958, RFC 6019, and RFC 8520 - Updated the handling of attribute maps for use with openType in RFC 5958 to use the rfc5652.cmsAttributesMap - Added RFC5990 providing RSA-KEM Key Transport Algorithm in the CMS - Fixed malformed `rfc4210.RevRepContent` data structure layout - Added RFC5934 providing Trust Anchor Management Protocol (TAMP) - Added RFC6210 providing Experiment for Hash Functions with Parameters - Added RFC5751 providing S/MIME Version 3.2 Message Specification - Added RFC8494 providing Multicast Email (MULE) over ACP 142 - Added RFC8398 providing Internationalized Email Addresses in X.509 Certificates - Added RFC8419 providing Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the CMS - Added RFC8479 providing Storing Validation Parameters in PKCS#8 - Added RFC8360 providing Resource Public Key Infrastructure (RPKI) Validation Reconsidered - Added RFC8358 providing Digital Signatures on Internet-Draft Documents - Added RFC8209 providing BGPsec Router PKI Profile - Added RFC8017 providing PKCS #1 Version 2.2 - Added RFC7914 providing scrypt Password-Based Key Derivation Function - Added RFC7773 providing Authentication Context Certificate Extension Revision 0.2.6, released 31-07-2019 ----------------------------------- - Added RFC3560 providing RSAES-OAEP Key Transport Algorithm in CMS - Added RFC6019 providing BinaryTime - an alternate format for representing Date and Time - RFC3565 superseded by RFC5649 - Added RFC5480 providng Elliptic Curve Cryptography Subject Public Key Information - Added RFC8520 providing X.509 Extensions for MUD URL and MUD Signer - Added RFC3161 providing Time-Stamp Protocol support - Added RFC3709 providing Logotypes in X.509 Certificates - Added RFC3274 providing CMS Compressed Data Content Type - Added RFC4073 providing Multiple Contents protection with CMS - Added RFC2634 providing Enhanced Security Services for S/MIME - Added RFC5915 providing Elliptic Curve Private Key - Added RFC5940 providing CMS Revocation Information Choices - Added RFC7296 providing IKEv2 Certificate Bundle - Added RFC8619 providing HKDF Algorithm Identifiers - Added RFC7191 providing CMS Key Package Receipt and Error Content Types - Added openType support for ORAddress Extension Attributes and Algorithm Identifiers in the RFC5280 module - Added RFC5035 providing Update to Enhanced Security Services for S/MIME - Added openType support for CMS Content Types and CMS Attributes in the RFC5652 module - Added openType support to RFC 2986 by importing definitions from the RFC 5280 module so that the same maps are used. - Added maps for use with openType to RFC 2634, RFC 3274, RFC 3709, RFC 3779, RFC 4055, RFC 4073, RFC 4108, RFC 5035, RFC 5083, RFC 5480, RFC 5940, RFC 5958, RFC 6010, RFC 6019, RFC 6402, RFC 7191, RFC 8226, and RFC 8520 - Changed `ValueSizeConstraint` erroneously applied to `SequenceOf` and `SetOf` objects via `subtypeConstraint` attribute to be applied via `sizeSpec` attribute. Although `sizeSpec` takes the same constraint objects as `subtypeConstraint`, the former is only verified on de/serialization i.e. when the [constructed] object at hand is fully populated, while the latter is applied to [scalar] types at the moment of instantiation. Revision 0.2.5, released 24-04-2019 ----------------------------------- - Added module RFC5958 providing Asymmetric Key Packages, which is essentially version 2 of the PrivateKeyInfo structure in PKCS#8 in RFC 5208 - Added module RFC8410 providing algorithm Identifiers for Ed25519, Ed448, X25519, and X448 - Added module RFC8418 providing Elliptic Curve Diffie-Hellman (ECDH) Key Agreement Algorithm with X25519 and X448 - Added module RFC3565 providing Elliptic Curve Diffie-Hellman Key Agreement Algorithm use with X25519 and X448 in the Cryptographic Message Syntax (CMS) - Added module RFC4108 providing CMS Firmware Wrapper - Added module RFC3779 providing X.509 Extensions for IP Addresses and AS Identifiers - Added module RFC4055 providing additional Algorithms and Identifiers for RSA Cryptography for use in Certificates and CRLs Revision 0.2.4, released 26-01-2018 ----------------------------------- - Added modules for RFC8226 implementing JWT Claim Constraints and TN Authorization List for X.509 certificate extensions - Fixed bug in `rfc5280.AlgorithmIdentifier` ANY type definition Revision 0.2.3, released 30-12-2018 ----------------------------------- - Added modules for RFC5083 and RFC5084 (CMS) - Copyright notice extended to the year 2019 Revision 0.2.2, released 28-06-2018 ----------------------------------- - Copyright notice extended to the year 2018 - Migrated references from SourceForge - rfc2986 module added Revision 0.2.1, released 23-11-2017 ----------------------------------- - Allow ANY DEFINED BY objects expanding automatically if requested - Imports PEP8'ed Revision 0.1.5, released 10-10-2017 ----------------------------------- - OCSP response blob fixed in test - Fixed wrong OCSP ResponderID components tagging Revision 0.1.4, released 07-09-2017 ----------------------------------- - Typo fixed in the dependency spec Revision 0.1.3, released 07-09-2017 ----------------------------------- - Apparently, pip>=1.5.6 is still widely used and it is not PEP440 compliant. Had to replace the `~=` version dependency spec with a sequence of simple comparisons to remain compatible with the aging pip. Revision 0.1.2, released 07-09-2017 ----------------------------------- - Pinned to pyasn1 ~0.3.4 Revision 0.1.1, released 27-08-2017 ----------------------------------- - Tests refactored into proper unit tests - pem.readBase64fromText() convenience function added - Pinned to pyasn1 0.3.3 Revision 0.0.11, released 04-08-2017 ------------------------------------ - Fixed typo in ASN.1 definitions at rfc2315.py Revision 0.0.10, released 27-07-2017 ------------------------------------ * Fixed SequenceOf initializer to pass now-mandatory componentType keyword argument (since pyasn1 0.3.1) * Temporarily fixed recursive ASN.1 type definition to work with pyasn1 0.3.1+. This is going to be fixed properly shortly. Revision 0.0.9, released 01-06-2017 ----------------------------------- * More CRL data structures added (RFC3279) * Added X.509 certificate extensions map * Added X.509 attribute type map * Fix to __doc__ use in setup.py to make -O0 installation mode working * Copyright added to source files * More PEP-8'ing done on the code * Author's e-mail changed Revision 0.0.8, released 28-09-2015 ----------------------------------- - Wheel distribution format now supported - Fix to misspelled rfc2459.id_at_sutname variable - Fix to misspelled rfc2459.NameConstraints component tag ID - Fix to misspelled rfc2459.GeneralSubtree component default status Revision 0.0.7, released 01-08-2015 ----------------------------------- - Extensions added to text files, CVS attic flushed. - Fix to rfc2459.BasicConstraints syntax. Revision 0.0.6, released 21-06-2015 ----------------------------------- - Typo fix to id_kp_serverAuth object value - A test case for indefinite length encoding eliminated as it's forbidden in DER. Revision 0.0.5 -------------- - License updated to vanilla BSD 2-Clause to ease package use (http://opensource.org/licenses/BSD-2-Clause). - Missing components added to rfc4210.PKIBody. - Fix to rfc2459.CRLDistPointsSyntax typo. - Fix to rfc2511.CertReqMsg typo. Revision 0.0.4 -------------- - CMP structures (RFC4210), cmpdump.py tool and test case added. - SNMPv2c Message syntax (RFC1901) properly defined. - Package version established in form of __init__.__version__ which is in-sync with distutils. - Package meta information and classifiers updated. Revision 0.0.3 -------------- - Text cases implemented - X.509 CRMF structures (RFC2511) and crmfdump.py tool added - X.509 CRL structures and crldump.py tool added - PKCS#10 structures and pkcs10dump.py tool added - PKCS#8 structures and pkcs8dump.py tool added - PKCS#1 (rfc3447) structures added - OCSP request & response dumping tool added - SNMPv2c & SNMPv3/USM structures added - keydump.py moved into pkcs1dump.py - PEM files read function generalized to be used more universally. - complete PKIX1 '88 code implemented at rfc2459.py Revision 0.0.2 -------------- - Require pyasn1 >= 0.1.1 - Fixes towards Py3K compatibility + use either of existing urllib module + adopt to the new bytes type + print operator is now a function + new exception syntax Revision 0.0.1a --------------- - Initial revision, most code carried from pyasn1 examples. pyasn1-modules-0.2.8/LICENSE.txt0000644006321400632140000000246613551772551017710 0ustar ietingofietingof00000000000000Copyright (c) 2005-2019, Ilya Etingof All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. pyasn1-modules-0.2.8/MANIFEST.in0000644006321400632140000000013513551772550017611 0ustar ietingofietingof00000000000000include *.txt *.md recursive-include tools *.py recursive-include tests *.py prune doc/build pyasn1-modules-0.2.8/PKG-INFO0000664006321400632140000000343713605660531017155 0ustar ietingofietingof00000000000000Metadata-Version: 1.2 Name: pyasn1-modules Version: 0.2.8 Summary: A collection of ASN.1-based protocols modules. Home-page: https://github.com/etingof/pyasn1-modules Author: Ilya Etingof Author-email: etingof@gmail.com Maintainer: Ilya Etingof License: BSD-2-Clause Description: A collection of ASN.1 modules expressed in form of pyasn1 classes. Includes protocols PDUs definition (SNMP, LDAP etc.) and various data structures (X.509, PKCS etc.). Platform: any Classifier: Development Status :: 5 - Production/Stable Classifier: Environment :: Console Classifier: Intended Audience :: Developers Classifier: Intended Audience :: Education Classifier: Intended Audience :: Information Technology Classifier: Intended Audience :: System Administrators Classifier: Intended Audience :: Telecommunications Industry Classifier: License :: OSI Approved :: BSD License Classifier: Natural Language :: English Classifier: Operating System :: OS Independent Classifier: Programming Language :: Python :: 2 Classifier: Programming Language :: Python :: 2.4 Classifier: Programming Language :: Python :: 2.5 Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 Classifier: Programming Language :: Python :: 3.2 Classifier: Programming Language :: Python :: 3.3 Classifier: Programming Language :: Python :: 3.4 Classifier: Programming Language :: Python :: 3.5 Classifier: Programming Language :: Python :: 3.6 Classifier: Programming Language :: Python :: 3.7 Classifier: Programming Language :: Python :: 3.8 Classifier: Topic :: Communications Classifier: Topic :: System :: Monitoring Classifier: Topic :: System :: Networking :: Monitoring Classifier: Topic :: Software Development :: Libraries :: Python Modules pyasn1-modules-0.2.8/README.md0000644006321400632140000000274613551772550017344 0ustar ietingofietingof00000000000000 ASN.1 modules for Python ------------------------ [![PyPI](https://img.shields.io/pypi/v/pyasn1-modules.svg?maxAge=2592000)](https://pypi.org/project/pyasn1-modules) [![Python Versions](https://img.shields.io/pypi/pyversions/pyasn1-modules.svg)](https://pypi.org/project/pyasn1-modules/) [![Build status](https://travis-ci.org/etingof/pyasn1-modules.svg?branch=master)](https://travis-ci.org/etingof/pyasn1-modules) [![Coverage Status](https://img.shields.io/codecov/c/github/etingof/pyasn1-modules.svg)](https://codecov.io/github/etingof/pyasn1-modules/) [![GitHub license](https://img.shields.io/badge/license-BSD-blue.svg)](https://raw.githubusercontent.com/etingof/pyasn1-modules/master/LICENSE.txt) The `pyasn1-modules` package contains a collection of [ASN.1](https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.208-198811-W!!PDF-E&type=items) data structures expressed as Python classes based on [pyasn1](https://github.com/etingof/pyasn1) data model. If ASN.1 module you need is not present in this collection, try using [Asn1ate](https://github.com/kimgr/asn1ate) tool that compiles ASN.1 documents into pyasn1 code. Feedback -------- If something does not work as expected, [open an issue](https://github.com/etingof/pyasn1-modules/issues) at GitHub or post your question [on Stack Overflow](https://stackoverflow.com/questions/ask) New modules contributions are welcome via GitHub pull requests. Copyright (c) 2005-2019, [Ilya Etingof](mailto:etingof@gmail.com). All rights reserved. pyasn1-modules-0.2.8/pyasn1_modules/0000775006321400632140000000000013605660531021014 5ustar ietingofietingof00000000000000pyasn1-modules-0.2.8/pyasn1_modules/__init__.py0000664006321400632140000000010113605660325023116 0ustar ietingofietingof00000000000000# http://www.python.org/dev/peps/pep-0396/ __version__ = '0.2.8' pyasn1-modules-0.2.8/pyasn1_modules/pem.py0000644006321400632140000000401213551772550022147 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import base64 import sys stSpam, stHam, stDump = 0, 1, 2 # The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')... # Return is (marker-index, substrate) def readPemBlocksFromFile(fileObj, *markers): startMarkers = dict(map(lambda x: (x[1], x[0]), enumerate(map(lambda y: y[0], markers)))) stopMarkers = dict(map(lambda x: (x[1], x[0]), enumerate(map(lambda y: y[1], markers)))) idx = -1 substrate = '' certLines = [] state = stSpam while True: certLine = fileObj.readline() if not certLine: break certLine = certLine.strip() if state == stSpam: if certLine in startMarkers: certLines = [] idx = startMarkers[certLine] state = stHam continue if state == stHam: if certLine in stopMarkers and stopMarkers[certLine] == idx: state = stDump else: certLines.append(certLine) if state == stDump: if sys.version_info[0] <= 2: substrate = ''.join([base64.b64decode(x) for x in certLines]) else: substrate = ''.encode().join([base64.b64decode(x.encode()) for x in certLines]) break return idx, substrate # Backward compatibility routine def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', endMarker='-----END CERTIFICATE-----'): idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker)) return substrate def readBase64fromText(text): if sys.version_info[0] <= 2: return base64.b64decode(text) else: return base64.b64decode(text.encode()) def readBase64FromFile(fileObj): return readBase64fromText(fileObj.read()) pyasn1-modules-0.2.8/pyasn1_modules/rfc1155.py0000644006321400632140000000517313551772550022465 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv1 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1155.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ class ObjectName(univ.ObjectIdentifier): pass class SimpleSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('number', univ.Integer()), namedtype.NamedType('string', univ.OctetString()), namedtype.NamedType('object', univ.ObjectIdentifier()), namedtype.NamedType('empty', univ.Null()) ) class IpAddress(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( 4, 4 ) class NetworkAddress(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('internet', IpAddress()) ) class Counter(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Gauge(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) ) class ApplicationSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('address', NetworkAddress()), namedtype.NamedType('counter', Counter()), namedtype.NamedType('gauge', Gauge()), namedtype.NamedType('ticks', TimeTicks()), namedtype.NamedType('arbitrary', Opaque()) ) class ObjectSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', SimpleSyntax()), namedtype.NamedType('application-wide', ApplicationSyntax()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc1157.py0000644006321400632140000000674213551772550022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv1 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1157.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc1155 class Version(univ.Integer): namedValues = namedval.NamedValues( ('version-1', 0) ) defaultValue = 0 class Community(univ.OctetString): pass class RequestID(univ.Integer): pass class ErrorStatus(univ.Integer): namedValues = namedval.NamedValues( ('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5) ) class ErrorIndex(univ.Integer): pass class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('name', rfc1155.ObjectName()), namedtype.NamedType('value', rfc1155.ObjectSyntax()) ) class VarBindList(univ.SequenceOf): componentType = VarBind() class _RequestBase(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', RequestID()), namedtype.NamedType('error-status', ErrorStatus()), namedtype.NamedType('error-index', ErrorIndex()), namedtype.NamedType('variable-bindings', VarBindList()) ) class GetRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) class GetNextRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) class GetResponsePDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) ) class SetRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) ) class TrapPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('enterprise', univ.ObjectIdentifier()), namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()), namedtype.NamedType('generic-trap', univ.Integer().clone( namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), ('authenticationFailure', 4), ('egpNeighborLoss', 5), ('enterpriseSpecific', 6)))), namedtype.NamedType('specific-trap', univ.Integer()), namedtype.NamedType('time-stamp', rfc1155.TimeTicks()), namedtype.NamedType('variable-bindings', VarBindList()) ) class Pdus(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('get-request', GetRequestPDU()), namedtype.NamedType('get-next-request', GetNextRequestPDU()), namedtype.NamedType('get-response', GetResponsePDU()), namedtype.NamedType('set-request', SetRequestPDU()), namedtype.NamedType('trap', TrapPDU()) ) class Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('community', Community()), namedtype.NamedType('data', Pdus()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc1901.py0000644006321400632140000000120613551772550022455 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv2c message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1901.txt # from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ class Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('version-2c', 1)))), namedtype.NamedType('community', univ.OctetString()), namedtype.NamedType('data', univ.Any()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc1902.py0000644006321400632140000000717113551772550022465 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv2c message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1902.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ class Integer(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( -2147483648, 2147483647 ) class Integer32(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( -2147483648, 2147483647 ) class OctetString(univ.OctetString): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( 0, 65535 ) class IpAddress(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00) ) subtypeSpec = univ.OctetString.subtypeSpec + constraint.ValueSizeConstraint( 4, 4 ) class Counter32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Gauge32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Unsigned32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04) ) class Counter64(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 18446744073709551615 ) class Bits(univ.OctetString): pass class ObjectName(univ.ObjectIdentifier): pass class SimpleSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('integer-value', Integer()), namedtype.NamedType('string-value', OctetString()), namedtype.NamedType('objectID-value', univ.ObjectIdentifier()) ) class ApplicationSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('ipAddress-value', IpAddress()), namedtype.NamedType('counter-value', Counter32()), namedtype.NamedType('timeticks-value', TimeTicks()), namedtype.NamedType('arbitrary-value', Opaque()), namedtype.NamedType('big-counter-value', Counter64()), # This conflicts with Counter32 # namedtype.NamedType('unsigned-integer-value', Unsigned32()), namedtype.NamedType('gauge32-value', Gauge32()) ) # BITS misplaced? class ObjectSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', SimpleSyntax()), namedtype.NamedType('application-wide', ApplicationSyntax()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc1905.py0000644006321400632140000001133713551772550022467 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv2c PDU syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1905.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc1902 max_bindings = rfc1902.Integer(2147483647) class _BindValue(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('value', rfc1902.ObjectSyntax()), namedtype.NamedType('unSpecified', univ.Null()), namedtype.NamedType('noSuchObject', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('noSuchInstance', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('endOfMibView', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('name', rfc1902.ObjectName()), namedtype.NamedType('', _BindValue()) ) class VarBindList(univ.SequenceOf): componentType = VarBind() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint( 0, max_bindings ) class PDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', rfc1902.Integer32()), namedtype.NamedType('error-status', univ.Integer( namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), ('notWritable', 17), ('inconsistentName', 18)))), namedtype.NamedType('error-index', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('variable-bindings', VarBindList()) ) class BulkPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', rfc1902.Integer32()), namedtype.NamedType('non-repeaters', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('max-repetitions', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('variable-bindings', VarBindList()) ) class GetRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) class GetNextRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) class ResponsePDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) ) class SetRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) ) class GetBulkRequestPDU(BulkPDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) ) class InformRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) ) class SNMPv2TrapPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) ) class ReportPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) ) class PDUs(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('get-request', GetRequestPDU()), namedtype.NamedType('get-next-request', GetNextRequestPDU()), namedtype.NamedType('get-bulk-request', GetBulkRequestPDU()), namedtype.NamedType('response', ResponsePDU()), namedtype.NamedType('set-request', SetRequestPDU()), namedtype.NamedType('inform-request', InformRequestPDU()), namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()), namedtype.NamedType('report', ReportPDU()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc2251.py0000644006321400632140000006446313551772550022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # LDAP message syntax # # ASN.1 source from: # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/ldap.asn # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ maxInt = univ.Integer(2147483647) class LDAPString(univ.OctetString): pass class LDAPOID(univ.OctetString): pass class LDAPDN(LDAPString): pass class RelativeLDAPDN(LDAPString): pass class AttributeType(LDAPString): pass class AttributeDescription(LDAPString): pass class AttributeDescriptionList(univ.SequenceOf): componentType = AttributeDescription() class AttributeValue(univ.OctetString): pass class AssertionValue(univ.OctetString): pass class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeDesc', AttributeDescription()), namedtype.NamedType('assertionValue', AssertionValue()) ) class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) class MatchingRuleId(LDAPString): pass class Control(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('controlType', LDAPOID()), namedtype.DefaultedNamedType('criticality', univ.Boolean('False')), namedtype.OptionalNamedType('controlValue', univ.OctetString()) ) class Controls(univ.SequenceOf): componentType = Control() class LDAPURL(LDAPString): pass class Referral(univ.SequenceOf): componentType = LDAPURL() class SaslCredentials(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('mechanism', LDAPString()), namedtype.OptionalNamedType('credentials', univ.OctetString()) ) class AuthenticationChoice(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('reserved-1', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('reserved-2', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('sasl', SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class BindRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0) ) componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))), namedtype.NamedType('name', LDAPDN()), namedtype.NamedType('authentication', AuthenticationChoice()) ) class PartialAttributeList(univ.SequenceOf): componentType = univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) ) class SearchResultEntry(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4) ) componentType = namedtype.NamedTypes( namedtype.NamedType('objectName', LDAPDN()), namedtype.NamedType('attributes', PartialAttributeList()) ) class MatchingRuleAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('type', AttributeDescription().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('matchValue', AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class SubstringFilter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('substrings', univ.SequenceOf( componentType=univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType( 'initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) ), namedtype.NamedType( 'any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) ), namedtype.NamedType( 'final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)) ) ) ) ) ) ) # Ugly hack to handle recursive Filter reference (up to 3-levels deep). class Filter3(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('substrings', SubstringFilter().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.NamedType('present', AttributeDescription().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) class Filter2(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('not', Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('substrings', SubstringFilter().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.NamedType('present', AttributeDescription().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) class Filter(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('not', Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('substrings', SubstringFilter().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.NamedType('present', AttributeDescription().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) # End of Filter hack class SearchRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3) ) componentType = namedtype.NamedTypes( namedtype.NamedType('baseObject', LDAPDN()), namedtype.NamedType('scope', univ.Enumerated( namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))), namedtype.NamedType('derefAliases', univ.Enumerated( namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), ('derefFindingBaseObj', 2), ('derefAlways', 3)))), namedtype.NamedType('sizeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), namedtype.NamedType('timeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), namedtype.NamedType('typesOnly', univ.Boolean()), namedtype.NamedType('filter', Filter()), namedtype.NamedType('attributes', AttributeDescriptionList()) ) class UnbindRequest(univ.Null): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) ) class BindResponse(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) ) componentType = namedtype.NamedTypes( namedtype.NamedType('resultCode', univ.Enumerated( namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), namedtype.OptionalNamedType('referral', Referral().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))) ) class LDAPResult(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('resultCode', univ.Enumerated( namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), namedtype.OptionalNamedType('referral', Referral().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class SearchResultReference(univ.SequenceOf): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19) ) componentType = LDAPURL() class SearchResultDone(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5) ) class AttributeTypeAndValues(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) class ModifyRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6) ) componentType = namedtype.NamedTypes( namedtype.NamedType('object', LDAPDN()), namedtype.NamedType('modification', univ.SequenceOf( componentType=univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType( 'operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2))) ), namedtype.NamedType('modification', AttributeTypeAndValues()))) ) ) ) class ModifyResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7) ) class AttributeList(univ.SequenceOf): componentType = univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) ) class AddRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8) ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('attributes', AttributeList()) ) class AddResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9) ) class DelRequest(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10) ) class DelResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11) ) class ModifyDNRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12) ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('newrdn', RelativeLDAPDN()), namedtype.NamedType('deleteoldrdn', univ.Boolean()), namedtype.OptionalNamedType('newSuperior', LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class ModifyDNResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13) ) class CompareRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14) ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('ava', AttributeValueAssertion()) ) class CompareResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15) ) class AbandonRequest(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16) ) class ExtendedRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23) ) componentType = namedtype.NamedTypes( namedtype.NamedType('requestName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtendedResponse(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24) ) componentType = namedtype.NamedTypes( namedtype.NamedType('resultCode', univ.Enumerated( namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), namedtype.OptionalNamedType('referral', Referral().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('responseName', LDAPOID().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))), namedtype.OptionalNamedType('response', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11))) ) class MessageID(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, maxInt ) class LDAPMessage(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('messageID', MessageID()), namedtype.NamedType( 'protocolOp', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('bindRequest', BindRequest()), namedtype.NamedType('bindResponse', BindResponse()), namedtype.NamedType('unbindRequest', UnbindRequest()), namedtype.NamedType('searchRequest', SearchRequest()), namedtype.NamedType('searchResEntry', SearchResultEntry()), namedtype.NamedType('searchResDone', SearchResultDone()), namedtype.NamedType('searchResRef', SearchResultReference()), namedtype.NamedType('modifyRequest', ModifyRequest()), namedtype.NamedType('modifyResponse', ModifyResponse()), namedtype.NamedType('addRequest', AddRequest()), namedtype.NamedType('addResponse', AddResponse()), namedtype.NamedType('delRequest', DelRequest()), namedtype.NamedType('delResponse', DelResponse()), namedtype.NamedType('modDNRequest', ModifyDNRequest()), namedtype.NamedType('modDNResponse', ModifyDNResponse()), namedtype.NamedType('compareRequest', CompareRequest()), namedtype.NamedType('compareResponse', CompareResponse()), namedtype.NamedType('abandonRequest', AbandonRequest()), namedtype.NamedType('extendedReq', ExtendedRequest()), namedtype.NamedType('extendedResp', ExtendedResponse()) ) ) ), namedtype.OptionalNamedType('controls', Controls().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc2314.py0000644006321400632140000000244113551772550022456 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # PKCS#10 syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc2314 # # Sample captures could be obtained with "openssl req" command # from pyasn1_modules.rfc2459 import * class Attributes(univ.SetOf): componentType = Attribute() class Version(univ.Integer): pass class CertificationRequestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class Signature(univ.BitString): pass class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass class CertificationRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc2315.py0000644006321400632140000002270213551772550022461 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # PKCS#7 message syntax # # ASN.1 source from: # https://opensource.apple.com/source/Security/Security-55179.1/libsecurity_asn1/asn1/pkcs7.asn.auto.html # # Sample captures from: # openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b # from pyasn1_modules.rfc2459 import * class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) ) class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeType', AttributeType()), namedtype.NamedType('attributeValue', AttributeValue(), openType=opentype.OpenType('type', certificateAttributesMap)) ) pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7') data = univ.ObjectIdentifier('1.2.840.113549.1.7.1') signedData = univ.ObjectIdentifier('1.2.840.113549.1.7.2') envelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.3') signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4') digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5') encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6') class ContentType(univ.ObjectIdentifier): pass class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass class EncryptedContent(univ.OctetString): pass contentTypeMap = {} class EncryptedContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), namedtype.OptionalNamedType( 'encryptedContent', EncryptedContent().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ), openType=opentype.OpenType('contentType', contentTypeMap) ) ) class Version(univ.Integer): # overrides x509.Version pass class EncryptedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) ) class DigestAlgorithmIdentifier(AlgorithmIdentifier): pass class DigestAlgorithmIdentifiers(univ.SetOf): componentType = DigestAlgorithmIdentifier() class Digest(univ.OctetString): pass class ContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.OptionalNamedType( 'content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)), openType=opentype.OpenType('contentType', contentTypeMap) ) ) class DigestedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('contentInfo', ContentInfo()), namedtype.NamedType('digest', Digest()) ) class IssuerAndSerialNumber(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('serialNumber', CertificateSerialNumber()) ) class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass class EncryptedKey(univ.OctetString): pass class RecipientInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class RecipientInfos(univ.SetOf): componentType = RecipientInfo() class Attributes(univ.SetOf): componentType = Attribute() class ExtendedCertificateInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('certificate', Certificate()), namedtype.NamedType('attributes', Attributes()) ) class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass class Signature(univ.BitString): pass class ExtendedCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) class ExtendedCertificateOrCertificate(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', Certificate()), namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class ExtendedCertificatesAndCertificates(univ.SetOf): componentType = ExtendedCertificateOrCertificate() class SerialNumber(univ.Integer): pass class CRLEntry(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('userCertificate', SerialNumber()), namedtype.NamedType('revocationDate', useful.UTCTime()) ) class TBSCertificateRevocationList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('lastUpdate', useful.UTCTime()), namedtype.NamedType('nextUpdate', useful.UTCTime()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry())) ) class CertificateRevocationList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class CertificateRevocationLists(univ.SetOf): componentType = CertificateRevocationList() class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass class EncryptedDigest(univ.OctetString): pass class SignerInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedDigest', EncryptedDigest()), namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class SignerInfos(univ.SetOf): componentType = SignerInfo() class SignedAndEnvelopedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) class EnvelopedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) ) class DigestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('digest', Digest()) ) class SignedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.OptionalNamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('contentInfo', ContentInfo()), namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.OptionalNamedType('signerInfos', SignerInfos()) ) class Data(univ.OctetString): pass _contentTypeMapUpdate = { data: Data(), signedData: SignedData(), envelopedData: EnvelopedData(), signedAndEnvelopedData: SignedAndEnvelopedData(), digestedData: DigestedData(), encryptedData: EncryptedData() } contentTypeMap.update(_contentTypeMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc2437.py0000644006321400632140000000507713551772550022474 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # PKCS#1 syntax # # ASN.1 source from: # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2.asn # # Sample captures could be obtained with "openssl genrsa" command # from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules.rfc2459 import AlgorithmIdentifier pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') md4WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.3') md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') rsaOAEPEncryptionSET = univ.ObjectIdentifier('1.2.840.113549.1.1.6') id_RSAES_OAEP = univ.ObjectIdentifier('1.2.840.113549.1.1.7') id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8') id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9') id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') MAX = float('inf') class Version(univ.Integer): pass class RSAPrivateKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()), namedtype.NamedType('privateExponent', univ.Integer()), namedtype.NamedType('prime1', univ.Integer()), namedtype.NamedType('prime2', univ.Integer()), namedtype.NamedType('exponent1', univ.Integer()), namedtype.NamedType('exponent2', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()) ) class RSAPublicKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()) ) # XXX defaults not set class RSAES_OAEP_params(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc2459.py0000644006321400632140000014152213551772550022474 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Updated by Russ Housley to resolve the TODO regarding the Certificate # Policies Certificate Extension. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # X.509 message syntax # # ASN.1 source from: # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn # http://www.ietf.org/rfc/rfc2459.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful MAX = float('inf') # # PKIX1Explicit88 # # Upper Bounds ub_name = univ.Integer(32768) ub_common_name = univ.Integer(64) ub_locality_name = univ.Integer(128) ub_state_name = univ.Integer(128) ub_organization_name = univ.Integer(64) ub_organizational_unit_name = univ.Integer(64) ub_title = univ.Integer(64) ub_match = univ.Integer(128) ub_emailaddress_length = univ.Integer(128) ub_common_name_length = univ.Integer(64) ub_country_name_alpha_length = univ.Integer(2) ub_country_name_numeric_length = univ.Integer(3) ub_domain_defined_attributes = univ.Integer(4) ub_domain_defined_attribute_type_length = univ.Integer(8) ub_domain_defined_attribute_value_length = univ.Integer(128) ub_domain_name_length = univ.Integer(16) ub_extension_attributes = univ.Integer(256) ub_e163_4_number_length = univ.Integer(15) ub_e163_4_sub_address_length = univ.Integer(40) ub_generation_qualifier_length = univ.Integer(3) ub_given_name_length = univ.Integer(16) ub_initials_length = univ.Integer(5) ub_integer_options = univ.Integer(256) ub_numeric_user_id_length = univ.Integer(32) ub_organization_name_length = univ.Integer(64) ub_organizational_unit_name_length = univ.Integer(32) ub_organizational_units = univ.Integer(4) ub_pds_name_length = univ.Integer(16) ub_pds_parameter_length = univ.Integer(30) ub_pds_physical_address_lines = univ.Integer(6) ub_postal_code_length = univ.Integer(16) ub_surname_length = univ.Integer(40) ub_terminal_id_length = univ.Integer(24) ub_unformatted_address_length = univ.Integer(180) ub_x121_address_length = univ.Integer(16) class UniversalString(char.UniversalString): pass class BMPString(char.BMPString): pass class UTF8String(char.UTF8String): pass id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') id_qt = univ.ObjectIdentifier('1.3.6.1.5.5.7.2') id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') id_ad = univ.ObjectIdentifier('1.3.6.1.5.5.7.48') id_qt_cps = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.1') id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') id_at = univ.ObjectIdentifier('2.5.4') id_at_name = univ.ObjectIdentifier('2.5.4.41') # preserve misspelled variable for compatibility id_at_sutname = id_at_surname = univ.ObjectIdentifier('2.5.4.4') id_at_givenName = univ.ObjectIdentifier('2.5.4.42') id_at_initials = univ.ObjectIdentifier('2.5.4.43') id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') class X520name(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) id_at_commonName = univ.ObjectIdentifier('2.5.4.3') class X520CommonName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) id_at_localityName = univ.ObjectIdentifier('2.5.4.7') class X520LocalityName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') class X520StateOrProvinceName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') class X520OrganizationName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') class X520OrganizationalUnitName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) id_at_title = univ.ObjectIdentifier('2.5.4.12') class X520Title(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') class X520dnQualifier(char.PrintableString): pass id_at_countryName = univ.ObjectIdentifier('2.5.4.6') class X520countryName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') class Pkcs9email(char.IA5String): subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) # ---- class DSAPrivateKey(univ.Sequence): """PKIX compliant DSA private key structure""" componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('g', univ.Integer()), namedtype.NamedType('public', univ.Integer()), namedtype.NamedType('private', univ.Integer()) ) # ---- class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX ) # certificate and CRL specific structures begin here class AlgorithmIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any()) ) # Algorithm OIDs and parameter structures pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') class Dss_Sig_Value(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('r', univ.Integer()), namedtype.NamedType('s', univ.Integer()) ) dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') class ValidationParms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('seed', univ.BitString()), namedtype.NamedType('pgenCounter', univ.Integer()) ) class DomainParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('g', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('j', univ.Integer()), namedtype.OptionalNamedType('validationParms', ValidationParms()) ) id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') class Dss_Parms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('g', univ.Integer()) ) # x400 address syntax starts here teletex_domain_defined_attributes = univ.Integer(6) class TeletexDomainDefinedAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.TeletexString()) ) class TeletexDomainDefinedAttributes(univ.SequenceOf): componentType = TeletexDomainDefinedAttribute() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) terminal_type = univ.Integer(23) class TerminalType(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) namedValues = namedval.NamedValues( ('telex', 3), ('teletelex', 4), ('g3-facsimile', 5), ('g4-facsimile', 6), ('ia5-terminal', 7), ('videotex', 8) ) class PresentationAddress(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), ) extended_network_address = univ.Integer(22) class E163_4_address(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('number', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtendedNetworkAddress(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('e163-4-address', E163_4_address()), namedtype.NamedType('psap-address', PresentationAddress().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class PDSParameter(univ.Set): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) local_postal_attributes = univ.Integer(21) class LocalPostalAttributes(PDSParameter): pass class UniquePostalName(PDSParameter): pass unique_postal_name = univ.Integer(20) poste_restante_address = univ.Integer(19) class PosteRestanteAddress(PDSParameter): pass post_office_box_address = univ.Integer(18) class PostOfficeBoxAddress(PDSParameter): pass street_address = univ.Integer(17) class StreetAddress(PDSParameter): pass class UnformattedPostalAddress(univ.Set): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) physical_delivery_office_name = univ.Integer(10) class PhysicalDeliveryOfficeName(PDSParameter): pass physical_delivery_office_number = univ.Integer(11) class PhysicalDeliveryOfficeNumber(PDSParameter): pass extension_OR_address_components = univ.Integer(12) class ExtensionORAddressComponents(PDSParameter): pass physical_delivery_personal_name = univ.Integer(13) class PhysicalDeliveryPersonalName(PDSParameter): pass physical_delivery_organization_name = univ.Integer(14) class PhysicalDeliveryOrganizationName(PDSParameter): pass extension_physical_delivery_address_components = univ.Integer(15) class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass unformatted_postal_address = univ.Integer(16) postal_code = univ.Integer(9) class PostalCode(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('numeric-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), namedtype.NamedType('printable-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) class PhysicalDeliveryCountryName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) class PDSName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) physical_delivery_country_name = univ.Integer(8) class TeletexOrganizationalUnitName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) pds_name = univ.Integer(7) teletex_organizational_unit_names = univ.Integer(5) class TeletexOrganizationalUnitNames(univ.SequenceOf): componentType = TeletexOrganizationalUnitName() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) teletex_personal_name = univ.Integer(4) class TeletexPersonalName(univ.Set): componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) teletex_organization_name = univ.Integer(3) class TeletexOrganizationName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) teletex_common_name = univ.Integer(2) class TeletexCommonName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) class CommonName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) common_name = univ.Integer(1) class ExtensionAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtensionAttributes(univ.SetOf): componentType = ExtensionAttribute() sizeSpec = univ.SetOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) class BuiltInDomainDefinedAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) class BuiltInDomainDefinedAttributes(univ.SequenceOf): componentType = BuiltInDomainDefinedAttribute() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) class OrganizationalUnitName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) class OrganizationalUnitNames(univ.SequenceOf): componentType = OrganizationalUnitName() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) class PersonalName(univ.Set): componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class NumericUserIdentifier(char.NumericString): subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) class OrganizationName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) class PrivateDomainName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) class TerminalIdentifier(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) class X121Address(char.NumericString): subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) class NetworkAddress(X121Address): pass class AdministrationDomainName(univ.Choice): tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) ) componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) class CountryName(univ.Choice): tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) ) componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) class BuiltInStandardAttributes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('personal-name', PersonalName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) class ORAddress(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) ) # # PKIX1Implicit88 # id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') class InvalidityDate(useful.GeneralizedTime): pass id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') id_holdinstruction_reject = univ.ObjectIdentifier('2.2.840.10040.2.3') holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') class HoldInstructionCode(univ.ObjectIdentifier): pass id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') class CRLReason(univ.Enumerated): namedValues = namedval.NamedValues( ('unspecified', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('removeFromCRL', 8) ) id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') class CRLNumber(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) class BaseCRLNumber(CRLNumber): pass id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1') id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') id_kp_ipsecEndSystem = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.5') id_kp_ipsecTunnel = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.6') id_kp_ipsecUser = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.7') id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') class KeyPurposeId(univ.ObjectIdentifier): pass class ExtKeyUsageSyntax(univ.SequenceOf): componentType = KeyPurposeId() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class ReasonFlags(univ.BitString): namedValues = namedval.NamedValues( ('unused', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6) ) class SkipCerts(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') class PolicyConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') class BasicConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('cA', univ.Boolean(False)), namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') class EDIPartyName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') class BaseDistance(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') class DisplayText(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) class NoticeReference(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('organization', DisplayText()), namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) ) class UserNotice(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('noticeRef', NoticeReference()), namedtype.OptionalNamedType('explicitText', DisplayText()) ) class CPSuri(char.IA5String): pass class PolicyQualifierId(univ.ObjectIdentifier): subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) class CertPolicyId(univ.ObjectIdentifier): pass class PolicyQualifierInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyQualifierId', PolicyQualifierId()), namedtype.NamedType('qualifier', univ.Any()) ) id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') class PolicyInformation(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyIdentifier', CertPolicyId()), namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class CertificatePolicies(univ.SequenceOf): componentType = PolicyInformation() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') class PolicyMapping(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) ) class PolicyMappings(univ.SequenceOf): componentType = PolicyMapping() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') class PrivateKeyUsagePeriod(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') class KeyUsage(univ.BitString): namedValues = namedval.NamedValues( ('digitalSignature', 0), ('nonRepudiation', 1), ('keyEncipherment', 2), ('dataEncipherment', 3), ('keyAgreement', 4), ('keyCertSign', 5), ('cRLSign', 6), ('encipherOnly', 7), ('decipherOnly', 8) ) id_ce = univ.ObjectIdentifier('2.5.29') id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') class KeyIdentifier(univ.OctetString): pass id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') class SubjectKeyIdentifier(KeyIdentifier): pass id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') class AttributeValue(univ.Any): pass class AttributeType(univ.ObjectIdentifier): pass certificateAttributesMap = {} class AttributeTypeAndValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('value', AttributeValue(), openType=opentype.OpenType('type', certificateAttributesMap)) ) class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) class SubjectDirectoryAttributes(univ.SequenceOf): componentType = Attribute() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class RelativeDistinguishedName(univ.SetOf): componentType = AttributeTypeAndValue() class RDNSequence(univ.SequenceOf): componentType = RelativeDistinguishedName() class Name(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('', RDNSequence()) ) class CertificateSerialNumber(univ.Integer): pass class AnotherName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type-id', univ.ObjectIdentifier()), namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class GeneralName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), namedtype.NamedType('iPAddress', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) class GeneralNames(univ.SequenceOf): componentType = GeneralName() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class AccessDescription(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), namedtype.NamedType('accessLocation', GeneralName()) ) class AuthorityInfoAccessSyntax(univ.SequenceOf): componentType = AccessDescription() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class AuthorityKeyIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class DistributionPointName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('fullName', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class DistributionPoint(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) class CRLDistPointsSyntax(univ.SequenceOf): componentType = DistributionPoint() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class IssuingDistributionPoint(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class GeneralSubtree(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('maximum', BaseDistance().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class GeneralSubtrees(univ.SequenceOf): componentType = GeneralSubtree() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class NameConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class CertificateIssuer(GeneralNames): pass class SubjectAltName(GeneralNames): pass class IssuerAltName(GeneralNames): pass certificateExtensionsMap = {} class Extension(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extnID', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('critical', univ.Boolean('False')), namedtype.NamedType('extnValue', univ.OctetString(), openType=opentype.OpenType('extnID', certificateExtensionsMap)) ) class Extensions(univ.SequenceOf): componentType = Extension() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class SubjectPublicKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) ) class UniqueIdentifier(univ.BitString): pass class Time(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) ) class Validity(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('notBefore', Time()), namedtype.NamedType('notAfter', Time()) ) class Version(univ.Integer): namedValues = namedval.NamedValues( ('v1', 0), ('v2', 1), ('v3', 2) ) class TBSCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('extensions', Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class Certificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificate', TBSCertificate()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signatureValue', univ.BitString()) ) # CRL structures class RevokedCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('userCertificate', CertificateSerialNumber()), namedtype.NamedType('revocationDate', Time()), namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) ) class TBSCertList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), namedtype.OptionalNamedType('crlExtensions', Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class CertificateList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertList', TBSCertList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) # map of AttributeType -> AttributeValue _certificateAttributesMapUpdate = { id_at_name: X520name(), id_at_surname: X520name(), id_at_givenName: X520name(), id_at_initials: X520name(), id_at_generationQualifier: X520name(), id_at_commonName: X520CommonName(), id_at_localityName: X520LocalityName(), id_at_stateOrProvinceName: X520StateOrProvinceName(), id_at_organizationName: X520OrganizationName(), id_at_organizationalUnitName: X520OrganizationalUnitName(), id_at_title: X520Title(), id_at_dnQualifier: X520dnQualifier(), id_at_countryName: X520countryName(), emailAddress: Pkcs9email(), } certificateAttributesMap.update(_certificateAttributesMapUpdate) # map of Certificate Extension OIDs to Extensions _certificateExtensionsMapUpdate = { id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), id_ce_certificatePolicies: CertificatePolicies(), id_ce_policyMappings: PolicyMappings(), id_ce_subjectAltName: SubjectAltName(), id_ce_issuerAltName: IssuerAltName(), id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), id_ce_basicConstraints: BasicConstraints(), id_ce_nameConstraints: NameConstraints(), id_ce_policyConstraints: PolicyConstraints(), id_ce_extKeyUsage: ExtKeyUsageSyntax(), id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), id_ce_cRLNumber: univ.Integer(), id_ce_deltaCRLIndicator: BaseCRLNumber(), id_ce_issuingDistributionPoint: IssuingDistributionPoint(), id_ce_cRLReasons: CRLReason(), id_ce_holdInstructionCode: univ.ObjectIdentifier(), id_ce_invalidityDate: useful.GeneralizedTime(), id_ce_certificateIssuer: GeneralNames(), } certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc2511.py0000644006321400632140000002415613551772550022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # X.509 certificate Request Message Format (CRMF) syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc2511 # # Sample captures could be obtained with OpenSSL # from pyasn1_modules import rfc2315 from pyasn1_modules.rfc2459 import * MAX = float('inf') id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5') id_regCtrl = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1') id_regCtrl_regToken = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.1') id_regCtrl_authenticator = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.2') id_regCtrl_pkiPublicationInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.3') id_regCtrl_pkiArchiveOptions = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.4') id_regCtrl_oldCertID = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.5') id_regCtrl_protocolEncrKey = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.6') id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2') id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1') id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2') # This should be in PKIX Certificate Extensions module class GeneralName(univ.OctetString): pass # end of PKIX Certificate Extensions module class UTF8Pairs(char.UTF8String): pass class ProtocolEncrKey(SubjectPublicKeyInfo): pass class CertId(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', GeneralName()), namedtype.NamedType('serialNumber', univ.Integer()) ) class OldCertId(CertId): pass class KeyGenParameters(univ.OctetString): pass class EncryptedValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('encValue', univ.BitString()) ) class EncryptedKey(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedValue', EncryptedValue()), namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class PKIArchiveOptions(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class SinglePubInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('pubMethod', univ.Integer( namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), namedtype.OptionalNamedType('pubLocation', GeneralName()) ) class PKIPublicationInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class Authenticator(char.UTF8String): pass class RegToken(char.UTF8String): pass class SubsequentMessage(univ.Integer): namedValues = namedval.NamedValues( ('encrCert', 0), ('challengeResp', 1) ) class POPOPrivKey(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class PBMParameter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString()), namedtype.NamedType('owf', AlgorithmIdentifier()), namedtype.NamedType('iterationCount', univ.Integer()), namedtype.NamedType('mac', AlgorithmIdentifier()) ) class PKMACValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algId', AlgorithmIdentifier()), namedtype.NamedType('value', univ.BitString()) ) class POPOSigningKeyInput(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType( 'authInfo', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType( 'sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) ), namedtype.NamedType('publicKeyMAC', PKMACValue()) ) ) ), namedtype.NamedType('publicKey', SubjectPublicKeyInfo()) ) class POPOSigningKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class ProofOfPossession(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signature', POPOSigningKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('keyAgreement', POPOPrivKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class Controls(univ.SequenceOf): componentType = AttributeTypeAndValue() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class OptionalValidity(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('notAfter', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class CertTemplate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('issuer', Name().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('validity', OptionalValidity().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.OptionalNamedType('subject', Name().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), namedtype.OptionalNamedType('extensions', Extensions().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) class CertRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('certTemplate', CertTemplate()), namedtype.OptionalNamedType('controls', Controls()) ) class CertReq(CertRequest): pass class CertReqMsg(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReq', CertRequest()), namedtype.OptionalNamedType('pop', ProofOfPossession()), namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class CertReqMessages(univ.SequenceOf): componentType = CertReqMsg() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) pyasn1-modules-0.2.8/pyasn1_modules/rfc2560.py0000644006321400632140000002032613551772550022463 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # OCSP request/response syntax # # Derived from a minimal OCSP library (RFC2560) code written by # Bud P. Bruegger # Copyright: Ancitel, S.p.a, Rome, Italy # License: BSD # # # current limitations: # * request and response works only for a single certificate # * only some values are parsed out of the response # * the request does't set a nonce nor signature # * there is no signature validation of the response # * dates are left as strings in GeneralizedTime format -- datetime.datetime # would be nicer # from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc2459 # Start of OCSP module definitions # This should be in directory Authentication Framework (X.509) module class CRLReason(univ.Enumerated): namedValues = namedval.NamedValues( ('unspecified', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('removeFromCRL', 8), ('privilegeWithdrawn', 9), ('aACompromise', 10) ) # end of directory Authentication Framework (X.509) module # This should be in PKIX Certificate Extensions module class GeneralName(univ.OctetString): pass # end of PKIX Certificate Extensions module id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9)) id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1)) id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1)) id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2)) id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3)) id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4)) id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5)) id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6)) id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7)) class AcceptableResponses(univ.SequenceOf): componentType = univ.ObjectIdentifier() class ArchiveCutoff(useful.GeneralizedTime): pass class UnknownInfo(univ.Null): pass class RevokedInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('revocationTime', useful.GeneralizedTime()), namedtype.OptionalNamedType('revocationReason', CRLReason().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class CertID(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('issuerNameHash', univ.OctetString()), namedtype.NamedType('issuerKeyHash', univ.OctetString()), namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber()) ) class CertStatus(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('good', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('revoked', RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('unknown', UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class SingleResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certID', CertID()), namedtype.NamedType('certStatus', CertStatus()), namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class KeyHash(univ.OctetString): pass class ResponderID(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('byName', rfc2459.Name().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('byKey', KeyHash().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class Version(univ.Integer): namedValues = namedval.NamedValues(('v1', 0)) class ResponseData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('responderID', ResponderID()), namedtype.NamedType('producedAt', useful.GeneralizedTime()), namedtype.NamedType('responses', univ.SequenceOf(componentType=SingleResponse())), namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class BasicOCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsResponseData', ResponseData()), namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class ResponseBytes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('responseType', univ.ObjectIdentifier()), namedtype.NamedType('response', univ.OctetString()) ) class OCSPResponseStatus(univ.Enumerated): namedValues = namedval.NamedValues( ('successful', 0), ('malformedRequest', 1), ('internalError', 2), ('tryLater', 3), ('undefinedStatus', 4), # should never occur ('sigRequired', 5), ('unauthorized', 6) ) class OCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('responseStatus', OCSPResponseStatus()), namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Request(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('reqCert', CertID()), namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Signature(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class TBSRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('requestorName', GeneralName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('requestList', univ.SequenceOf(componentType=Request())), namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class OCSPRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsRequest', TBSRequest()), namedtype.OptionalNamedType('optionalSignature', Signature().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc2631.py0000664006321400632140000000230313605660315022452 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Diffie-Hellman Key Agreement # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc2631.txt # https://www.rfc-editor.org/errata/eid5897 # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ class KeySpecificInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', univ.ObjectIdentifier()), namedtype.NamedType('counter', univ.OctetString().subtype( subtypeSpec=constraint.ValueSizeConstraint(4, 4))) ) class OtherInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('keyInfo', KeySpecificInfo()), namedtype.OptionalNamedType('partyAInfo', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('suppPubInfo', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc2634.py0000644006321400632140000002232113551772550022462 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add a map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Enhanced Security Services for S/MIME # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc2634.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedval from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5280 MAX = float('inf') ContentType = rfc5652.ContentType IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier PolicyInformation = rfc5280.PolicyInformation GeneralNames = rfc5280.GeneralNames CertificateSerialNumber = rfc5280.CertificateSerialNumber # Signing Certificate Attribute # Warning: It is better to use SigningCertificateV2 from RFC 5035 id_aa_signingCertificate = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.12') class Hash(univ.OctetString): pass # SHA-1 hash of entire certificate; RFC 5035 supports other hash algorithms class IssuerSerial(univ.Sequence): pass IssuerSerial.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', GeneralNames()), namedtype.NamedType('serialNumber', CertificateSerialNumber()) ) class ESSCertID(univ.Sequence): pass ESSCertID.componentType = namedtype.NamedTypes( namedtype.NamedType('certHash', Hash()), namedtype.OptionalNamedType('issuerSerial', IssuerSerial()) ) class SigningCertificate(univ.Sequence): pass SigningCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('certs', univ.SequenceOf( componentType=ESSCertID())), namedtype.OptionalNamedType('policies', univ.SequenceOf( componentType=PolicyInformation())) ) # Mail List Expansion History Attribute id_aa_mlExpandHistory = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.3') ub_ml_expansion_history = univ.Integer(64) class EntityIdentifier(univ.Choice): pass EntityIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()) ) class MLReceiptPolicy(univ.Choice): pass MLReceiptPolicy.componentType = namedtype.NamedTypes( namedtype.NamedType('none', univ.Null().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('insteadOf', univ.SequenceOf( componentType=GeneralNames()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('inAdditionTo', univ.SequenceOf( componentType=GeneralNames()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class MLData(univ.Sequence): pass MLData.componentType = namedtype.NamedTypes( namedtype.NamedType('mailListIdentifier', EntityIdentifier()), namedtype.NamedType('expansionTime', useful.GeneralizedTime()), namedtype.OptionalNamedType('mlReceiptPolicy', MLReceiptPolicy()) ) class MLExpansionHistory(univ.SequenceOf): pass MLExpansionHistory.componentType = MLData() MLExpansionHistory.sizeSpec = constraint.ValueSizeConstraint(1, ub_ml_expansion_history) # ESS Security Label Attribute id_aa_securityLabel = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.2') ub_privacy_mark_length = univ.Integer(128) ub_security_categories = univ.Integer(64) ub_integer_options = univ.Integer(256) class ESSPrivacyMark(univ.Choice): pass ESSPrivacyMark.componentType = namedtype.NamedTypes( namedtype.NamedType('pString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_privacy_mark_length))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class SecurityClassification(univ.Integer): pass SecurityClassification.subtypeSpec=constraint.ValueRangeConstraint(0, ub_integer_options) SecurityClassification.namedValues = namedval.NamedValues( ('unmarked', 0), ('unclassified', 1), ('restricted', 2), ('confidential', 3), ('secret', 4), ('top-secret', 5) ) class SecurityPolicyIdentifier(univ.ObjectIdentifier): pass class SecurityCategory(univ.Sequence): pass SecurityCategory.componentType = namedtype.NamedTypes( namedtype.NamedType('type', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))) ) class SecurityCategories(univ.SetOf): pass SecurityCategories.componentType = SecurityCategory() SecurityCategories.sizeSpec = constraint.ValueSizeConstraint(1, ub_security_categories) class ESSSecurityLabel(univ.Set): pass ESSSecurityLabel.componentType = namedtype.NamedTypes( namedtype.NamedType('security-policy-identifier', SecurityPolicyIdentifier()), namedtype.OptionalNamedType('security-classification', SecurityClassification()), namedtype.OptionalNamedType('privacy-mark', ESSPrivacyMark()), namedtype.OptionalNamedType('security-categories', SecurityCategories()) ) # Equivalent Labels Attribute id_aa_equivalentLabels = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.9') class EquivalentLabels(univ.SequenceOf): pass EquivalentLabels.componentType = ESSSecurityLabel() # Content Identifier Attribute id_aa_contentIdentifier = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.7') class ContentIdentifier(univ.OctetString): pass # Content Reference Attribute id_aa_contentReference = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.10') class ContentReference(univ.Sequence): pass ContentReference.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('signedContentIdentifier', ContentIdentifier()), namedtype.NamedType('originatorSignatureValue', univ.OctetString()) ) # Message Signature Digest Attribute id_aa_msgSigDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.5') class MsgSigDigest(univ.OctetString): pass # Content Hints Attribute id_aa_contentHint = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.4') class ContentHints(univ.Sequence): pass ContentHints.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('contentDescription', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('contentType', ContentType()) ) # Receipt Request Attribute class AllOrFirstTier(univ.Integer): pass AllOrFirstTier.namedValues = namedval.NamedValues( ('allReceipts', 0), ('firstTierRecipients', 1) ) class ReceiptsFrom(univ.Choice): pass ReceiptsFrom.componentType = namedtype.NamedTypes( namedtype.NamedType('allOrFirstTier', AllOrFirstTier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('receiptList', univ.SequenceOf( componentType=GeneralNames()).subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_aa_receiptRequest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.1') ub_receiptsTo = univ.Integer(16) class ReceiptRequest(univ.Sequence): pass ReceiptRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('signedContentIdentifier', ContentIdentifier()), namedtype.NamedType('receiptsFrom', ReceiptsFrom()), namedtype.NamedType('receiptsTo', univ.SequenceOf(componentType=GeneralNames()).subtype(sizeSpec=constraint.ValueSizeConstraint(1, ub_receiptsTo))) ) # Receipt Content Type class ESSVersion(univ.Integer): pass ESSVersion.namedValues = namedval.NamedValues( ('v1', 1) ) id_ct_receipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.1') class Receipt(univ.Sequence): pass Receipt.componentType = namedtype.NamedTypes( namedtype.NamedType('version', ESSVersion()), namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('signedContentIdentifier', ContentIdentifier()), namedtype.NamedType('originatorSignatureValue', univ.OctetString()) ) # Map of Attribute Type to the Attribute structure is added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_signingCertificate: SigningCertificate(), id_aa_mlExpandHistory: MLExpansionHistory(), id_aa_securityLabel: ESSSecurityLabel(), id_aa_equivalentLabels: EquivalentLabels(), id_aa_contentIdentifier: ContentIdentifier(), id_aa_contentReference: ContentReference(), id_aa_msgSigDigest: MsgSigDigest(), id_aa_contentHint: ContentHints(), id_aa_receiptRequest: ReceiptRequest(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_receipt: Receipt(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc2985.py0000644006321400632140000003402713551772550022501 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # PKCS#9: Selected Attribute Types (Version 2.0) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc2985.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc7292 from pyasn1_modules import rfc5958 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5280 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) MAX = float('inf') # Imports from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier Attribute = rfc5280.Attribute EmailAddress = rfc5280.EmailAddress Extensions = rfc5280.Extensions Time = rfc5280.Time X520countryName = rfc5280.X520countryName X520SerialNumber = rfc5280.X520SerialNumber # Imports from RFC 5652 ContentInfo = rfc5652.ContentInfo ContentType = rfc5652.ContentType Countersignature = rfc5652.Countersignature MessageDigest = rfc5652.MessageDigest SignerInfo = rfc5652.SignerInfo SigningTime = rfc5652.SigningTime # Imports from RFC 5958 EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo # Imports from RFC 7292 PFX = rfc7292.PFX # TODO: # Need a place to import PKCS15Token; it does not yet appear in an RFC # SingleAttribute is the same as Attribute in RFC 5280, except that the # attrValues SET must have one and only one member class AttributeType(univ.ObjectIdentifier): pass class AttributeValue(univ.Any): pass class AttributeValues(univ.SetOf): pass AttributeValues.componentType = AttributeValue() class SingleAttributeValues(univ.SetOf): pass SingleAttributeValues.componentType = AttributeValue() class SingleAttribute(univ.Sequence): pass SingleAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('values', AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), openType=opentype.OpenType('type', rfc5280.certificateAttributesMap) ) ) # CMSAttribute is the same as Attribute in RFC 5652, and CMSSingleAttribute # is the companion where the attrValues SET must have one and only one member CMSAttribute = rfc5652.Attribute class CMSSingleAttribute(univ.Sequence): pass CMSSingleAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', AttributeType()), namedtype.NamedType('attrValues', AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) ) ) # DirectoryString is the same as RFC 5280, except the length is limited to 255 class DirectoryString(univ.Choice): pass DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))) ) # PKCS9String is DirectoryString with an additional choice of IA5String, # and the SIZE is limited to 255 class PKCS9String(univ.Choice): pass PKCS9String.componentType = namedtype.NamedTypes( namedtype.NamedType('ia5String', char.IA5String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('directoryString', DirectoryString()) ) # Upper Bounds pkcs_9_ub_pkcs9String = univ.Integer(255) pkcs_9_ub_challengePassword = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_ub_emailAddress = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_ub_match = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_ub_signingDescription = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_ub_unstructuredAddress = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_ub_unstructuredName = univ.Integer(pkcs_9_ub_pkcs9String) ub_name = univ.Integer(32768) pkcs_9_ub_placeOfBirth = univ.Integer(ub_name) pkcs_9_ub_pseudonym = univ.Integer(ub_name) # Object Identifier Arcs ietf_at = _OID(1, 3, 6, 1, 5, 5, 7, 9) id_at = _OID(2, 5, 4) pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) pkcs_9_mo = _OID(pkcs_9, 0) smime = _OID(pkcs_9, 16) certTypes = _OID(pkcs_9, 22) crlTypes = _OID(pkcs_9, 23) pkcs_9_oc = _OID(pkcs_9, 24) pkcs_9_at = _OID(pkcs_9, 25) pkcs_9_sx = _OID(pkcs_9, 26) pkcs_9_mr = _OID(pkcs_9, 27) # Object Identifiers for Syntaxes for use with LDAP-accessible directories pkcs_9_sx_pkcs9String = _OID(pkcs_9_sx, 1) pkcs_9_sx_signingTime = _OID(pkcs_9_sx, 2) # Object Identifiers for object classes pkcs_9_oc_pkcsEntity = _OID(pkcs_9_oc, 1) pkcs_9_oc_naturalPerson = _OID(pkcs_9_oc, 2) # Object Identifiers for matching rules pkcs_9_mr_caseIgnoreMatch = _OID(pkcs_9_mr, 1) pkcs_9_mr_signingTimeMatch = _OID(pkcs_9_mr, 2) # PKCS #7 PDU pkcs_9_at_pkcs7PDU = _OID(pkcs_9_at, 5) pKCS7PDU = Attribute() pKCS7PDU['type'] = pkcs_9_at_pkcs7PDU pKCS7PDU['values'][0] = ContentInfo() # PKCS #12 token pkcs_9_at_userPKCS12 = _OID(2, 16, 840, 1, 113730, 3, 1, 216) userPKCS12 = Attribute() userPKCS12['type'] = pkcs_9_at_userPKCS12 userPKCS12['values'][0] = PFX() # PKCS #15 token pkcs_9_at_pkcs15Token = _OID(pkcs_9_at, 1) # TODO: Once PKCS15Token can be imported, this can be included # # pKCS15Token = Attribute() # userPKCS12['type'] = pkcs_9_at_pkcs15Token # userPKCS12['values'][0] = PKCS15Token() # PKCS #8 encrypted private key information pkcs_9_at_encryptedPrivateKeyInfo = _OID(pkcs_9_at, 2) encryptedPrivateKeyInfo = Attribute() encryptedPrivateKeyInfo['type'] = pkcs_9_at_encryptedPrivateKeyInfo encryptedPrivateKeyInfo['values'][0] = EncryptedPrivateKeyInfo() # Electronic-mail address pkcs_9_at_emailAddress = rfc5280.id_emailAddress emailAddress = Attribute() emailAddress['type'] = pkcs_9_at_emailAddress emailAddress['values'][0] = EmailAddress() # Unstructured name pkcs_9_at_unstructuredName = _OID(pkcs_9, 2) unstructuredName = Attribute() unstructuredName['type'] = pkcs_9_at_unstructuredName unstructuredName['values'][0] = PKCS9String() # Unstructured address pkcs_9_at_unstructuredAddress = _OID(pkcs_9, 8) unstructuredAddress = Attribute() unstructuredAddress['type'] = pkcs_9_at_unstructuredAddress unstructuredAddress['values'][0] = DirectoryString() # Date of birth pkcs_9_at_dateOfBirth = _OID(ietf_at, 1) dateOfBirth = SingleAttribute() dateOfBirth['type'] = pkcs_9_at_dateOfBirth dateOfBirth['values'][0] = useful.GeneralizedTime() # Place of birth pkcs_9_at_placeOfBirth = _OID(ietf_at, 2) placeOfBirth = SingleAttribute() placeOfBirth['type'] = pkcs_9_at_placeOfBirth placeOfBirth['values'][0] = DirectoryString() # Gender class GenderString(char.PrintableString): pass GenderString.subtypeSpec = constraint.ValueSizeConstraint(1, 1) GenderString.subtypeSpec = constraint.SingleValueConstraint("M", "F", "m", "f") pkcs_9_at_gender = _OID(ietf_at, 3) gender = SingleAttribute() gender['type'] = pkcs_9_at_gender gender['values'][0] = GenderString() # Country of citizenship pkcs_9_at_countryOfCitizenship = _OID(ietf_at, 4) countryOfCitizenship = Attribute() countryOfCitizenship['type'] = pkcs_9_at_countryOfCitizenship countryOfCitizenship['values'][0] = X520countryName() # Country of residence pkcs_9_at_countryOfResidence = _OID(ietf_at, 5) countryOfResidence = Attribute() countryOfResidence['type'] = pkcs_9_at_countryOfResidence countryOfResidence['values'][0] = X520countryName() # Pseudonym id_at_pseudonym = _OID(2, 5, 4, 65) pseudonym = Attribute() pseudonym['type'] = id_at_pseudonym pseudonym['values'][0] = DirectoryString() # Serial number id_at_serialNumber = rfc5280.id_at_serialNumber serialNumber = Attribute() serialNumber['type'] = id_at_serialNumber serialNumber['values'][0] = X520SerialNumber() # Content type pkcs_9_at_contentType = rfc5652.id_contentType contentType = CMSSingleAttribute() contentType['attrType'] = pkcs_9_at_contentType contentType['attrValues'][0] = ContentType() # Message digest pkcs_9_at_messageDigest = rfc5652.id_messageDigest messageDigest = CMSSingleAttribute() messageDigest['attrType'] = pkcs_9_at_messageDigest messageDigest['attrValues'][0] = MessageDigest() # Signing time pkcs_9_at_signingTime = rfc5652.id_signingTime signingTime = CMSSingleAttribute() signingTime['attrType'] = pkcs_9_at_signingTime signingTime['attrValues'][0] = SigningTime() # Random nonce class RandomNonce(univ.OctetString): pass RandomNonce.subtypeSpec = constraint.ValueSizeConstraint(4, MAX) pkcs_9_at_randomNonce = _OID(pkcs_9_at, 3) randomNonce = CMSSingleAttribute() randomNonce['attrType'] = pkcs_9_at_randomNonce randomNonce['attrValues'][0] = RandomNonce() # Sequence number class SequenceNumber(univ.Integer): pass SequenceNumber.subtypeSpec = constraint.ValueRangeConstraint(1, MAX) pkcs_9_at_sequenceNumber = _OID(pkcs_9_at, 4) sequenceNumber = CMSSingleAttribute() sequenceNumber['attrType'] = pkcs_9_at_sequenceNumber sequenceNumber['attrValues'][0] = SequenceNumber() # Countersignature pkcs_9_at_counterSignature = rfc5652.id_countersignature counterSignature = CMSAttribute() counterSignature['attrType'] = pkcs_9_at_counterSignature counterSignature['attrValues'][0] = Countersignature() # Challenge password pkcs_9_at_challengePassword = _OID(pkcs_9, 7) challengePassword = SingleAttribute() challengePassword['type'] = pkcs_9_at_challengePassword challengePassword['values'][0] = DirectoryString() # Extension request class ExtensionRequest(Extensions): pass pkcs_9_at_extensionRequest = _OID(pkcs_9, 14) extensionRequest = SingleAttribute() extensionRequest['type'] = pkcs_9_at_extensionRequest extensionRequest['values'][0] = ExtensionRequest() # Extended-certificate attributes (deprecated) class AttributeSet(univ.SetOf): pass AttributeSet.componentType = Attribute() pkcs_9_at_extendedCertificateAttributes = _OID(pkcs_9, 9) extendedCertificateAttributes = SingleAttribute() extendedCertificateAttributes['type'] = pkcs_9_at_extendedCertificateAttributes extendedCertificateAttributes['values'][0] = AttributeSet() # Friendly name class FriendlyName(char.BMPString): pass FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName) pkcs_9_at_friendlyName = _OID(pkcs_9, 20) friendlyName = SingleAttribute() friendlyName['type'] = pkcs_9_at_friendlyName friendlyName['values'][0] = FriendlyName() # Local key identifier pkcs_9_at_localKeyId = _OID(pkcs_9, 21) localKeyId = SingleAttribute() localKeyId['type'] = pkcs_9_at_localKeyId localKeyId['values'][0] = univ.OctetString() # Signing description pkcs_9_at_signingDescription = _OID(pkcs_9, 13) signingDescription = CMSSingleAttribute() signingDescription['attrType'] = pkcs_9_at_signingDescription signingDescription['attrValues'][0] = DirectoryString() # S/MIME capabilities class SMIMECapability(AlgorithmIdentifier): pass class SMIMECapabilities(univ.SequenceOf): pass SMIMECapabilities.componentType = SMIMECapability() pkcs_9_at_smimeCapabilities = _OID(pkcs_9, 15) smimeCapabilities = CMSSingleAttribute() smimeCapabilities['attrType'] = pkcs_9_at_smimeCapabilities smimeCapabilities['attrValues'][0] = SMIMECapabilities() # Certificate Attribute Map _certificateAttributesMapUpdate = { # Attribute types for use with the "pkcsEntity" object class pkcs_9_at_pkcs7PDU: ContentInfo(), pkcs_9_at_userPKCS12: PFX(), # TODO: Once PKCS15Token can be imported, this can be included # pkcs_9_at_pkcs15Token: PKCS15Token(), pkcs_9_at_encryptedPrivateKeyInfo: EncryptedPrivateKeyInfo(), # Attribute types for use with the "naturalPerson" object class pkcs_9_at_emailAddress: EmailAddress(), pkcs_9_at_unstructuredName: PKCS9String(), pkcs_9_at_unstructuredAddress: DirectoryString(), pkcs_9_at_dateOfBirth: useful.GeneralizedTime(), pkcs_9_at_placeOfBirth: DirectoryString(), pkcs_9_at_gender: GenderString(), pkcs_9_at_countryOfCitizenship: X520countryName(), pkcs_9_at_countryOfResidence: X520countryName(), id_at_pseudonym: DirectoryString(), id_at_serialNumber: X520SerialNumber(), # Attribute types for use with PKCS #10 certificate requests pkcs_9_at_challengePassword: DirectoryString(), pkcs_9_at_extensionRequest: ExtensionRequest(), pkcs_9_at_extendedCertificateAttributes: AttributeSet(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) # CMS Attribute Map # Note: pkcs_9_at_smimeCapabilities is not included in the map because # the definition in RFC 5751 is preferred, which produces the same # encoding, but it allows different parameters for SMIMECapability # and AlgorithmIdentifier. _cmsAttributesMapUpdate = { # Attribute types for use in PKCS #7 data (a.k.a. CMS) pkcs_9_at_contentType: ContentType(), pkcs_9_at_messageDigest: MessageDigest(), pkcs_9_at_signingTime: SigningTime(), pkcs_9_at_randomNonce: RandomNonce(), pkcs_9_at_sequenceNumber: SequenceNumber(), pkcs_9_at_counterSignature: Countersignature(), # Attributes for use in PKCS #12 "PFX" PDUs or PKCS #15 tokens pkcs_9_at_friendlyName: FriendlyName(), pkcs_9_at_localKeyId: univ.OctetString(), pkcs_9_at_signingDescription: DirectoryString(), # pkcs_9_at_smimeCapabilities: SMIMECapabilities(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc2986.py0000644006321400632140000000355013551772550022477 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Joel Johnson with asn1ate tool. # Modified by Russ Housley to add support for opentypes by importing # definitions from rfc5280 so that the same maps are used. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # PKCS #10: Certification Request Syntax Specification # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc2986.txt # from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') AttributeType = rfc5280.AttributeType AttributeValue = rfc5280.AttributeValue AttributeTypeAndValue = rfc5280.AttributeTypeAndValue Attribute = rfc5280.Attribute RelativeDistinguishedName = rfc5280.RelativeDistinguishedName RDNSequence = rfc5280.RDNSequence Name = rfc5280.Name AlgorithmIdentifier = rfc5280.AlgorithmIdentifier SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo class Attributes(univ.SetOf): pass Attributes.componentType = Attribute() class CertificationRequestInfo(univ.Sequence): pass CertificationRequestInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPKInfo', SubjectPublicKeyInfo()), namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0)) ) ) class CertificationRequest(univ.Sequence): pass CertificationRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc3114.py0000664006321400632140000000365113605660315022456 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # TEST Company Classification Policies # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3114.txt # from pyasn1.type import char from pyasn1.type import namedval from pyasn1.type import univ from pyasn1_modules import rfc5755 id_smime = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, )) id_tsp = id_smime + (7, ) id_tsp_TEST_Amoco = id_tsp + (1, ) class Amoco_SecurityClassification(univ.Integer): namedValues = namedval.NamedValues( ('amoco-general', 6), ('amoco-confidential', 7), ('amoco-highly-confidential', 8) ) id_tsp_TEST_Caterpillar = id_tsp + (2, ) class Caterpillar_SecurityClassification(univ.Integer): namedValues = namedval.NamedValues( ('caterpillar-public', 6), ('caterpillar-green', 7), ('caterpillar-yellow', 8), ('caterpillar-red', 9) ) id_tsp_TEST_Whirlpool = id_tsp + (3, ) class Whirlpool_SecurityClassification(univ.Integer): namedValues = namedval.NamedValues( ('whirlpool-public', 6), ('whirlpool-internal', 7), ('whirlpool-confidential', 8) ) id_tsp_TEST_Whirlpool_Categories = id_tsp + (4, ) class SecurityCategoryValues(univ.SequenceOf): componentType = char.UTF8String() # Example SecurityCategoryValues: "LAW DEPARTMENT USE ONLY" # Example SecurityCategoryValues: "HUMAN RESOURCES USE ONLY" # Also, the privacy mark in the security label can contain a string, # such as: "ATTORNEY-CLIENT PRIVILEGED INFORMATION" # Map of security category type OIDs to security category added # to the ones that are in rfc5755.py _securityCategoryMapUpdate = { id_tsp_TEST_Whirlpool_Categories: SecurityCategoryValues(), } rfc5755.securityCategoryMap.update(_securityCategoryMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3161.py0000644006321400632140000001024413551772550022457 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Time-Stamp Protocol (TSP) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3161.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc4210 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 Extensions = rfc5280.Extensions AlgorithmIdentifier = rfc5280.AlgorithmIdentifier GeneralName = rfc5280.GeneralName ContentInfo = rfc5652.ContentInfo PKIFreeText = rfc4210.PKIFreeText id_ct_TSTInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.4') class Accuracy(univ.Sequence): pass Accuracy.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('seconds', univ.Integer()), namedtype.OptionalNamedType('millis', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 999)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('micros', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 999)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class MessageImprint(univ.Sequence): pass MessageImprint.componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('hashedMessage', univ.OctetString()) ) class PKIFailureInfo(univ.BitString): pass PKIFailureInfo.namedValues = namedval.NamedValues( ('badAlg', 0), ('badRequest', 2), ('badDataFormat', 5), ('timeNotAvailable', 14), ('unacceptedPolicy', 15), ('unacceptedExtension', 16), ('addInfoNotAvailable', 17), ('systemFailure', 25) ) class PKIStatus(univ.Integer): pass PKIStatus.namedValues = namedval.NamedValues( ('granted', 0), ('grantedWithMods', 1), ('rejection', 2), ('waiting', 3), ('revocationWarning', 4), ('revocationNotification', 5) ) class PKIStatusInfo(univ.Sequence): pass PKIStatusInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatus()), namedtype.OptionalNamedType('statusString', PKIFreeText()), namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) ) class TSAPolicyId(univ.ObjectIdentifier): pass class TSTInfo(univ.Sequence): pass TSTInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))), namedtype.NamedType('policy', TSAPolicyId()), namedtype.NamedType('messageImprint', MessageImprint()), namedtype.NamedType('serialNumber', univ.Integer()), namedtype.NamedType('genTime', useful.GeneralizedTime()), namedtype.OptionalNamedType('accuracy', Accuracy()), namedtype.DefaultedNamedType('ordering', univ.Boolean().subtype(value=0)), namedtype.OptionalNamedType('nonce', univ.Integer()), namedtype.OptionalNamedType('tsa', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class TimeStampReq(univ.Sequence): pass TimeStampReq.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))), namedtype.NamedType('messageImprint', MessageImprint()), namedtype.OptionalNamedType('reqPolicy', TSAPolicyId()), namedtype.OptionalNamedType('nonce', univ.Integer()), namedtype.DefaultedNamedType('certReq', univ.Boolean().subtype(value=0)), namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class TimeStampToken(ContentInfo): pass class TimeStampResp(univ.Sequence): pass TimeStampResp.componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatusInfo()), namedtype.OptionalNamedType('timeStampToken', TimeStampToken()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc3274.py0000644006321400632140000000320613551772550022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add a map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # CMS Compressed Data Content Type # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3274.txt # from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 class CompressionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass # The CMS Compressed Data Content Type id_ct_compressedData = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.9') class CompressedData(univ.Sequence): pass CompressedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', rfc5652.CMSVersion()), # Always set to 0 namedtype.NamedType('compressionAlgorithm', CompressionAlgorithmIdentifier()), namedtype.NamedType('encapContentInfo', rfc5652.EncapsulatedContentInfo()) ) # Algorithm identifier for the zLib Compression Algorithm # This includes cpa_zlibCompress as defined in RFC 6268, # from https://www.rfc-editor.org/rfc/rfc6268.txt id_alg_zlibCompress = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.8') cpa_zlibCompress = rfc5280.AlgorithmIdentifier() cpa_zlibCompress['algorithm'] = id_alg_zlibCompress # cpa_zlibCompress['parameters'] are absent # Map of Content Type OIDs to Content Types is added to thr # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_compressedData: CompressedData(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3279.py0000664006321400632140000001522713605660315022474 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules. # # Copyright (c) 2017, Danielle Madeley # License: http://snmplabs.com/pyasn1/license.html # # Modified by Russ Housley to add maps for use with opentypes. # # Algorithms and Identifiers for Internet X.509 Certificates and CRLs # # Derived from RFC 3279: # https://www.rfc-editor.org/rfc/rfc3279.txt # from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ from pyasn1_modules import rfc5280 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) md2 = _OID(1, 2, 840, 113549, 2, 2) md5 = _OID(1, 2, 840, 113549, 2, 5) id_sha1 = _OID(1, 3, 14, 3, 2, 26) id_dsa = _OID(1, 2, 840, 10040, 4, 1) class DSAPublicKey(univ.Integer): pass class Dss_Parms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('g', univ.Integer()) ) id_dsa_with_sha1 = _OID(1, 2, 840, 10040, 4, 3) class Dss_Sig_Value(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('r', univ.Integer()), namedtype.NamedType('s', univ.Integer()) ) pkcs_1 = _OID(1, 2, 840, 113549, 1, 1) rsaEncryption = _OID(pkcs_1, 1) md2WithRSAEncryption = _OID(pkcs_1, 2) md5WithRSAEncryption = _OID(pkcs_1, 4) sha1WithRSAEncryption = _OID(pkcs_1, 5) class RSAPublicKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()) ) dhpublicnumber = _OID(1, 2, 840, 10046, 2, 1) class DHPublicKey(univ.Integer): pass class ValidationParms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('seed', univ.BitString()), namedtype.NamedType('pgenCounter', univ.Integer()) ) class DomainParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('g', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.OptionalNamedType('j', univ.Integer()), namedtype.OptionalNamedType('validationParms', ValidationParms()) ) id_keyExchangeAlgorithm = _OID(2, 16, 840, 1, 101, 2, 1, 1, 22) class KEA_Parms_Id(univ.OctetString): pass ansi_X9_62 = _OID(1, 2, 840, 10045) class FieldID(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('fieldType', univ.ObjectIdentifier()), namedtype.NamedType('parameters', univ.Any()) ) id_ecSigType = _OID(ansi_X9_62, 4) ecdsa_with_SHA1 = _OID(id_ecSigType, 1) class ECDSA_Sig_Value(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('r', univ.Integer()), namedtype.NamedType('s', univ.Integer()) ) id_fieldType = _OID(ansi_X9_62, 1) prime_field = _OID(id_fieldType, 1) class Prime_p(univ.Integer): pass characteristic_two_field = _OID(id_fieldType, 2) class Characteristic_two(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('m', univ.Integer()), namedtype.NamedType('basis', univ.ObjectIdentifier()), namedtype.NamedType('parameters', univ.Any()) ) id_characteristic_two_basis = _OID(characteristic_two_field, 3) gnBasis = _OID(id_characteristic_two_basis, 1) tpBasis = _OID(id_characteristic_two_basis, 2) class Trinomial(univ.Integer): pass ppBasis = _OID(id_characteristic_two_basis, 3) class Pentanomial(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('k1', univ.Integer()), namedtype.NamedType('k2', univ.Integer()), namedtype.NamedType('k3', univ.Integer()) ) class FieldElement(univ.OctetString): pass class ECPoint(univ.OctetString): pass class Curve(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('a', FieldElement()), namedtype.NamedType('b', FieldElement()), namedtype.OptionalNamedType('seed', univ.BitString()) ) class ECPVer(univ.Integer): namedValues = namedval.NamedValues( ('ecpVer1', 1) ) class ECParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', ECPVer()), namedtype.NamedType('fieldID', FieldID()), namedtype.NamedType('curve', Curve()), namedtype.NamedType('base', ECPoint()), namedtype.NamedType('order', univ.Integer()), namedtype.OptionalNamedType('cofactor', univ.Integer()) ) class EcpkParameters(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('ecParameters', ECParameters()), namedtype.NamedType('namedCurve', univ.ObjectIdentifier()), namedtype.NamedType('implicitlyCA', univ.Null()) ) id_publicKeyType = _OID(ansi_X9_62, 2) id_ecPublicKey = _OID(id_publicKeyType, 1) ellipticCurve = _OID(ansi_X9_62, 3) c_TwoCurve = _OID(ellipticCurve, 0) c2pnb163v1 = _OID(c_TwoCurve, 1) c2pnb163v2 = _OID(c_TwoCurve, 2) c2pnb163v3 = _OID(c_TwoCurve, 3) c2pnb176w1 = _OID(c_TwoCurve, 4) c2tnb191v1 = _OID(c_TwoCurve, 5) c2tnb191v2 = _OID(c_TwoCurve, 6) c2tnb191v3 = _OID(c_TwoCurve, 7) c2onb191v4 = _OID(c_TwoCurve, 8) c2onb191v5 = _OID(c_TwoCurve, 9) c2pnb208w1 = _OID(c_TwoCurve, 10) c2tnb239v1 = _OID(c_TwoCurve, 11) c2tnb239v2 = _OID(c_TwoCurve, 12) c2tnb239v3 = _OID(c_TwoCurve, 13) c2onb239v4 = _OID(c_TwoCurve, 14) c2onb239v5 = _OID(c_TwoCurve, 15) c2pnb272w1 = _OID(c_TwoCurve, 16) c2pnb304w1 = _OID(c_TwoCurve, 17) c2tnb359v1 = _OID(c_TwoCurve, 18) c2pnb368w1 = _OID(c_TwoCurve, 19) c2tnb431r1 = _OID(c_TwoCurve, 20) primeCurve = _OID(ellipticCurve, 1) prime192v1 = _OID(primeCurve, 1) prime192v2 = _OID(primeCurve, 2) prime192v3 = _OID(primeCurve, 3) prime239v1 = _OID(primeCurve, 4) prime239v2 = _OID(primeCurve, 5) prime239v3 = _OID(primeCurve, 6) prime256v1 = _OID(primeCurve, 7) # Map of Algorithm Identifier OIDs to Parameters added to the # ones in rfc5280.py. Do not add OIDs with absent paramaters. _algorithmIdentifierMapUpdate = { md2: univ.Null(""), md5: univ.Null(""), id_sha1: univ.Null(""), id_dsa: Dss_Parms(), rsaEncryption: univ.Null(""), md2WithRSAEncryption: univ.Null(""), md5WithRSAEncryption: univ.Null(""), sha1WithRSAEncryption: univ.Null(""), dhpublicnumber: DomainParameters(), id_keyExchangeAlgorithm: KEA_Parms_Id(), id_ecPublicKey: EcpkParameters(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3280.py0000644006321400632140000013303413551772550022464 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Internet X.509 Public Key Infrastructure Certificate and Certificate # Revocation List (CRL) Profile # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3280.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful MAX = float('inf') def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) unformatted_postal_address = univ.Integer(16) ub_organizational_units = univ.Integer(4) ub_organizational_unit_name_length = univ.Integer(32) class OrganizationalUnitName(char.PrintableString): pass OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) class OrganizationalUnitNames(univ.SequenceOf): pass OrganizationalUnitNames.componentType = OrganizationalUnitName() OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) class AttributeType(univ.ObjectIdentifier): pass id_at = _OID(2, 5, 4) id_at_name = _OID(id_at, 41) ub_pds_parameter_length = univ.Integer(30) class PDSParameter(univ.Set): pass PDSParameter.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) class PhysicalDeliveryOrganizationName(PDSParameter): pass ub_organization_name_length = univ.Integer(64) ub_domain_defined_attribute_type_length = univ.Integer(8) ub_domain_defined_attribute_value_length = univ.Integer(128) class TeletexDomainDefinedAttribute(univ.Sequence): pass TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) id_qt = _OID(id_pkix, 2) class PresentationAddress(univ.Sequence): pass PresentationAddress.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class AlgorithmIdentifier(univ.Sequence): pass AlgorithmIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any()) ) class UniqueIdentifier(univ.BitString): pass class Extension(univ.Sequence): pass Extension.componentType = namedtype.NamedTypes( namedtype.NamedType('extnID', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), namedtype.NamedType('extnValue', univ.OctetString()) ) class Extensions(univ.SequenceOf): pass Extensions.componentType = Extension() Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class CertificateSerialNumber(univ.Integer): pass class SubjectPublicKeyInfo(univ.Sequence): pass SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) ) class Time(univ.Choice): pass Time.componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) ) class Validity(univ.Sequence): pass Validity.componentType = namedtype.NamedTypes( namedtype.NamedType('notBefore', Time()), namedtype.NamedType('notAfter', Time()) ) class Version(univ.Integer): pass Version.namedValues = namedval.NamedValues( ('v1', 0), ('v2', 1), ('v3', 2) ) class AttributeValue(univ.Any): pass class AttributeTypeAndValue(univ.Sequence): pass AttributeTypeAndValue.componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('value', AttributeValue()) ) class RelativeDistinguishedName(univ.SetOf): pass RelativeDistinguishedName.componentType = AttributeTypeAndValue() RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class RDNSequence(univ.SequenceOf): pass RDNSequence.componentType = RelativeDistinguishedName() class Name(univ.Choice): pass Name.componentType = namedtype.NamedTypes( namedtype.NamedType('rdnSequence', RDNSequence()) ) class TBSCertificate(univ.Sequence): pass TBSCertificate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value="v1")), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class Certificate(univ.Sequence): pass Certificate.componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificate', TBSCertificate()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) ub_surname_length = univ.Integer(40) class TeletexOrganizationName(char.TeletexString): pass TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) ub_e163_4_sub_address_length = univ.Integer(40) teletex_common_name = univ.Integer(2) ub_country_name_alpha_length = univ.Integer(2) ub_country_name_numeric_length = univ.Integer(3) class CountryName(univ.Choice): pass CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) CountryName.componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) extension_OR_address_components = univ.Integer(12) id_at_dnQualifier = _OID(id_at, 46) ub_e163_4_number_length = univ.Integer(15) class ExtendedNetworkAddress(univ.Choice): pass ExtendedNetworkAddress.componentType = namedtype.NamedTypes( namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('number', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )) ), namedtype.NamedType('psap-address', PresentationAddress().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) terminal_type = univ.Integer(23) id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25) ub_state_name = univ.Integer(128) class X520StateOrProvinceName(univ.Choice): pass X520StateOrProvinceName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) ub_organization_name = univ.Integer(64) class X520OrganizationName(univ.Choice): pass X520OrganizationName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) ub_emailaddress_length = univ.Integer(128) class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass id_at_surname = _OID(id_at, 4) ub_common_name_length = univ.Integer(64) id_ad = _OID(id_pkix, 48) ub_numeric_user_id_length = univ.Integer(32) class NumericUserIdentifier(char.NumericString): pass NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) class OrganizationName(char.PrintableString): pass OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) ub_domain_name_length = univ.Integer(16) class AdministrationDomainName(univ.Choice): pass AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) AdministrationDomainName.componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) class PrivateDomainName(univ.Choice): pass PrivateDomainName.componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) ub_generation_qualifier_length = univ.Integer(3) ub_given_name_length = univ.Integer(16) ub_initials_length = univ.Integer(5) class PersonalName(univ.Set): pass PersonalName.componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) ub_terminal_id_length = univ.Integer(24) class TerminalIdentifier(char.PrintableString): pass TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) ub_x121_address_length = univ.Integer(16) class X121Address(char.NumericString): pass X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) class NetworkAddress(X121Address): pass class BuiltInStandardAttributes(univ.Sequence): pass BuiltInStandardAttributes.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('personal-name', PersonalName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) ub_domain_defined_attributes = univ.Integer(4) class BuiltInDomainDefinedAttribute(univ.Sequence): pass BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) class BuiltInDomainDefinedAttributes(univ.SequenceOf): pass BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) ub_extension_attributes = univ.Integer(256) class ExtensionAttribute(univ.Sequence): pass ExtensionAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtensionAttributes(univ.SetOf): pass ExtensionAttributes.componentType = ExtensionAttribute() ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) class ORAddress(univ.Sequence): pass ORAddress.componentType = namedtype.NamedTypes( namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) ) id_pe = _OID(id_pkix, 1) ub_title = univ.Integer(64) class X520Title(univ.Choice): pass X520Title.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) id_at_organizationalUnitName = _OID(id_at, 11) class EmailAddress(char.IA5String): pass EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) physical_delivery_country_name = univ.Integer(8) id_at_givenName = _OID(id_at, 42) class TeletexCommonName(char.TeletexString): pass TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) id_qt_cps = _OID(id_qt, 1) class LocalPostalAttributes(PDSParameter): pass class StreetAddress(PDSParameter): pass id_kp = _OID(id_pkix, 3) class DirectoryString(univ.Choice): pass DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class DomainComponent(char.IA5String): pass id_at_initials = _OID(id_at, 43) id_qt_unotice = _OID(id_qt, 2) ub_pds_name_length = univ.Integer(16) class PDSName(char.PrintableString): pass PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) class PosteRestanteAddress(PDSParameter): pass class DistinguishedName(RDNSequence): pass class CommonName(char.PrintableString): pass CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) ub_serial_number = univ.Integer(64) class X520SerialNumber(char.PrintableString): pass X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) id_at_generationQualifier = _OID(id_at, 44) ub_organizational_unit_name = univ.Integer(64) id_ad_ocsp = _OID(id_ad, 1) class TeletexOrganizationalUnitName(char.TeletexString): pass TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) class TeletexPersonalName(univ.Set): pass TeletexPersonalName.componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class TeletexDomainDefinedAttributes(univ.SequenceOf): pass TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) class TBSCertList(univ.Sequence): pass TBSCertList.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('userCertificate', CertificateSerialNumber()), namedtype.NamedType('revocationDate', Time()), namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) )) )), namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) local_postal_attributes = univ.Integer(21) pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) class PhysicalDeliveryCountryName(univ.Choice): pass PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) ub_name = univ.Integer(32768) class X520name(univ.Choice): pass X520name.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) id_emailAddress = _OID(pkcs_9, 1) class TerminalType(univ.Integer): pass TerminalType.namedValues = namedval.NamedValues( ('telex', 3), ('teletex', 4), ('g3-facsimile', 5), ('g4-facsimile', 6), ('ia5-terminal', 7), ('videotex', 8) ) class X520OrganizationalUnitName(univ.Choice): pass X520OrganizationalUnitName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) id_at_commonName = _OID(id_at, 3) pds_name = univ.Integer(7) post_office_box_address = univ.Integer(18) ub_locality_name = univ.Integer(128) class X520LocalityName(univ.Choice): pass X520LocalityName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) id_ad_timeStamping = _OID(id_ad, 3) id_at_countryName = _OID(id_at, 6) physical_delivery_personal_name = univ.Integer(13) teletex_personal_name = univ.Integer(4) teletex_organizational_unit_names = univ.Integer(5) class PhysicalDeliveryPersonalName(PDSParameter): pass ub_postal_code_length = univ.Integer(16) class PostalCode(univ.Choice): pass PostalCode.componentType = namedtype.NamedTypes( namedtype.NamedType('numeric-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), namedtype.NamedType('printable-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) class X520countryName(char.PrintableString): pass X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) postal_code = univ.Integer(9) id_ad_caRepository = _OID(id_ad, 5) extension_physical_delivery_address_components = univ.Integer(15) class PostOfficeBoxAddress(PDSParameter): pass class PhysicalDeliveryOfficeName(PDSParameter): pass id_at_title = _OID(id_at, 12) id_at_serialNumber = _OID(id_at, 5) id_ad_caIssuers = _OID(id_ad, 2) ub_integer_options = univ.Integer(256) class CertificateList(univ.Sequence): pass CertificateList.componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertList', TBSCertList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class PhysicalDeliveryOfficeNumber(PDSParameter): pass class TeletexOrganizationalUnitNames(univ.SequenceOf): pass TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) physical_delivery_office_name = univ.Integer(10) ub_common_name = univ.Integer(64) class ExtensionORAddressComponents(PDSParameter): pass ub_pseudonym = univ.Integer(128) poste_restante_address = univ.Integer(19) id_at_organizationName = _OID(id_at, 10) physical_delivery_office_number = univ.Integer(11) id_at_pseudonym = _OID(id_at, 65) class X520CommonName(univ.Choice): pass X520CommonName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) physical_delivery_organization_name = univ.Integer(14) class X520dnQualifier(char.PrintableString): pass id_at_stateOrProvinceName = _OID(id_at, 8) common_name = univ.Integer(1) id_at_localityName = _OID(id_at, 7) ub_match = univ.Integer(128) ub_unformatted_address_length = univ.Integer(180) class Attribute(univ.Sequence): pass Attribute.componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) ) extended_network_address = univ.Integer(22) unique_postal_name = univ.Integer(20) ub_pds_physical_address_lines = univ.Integer(6) class UnformattedPostalAddress(univ.Set): pass UnformattedPostalAddress.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) class UniquePostalName(PDSParameter): pass class X520Pseudonym(univ.Choice): pass X520Pseudonym.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) ) teletex_organization_name = univ.Integer(3) teletex_domain_defined_attributes = univ.Integer(6) street_address = univ.Integer(17) id_kp_OCSPSigning = _OID(id_kp, 9) id_ce = _OID(2, 5, 29) id_ce_certificatePolicies = _OID(id_ce, 32) class EDIPartyName(univ.Sequence): pass EDIPartyName.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class AnotherName(univ.Sequence): pass AnotherName.componentType = namedtype.NamedTypes( namedtype.NamedType('type-id', univ.ObjectIdentifier()), namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class GeneralName(univ.Choice): pass GeneralName.componentType = namedtype.NamedTypes( namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) class GeneralNames(univ.SequenceOf): pass GeneralNames.componentType = GeneralName() GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class IssuerAltName(GeneralNames): pass id_ce_cRLDistributionPoints = _OID(id_ce, 31) class CertPolicyId(univ.ObjectIdentifier): pass class PolicyMappings(univ.SequenceOf): pass PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) )) PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class PolicyQualifierId(univ.ObjectIdentifier): pass holdInstruction = _OID(2, 2, 840, 10040, 2) id_ce_subjectDirectoryAttributes = _OID(id_ce, 9) id_holdinstruction_callissuer = _OID(holdInstruction, 2) class SubjectDirectoryAttributes(univ.SequenceOf): pass SubjectDirectoryAttributes.componentType = Attribute() SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) anyPolicy = _OID(id_ce_certificatePolicies, 0) id_ce_subjectAltName = _OID(id_ce, 17) id_kp_emailProtection = _OID(id_kp, 4) class ReasonFlags(univ.BitString): pass ReasonFlags.namedValues = namedval.NamedValues( ('unused', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('privilegeWithdrawn', 7), ('aACompromise', 8) ) class DistributionPointName(univ.Choice): pass DistributionPointName.componentType = namedtype.NamedTypes( namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class DistributionPoint(univ.Sequence): pass DistributionPoint.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) id_ce_keyUsage = _OID(id_ce, 15) class PolicyQualifierInfo(univ.Sequence): pass PolicyQualifierInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('policyQualifierId', PolicyQualifierId()), namedtype.NamedType('qualifier', univ.Any()) ) class PolicyInformation(univ.Sequence): pass PolicyInformation.componentType = namedtype.NamedTypes( namedtype.NamedType('policyIdentifier', CertPolicyId()), namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) ) class CertificatePolicies(univ.SequenceOf): pass CertificatePolicies.componentType = PolicyInformation() CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_ce_basicConstraints = _OID(id_ce, 19) class HoldInstructionCode(univ.ObjectIdentifier): pass class KeyPurposeId(univ.ObjectIdentifier): pass class ExtKeyUsageSyntax(univ.SequenceOf): pass ExtKeyUsageSyntax.componentType = KeyPurposeId() ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class SubjectAltName(GeneralNames): pass class BasicConstraints(univ.Sequence): pass BasicConstraints.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) class SkipCerts(univ.Integer): pass SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class InhibitAnyPolicy(SkipCerts): pass class CRLNumber(univ.Integer): pass CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class BaseCRLNumber(CRLNumber): pass class KeyIdentifier(univ.OctetString): pass class AuthorityKeyIdentifier(univ.Sequence): pass AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) id_ce_nameConstraints = _OID(id_ce, 30) id_kp_serverAuth = _OID(id_kp, 1) id_ce_freshestCRL = _OID(id_ce, 46) id_ce_cRLReasons = _OID(id_ce, 21) class CRLDistributionPoints(univ.SequenceOf): pass CRLDistributionPoints.componentType = DistributionPoint() CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class FreshestCRL(CRLDistributionPoints): pass id_ce_inhibitAnyPolicy = _OID(id_ce, 54) class CRLReason(univ.Enumerated): pass CRLReason.namedValues = namedval.NamedValues( ('unspecified', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('removeFromCRL', 8), ('privilegeWithdrawn', 9), ('aACompromise', 10) ) class BaseDistance(univ.Integer): pass BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class GeneralSubtree(univ.Sequence): pass GeneralSubtree.componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), namedtype.OptionalNamedType('maximum', BaseDistance().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class GeneralSubtrees(univ.SequenceOf): pass GeneralSubtrees.componentType = GeneralSubtree() GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class NameConstraints(univ.Sequence): pass NameConstraints.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_pe_authorityInfoAccess = _OID(id_pe, 1) id_pe_subjectInfoAccess = _OID(id_pe, 11) id_ce_certificateIssuer = _OID(id_ce, 29) id_ce_invalidityDate = _OID(id_ce, 24) class DirectoryString(univ.Choice): pass DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('any', univ.Any()) ) id_ce_authorityKeyIdentifier = _OID(id_ce, 35) class AccessDescription(univ.Sequence): pass AccessDescription.componentType = namedtype.NamedTypes( namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), namedtype.NamedType('accessLocation', GeneralName()) ) class AuthorityInfoAccessSyntax(univ.SequenceOf): pass AuthorityInfoAccessSyntax.componentType = AccessDescription() AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_ce_issuingDistributionPoint = _OID(id_ce, 28) class CPSuri(char.IA5String): pass class DisplayText(univ.Choice): pass DisplayText.componentType = namedtype.NamedTypes( namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) class NoticeReference(univ.Sequence): pass NoticeReference.componentType = namedtype.NamedTypes( namedtype.NamedType('organization', DisplayText()), namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) ) class UserNotice(univ.Sequence): pass UserNotice.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('noticeRef', NoticeReference()), namedtype.OptionalNamedType('explicitText', DisplayText()) ) class PrivateKeyUsagePeriod(univ.Sequence): pass PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_ce_subjectKeyIdentifier = _OID(id_ce, 14) class CertificateIssuer(GeneralNames): pass class InvalidityDate(useful.GeneralizedTime): pass class SubjectInfoAccessSyntax(univ.SequenceOf): pass SubjectInfoAccessSyntax.componentType = AccessDescription() SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class KeyUsage(univ.BitString): pass KeyUsage.namedValues = namedval.NamedValues( ('digitalSignature', 0), ('nonRepudiation', 1), ('keyEncipherment', 2), ('dataEncipherment', 3), ('keyAgreement', 4), ('keyCertSign', 5), ('cRLSign', 6), ('encipherOnly', 7), ('decipherOnly', 8) ) id_ce_extKeyUsage = _OID(id_ce, 37) anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0) id_ce_privateKeyUsagePeriod = _OID(id_ce, 16) id_ce_policyMappings = _OID(id_ce, 33) id_ce_cRLNumber = _OID(id_ce, 20) id_ce_policyConstraints = _OID(id_ce, 36) id_holdinstruction_none = _OID(holdInstruction, 1) id_holdinstruction_reject = _OID(holdInstruction, 3) id_kp_timeStamping = _OID(id_kp, 8) class PolicyConstraints(univ.Sequence): pass PolicyConstraints.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class SubjectKeyIdentifier(KeyIdentifier): pass id_kp_clientAuth = _OID(id_kp, 2) id_ce_deltaCRLIndicator = _OID(id_ce, 27) id_ce_issuerAltName = _OID(id_ce, 18) id_kp_codeSigning = _OID(id_kp, 3) id_ce_holdInstructionCode = _OID(id_ce, 23) class IssuingDistributionPoint(univ.Sequence): pass IssuingDistributionPoint.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc3281.py0000644006321400632140000002321213551772550022461 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # An Internet Attribute Certificate Profile for Authorization # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3281.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc3280 MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) class ObjectDigestInfo(univ.Sequence): pass ObjectDigestInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('digestedObjectType', univ.Enumerated( namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))), namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()), namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('objectDigest', univ.BitString()) ) class IssuerSerial(univ.Sequence): pass IssuerSerial.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', rfc3280.GeneralNames()), namedtype.NamedType('serial', rfc3280.CertificateSerialNumber()), namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier()) ) class TargetCert(univ.Sequence): pass TargetCert.componentType = namedtype.NamedTypes( namedtype.NamedType('targetCertificate', IssuerSerial()), namedtype.OptionalNamedType('targetName', rfc3280.GeneralName()), namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo()) ) class Target(univ.Choice): pass Target.componentType = namedtype.NamedTypes( namedtype.NamedType('targetName', rfc3280.GeneralName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('targetCert', TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) class Targets(univ.SequenceOf): pass Targets.componentType = Target() class ProxyInfo(univ.SequenceOf): pass ProxyInfo.componentType = Targets() id_at_role = _buildOid(rfc3280.id_at, 72) id_pe_aaControls = _buildOid(rfc3280.id_pe, 6) id_ce_targetInformation = _buildOid(rfc3280.id_ce, 55) id_pe_ac_auditIdentity = _buildOid(rfc3280.id_pe, 4) class ClassList(univ.BitString): pass ClassList.namedValues = namedval.NamedValues( ('unmarked', 0), ('unclassified', 1), ('restricted', 2), ('confidential', 3), ('secret', 4), ('topSecret', 5) ) class SecurityCategory(univ.Sequence): pass SecurityCategory.componentType = namedtype.NamedTypes( namedtype.NamedType('type', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class Clearance(univ.Sequence): pass Clearance.componentType = namedtype.NamedTypes( namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.DefaultedNamedType('classList', ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype( value="unclassified")), namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class AttCertVersion(univ.Integer): pass AttCertVersion.namedValues = namedval.NamedValues( ('v2', 1) ) id_aca = _buildOid(rfc3280.id_pkix, 10) id_at_clearance = _buildOid(2, 5, 1, 5, 55) class AttrSpec(univ.SequenceOf): pass AttrSpec.componentType = univ.ObjectIdentifier() class AAControls(univ.Sequence): pass AAControls.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), namedtype.OptionalNamedType('permittedAttrs', AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('excludedAttrs', AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1)) ) class AttCertValidityPeriod(univ.Sequence): pass AttCertValidityPeriod.componentType = namedtype.NamedTypes( namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()), namedtype.NamedType('notAfterTime', useful.GeneralizedTime()) ) id_aca_authenticationInfo = _buildOid(id_aca, 1) class V2Form(univ.Sequence): pass V2Form.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('issuerName', rfc3280.GeneralNames()), namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class AttCertIssuer(univ.Choice): pass AttCertIssuer.componentType = namedtype.NamedTypes( namedtype.NamedType('v1Form', rfc3280.GeneralNames()), namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class Holder(univ.Sequence): pass Holder.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) class AttributeCertificateInfo(univ.Sequence): pass AttributeCertificateInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', AttCertVersion()), namedtype.NamedType('holder', Holder()), namedtype.NamedType('issuer', AttCertIssuer()), namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), namedtype.NamedType('attrCertValidityPeriod', AttCertValidityPeriod()), namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())), namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()), namedtype.OptionalNamedType('extensions', rfc3280.Extensions()) ) class AttributeCertificate(univ.Sequence): pass AttributeCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('acinfo', AttributeCertificateInfo()), namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('signatureValue', univ.BitString()) ) id_mod = _buildOid(rfc3280.id_pkix, 0) id_mod_attribute_cert = _buildOid(id_mod, 12) id_aca_accessIdentity = _buildOid(id_aca, 2) class RoleSyntax(univ.Sequence): pass RoleSyntax.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('roleName', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_aca_chargingIdentity = _buildOid(id_aca, 3) class ACClearAttrs(univ.Sequence): pass ACClearAttrs.componentType = namedtype.NamedTypes( namedtype.NamedType('acIssuer', rfc3280.GeneralName()), namedtype.NamedType('acSerial', univ.Integer()), namedtype.NamedType('attrs', univ.SequenceOf(componentType=rfc3280.Attribute())) ) id_aca_group = _buildOid(id_aca, 4) id_pe_ac_proxying = _buildOid(rfc3280.id_pe, 10) class SvceAuthInfo(univ.Sequence): pass SvceAuthInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('service', rfc3280.GeneralName()), namedtype.NamedType('ident', rfc3280.GeneralName()), namedtype.OptionalNamedType('authInfo', univ.OctetString()) ) class IetfAttrSyntax(univ.Sequence): pass IetfAttrSyntax.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType( 'policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) ), namedtype.NamedType( 'values', univ.SequenceOf( componentType=univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('octets', univ.OctetString()), namedtype.NamedType('oid', univ.ObjectIdentifier()), namedtype.NamedType('string', char.UTF8String()) ) ) ) ) ) id_aca_encAttrs = _buildOid(id_aca, 6) pyasn1-modules-0.2.8/pyasn1_modules/rfc3412.py0000644006321400632140000000364413551772550022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv3 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3412.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc1905 class ScopedPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contextEngineId', univ.OctetString()), namedtype.NamedType('contextName', univ.OctetString()), namedtype.NamedType('data', rfc1905.PDUs()) ) class ScopedPduData(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('plaintext', ScopedPDU()), namedtype.NamedType('encryptedPDU', univ.OctetString()), ) class HeaderData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgID', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgMaxSize', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))), namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))), namedtype.NamedType('msgSecurityModel', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647))) ) class SNMPv3Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgVersion', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgGlobalData', HeaderData()), namedtype.NamedType('msgSecurityParameters', univ.OctetString()), namedtype.NamedType('msgData', ScopedPduData()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc3414.py0000644006321400632140000000221713551772550022461 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # SNMPv3 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3414.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ class UsmSecurityParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()), namedtype.NamedType('msgAuthoritativeEngineBoots', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgAuthoritativeEngineTime', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgUserName', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))), namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()), namedtype.NamedType('msgPrivacyParameters', univ.OctetString()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc3447.py0000644006321400632140000000310513551772550022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # PKCS#1 syntax # # ASN.1 source from: # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn # # Sample captures could be obtained with "openssl genrsa" command # from pyasn1.type import constraint from pyasn1.type import namedval from pyasn1_modules.rfc2437 import * class OtherPrimeInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('prime', univ.Integer()), namedtype.NamedType('exponent', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()) ) class OtherPrimeInfos(univ.SequenceOf): componentType = OtherPrimeInfo() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class RSAPrivateKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('two-prime', 0), ('multi', 1)))), namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()), namedtype.NamedType('privateExponent', univ.Integer()), namedtype.NamedType('prime1', univ.Integer()), namedtype.NamedType('prime2', univ.Integer()), namedtype.NamedType('exponent1', univ.Integer()), namedtype.NamedType('exponent2', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()), namedtype.OptionalNamedType('otherPrimeInfos', OtherPrimeInfos()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc3560.py0000644006321400632140000000343213551772550022463 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # RSAES-OAEP Key Transport Algorithm in CMS # # Notice that all of the things needed in RFC 3560 are also defined # in RFC 4055. So, they are all pulled from the RFC 4055 module into # this one so that people looking a RFC 3560 can easily find them. # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3560.txt # from pyasn1_modules import rfc4055 id_sha1 = rfc4055.id_sha1 id_sha256 = rfc4055.id_sha256 id_sha384 = rfc4055.id_sha384 id_sha512 = rfc4055.id_sha512 id_mgf1 = rfc4055.id_mgf1 rsaEncryption = rfc4055.rsaEncryption id_RSAES_OAEP = rfc4055.id_RSAES_OAEP id_pSpecified = rfc4055.id_pSpecified sha1Identifier = rfc4055.sha1Identifier sha256Identifier = rfc4055.sha256Identifier sha384Identifier = rfc4055.sha384Identifier sha512Identifier = rfc4055.sha512Identifier mgf1SHA1Identifier = rfc4055.mgf1SHA1Identifier mgf1SHA256Identifier = rfc4055.mgf1SHA256Identifier mgf1SHA384Identifier = rfc4055.mgf1SHA384Identifier mgf1SHA512Identifier = rfc4055.mgf1SHA512Identifier pSpecifiedEmptyIdentifier = rfc4055.pSpecifiedEmptyIdentifier class RSAES_OAEP_params(rfc4055.RSAES_OAEP_params): pass rSAES_OAEP_Default_Params = RSAES_OAEP_params() rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier rSAES_OAEP_SHA256_Params = rfc4055.rSAES_OAEP_SHA256_Params rSAES_OAEP_SHA256_Identifier = rfc4055.rSAES_OAEP_SHA256_Identifier rSAES_OAEP_SHA384_Params = rfc4055.rSAES_OAEP_SHA384_Params rSAES_OAEP_SHA384_Identifier = rfc4055.rSAES_OAEP_SHA384_Identifier rSAES_OAEP_SHA512_Params = rfc4055.rSAES_OAEP_SHA512_Params rSAES_OAEP_SHA512_Identifier = rfc4055.rSAES_OAEP_SHA512_Identifier pyasn1-modules-0.2.8/pyasn1_modules/rfc3565.py0000644006321400632140000000263613551772550022475 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Use of the Advanced Encryption Standard (AES) Encryption # Algorithm in the Cryptographic Message Syntax (CMS) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3565.txt from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class AES_IV(univ.OctetString): pass AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) id_aes128_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.2') id_aes192_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.22') id_aes256_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.42') id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5') id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25') id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45') # Update the Algorithm Identifier map _algorithmIdentifierMapUpdate = { id_aes128_CBC: AES_IV(), id_aes192_CBC: AES_IV(), id_aes256_CBC: AES_IV(), id_aes128_wrap: univ.Null(), id_aes192_wrap: univ.Null(), id_aes256_wrap: univ.Null(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3709.py0000664006321400632140000001450513605660315022470 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Logotypes in X.509 Certificates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3709.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 from pyasn1_modules import rfc6170 MAX = float('inf') class HashAlgAndValue(univ.Sequence): pass HashAlgAndValue.componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('hashValue', univ.OctetString()) ) class LogotypeDetails(univ.Sequence): pass LogotypeDetails.componentType = namedtype.NamedTypes( namedtype.NamedType('mediaType', char.IA5String()), namedtype.NamedType('logotypeHash', univ.SequenceOf( componentType=HashAlgAndValue()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('logotypeURI', univ.SequenceOf( componentType=char.IA5String()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class LogotypeAudioInfo(univ.Sequence): pass LogotypeAudioInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('fileSize', univ.Integer()), namedtype.NamedType('playTime', univ.Integer()), namedtype.NamedType('channels', univ.Integer()), namedtype.OptionalNamedType('sampleRate', univ.Integer().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('language', char.IA5String().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class LogotypeAudio(univ.Sequence): pass LogotypeAudio.componentType = namedtype.NamedTypes( namedtype.NamedType('audioDetails', LogotypeDetails()), namedtype.OptionalNamedType('audioInfo', LogotypeAudioInfo()) ) class LogotypeImageType(univ.Integer): pass LogotypeImageType.namedValues = namedval.NamedValues( ('grayScale', 0), ('color', 1) ) class LogotypeImageResolution(univ.Choice): pass LogotypeImageResolution.componentType = namedtype.NamedTypes( namedtype.NamedType('numBits', univ.Integer().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('tableSize', univ.Integer().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 2))) ) class LogotypeImageInfo(univ.Sequence): pass LogotypeImageInfo.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('type', LogotypeImageType().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='color')), namedtype.NamedType('fileSize', univ.Integer()), namedtype.NamedType('xSize', univ.Integer()), namedtype.NamedType('ySize', univ.Integer()), namedtype.OptionalNamedType('resolution', LogotypeImageResolution()), namedtype.OptionalNamedType('language', char.IA5String().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class LogotypeImage(univ.Sequence): pass LogotypeImage.componentType = namedtype.NamedTypes( namedtype.NamedType('imageDetails', LogotypeDetails()), namedtype.OptionalNamedType('imageInfo', LogotypeImageInfo()) ) class LogotypeData(univ.Sequence): pass LogotypeData.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('image', univ.SequenceOf( componentType=LogotypeImage())), namedtype.OptionalNamedType('audio', univ.SequenceOf( componentType=LogotypeAudio()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class LogotypeReference(univ.Sequence): pass LogotypeReference.componentType = namedtype.NamedTypes( namedtype.NamedType('refStructHash', univ.SequenceOf( componentType=HashAlgAndValue()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('refStructURI', univ.SequenceOf( componentType=char.IA5String()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class LogotypeInfo(univ.Choice): pass LogotypeInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('direct', LogotypeData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('indirect', LogotypeReference().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) # Other logotype type and associated object identifiers id_logo_background = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.2') id_logo_loyalty = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.1') id_logo_certImage = rfc6170.id_logo_certImage class OtherLogotypeInfo(univ.Sequence): pass OtherLogotypeInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('logotypeType', univ.ObjectIdentifier()), namedtype.NamedType('info', LogotypeInfo()) ) # Logotype Certificate Extension id_pe_logotype = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.12') class LogotypeExtn(univ.Sequence): pass LogotypeExtn.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('communityLogos', univ.SequenceOf( componentType=LogotypeInfo()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('issuerLogo', LogotypeInfo().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.OptionalNamedType('subjectLogo', LogotypeInfo().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('otherLogos', univ.SequenceOf( componentType=OtherLogotypeInfo()).subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 3))) ) # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_logotype: LogotypeExtn(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3770.py0000664006321400632140000000331713605660315022465 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Certificate Extensions and Attributes Supporting Authentication # in PPP and Wireless LAN Networks # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3770.txt # https://www.rfc-editor.org/errata/eid234 # from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') # Extended Key Usage Values id_kp_eapOverLAN = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.14') id_kp_eapOverPPP = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.13') # Wireless LAN SSID Extension id_pe_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.13') class SSID(univ.OctetString): pass SSID.subtypeSpec = constraint.ValueSizeConstraint(1, 32) class SSIDList(univ.SequenceOf): pass SSIDList.componentType = SSID() SSIDList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) # Wireless LAN SSID Attribute Certificate Attribute # Uses same syntax as the certificate extension: SSIDList # Correction for https://www.rfc-editor.org/errata/eid234 id_aca_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.10.7') # Map of Certificate Extension OIDs to Extensions # To be added to the ones that are in rfc5280.py _certificateExtensionsMap = { id_pe_wlanSSID: SSIDList(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) # Map of AttributeType OIDs to AttributeValue added to the # ones that are in rfc5280.py _certificateAttributesMapUpdate = { id_aca_wlanSSID: SSIDList(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3779.py0000644006321400632140000000627413551772550022506 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # X.509 Extensions for IP Addresses and AS Identifiers # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc3779.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 # IP Address Delegation Extension id_pe_ipAddrBlocks = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.7') class IPAddress(univ.BitString): pass class IPAddressRange(univ.Sequence): pass IPAddressRange.componentType = namedtype.NamedTypes( namedtype.NamedType('min', IPAddress()), namedtype.NamedType('max', IPAddress()) ) class IPAddressOrRange(univ.Choice): pass IPAddressOrRange.componentType = namedtype.NamedTypes( namedtype.NamedType('addressPrefix', IPAddress()), namedtype.NamedType('addressRange', IPAddressRange()) ) class IPAddressChoice(univ.Choice): pass IPAddressChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('inherit', univ.Null()), namedtype.NamedType('addressesOrRanges', univ.SequenceOf( componentType=IPAddressOrRange()) ) ) class IPAddressFamily(univ.Sequence): pass IPAddressFamily.componentType = namedtype.NamedTypes( namedtype.NamedType('addressFamily', univ.OctetString().subtype( subtypeSpec=constraint.ValueSizeConstraint(2, 3))), namedtype.NamedType('ipAddressChoice', IPAddressChoice()) ) class IPAddrBlocks(univ.SequenceOf): pass IPAddrBlocks.componentType = IPAddressFamily() # Autonomous System Identifier Delegation Extension id_pe_autonomousSysIds = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.8') class ASId(univ.Integer): pass class ASRange(univ.Sequence): pass ASRange.componentType = namedtype.NamedTypes( namedtype.NamedType('min', ASId()), namedtype.NamedType('max', ASId()) ) class ASIdOrRange(univ.Choice): pass ASIdOrRange.componentType = namedtype.NamedTypes( namedtype.NamedType('id', ASId()), namedtype.NamedType('range', ASRange()) ) class ASIdentifierChoice(univ.Choice): pass ASIdentifierChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('inherit', univ.Null()), namedtype.NamedType('asIdsOrRanges', univ.SequenceOf( componentType=ASIdOrRange()) ) ) class ASIdentifiers(univ.Sequence): pass ASIdentifiers.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('asnum', ASIdentifierChoice().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('rdi', ASIdentifierChoice().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) # Map of Certificate Extension OIDs to Extensions is added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_ipAddrBlocks: IPAddrBlocks(), id_pe_autonomousSysIds: ASIdentifiers(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc3852.py0000644006321400632140000004720513551772550022475 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Cryptographic Message Syntax (CMS) # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3852.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3281 MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) class AttributeValue(univ.Any): pass class Attribute(univ.Sequence): pass Attribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', univ.ObjectIdentifier()), namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue())) ) class SignedAttributes(univ.SetOf): pass SignedAttributes.componentType = Attribute() SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class OtherRevocationInfoFormat(univ.Sequence): pass OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), namedtype.NamedType('otherRevInfo', univ.Any()) ) class RevocationInfoChoice(univ.Choice): pass RevocationInfoChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('crl', rfc3280.CertificateList()), namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class RevocationInfoChoices(univ.SetOf): pass RevocationInfoChoices.componentType = RevocationInfoChoice() class OtherKeyAttribute(univ.Sequence): pass OtherKeyAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), namedtype.OptionalNamedType('keyAttr', univ.Any()) ) id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): pass class EncryptedKey(univ.OctetString): pass class CMSVersion(univ.Integer): pass CMSVersion.namedValues = namedval.NamedValues( ('v0', 0), ('v1', 1), ('v2', 2), ('v3', 3), ('v4', 4), ('v5', 5) ) class KEKIdentifier(univ.Sequence): pass KEKIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('keyIdentifier', univ.OctetString()), namedtype.OptionalNamedType('date', useful.GeneralizedTime()), namedtype.OptionalNamedType('other', OtherKeyAttribute()) ) class KEKRecipientInfo(univ.Sequence): pass KEKRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('kekid', KEKIdentifier()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): pass class PasswordRecipientInfo(univ.Sequence): pass PasswordRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class OtherRecipientInfo(univ.Sequence): pass OtherRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('oriType', univ.ObjectIdentifier()), namedtype.NamedType('oriValue', univ.Any()) ) class IssuerAndSerialNumber(univ.Sequence): pass IssuerAndSerialNumber.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', rfc3280.Name()), namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()) ) class SubjectKeyIdentifier(univ.OctetString): pass class RecipientKeyIdentifier(univ.Sequence): pass RecipientKeyIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), namedtype.OptionalNamedType('date', useful.GeneralizedTime()), namedtype.OptionalNamedType('other', OtherKeyAttribute()) ) class KeyAgreeRecipientIdentifier(univ.Choice): pass KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class RecipientEncryptedKey(univ.Sequence): pass RecipientEncryptedKey.componentType = namedtype.NamedTypes( namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class RecipientEncryptedKeys(univ.SequenceOf): pass RecipientEncryptedKeys.componentType = RecipientEncryptedKey() class UserKeyingMaterial(univ.OctetString): pass class OriginatorPublicKey(univ.Sequence): pass OriginatorPublicKey.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('publicKey', univ.BitString()) ) class OriginatorIdentifierOrKey(univ.Choice): pass OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class KeyAgreeRecipientInfo(univ.Sequence): pass KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) ) class RecipientIdentifier(univ.Choice): pass RecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class KeyTransRecipientInfo(univ.Sequence): pass KeyTransRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('rid', RecipientIdentifier()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class RecipientInfo(univ.Choice): pass RecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('ktri', KeyTransRecipientInfo()), namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('kekri', KEKRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('ori', OtherRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) ) class RecipientInfos(univ.SetOf): pass RecipientInfos.componentType = RecipientInfo() RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): pass class Signature(univ.BitString): pass class SignerIdentifier(univ.Choice): pass SignerIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class UnprotectedAttributes(univ.SetOf): pass UnprotectedAttributes.componentType = Attribute() UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class ContentType(univ.ObjectIdentifier): pass class EncryptedContent(univ.OctetString): pass class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): pass class EncryptedContentInfo(univ.Sequence): pass EncryptedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class EncryptedData(univ.Sequence): pass EncryptedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) class DigestAlgorithmIdentifiers(univ.SetOf): pass DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() class EncapsulatedContentInfo(univ.Sequence): pass EncapsulatedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('eContentType', ContentType()), namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Digest(univ.OctetString): pass class DigestedData(univ.Sequence): pass DigestedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), namedtype.NamedType('digest', Digest()) ) class ContentInfo(univ.Sequence): pass ContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class UnauthAttributes(univ.SetOf): pass UnauthAttributes.componentType = Attribute() UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class ExtendedCertificateInfo(univ.Sequence): pass ExtendedCertificateInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('certificate', rfc3280.Certificate()), namedtype.NamedType('attributes', UnauthAttributes()) ) class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): pass class ExtendedCertificate(univ.Sequence): pass ExtendedCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) class OtherCertificateFormat(univ.Sequence): pass OtherCertificateFormat.componentType = namedtype.NamedTypes( namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), namedtype.NamedType('otherCert', univ.Any()) ) class AttributeCertificateV2(rfc3281.AttributeCertificate): pass class AttCertVersionV1(univ.Integer): pass AttCertVersionV1.namedValues = namedval.NamedValues( ('v1', 0) ) class AttributeCertificateInfoV1(univ.Sequence): pass AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), namedtype.NamedType( 'subject', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) ) ), namedtype.NamedType('issuer', rfc3280.GeneralNames()), namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())), namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()), namedtype.OptionalNamedType('extensions', rfc3280.Extensions()) ) class AttributeCertificateV1(univ.Sequence): pass AttributeCertificateV1.componentType = namedtype.NamedTypes( namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class CertificateChoices(univ.Choice): pass CertificateChoices.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc3280.Certificate()), namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('other', OtherCertificateFormat().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class CertificateSet(univ.SetOf): pass CertificateSet.componentType = CertificateChoices() class MessageAuthenticationCode(univ.OctetString): pass class UnsignedAttributes(univ.SetOf): pass UnsignedAttributes.componentType = Attribute() UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class SignatureValue(univ.OctetString): pass class SignerInfo(univ.Sequence): pass SignerInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('sid', SignerIdentifier()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', SignatureValue()), namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class SignerInfos(univ.SetOf): pass SignerInfos.componentType = SignerInfo() class SignedData(univ.Sequence): pass SignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), namedtype.OptionalNamedType('certificates', CertificateSet().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier): pass class MessageDigest(univ.OctetString): pass class Time(univ.Choice): pass Time.componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) ) class OriginatorInfo(univ.Sequence): pass OriginatorInfo.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('certs', CertificateSet().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class AuthAttributes(univ.SetOf): pass AuthAttributes.componentType = Attribute() AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class AuthenticatedData(univ.Sequence): pass AuthenticatedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('mac', MessageAuthenticationCode()), namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) class EnvelopedData(univ.Sequence): pass EnvelopedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class Countersignature(SignerInfo): pass id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) class ExtendedCertificateOrCertificate(univ.Choice): pass ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc3280.Certificate()), namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) class SigningTime(Time): pass id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) pyasn1-modules-0.2.8/pyasn1_modules/rfc4043.py0000664006321400632140000000205313605660315022453 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Internet X.509 Public Key Infrastructure Permanent Identifier # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc4043.txt # from pyasn1.type import char from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) id_on = id_pkix + (8, ) id_on_permanentIdentifier = id_on + (3, ) class PermanentIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('identifierValue', char.UTF8String()), namedtype.OptionalNamedType('assigner', univ.ObjectIdentifier()) ) # Map of Other Name OIDs to Other Name is added to the # ones that are in rfc5280.py _anotherNameMapUpdate = { id_on_permanentIdentifier: PermanentIdentifier(), } rfc5280.anotherNameMap.update(_anotherNameMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc4055.py0000644006321400632140000002423013551772550022462 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with a very small amount of assistance from # asn1ate v.0.6.0. # Modified by Russ Housley to add maps for opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Additional Algorithms and Identifiers for RSA Cryptography # for use in Certificates and CRLs # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc4055.txt # from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) id_sha1 = _OID(1, 3, 14, 3, 2, 26) id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1) id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2) id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3) id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4) rsaEncryption = _OID(1, 2, 840, 113549, 1, 1, 1) id_mgf1 = _OID(1, 2, 840, 113549, 1, 1, 8) id_RSAES_OAEP = _OID(1, 2, 840, 113549, 1, 1, 7) id_pSpecified = _OID(1, 2, 840, 113549, 1, 1, 9) id_RSASSA_PSS = _OID(1, 2, 840, 113549, 1, 1, 10) sha256WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 11) sha384WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 12) sha512WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 13) sha224WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 14) sha1Identifier = rfc5280.AlgorithmIdentifier() sha1Identifier['algorithm'] = id_sha1 sha1Identifier['parameters'] = univ.Null("") sha224Identifier = rfc5280.AlgorithmIdentifier() sha224Identifier['algorithm'] = id_sha224 sha224Identifier['parameters'] = univ.Null("") sha256Identifier = rfc5280.AlgorithmIdentifier() sha256Identifier['algorithm'] = id_sha256 sha256Identifier['parameters'] = univ.Null("") sha384Identifier = rfc5280.AlgorithmIdentifier() sha384Identifier['algorithm'] = id_sha384 sha384Identifier['parameters'] = univ.Null("") sha512Identifier = rfc5280.AlgorithmIdentifier() sha512Identifier['algorithm'] = id_sha512 sha512Identifier['parameters'] = univ.Null("") mgf1SHA1Identifier = rfc5280.AlgorithmIdentifier() mgf1SHA1Identifier['algorithm'] = id_mgf1 mgf1SHA1Identifier['parameters'] = sha1Identifier mgf1SHA224Identifier = rfc5280.AlgorithmIdentifier() mgf1SHA224Identifier['algorithm'] = id_mgf1 mgf1SHA224Identifier['parameters'] = sha224Identifier mgf1SHA256Identifier = rfc5280.AlgorithmIdentifier() mgf1SHA256Identifier['algorithm'] = id_mgf1 mgf1SHA256Identifier['parameters'] = sha256Identifier mgf1SHA384Identifier = rfc5280.AlgorithmIdentifier() mgf1SHA384Identifier['algorithm'] = id_mgf1 mgf1SHA384Identifier['parameters'] = sha384Identifier mgf1SHA512Identifier = rfc5280.AlgorithmIdentifier() mgf1SHA512Identifier['algorithm'] = id_mgf1 mgf1SHA512Identifier['parameters'] = sha512Identifier pSpecifiedEmptyIdentifier = rfc5280.AlgorithmIdentifier() pSpecifiedEmptyIdentifier['algorithm'] = id_pSpecified pSpecifiedEmptyIdentifier['parameters'] = univ.OctetString(value='') class RSAPublicKey(univ.Sequence): pass RSAPublicKey.componentType = namedtype.NamedTypes( namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()) ) class HashAlgorithm(rfc5280.AlgorithmIdentifier): pass class MaskGenAlgorithm(rfc5280.AlgorithmIdentifier): pass class RSAES_OAEP_params(univ.Sequence): pass RSAES_OAEP_params.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('hashFunc', rfc5280.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('maskGenFunc', rfc5280.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.OptionalNamedType('pSourceFunc', rfc5280.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) rSAES_OAEP_Default_Params = RSAES_OAEP_params() rSAES_OAEP_Default_Identifier = rfc5280.AlgorithmIdentifier() rSAES_OAEP_Default_Identifier['algorithm'] = id_RSAES_OAEP rSAES_OAEP_Default_Identifier['parameters'] = rSAES_OAEP_Default_Params rSAES_OAEP_SHA224_Params = RSAES_OAEP_params() rSAES_OAEP_SHA224_Params['hashFunc'] = sha224Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSAES_OAEP_SHA224_Params['maskGenFunc'] = mgf1SHA224Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSAES_OAEP_SHA224_Identifier = rfc5280.AlgorithmIdentifier() rSAES_OAEP_SHA224_Identifier['algorithm'] = id_RSAES_OAEP rSAES_OAEP_SHA224_Identifier['parameters'] = rSAES_OAEP_SHA224_Params rSAES_OAEP_SHA256_Params = RSAES_OAEP_params() rSAES_OAEP_SHA256_Params['hashFunc'] = sha256Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSAES_OAEP_SHA256_Params['maskGenFunc'] = mgf1SHA256Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSAES_OAEP_SHA256_Identifier = rfc5280.AlgorithmIdentifier() rSAES_OAEP_SHA256_Identifier['algorithm'] = id_RSAES_OAEP rSAES_OAEP_SHA256_Identifier['parameters'] = rSAES_OAEP_SHA256_Params rSAES_OAEP_SHA384_Params = RSAES_OAEP_params() rSAES_OAEP_SHA384_Params['hashFunc'] = sha384Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSAES_OAEP_SHA384_Params['maskGenFunc'] = mgf1SHA384Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSAES_OAEP_SHA384_Identifier = rfc5280.AlgorithmIdentifier() rSAES_OAEP_SHA384_Identifier['algorithm'] = id_RSAES_OAEP rSAES_OAEP_SHA384_Identifier['parameters'] = rSAES_OAEP_SHA384_Params rSAES_OAEP_SHA512_Params = RSAES_OAEP_params() rSAES_OAEP_SHA512_Params['hashFunc'] = sha512Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSAES_OAEP_SHA512_Params['maskGenFunc'] = mgf1SHA512Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSAES_OAEP_SHA512_Identifier = rfc5280.AlgorithmIdentifier() rSAES_OAEP_SHA512_Identifier['algorithm'] = id_RSAES_OAEP rSAES_OAEP_SHA512_Identifier['parameters'] = rSAES_OAEP_SHA512_Params class RSASSA_PSS_params(univ.Sequence): pass RSASSA_PSS_params.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('maskGenAlgorithm', rfc5280.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.DefaultedNamedType('saltLength', univ.Integer(value=20).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.DefaultedNamedType('trailerField', univ.Integer(value=1).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) rSASSA_PSS_Default_Params = RSASSA_PSS_params() rSASSA_PSS_Default_Identifier = rfc5280.AlgorithmIdentifier() rSASSA_PSS_Default_Identifier['algorithm'] = id_RSASSA_PSS rSASSA_PSS_Default_Identifier['parameters'] = rSASSA_PSS_Default_Params rSASSA_PSS_SHA224_Params = RSASSA_PSS_params() rSASSA_PSS_SHA224_Params['hashAlgorithm'] = sha224Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSASSA_PSS_SHA224_Params['maskGenAlgorithm'] = mgf1SHA224Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSASSA_PSS_SHA224_Identifier = rfc5280.AlgorithmIdentifier() rSASSA_PSS_SHA224_Identifier['algorithm'] = id_RSASSA_PSS rSASSA_PSS_SHA224_Identifier['parameters'] = rSASSA_PSS_SHA224_Params rSASSA_PSS_SHA256_Params = RSASSA_PSS_params() rSASSA_PSS_SHA256_Params['hashAlgorithm'] = sha256Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSASSA_PSS_SHA256_Params['maskGenAlgorithm'] = mgf1SHA256Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSASSA_PSS_SHA256_Identifier = rfc5280.AlgorithmIdentifier() rSASSA_PSS_SHA256_Identifier['algorithm'] = id_RSASSA_PSS rSASSA_PSS_SHA256_Identifier['parameters'] = rSASSA_PSS_SHA256_Params rSASSA_PSS_SHA384_Params = RSASSA_PSS_params() rSASSA_PSS_SHA384_Params['hashAlgorithm'] = sha384Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSASSA_PSS_SHA384_Params['maskGenAlgorithm'] = mgf1SHA384Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSASSA_PSS_SHA384_Identifier = rfc5280.AlgorithmIdentifier() rSASSA_PSS_SHA384_Identifier['algorithm'] = id_RSASSA_PSS rSASSA_PSS_SHA384_Identifier['parameters'] = rSASSA_PSS_SHA384_Params rSASSA_PSS_SHA512_Params = RSASSA_PSS_params() rSASSA_PSS_SHA512_Params['hashAlgorithm'] = sha512Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) rSASSA_PSS_SHA512_Params['maskGenAlgorithm'] = mgf1SHA512Identifier.subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) rSASSA_PSS_SHA512_Identifier = rfc5280.AlgorithmIdentifier() rSASSA_PSS_SHA512_Identifier['algorithm'] = id_RSASSA_PSS rSASSA_PSS_SHA512_Identifier['parameters'] = rSASSA_PSS_SHA512_Params # Update the Algorithm Identifier map _algorithmIdentifierMapUpdate = { id_sha1: univ.Null(), id_sha224: univ.Null(), id_sha256: univ.Null(), id_sha384: univ.Null(), id_sha512: univ.Null(), id_mgf1: rfc5280.AlgorithmIdentifier(), id_pSpecified: univ.OctetString(), id_RSAES_OAEP: RSAES_OAEP_params(), id_RSASSA_PSS: RSASSA_PSS_params(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc4073.py0000644006321400632140000000314413551772550022463 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with some assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add a map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Protecting Multiple Contents with the CMS # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc4073.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5652 MAX = float('inf') # Content Collection Content Type and Object Identifier id_ct_contentCollection = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.19') class ContentCollection(univ.SequenceOf): pass ContentCollection.componentType = rfc5652.ContentInfo() ContentCollection.sizeSpec = constraint.ValueSizeConstraint(1, MAX) # Content With Attributes Content Type and Object Identifier id_ct_contentWithAttrs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.20') class ContentWithAttributes(univ.Sequence): pass ContentWithAttributes.componentType = namedtype.NamedTypes( namedtype.NamedType('content', rfc5652.ContentInfo()), namedtype.NamedType('attrs', univ.SequenceOf( componentType=rfc5652.Attribute()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))) ) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_contentCollection: ContentCollection(), id_ct_contentWithAttrs: ContentWithAttributes(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc4108.py0000644006321400632140000002454613551772550022473 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add items from the verified errata. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # CMS Firmware Wrapper # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc4108.txt # https://www.rfc-editor.org/errata_search.php?rfc=4108 # from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 MAX = float('inf') class HardwareSerialEntry(univ.Choice): pass HardwareSerialEntry.componentType = namedtype.NamedTypes( namedtype.NamedType('all', univ.Null()), namedtype.NamedType('single', univ.OctetString()), namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('low', univ.OctetString()), namedtype.NamedType('high', univ.OctetString()) )) ) ) class HardwareModules(univ.Sequence): pass HardwareModules.componentType = namedtype.NamedTypes( namedtype.NamedType('hwType', univ.ObjectIdentifier()), namedtype.NamedType('hwSerialEntries', univ.SequenceOf(componentType=HardwareSerialEntry())) ) class CommunityIdentifier(univ.Choice): pass CommunityIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('communityOID', univ.ObjectIdentifier()), namedtype.NamedType('hwModuleList', HardwareModules()) ) class PreferredPackageIdentifier(univ.Sequence): pass PreferredPackageIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('fwPkgID', univ.ObjectIdentifier()), namedtype.NamedType('verNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) class PreferredOrLegacyPackageIdentifier(univ.Choice): pass PreferredOrLegacyPackageIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('preferred', PreferredPackageIdentifier()), namedtype.NamedType('legacy', univ.OctetString()) ) class CurrentFWConfig(univ.Sequence): pass CurrentFWConfig.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('fwPkgType', univ.Integer()), namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()) ) class PreferredOrLegacyStalePackageIdentifier(univ.Choice): pass PreferredOrLegacyStalePackageIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('preferredStaleVerNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), namedtype.NamedType('legacyStaleVersion', univ.OctetString()) ) class FirmwarePackageLoadErrorCode(univ.Enumerated): pass FirmwarePackageLoadErrorCode.namedValues = namedval.NamedValues( ('decodeFailure', 1), ('badContentInfo', 2), ('badSignedData', 3), ('badEncapContent', 4), ('badCertificate', 5), ('badSignerInfo', 6), ('badSignedAttrs', 7), ('badUnsignedAttrs', 8), ('missingContent', 9), ('noTrustAnchor', 10), ('notAuthorized', 11), ('badDigestAlgorithm', 12), ('badSignatureAlgorithm', 13), ('unsupportedKeySize', 14), ('signatureFailure', 15), ('contentTypeMismatch', 16), ('badEncryptedData', 17), ('unprotectedAttrsPresent', 18), ('badEncryptContent', 19), ('badEncryptAlgorithm', 20), ('missingCiphertext', 21), ('noDecryptKey', 22), ('decryptFailure', 23), ('badCompressAlgorithm', 24), ('missingCompressedContent', 25), ('decompressFailure', 26), ('wrongHardware', 27), ('stalePackage', 28), ('notInCommunity', 29), ('unsupportedPackageType', 30), ('missingDependency', 31), ('wrongDependencyVersion', 32), ('insufficientMemory', 33), ('badFirmware', 34), ('unsupportedParameters', 35), ('breaksDependency', 36), ('otherError', 99) ) class VendorLoadErrorCode(univ.Integer): pass # Wrapped Firmware Key Unsigned Attribute and Object Identifier id_aa_wrappedFirmwareKey = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.39') class WrappedFirmwareKey(rfc5652.EnvelopedData): pass # Firmware Package Information Signed Attribute and Object Identifier id_aa_firmwarePackageInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.42') class FirmwarePackageInfo(univ.Sequence): pass FirmwarePackageInfo.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('fwPkgType', univ.Integer()), namedtype.OptionalNamedType('dependencies', univ.SequenceOf(componentType=PreferredOrLegacyPackageIdentifier())) ) FirmwarePackageInfo.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) # Community Identifiers Signed Attribute and Object Identifier id_aa_communityIdentifiers = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.40') class CommunityIdentifiers(univ.SequenceOf): pass CommunityIdentifiers.componentType = CommunityIdentifier() # Implemented Compression Algorithms Signed Attribute and Object Identifier id_aa_implCompressAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.43') class ImplementedCompressAlgorithms(univ.SequenceOf): pass ImplementedCompressAlgorithms.componentType = univ.ObjectIdentifier() # Implemented Cryptographic Algorithms Signed Attribute and Object Identifier id_aa_implCryptoAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.38') class ImplementedCryptoAlgorithms(univ.SequenceOf): pass ImplementedCryptoAlgorithms.componentType = univ.ObjectIdentifier() # Decrypt Key Identifier Signed Attribute and Object Identifier id_aa_decryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.37') class DecryptKeyIdentifier(univ.OctetString): pass # Target Hardware Identifier Signed Attribute and Object Identifier id_aa_targetHardwareIDs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.36') class TargetHardwareIdentifiers(univ.SequenceOf): pass TargetHardwareIdentifiers.componentType = univ.ObjectIdentifier() # Firmware Package Identifier Signed Attribute and Object Identifier id_aa_firmwarePackageID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.35') class FirmwarePackageIdentifier(univ.Sequence): pass FirmwarePackageIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('name', PreferredOrLegacyPackageIdentifier()), namedtype.OptionalNamedType('stale', PreferredOrLegacyStalePackageIdentifier()) ) # Firmware Package Message Digest Signed Attribute and Object Identifier id_aa_fwPkgMessageDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.41') class FirmwarePackageMessageDigest(univ.Sequence): pass FirmwarePackageMessageDigest.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('msgDigest', univ.OctetString()) ) # Firmware Package Load Error Report Content Type and Object Identifier class FWErrorVersion(univ.Integer): pass FWErrorVersion.namedValues = namedval.NamedValues( ('v1', 1) ) id_ct_firmwareLoadError = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.18') class FirmwarePackageLoadError(univ.Sequence): pass FirmwarePackageLoadError.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', FWErrorVersion().subtype(value='v1')), namedtype.NamedType('hwType', univ.ObjectIdentifier()), namedtype.NamedType('hwSerialNum', univ.OctetString()), namedtype.NamedType('errorCode', FirmwarePackageLoadErrorCode()), namedtype.OptionalNamedType('vendorErrorCode', VendorLoadErrorCode()), namedtype.OptionalNamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()), namedtype.OptionalNamedType('config', univ.SequenceOf(componentType=CurrentFWConfig()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) # Firmware Package Load Receipt Content Type and Object Identifier class FWReceiptVersion(univ.Integer): pass FWReceiptVersion.namedValues = namedval.NamedValues( ('v1', 1) ) id_ct_firmwareLoadReceipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.17') class FirmwarePackageLoadReceipt(univ.Sequence): pass FirmwarePackageLoadReceipt.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', FWReceiptVersion().subtype(value='v1')), namedtype.NamedType('hwType', univ.ObjectIdentifier()), namedtype.NamedType('hwSerialNum', univ.OctetString()), namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()), namedtype.OptionalNamedType('trustAnchorKeyID', univ.OctetString()), namedtype.OptionalNamedType('decryptKeyID', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) # Firmware Package Content Type and Object Identifier id_ct_firmwarePackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.16') class FirmwarePkgData(univ.OctetString): pass # Other Name syntax for Hardware Module Name id_on_hardwareModuleName = univ.ObjectIdentifier('1.3.6.1.5.5.7.8.4') class HardwareModuleName(univ.Sequence): pass HardwareModuleName.componentType = namedtype.NamedTypes( namedtype.NamedType('hwType', univ.ObjectIdentifier()), namedtype.NamedType('hwSerialNum', univ.OctetString()) ) # Map of Attribute Type OIDs to Attributes is added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_wrappedFirmwareKey: WrappedFirmwareKey(), id_aa_firmwarePackageInfo: FirmwarePackageInfo(), id_aa_communityIdentifiers: CommunityIdentifiers(), id_aa_implCompressAlgs: ImplementedCompressAlgorithms(), id_aa_implCryptoAlgs: ImplementedCryptoAlgorithms(), id_aa_decryptKeyID: DecryptKeyIdentifier(), id_aa_targetHardwareIDs: TargetHardwareIdentifiers(), id_aa_firmwarePackageID: FirmwarePackageIdentifier(), id_aa_fwPkgMessageDigest: FirmwarePackageMessageDigest(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_firmwareLoadError: FirmwarePackageLoadError(), id_ct_firmwareLoadReceipt: FirmwarePackageLoadReceipt(), id_ct_firmwarePackage: FirmwarePkgData(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) # Map of Other Name OIDs to Other Name is added to the # ones that are in rfc5280.py _anotherNameMapUpdate = { id_on_hardwareModuleName: HardwareModuleName(), } rfc5280.anotherNameMap.update(_anotherNameMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc4210.py0000664006321400632140000006746513605660315022471 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Certificate Management Protocol structures as per RFC4210 # # Based on Alex Railean's work # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc2314 from pyasn1_modules import rfc2459 from pyasn1_modules import rfc2511 MAX = float('inf') class KeyIdentifier(univ.OctetString): pass class CMPCertificate(rfc2459.Certificate): pass class OOBCert(CMPCertificate): pass class CertAnnContent(CMPCertificate): pass class PKIFreeText(univ.SequenceOf): """ PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String """ componentType = char.UTF8String() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class PollRepContent(univ.SequenceOf): """ PollRepContent ::= SEQUENCE OF SEQUENCE { certReqId INTEGER, checkAfter INTEGER, -- time in seconds reason PKIFreeText OPTIONAL } """ class CertReq(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('checkAfter', univ.Integer()), namedtype.OptionalNamedType('reason', PKIFreeText()) ) componentType = CertReq() class PollReqContent(univ.SequenceOf): """ PollReqContent ::= SEQUENCE OF SEQUENCE { certReqId INTEGER } """ class CertReq(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()) ) componentType = CertReq() class InfoTypeAndValue(univ.Sequence): """ InfoTypeAndValue ::= SEQUENCE { infoType OBJECT IDENTIFIER, infoValue ANY DEFINED BY infoType OPTIONAL }""" componentType = namedtype.NamedTypes( namedtype.NamedType('infoType', univ.ObjectIdentifier()), namedtype.OptionalNamedType('infoValue', univ.Any()) ) class GenRepContent(univ.SequenceOf): componentType = InfoTypeAndValue() class GenMsgContent(univ.SequenceOf): componentType = InfoTypeAndValue() class PKIConfirmContent(univ.Null): pass class CRLAnnContent(univ.SequenceOf): componentType = rfc2459.CertificateList() class CAKeyUpdAnnContent(univ.Sequence): """ CAKeyUpdAnnContent ::= SEQUENCE { oldWithNew CMPCertificate, newWithOld CMPCertificate, newWithNew CMPCertificate } """ componentType = namedtype.NamedTypes( namedtype.NamedType('oldWithNew', CMPCertificate()), namedtype.NamedType('newWithOld', CMPCertificate()), namedtype.NamedType('newWithNew', CMPCertificate()) ) class RevDetails(univ.Sequence): """ RevDetails ::= SEQUENCE { certDetails CertTemplate, crlEntryDetails Extensions OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('certDetails', rfc2511.CertTemplate()), namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions()) ) class RevReqContent(univ.SequenceOf): componentType = RevDetails() class CertOrEncCert(univ.Choice): """ CertOrEncCert ::= CHOICE { certificate [0] CMPCertificate, encryptedCert [1] EncryptedValue } """ componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', CMPCertificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class CertifiedKeyPair(univ.Sequence): """ CertifiedKeyPair ::= SEQUENCE { certOrEncCert CertOrEncCert, privateKey [0] EncryptedValue OPTIONAL, publicationInfo [1] PKIPublicationInfo OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('certOrEncCert', CertOrEncCert()), namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class POPODecKeyRespContent(univ.SequenceOf): componentType = univ.Integer() class Challenge(univ.Sequence): """ Challenge ::= SEQUENCE { owf AlgorithmIdentifier OPTIONAL, witness OCTET STRING, challenge OCTET STRING } """ componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('owf', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()), namedtype.NamedType('challenge', univ.OctetString()) ) class PKIStatus(univ.Integer): """ PKIStatus ::= INTEGER { accepted (0), grantedWithMods (1), rejection (2), waiting (3), revocationWarning (4), revocationNotification (5), keyUpdateWarning (6) } """ namedValues = namedval.NamedValues( ('accepted', 0), ('grantedWithMods', 1), ('rejection', 2), ('waiting', 3), ('revocationWarning', 4), ('revocationNotification', 5), ('keyUpdateWarning', 6) ) class PKIFailureInfo(univ.BitString): """ PKIFailureInfo ::= BIT STRING { badAlg (0), badMessageCheck (1), badRequest (2), badTime (3), badCertId (4), badDataFormat (5), wrongAuthority (6), incorrectData (7), missingTimeStamp (8), badPOP (9), certRevoked (10), certConfirmed (11), wrongIntegrity (12), badRecipientNonce (13), timeNotAvailable (14), unacceptedPolicy (15), unacceptedExtension (16), addInfoNotAvailable (17), badSenderNonce (18), badCertTemplate (19), signerNotTrusted (20), transactionIdInUse (21), unsupportedVersion (22), notAuthorized (23), systemUnavail (24), systemFailure (25), duplicateCertReq (26) """ namedValues = namedval.NamedValues( ('badAlg', 0), ('badMessageCheck', 1), ('badRequest', 2), ('badTime', 3), ('badCertId', 4), ('badDataFormat', 5), ('wrongAuthority', 6), ('incorrectData', 7), ('missingTimeStamp', 8), ('badPOP', 9), ('certRevoked', 10), ('certConfirmed', 11), ('wrongIntegrity', 12), ('badRecipientNonce', 13), ('timeNotAvailable', 14), ('unacceptedPolicy', 15), ('unacceptedExtension', 16), ('addInfoNotAvailable', 17), ('badSenderNonce', 18), ('badCertTemplate', 19), ('signerNotTrusted', 20), ('transactionIdInUse', 21), ('unsupportedVersion', 22), ('notAuthorized', 23), ('systemUnavail', 24), ('systemFailure', 25), ('duplicateCertReq', 26) ) class PKIStatusInfo(univ.Sequence): """ PKIStatusInfo ::= SEQUENCE { status PKIStatus, statusString PKIFreeText OPTIONAL, failInfo PKIFailureInfo OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatus()), namedtype.OptionalNamedType('statusString', PKIFreeText()), namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) ) class ErrorMsgContent(univ.Sequence): """ ErrorMsgContent ::= SEQUENCE { pKIStatusInfo PKIStatusInfo, errorCode INTEGER OPTIONAL, -- implementation-specific error codes errorDetails PKIFreeText OPTIONAL -- implementation-specific error details } """ componentType = namedtype.NamedTypes( namedtype.NamedType('pKIStatusInfo', PKIStatusInfo()), namedtype.OptionalNamedType('errorCode', univ.Integer()), namedtype.OptionalNamedType('errorDetails', PKIFreeText()) ) class CertStatus(univ.Sequence): """ CertStatus ::= SEQUENCE { certHash OCTET STRING, certReqId INTEGER, statusInfo PKIStatusInfo OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('certHash', univ.OctetString()), namedtype.NamedType('certReqId', univ.Integer()), namedtype.OptionalNamedType('statusInfo', PKIStatusInfo()) ) class CertConfirmContent(univ.SequenceOf): componentType = CertStatus() class RevAnnContent(univ.Sequence): """ RevAnnContent ::= SEQUENCE { status PKIStatus, certId CertId, willBeRevokedAt GeneralizedTime, badSinceDate GeneralizedTime, crlDetails Extensions OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatus()), namedtype.NamedType('certId', rfc2511.CertId()), namedtype.NamedType('willBeRevokedAt', useful.GeneralizedTime()), namedtype.NamedType('badSinceDate', useful.GeneralizedTime()), namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions()) ) class RevRepContent(univ.Sequence): """ RevRepContent ::= SEQUENCE { status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL, crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL """ componentType = namedtype.NamedTypes( namedtype.NamedType( 'status', univ.SequenceOf( componentType=PKIStatusInfo(), sizeSpec=constraint.ValueSizeConstraint(1, MAX) ) ), namedtype.OptionalNamedType( 'revCerts', univ.SequenceOf(componentType=rfc2511.CertId()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) ), namedtype.OptionalNamedType( 'crls', univ.SequenceOf(componentType=rfc2459.CertificateList()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) ) ) class KeyRecRepContent(univ.Sequence): """ KeyRecRepContent ::= SEQUENCE { status PKIStatusInfo, newSigCert [0] CMPCertificate OPTIONAL, caCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, keyPairHist [2] SEQUENCE SIZE (1..MAX) OF CertifiedKeyPair OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('status', PKIStatusInfo()), namedtype.OptionalNamedType( 'newSigCert', CMPCertificate().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) ), namedtype.OptionalNamedType( 'caCerts', univ.SequenceOf(componentType=CMPCertificate()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), sizeSpec=constraint.ValueSizeConstraint(1, MAX) ) ), namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf(componentType=CertifiedKeyPair()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), sizeSpec=constraint.ValueSizeConstraint(1, MAX)) ) ) class CertResponse(univ.Sequence): """ CertResponse ::= SEQUENCE { certReqId INTEGER, status PKIStatusInfo, certifiedKeyPair CertifiedKeyPair OPTIONAL, rspInfo OCTET STRING OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('status', PKIStatusInfo()), namedtype.OptionalNamedType('certifiedKeyPair', CertifiedKeyPair()), namedtype.OptionalNamedType('rspInfo', univ.OctetString()) ) class CertRepMessage(univ.Sequence): """ CertRepMessage ::= SEQUENCE { caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, response SEQUENCE OF CertResponse } """ componentType = namedtype.NamedTypes( namedtype.OptionalNamedType( 'caPubs', univ.SequenceOf( componentType=CMPCertificate() ).subtype(sizeSpec=constraint.ValueSizeConstraint(1, MAX), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)) ), namedtype.NamedType('response', univ.SequenceOf(componentType=CertResponse())) ) class POPODecKeyChallContent(univ.SequenceOf): componentType = Challenge() class OOBCertHash(univ.Sequence): """ OOBCertHash ::= SEQUENCE { hashAlg [0] AlgorithmIdentifier OPTIONAL, certId [1] CertId OPTIONAL, hashVal BIT STRING } """ componentType = namedtype.NamedTypes( namedtype.OptionalNamedType( 'hashAlg', rfc2459.AlgorithmIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)) ), namedtype.OptionalNamedType( 'certId', rfc2511.CertId().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)) ), namedtype.NamedType('hashVal', univ.BitString()) ) # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages class NestedMessageContent(univ.SequenceOf): """ NestedMessageContent ::= PKIMessages """ componentType = univ.Any() class DHBMParameter(univ.Sequence): """ DHBMParameter ::= SEQUENCE { owf AlgorithmIdentifier, -- AlgId for a One-Way Function (SHA-1 recommended) mac AlgorithmIdentifier -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], } -- or HMAC [RFC2104, RFC2202]) """ componentType = namedtype.NamedTypes( namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) ) id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30') class PBMParameter(univ.Sequence): """ PBMParameter ::= SEQUENCE { salt OCTET STRING, owf AlgorithmIdentifier, iterationCount INTEGER, mac AlgorithmIdentifier } """ componentType = namedtype.NamedTypes( namedtype.NamedType( 'salt', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 128)) ), namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('iterationCount', univ.Integer()), namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) ) id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13') class PKIProtection(univ.BitString): pass # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages nestedMessageContent = NestedMessageContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 20)) class PKIBody(univ.Choice): """ PKIBody ::= CHOICE { -- message-specific body elements ir [0] CertReqMessages, --Initialization Request ip [1] CertRepMessage, --Initialization Response cr [2] CertReqMessages, --Certification Request cp [3] CertRepMessage, --Certification Response p10cr [4] CertificationRequest, --imported from [PKCS10] popdecc [5] POPODecKeyChallContent, --pop Challenge popdecr [6] POPODecKeyRespContent, --pop Response kur [7] CertReqMessages, --Key Update Request kup [8] CertRepMessage, --Key Update Response krr [9] CertReqMessages, --Key Recovery Request krp [10] KeyRecRepContent, --Key Recovery Response rr [11] RevReqContent, --Revocation Request rp [12] RevRepContent, --Revocation Response ccr [13] CertReqMessages, --Cross-Cert. Request ccp [14] CertRepMessage, --Cross-Cert. Response ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. cann [16] CertAnnContent, --Certificate Ann. rann [17] RevAnnContent, --Revocation Ann. crlann [18] CRLAnnContent, --CRL Announcement pkiconf [19] PKIConfirmContent, --Confirmation nested [20] NestedMessageContent, --Nested Message genm [21] GenMsgContent, --General Message genp [22] GenRepContent, --General Response error [23] ErrorMsgContent, --Error Message certConf [24] CertConfirmContent, --Certificate confirm pollReq [25] PollReqContent, --Polling request pollRep [26] PollRepContent --Polling response """ componentType = namedtype.NamedTypes( namedtype.NamedType( 'ir', rfc2511.CertReqMessages().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) ), namedtype.NamedType( 'ip', CertRepMessage().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) ), namedtype.NamedType( 'cr', rfc2511.CertReqMessages().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) ) ), namedtype.NamedType( 'cp', CertRepMessage().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) ) ), namedtype.NamedType( 'p10cr', rfc2314.CertificationRequest().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4) ) ), namedtype.NamedType( 'popdecc', POPODecKeyChallContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) ) ), namedtype.NamedType( 'popdecr', POPODecKeyRespContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) ) ), namedtype.NamedType( 'kur', rfc2511.CertReqMessages().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) ) ), namedtype.NamedType( 'kup', CertRepMessage().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) ) ), namedtype.NamedType( 'krr', rfc2511.CertReqMessages().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9) ) ), namedtype.NamedType( 'krp', KeyRecRepContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10) ) ), namedtype.NamedType( 'rr', RevReqContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11) ) ), namedtype.NamedType( 'rp', RevRepContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12) ) ), namedtype.NamedType( 'ccr', rfc2511.CertReqMessages().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13) ) ), namedtype.NamedType( 'ccp', CertRepMessage().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14) ) ), namedtype.NamedType( 'ckuann', CAKeyUpdAnnContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15) ) ), namedtype.NamedType( 'cann', CertAnnContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16) ) ), namedtype.NamedType( 'rann', RevAnnContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17) ) ), namedtype.NamedType( 'crlann', CRLAnnContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18) ) ), namedtype.NamedType( 'pkiconf', PKIConfirmContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19) ) ), namedtype.NamedType( 'nested', nestedMessageContent ), # namedtype.NamedType('nested', NestedMessageContent().subtype( # explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) # ) # ), namedtype.NamedType( 'genm', GenMsgContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21) ) ), namedtype.NamedType( 'gen', GenRepContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22) ) ), namedtype.NamedType( 'error', ErrorMsgContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23) ) ), namedtype.NamedType( 'certConf', CertConfirmContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24) ) ), namedtype.NamedType( 'pollReq', PollReqContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25) ) ), namedtype.NamedType( 'pollRep', PollRepContent().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26) ) ) ) class PKIHeader(univ.Sequence): """ PKIHeader ::= SEQUENCE { pvno INTEGER { cmp1999(1), cmp2000(2) }, sender GeneralName, recipient GeneralName, messageTime [0] GeneralizedTime OPTIONAL, protectionAlg [1] AlgorithmIdentifier OPTIONAL, senderKID [2] KeyIdentifier OPTIONAL, recipKID [3] KeyIdentifier OPTIONAL, transactionID [4] OCTET STRING OPTIONAL, senderNonce [5] OCTET STRING OPTIONAL, recipNonce [6] OCTET STRING OPTIONAL, freeText [7] PKIFreeText OPTIONAL, generalInfo [8] SEQUENCE SIZE (1..MAX) OF InfoTypeAndValue OPTIONAL } """ componentType = namedtype.NamedTypes( namedtype.NamedType( 'pvno', univ.Integer( namedValues=namedval.NamedValues(('cmp1999', 1), ('cmp2000', 2)) ) ), namedtype.NamedType('sender', rfc2459.GeneralName()), namedtype.NamedType('recipient', rfc2459.GeneralName()), namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), namedtype.OptionalNamedType('freeText', PKIFreeText().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), namedtype.OptionalNamedType('generalInfo', univ.SequenceOf( componentType=InfoTypeAndValue().subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX) ) ).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)) ) ) class ProtectedPart(univ.Sequence): """ ProtectedPart ::= SEQUENCE { header PKIHeader, body PKIBody } """ componentType = namedtype.NamedTypes( namedtype.NamedType('header', PKIHeader()), namedtype.NamedType('infoValue', PKIBody()) ) class PKIMessage(univ.Sequence): """ PKIMessage ::= SEQUENCE { header PKIHeader, body PKIBody, protection [0] PKIProtection OPTIONAL, extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL }""" componentType = namedtype.NamedTypes( namedtype.NamedType('header', PKIHeader()), namedtype.NamedType('body', PKIBody()), namedtype.OptionalNamedType('protection', PKIProtection().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('extraCerts', univ.SequenceOf( componentType=CMPCertificate() ).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) ) ) class PKIMessages(univ.SequenceOf): """ PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage """ componentType = PKIMessage() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) # pyasn1 does not naturally handle recursive definitions, thus this hack: # NestedMessageContent ::= PKIMessages NestedMessageContent._componentType = PKIMessages() nestedMessageContent._componentType = PKIMessages() pyasn1-modules-0.2.8/pyasn1_modules/rfc4211.py0000644006321400632140000002751613551772550022466 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Internet X.509 Public Key Infrastructure Certificate Request # Message Format (CRMF) # # ASN.1 source from: # http://www.ietf.org/rfc/rfc4211.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc3280 from pyasn1_modules import rfc3852 MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) id_pkip = _buildOid(id_pkix, 5) id_regCtrl = _buildOid(id_pkip, 1) class SinglePubInfo(univ.Sequence): pass SinglePubInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('pubMethod', univ.Integer( namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName()) ) class UTF8Pairs(char.UTF8String): pass class PKMACValue(univ.Sequence): pass PKMACValue.componentType = namedtype.NamedTypes( namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('value', univ.BitString()) ) class POPOSigningKeyInput(univ.Sequence): pass POPOSigningKeyInput.componentType = namedtype.NamedTypes( namedtype.NamedType( 'authInfo', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType( 'sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)) ), namedtype.NamedType( 'publicKeyMAC', PKMACValue() ) ) ) ), namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo()) ) class POPOSigningKey(univ.Sequence): pass POPOSigningKey.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class Attributes(univ.SetOf): pass Attributes.componentType = rfc3280.Attribute() class PrivateKeyInfo(univ.Sequence): pass PrivateKeyInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer()), namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('privateKey', univ.OctetString()), namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class EncryptedValue(univ.Sequence): pass EncryptedValue.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.NamedType('encValue', univ.BitString()) ) class EncryptedKey(univ.Choice): pass EncryptedKey.componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedValue', EncryptedValue()), namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class KeyGenParameters(univ.OctetString): pass class PKIArchiveOptions(univ.Choice): pass PKIArchiveOptions.componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) id_regCtrl_authenticator = _buildOid(id_regCtrl, 2) id_regInfo = _buildOid(id_pkip, 2) id_regInfo_certReq = _buildOid(id_regInfo, 2) class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo): pass class Authenticator(char.UTF8String): pass class SubsequentMessage(univ.Integer): pass SubsequentMessage.namedValues = namedval.NamedValues( ('encrCert', 0), ('challengeResp', 1) ) class AttributeTypeAndValue(univ.Sequence): pass AttributeTypeAndValue.componentType = namedtype.NamedTypes( namedtype.NamedType('type', univ.ObjectIdentifier()), namedtype.NamedType('value', univ.Any()) ) class POPOPrivKey(univ.Choice): pass POPOPrivKey.componentType = namedtype.NamedTypes( namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('agreeMAC', PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class ProofOfPossession(univ.Choice): pass ProofOfPossession.componentType = namedtype.NamedTypes( namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signature', POPOSigningKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class OptionalValidity(univ.Sequence): pass OptionalValidity.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class CertTemplate(univ.Sequence): pass CertTemplate.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', rfc3280.Version().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('validity', OptionalValidity().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.OptionalNamedType('subject', rfc3280.Name().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9))) ) class Controls(univ.SequenceOf): pass Controls.componentType = AttributeTypeAndValue() Controls.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class CertRequest(univ.Sequence): pass CertRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('certTemplate', CertTemplate()), namedtype.OptionalNamedType('controls', Controls()) ) class CertReqMsg(univ.Sequence): pass CertReqMsg.componentType = namedtype.NamedTypes( namedtype.NamedType('certReq', CertRequest()), namedtype.OptionalNamedType('popo', ProofOfPossession()), namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue())) ) class CertReqMessages(univ.SequenceOf): pass CertReqMessages.componentType = CertReqMsg() CertReqMessages.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class CertReq(CertRequest): pass id_regCtrl_pkiPublicationInfo = _buildOid(id_regCtrl, 3) class CertId(univ.Sequence): pass CertId.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', rfc3280.GeneralName()), namedtype.NamedType('serialNumber', univ.Integer()) ) class OldCertId(CertId): pass class PKIPublicationInfo(univ.Sequence): pass PKIPublicationInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo())) ) class EncKeyWithID(univ.Sequence): pass EncKeyWithID.componentType = namedtype.NamedTypes( namedtype.NamedType('privateKey', PrivateKeyInfo()), namedtype.OptionalNamedType( 'identifier', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('string', char.UTF8String()), namedtype.NamedType('generalName', rfc3280.GeneralName()) ) ) ) ) id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6) id_regCtrl_oldCertID = _buildOid(id_regCtrl, 5) id_smime = _buildOid(1, 2, 840, 113549, 1, 9, 16) class PBMParameter(univ.Sequence): pass PBMParameter.componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString()), namedtype.NamedType('owf', rfc3280.AlgorithmIdentifier()), namedtype.NamedType('iterationCount', univ.Integer()), namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier()) ) id_regCtrl_regToken = _buildOid(id_regCtrl, 1) id_regCtrl_pkiArchiveOptions = _buildOid(id_regCtrl, 4) id_regInfo_utf8Pairs = _buildOid(id_regInfo, 1) id_ct = _buildOid(id_smime, 1) id_ct_encKeyWithID = _buildOid(id_ct, 21) class RegToken(char.UTF8String): pass pyasn1-modules-0.2.8/pyasn1_modules/rfc4334.py0000664006321400632140000000306213605660315022457 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Certificate Extensions and Attributes Supporting Authentication # in PPP and Wireless LAN Networks # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc4334.txt # from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') # OID Arcs id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') id_aca = univ.ObjectIdentifier('1.3.6.1.5.5.7.10') # Extended Key Usage Values id_kp_eapOverPPP = id_kp + (13, ) id_kp_eapOverLAN = id_kp + (14, ) # Wireless LAN SSID Extension id_pe_wlanSSID = id_pe + (13, ) class SSID(univ.OctetString): constraint.ValueSizeConstraint(1, 32) class SSIDList(univ.SequenceOf): componentType = SSID() subtypeSpec=constraint.ValueSizeConstraint(1, MAX) # Wireless LAN SSID Attribute Certificate Attribute id_aca_wlanSSID = id_aca + (7, ) # Map of Certificate Extension OIDs to Extensions # To be added to the ones that are in rfc5280.py _certificateExtensionsMap = { id_pe_wlanSSID: SSIDList(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) # Map of AttributeType OIDs to AttributeValue added to the # ones that are in rfc5280.py _certificateAttributesMapUpdate = { id_aca_wlanSSID: SSIDList(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc4985.py0000664006321400632140000000170113605660315022471 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Expression of Service Names in X.509 Certificates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc4985.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') # As specified in Appendix A.2 of RFC 4985 id_pkix = rfc5280.id_pkix id_on = id_pkix + (8, ) id_on_dnsSRV = id_on + (7, ) class SRVName(char.IA5String): subtypeSpec = constraint.ValueSizeConstraint(1, MAX) srvName = rfc5280.AnotherName() srvName['type-id'] = id_on_dnsSRV srvName['value'] = SRVName() # Map of Other Name OIDs to Other Name is added to the # ones that are in rfc5280.py _anotherNameMapUpdate = { id_on_dnsSRV: SRVName(), } rfc5280.anotherNameMap.update(_anotherNameMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5035.py0000644006321400632140000001065313551772550022465 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add a map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Update to Enhanced Security Services for S/MIME # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5035.txt # from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc2634 from pyasn1_modules import rfc4055 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5280 ContentType = rfc5652.ContentType IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier AlgorithmIdentifier = rfc5280.AlgorithmIdentifier PolicyInformation = rfc5280.PolicyInformation GeneralNames = rfc5280.GeneralNames CertificateSerialNumber = rfc5280.CertificateSerialNumber # Signing Certificate Attribute V1 and V2 id_aa_signingCertificate = rfc2634.id_aa_signingCertificate id_aa_signingCertificateV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.47') Hash = rfc2634.Hash IssuerSerial = rfc2634.IssuerSerial ESSCertID = rfc2634.ESSCertID SigningCertificate = rfc2634.SigningCertificate sha256AlgId = AlgorithmIdentifier() sha256AlgId['algorithm'] = rfc4055.id_sha256 # A non-schema object for sha256AlgId['parameters'] as absent sha256AlgId['parameters'] = der_encode(univ.OctetString('')) class ESSCertIDv2(univ.Sequence): pass ESSCertIDv2.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('hashAlgorithm', sha256AlgId), namedtype.NamedType('certHash', Hash()), namedtype.OptionalNamedType('issuerSerial', IssuerSerial()) ) class SigningCertificateV2(univ.Sequence): pass SigningCertificateV2.componentType = namedtype.NamedTypes( namedtype.NamedType('certs', univ.SequenceOf( componentType=ESSCertIDv2())), namedtype.OptionalNamedType('policies', univ.SequenceOf( componentType=PolicyInformation())) ) # Mail List Expansion History Attribute id_aa_mlExpandHistory = rfc2634.id_aa_mlExpandHistory ub_ml_expansion_history = rfc2634.ub_ml_expansion_history EntityIdentifier = rfc2634.EntityIdentifier MLReceiptPolicy = rfc2634.MLReceiptPolicy MLData = rfc2634.MLData MLExpansionHistory = rfc2634.MLExpansionHistory # ESS Security Label Attribute id_aa_securityLabel = rfc2634.id_aa_securityLabel ub_privacy_mark_length = rfc2634.ub_privacy_mark_length ub_security_categories = rfc2634.ub_security_categories ub_integer_options = rfc2634.ub_integer_options ESSPrivacyMark = rfc2634.ESSPrivacyMark SecurityClassification = rfc2634.SecurityClassification SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier SecurityCategory = rfc2634.SecurityCategory SecurityCategories = rfc2634.SecurityCategories ESSSecurityLabel = rfc2634.ESSSecurityLabel # Equivalent Labels Attribute id_aa_equivalentLabels = rfc2634.id_aa_equivalentLabels EquivalentLabels = rfc2634.EquivalentLabels # Content Identifier Attribute id_aa_contentIdentifier = rfc2634.id_aa_contentIdentifier ContentIdentifier = rfc2634.ContentIdentifier # Content Reference Attribute id_aa_contentReference = rfc2634.id_aa_contentReference ContentReference = rfc2634.ContentReference # Message Signature Digest Attribute id_aa_msgSigDigest = rfc2634.id_aa_msgSigDigest MsgSigDigest = rfc2634.MsgSigDigest # Content Hints Attribute id_aa_contentHint = rfc2634.id_aa_contentHint ContentHints = rfc2634.ContentHints # Receipt Request Attribute AllOrFirstTier = rfc2634.AllOrFirstTier ReceiptsFrom = rfc2634.ReceiptsFrom id_aa_receiptRequest = rfc2634.id_aa_receiptRequest ub_receiptsTo = rfc2634.ub_receiptsTo ReceiptRequest = rfc2634.ReceiptRequest # Receipt Content Type ESSVersion = rfc2634.ESSVersion id_ct_receipt = rfc2634.id_ct_receipt Receipt = rfc2634.Receipt ub_receiptsTo = rfc2634.ub_receiptsTo ReceiptRequest = rfc2634.ReceiptRequest # Map of Attribute Type to the Attribute structure is added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_signingCertificateV2: SigningCertificateV2(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_receipt: Receipt(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5083.py0000644006321400632140000000354013551772550022465 0ustar ietingofietingof00000000000000# This file is being contributed to of pyasn1-modules software. # # Created by Russ Housley without assistance from the asn1ate tool. # Modified by Russ Housley to add a map for use with opentypes and # simplify the code for the object identifier assignment. # # Copyright (c) 2018, 2019 Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Authenticated-Enveloped-Data for the Cryptographic Message Syntax (CMS) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5083.txt from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5652 MAX = float('inf') # CMS Authenticated-Enveloped-Data Content Type id_ct_authEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.23') class AuthEnvelopedData(univ.Sequence): pass AuthEnvelopedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', rfc5652.CMSVersion()), namedtype.OptionalNamedType('originatorInfo', rfc5652.OriginatorInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', rfc5652.RecipientInfos()), namedtype.NamedType('authEncryptedContentInfo', rfc5652.EncryptedContentInfo()), namedtype.OptionalNamedType('authAttrs', rfc5652.AuthAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('mac', rfc5652.MessageAuthenticationCode()), namedtype.OptionalNamedType('unauthAttrs', rfc5652.UnauthAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_authEnvelopedData: AuthEnvelopedData(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5084.py0000644006321400632140000000544713551772550022476 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from the asn1ate tool, with manual # changes to AES_CCM_ICVlen.subtypeSpec and added comments # # Copyright (c) 2018-2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # AES-CCM and AES-GCM Algorithms fo use with the Authenticated-Enveloped-Data # protecting content type for the Cryptographic Message Syntax (CMS) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5084.txt from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) class AES_CCM_ICVlen(univ.Integer): pass class AES_GCM_ICVlen(univ.Integer): pass AES_CCM_ICVlen.subtypeSpec = constraint.SingleValueConstraint(4, 6, 8, 10, 12, 14, 16) AES_GCM_ICVlen.subtypeSpec = constraint.ValueRangeConstraint(12, 16) class CCMParameters(univ.Sequence): pass CCMParameters.componentType = namedtype.NamedTypes( namedtype.NamedType('aes-nonce', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(7, 13))), # The aes-nonce parameter contains 15-L octets, where L is the size of the length field. L=8 is RECOMMENDED. # Within the scope of any content-authenticated-encryption key, the nonce value MUST be unique. namedtype.DefaultedNamedType('aes-ICVlen', AES_CCM_ICVlen().subtype(value=12)) ) class GCMParameters(univ.Sequence): pass GCMParameters.componentType = namedtype.NamedTypes( namedtype.NamedType('aes-nonce', univ.OctetString()), # The aes-nonce may have any number of bits between 8 and 2^64, but it MUST be a multiple of 8 bits. # Within the scope of any content-authenticated-encryption key, the nonce value MUST be unique. # A nonce value of 12 octets can be processed more efficiently, so that length is RECOMMENDED. namedtype.DefaultedNamedType('aes-ICVlen', AES_GCM_ICVlen().subtype(value=12)) ) aes = _OID(2, 16, 840, 1, 101, 3, 4, 1) id_aes128_CCM = _OID(aes, 7) id_aes128_GCM = _OID(aes, 6) id_aes192_CCM = _OID(aes, 27) id_aes192_GCM = _OID(aes, 26) id_aes256_CCM = _OID(aes, 47) id_aes256_GCM = _OID(aes, 46) # Map of Algorithm Identifier OIDs to Parameters is added to the # ones in rfc5280.py _algorithmIdentifierMapUpdate = { id_aes128_CCM: CCMParameters(), id_aes128_GCM: GCMParameters(), id_aes192_CCM: CCMParameters(), id_aes192_GCM: GCMParameters(), id_aes256_CCM: CCMParameters(), id_aes256_GCM: GCMParameters(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5208.py0000644006321400632140000000263013551772550022463 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # PKCS#8 syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc5208 # # Sample captures could be obtained with "openssl pkcs8 -topk8" command # from pyasn1_modules import rfc2251 from pyasn1_modules.rfc2459 import * class KeyEncryptionAlgorithms(AlgorithmIdentifier): pass class PrivateKeyAlgorithms(AlgorithmIdentifier): pass class EncryptedData(univ.OctetString): pass class EncryptedPrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptionAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('encryptedData', EncryptedData()) ) class PrivateKey(univ.OctetString): pass class Attributes(univ.SetOf): componentType = rfc2251.Attribute() class Version(univ.Integer): namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) class PrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('privateKey', PrivateKey()), namedtype.OptionalNamedType('attributes', Attributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc5280.py0000644006321400632140000014404413551772550022471 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Updated by Russ Housley for ORAddress Extension Attribute opentype support. # Updated by Russ Housley for AlgorithmIdentifier opentype support. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Internet X.509 Public Key Infrastructure Certificate and Certificate # Revocation List (CRL) Profile # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5280.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) ub_e163_4_sub_address_length = univ.Integer(40) ub_e163_4_number_length = univ.Integer(15) unformatted_postal_address = univ.Integer(16) class TerminalType(univ.Integer): pass TerminalType.namedValues = namedval.NamedValues( ('telex', 3), ('teletex', 4), ('g3-facsimile', 5), ('g4-facsimile', 6), ('ia5-terminal', 7), ('videotex', 8) ) class Extension(univ.Sequence): pass Extension.componentType = namedtype.NamedTypes( namedtype.NamedType('extnID', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), namedtype.NamedType('extnValue', univ.OctetString()) ) class Extensions(univ.SequenceOf): pass Extensions.componentType = Extension() Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX) physical_delivery_personal_name = univ.Integer(13) ub_unformatted_address_length = univ.Integer(180) ub_pds_parameter_length = univ.Integer(30) ub_pds_physical_address_lines = univ.Integer(6) class UnformattedPostalAddress(univ.Set): pass UnformattedPostalAddress.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) ub_organization_name = univ.Integer(64) class X520OrganizationName(univ.Choice): pass X520OrganizationName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) ub_x121_address_length = univ.Integer(16) pds_name = univ.Integer(7) id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) id_kp = _buildOid(id_pkix, 3) ub_postal_code_length = univ.Integer(16) class PostalCode(univ.Choice): pass PostalCode.componentType = namedtype.NamedTypes( namedtype.NamedType('numeric-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), namedtype.NamedType('printable-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) ub_generation_qualifier_length = univ.Integer(3) unique_postal_name = univ.Integer(20) class DomainComponent(char.IA5String): pass ub_domain_defined_attribute_value_length = univ.Integer(128) ub_match = univ.Integer(128) id_at = _buildOid(2, 5, 4) class AttributeType(univ.ObjectIdentifier): pass id_at_organizationalUnitName = _buildOid(id_at, 11) terminal_type = univ.Integer(23) class PDSParameter(univ.Set): pass PDSParameter.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) class PhysicalDeliveryPersonalName(PDSParameter): pass ub_surname_length = univ.Integer(40) id_ad = _buildOid(id_pkix, 48) ub_domain_defined_attribute_type_length = univ.Integer(8) class TeletexDomainDefinedAttribute(univ.Sequence): pass TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) ub_domain_defined_attributes = univ.Integer(4) class TeletexDomainDefinedAttributes(univ.SequenceOf): pass TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) extended_network_address = univ.Integer(22) ub_locality_name = univ.Integer(128) class X520LocalityName(univ.Choice): pass X520LocalityName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) teletex_organization_name = univ.Integer(3) ub_given_name_length = univ.Integer(16) ub_initials_length = univ.Integer(5) class PersonalName(univ.Set): pass PersonalName.componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) ub_organizational_unit_name_length = univ.Integer(32) class OrganizationalUnitName(char.PrintableString): pass OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) id_at_generationQualifier = _buildOid(id_at, 44) class Version(univ.Integer): pass Version.namedValues = namedval.NamedValues( ('v1', 0), ('v2', 1), ('v3', 2) ) class CertificateSerialNumber(univ.Integer): pass algorithmIdentifierMap = {} class AlgorithmIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any(), openType=opentype.OpenType('algorithm', algorithmIdentifierMap) ) ) class Time(univ.Choice): pass Time.componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) ) class AttributeValue(univ.Any): pass certificateAttributesMap = {} class AttributeTypeAndValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType( 'value', AttributeValue(), openType=opentype.OpenType('type', certificateAttributesMap) ) ) class RelativeDistinguishedName(univ.SetOf): pass RelativeDistinguishedName.componentType = AttributeTypeAndValue() RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class RDNSequence(univ.SequenceOf): pass RDNSequence.componentType = RelativeDistinguishedName() class Name(univ.Choice): pass Name.componentType = namedtype.NamedTypes( namedtype.NamedType('rdnSequence', RDNSequence()) ) class TBSCertList(univ.Sequence): pass TBSCertList.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), namedtype.OptionalNamedType( 'revokedCertificates', univ.SequenceOf( componentType=univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('userCertificate', CertificateSerialNumber()), namedtype.NamedType('revocationDate', Time()), namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) ) ) ) ), namedtype.OptionalNamedType( 'crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class CertificateList(univ.Sequence): pass CertificateList.componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertList', TBSCertList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class PhysicalDeliveryOfficeName(PDSParameter): pass ub_extension_attributes = univ.Integer(256) certificateExtensionsMap = { } oraddressExtensionAttributeMap = { } class ExtensionAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType( 'extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType( 'extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)), openType=opentype.OpenType('extension-attribute-type', oraddressExtensionAttributeMap)) ) id_qt = _buildOid(id_pkix, 2) id_qt_cps = _buildOid(id_qt, 1) id_at_stateOrProvinceName = _buildOid(id_at, 8) id_at_title = _buildOid(id_at, 12) id_at_serialNumber = _buildOid(id_at, 5) class X520dnQualifier(char.PrintableString): pass class PosteRestanteAddress(PDSParameter): pass poste_restante_address = univ.Integer(19) class UniqueIdentifier(univ.BitString): pass class Validity(univ.Sequence): pass Validity.componentType = namedtype.NamedTypes( namedtype.NamedType('notBefore', Time()), namedtype.NamedType('notAfter', Time()) ) class SubjectPublicKeyInfo(univ.Sequence): pass SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) ) class TBSCertificate(univ.Sequence): pass TBSCertificate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value="v1")), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) physical_delivery_office_name = univ.Integer(10) ub_name = univ.Integer(32768) class X520name(univ.Choice): pass X520name.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) id_at_dnQualifier = _buildOid(id_at, 46) ub_serial_number = univ.Integer(64) ub_pseudonym = univ.Integer(128) pkcs_9 = _buildOid(1, 2, 840, 113549, 1, 9) class X121Address(char.NumericString): pass X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) class NetworkAddress(X121Address): pass ub_integer_options = univ.Integer(256) id_at_commonName = _buildOid(id_at, 3) ub_organization_name_length = univ.Integer(64) id_ad_ocsp = _buildOid(id_ad, 1) ub_country_name_numeric_length = univ.Integer(3) ub_country_name_alpha_length = univ.Integer(2) class PhysicalDeliveryCountryName(univ.Choice): pass PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) id_emailAddress = _buildOid(pkcs_9, 1) common_name = univ.Integer(1) class X520Pseudonym(univ.Choice): pass X520Pseudonym.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) ) ub_domain_name_length = univ.Integer(16) class AdministrationDomainName(univ.Choice): pass AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) AdministrationDomainName.componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) class PresentationAddress(univ.Sequence): pass PresentationAddress.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class ExtendedNetworkAddress(univ.Choice): pass ExtendedNetworkAddress.componentType = namedtype.NamedTypes( namedtype.NamedType( 'e163-4-address', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) ) ), namedtype.NamedType('psap-address', PresentationAddress().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class TeletexOrganizationName(char.TeletexString): pass TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) ub_terminal_id_length = univ.Integer(24) class TerminalIdentifier(char.PrintableString): pass TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) id_ad_caIssuers = _buildOid(id_ad, 2) id_at_countryName = _buildOid(id_at, 6) class StreetAddress(PDSParameter): pass postal_code = univ.Integer(9) id_at_givenName = _buildOid(id_at, 42) ub_title = univ.Integer(64) class ExtensionAttributes(univ.SetOf): pass ExtensionAttributes.componentType = ExtensionAttribute() ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) ub_emailaddress_length = univ.Integer(255) id_ad_caRepository = _buildOid(id_ad, 5) class ExtensionORAddressComponents(PDSParameter): pass ub_organizational_unit_name = univ.Integer(64) class X520OrganizationalUnitName(univ.Choice): pass X520OrganizationalUnitName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) class LocalPostalAttributes(PDSParameter): pass teletex_organizational_unit_names = univ.Integer(5) class X520Title(univ.Choice): pass X520Title.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) id_at_localityName = _buildOid(id_at, 7) id_at_initials = _buildOid(id_at, 43) ub_state_name = univ.Integer(128) class X520StateOrProvinceName(univ.Choice): pass X520StateOrProvinceName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) physical_delivery_organization_name = univ.Integer(14) id_at_surname = _buildOid(id_at, 4) class X520countryName(char.PrintableString): pass X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) physical_delivery_office_number = univ.Integer(11) id_qt_unotice = _buildOid(id_qt, 2) class X520SerialNumber(char.PrintableString): pass X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue()), openType=opentype.OpenType('type', certificateAttributesMap)) ) ub_common_name = univ.Integer(64) id_pe = _buildOid(id_pkix, 1) class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass class EmailAddress(char.IA5String): pass EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) id_at_organizationName = _buildOid(id_at, 10) post_office_box_address = univ.Integer(18) class BuiltInDomainDefinedAttribute(univ.Sequence): pass BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) class BuiltInDomainDefinedAttributes(univ.SequenceOf): pass BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) id_at_pseudonym = _buildOid(id_at, 65) id_domainComponent = _buildOid(0, 9, 2342, 19200300, 100, 1, 25) class X520CommonName(univ.Choice): pass X520CommonName.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) extension_OR_address_components = univ.Integer(12) ub_organizational_units = univ.Integer(4) teletex_personal_name = univ.Integer(4) ub_numeric_user_id_length = univ.Integer(32) ub_common_name_length = univ.Integer(64) class TeletexCommonName(char.TeletexString): pass TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) class PhysicalDeliveryOrganizationName(PDSParameter): pass extension_physical_delivery_address_components = univ.Integer(15) class NumericUserIdentifier(char.NumericString): pass NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) class CountryName(univ.Choice): pass CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) CountryName.componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) class OrganizationName(char.PrintableString): pass OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) class OrganizationalUnitNames(univ.SequenceOf): pass OrganizationalUnitNames.componentType = OrganizationalUnitName() OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) class PrivateDomainName(univ.Choice): pass PrivateDomainName.componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) class BuiltInStandardAttributes(univ.Sequence): pass BuiltInStandardAttributes.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('personal-name', PersonalName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) class ORAddress(univ.Sequence): pass ORAddress.componentType = namedtype.NamedTypes( namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) ) class DistinguishedName(RDNSequence): pass id_ad_timeStamping = _buildOid(id_ad, 3) class PhysicalDeliveryOfficeNumber(PDSParameter): pass teletex_domain_defined_attributes = univ.Integer(6) class UniquePostalName(PDSParameter): pass physical_delivery_country_name = univ.Integer(8) ub_pds_name_length = univ.Integer(16) class PDSName(char.PrintableString): pass PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) class TeletexPersonalName(univ.Set): pass TeletexPersonalName.componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) street_address = univ.Integer(17) class PostOfficeBoxAddress(PDSParameter): pass local_postal_attributes = univ.Integer(21) class DirectoryString(univ.Choice): pass DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) teletex_common_name = univ.Integer(2) class CommonName(char.PrintableString): pass CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) class Certificate(univ.Sequence): pass Certificate.componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificate', TBSCertificate()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class TeletexOrganizationalUnitName(char.TeletexString): pass TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) id_at_name = _buildOid(id_at, 41) class TeletexOrganizationalUnitNames(univ.SequenceOf): pass TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) id_ce = _buildOid(2, 5, 29) id_ce_issuerAltName = _buildOid(id_ce, 18) class SkipCerts(univ.Integer): pass SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class CRLReason(univ.Enumerated): pass CRLReason.namedValues = namedval.NamedValues( ('unspecified', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('removeFromCRL', 8), ('privilegeWithdrawn', 9), ('aACompromise', 10) ) class PrivateKeyUsagePeriod(univ.Sequence): pass PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) anotherNameMap = { } class AnotherName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type-id', univ.ObjectIdentifier()), namedtype.NamedType( 'value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), openType=opentype.OpenType('type-id', anotherNameMap) ) ) class EDIPartyName(univ.Sequence): pass EDIPartyName.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('partyName', DirectoryString().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class GeneralName(univ.Choice): pass GeneralName.componentType = namedtype.NamedTypes( namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) class BaseDistance(univ.Integer): pass BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class GeneralSubtree(univ.Sequence): pass GeneralSubtree.componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), namedtype.OptionalNamedType('maximum', BaseDistance().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class GeneralNames(univ.SequenceOf): pass GeneralNames.componentType = GeneralName() GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class DistributionPointName(univ.Choice): pass DistributionPointName.componentType = namedtype.NamedTypes( namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ReasonFlags(univ.BitString): pass ReasonFlags.namedValues = namedval.NamedValues( ('unused', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('privilegeWithdrawn', 7), ('aACompromise', 8) ) class IssuingDistributionPoint(univ.Sequence): pass IssuingDistributionPoint.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) ) id_ce_certificatePolicies = _buildOid(id_ce, 32) id_kp_emailProtection = _buildOid(id_kp, 4) class AccessDescription(univ.Sequence): pass AccessDescription.componentType = namedtype.NamedTypes( namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), namedtype.NamedType('accessLocation', GeneralName()) ) class IssuerAltName(GeneralNames): pass id_ce_cRLDistributionPoints = _buildOid(id_ce, 31) holdInstruction = _buildOid(2, 2, 840, 10040, 2) id_holdinstruction_callissuer = _buildOid(holdInstruction, 2) id_ce_subjectDirectoryAttributes = _buildOid(id_ce, 9) id_ce_issuingDistributionPoint = _buildOid(id_ce, 28) class DistributionPoint(univ.Sequence): pass DistributionPoint.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class CRLDistributionPoints(univ.SequenceOf): pass CRLDistributionPoints.componentType = DistributionPoint() CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class GeneralSubtrees(univ.SequenceOf): pass GeneralSubtrees.componentType = GeneralSubtree() GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class NameConstraints(univ.Sequence): pass NameConstraints.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class SubjectDirectoryAttributes(univ.SequenceOf): pass SubjectDirectoryAttributes.componentType = Attribute() SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_kp_OCSPSigning = _buildOid(id_kp, 9) id_kp_timeStamping = _buildOid(id_kp, 8) class DisplayText(univ.Choice): pass DisplayText.componentType = namedtype.NamedTypes( namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) class NoticeReference(univ.Sequence): pass NoticeReference.componentType = namedtype.NamedTypes( namedtype.NamedType('organization', DisplayText()), namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) ) class UserNotice(univ.Sequence): pass UserNotice.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('noticeRef', NoticeReference()), namedtype.OptionalNamedType('explicitText', DisplayText()) ) class PolicyQualifierId(univ.ObjectIdentifier): pass policyQualifierInfoMap = { } class PolicyQualifierInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyQualifierId', PolicyQualifierId()), namedtype.NamedType( 'qualifier', univ.Any(), openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) ) ) class CertPolicyId(univ.ObjectIdentifier): pass class PolicyInformation(univ.Sequence): pass PolicyInformation.componentType = namedtype.NamedTypes( namedtype.NamedType('policyIdentifier', CertPolicyId()), namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) ) class CertificatePolicies(univ.SequenceOf): pass CertificatePolicies.componentType = PolicyInformation() CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class SubjectAltName(GeneralNames): pass id_ce_basicConstraints = _buildOid(id_ce, 19) id_ce_authorityKeyIdentifier = _buildOid(id_ce, 35) id_kp_codeSigning = _buildOid(id_kp, 3) class BasicConstraints(univ.Sequence): pass BasicConstraints.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) id_ce_certificateIssuer = _buildOid(id_ce, 29) class PolicyMappings(univ.SequenceOf): pass PolicyMappings.componentType = univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) ) ) PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class InhibitAnyPolicy(SkipCerts): pass anyPolicy = _buildOid(id_ce_certificatePolicies, 0) class CRLNumber(univ.Integer): pass CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class BaseCRLNumber(CRLNumber): pass id_ce_nameConstraints = _buildOid(id_ce, 30) id_kp_serverAuth = _buildOid(id_kp, 1) id_ce_freshestCRL = _buildOid(id_ce, 46) id_ce_cRLReasons = _buildOid(id_ce, 21) id_ce_extKeyUsage = _buildOid(id_ce, 37) class KeyIdentifier(univ.OctetString): pass class AuthorityKeyIdentifier(univ.Sequence): pass AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class FreshestCRL(CRLDistributionPoints): pass id_ce_policyConstraints = _buildOid(id_ce, 36) id_pe_authorityInfoAccess = _buildOid(id_pe, 1) class AuthorityInfoAccessSyntax(univ.SequenceOf): pass AuthorityInfoAccessSyntax.componentType = AccessDescription() AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_holdinstruction_none = _buildOid(holdInstruction, 1) class CPSuri(char.IA5String): pass id_pe_subjectInfoAccess = _buildOid(id_pe, 11) class SubjectKeyIdentifier(KeyIdentifier): pass id_ce_subjectAltName = _buildOid(id_ce, 17) class KeyPurposeId(univ.ObjectIdentifier): pass class ExtKeyUsageSyntax(univ.SequenceOf): pass ExtKeyUsageSyntax.componentType = KeyPurposeId() ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class HoldInstructionCode(univ.ObjectIdentifier): pass id_ce_deltaCRLIndicator = _buildOid(id_ce, 27) id_ce_keyUsage = _buildOid(id_ce, 15) id_ce_holdInstructionCode = _buildOid(id_ce, 23) class SubjectInfoAccessSyntax(univ.SequenceOf): pass SubjectInfoAccessSyntax.componentType = AccessDescription() SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class InvalidityDate(useful.GeneralizedTime): pass class KeyUsage(univ.BitString): pass KeyUsage.namedValues = namedval.NamedValues( ('digitalSignature', 0), ('nonRepudiation', 1), ('keyEncipherment', 2), ('dataEncipherment', 3), ('keyAgreement', 4), ('keyCertSign', 5), ('cRLSign', 6), ('encipherOnly', 7), ('decipherOnly', 8) ) id_ce_invalidityDate = _buildOid(id_ce, 24) id_ce_policyMappings = _buildOid(id_ce, 33) anyExtendedKeyUsage = _buildOid(id_ce_extKeyUsage, 0) id_ce_privateKeyUsagePeriod = _buildOid(id_ce, 16) id_ce_cRLNumber = _buildOid(id_ce, 20) class CertificateIssuer(GeneralNames): pass id_holdinstruction_reject = _buildOid(holdInstruction, 3) class PolicyConstraints(univ.Sequence): pass PolicyConstraints.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_kp_clientAuth = _buildOid(id_kp, 2) id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) # map of ORAddress ExtensionAttribute type to ExtensionAttribute value _oraddressExtensionAttributeMapUpdate = { common_name: CommonName(), teletex_common_name: TeletexCommonName(), teletex_organization_name: TeletexOrganizationName(), teletex_personal_name: TeletexPersonalName(), teletex_organizational_unit_names: TeletexOrganizationalUnitNames(), pds_name: PDSName(), physical_delivery_country_name: PhysicalDeliveryCountryName(), postal_code: PostalCode(), physical_delivery_office_name: PhysicalDeliveryOfficeName(), physical_delivery_office_number: PhysicalDeliveryOfficeNumber(), extension_OR_address_components: ExtensionORAddressComponents(), physical_delivery_personal_name: PhysicalDeliveryPersonalName(), physical_delivery_organization_name: PhysicalDeliveryOrganizationName(), extension_physical_delivery_address_components: ExtensionPhysicalDeliveryAddressComponents(), unformatted_postal_address: UnformattedPostalAddress(), street_address: StreetAddress(), post_office_box_address: PostOfficeBoxAddress(), poste_restante_address: PosteRestanteAddress(), unique_postal_name: UniquePostalName(), local_postal_attributes: LocalPostalAttributes(), extended_network_address: ExtendedNetworkAddress(), terminal_type: TerminalType(), teletex_domain_defined_attributes: TeletexDomainDefinedAttributes(), } oraddressExtensionAttributeMap.update(_oraddressExtensionAttributeMapUpdate) # map of AttributeType -> AttributeValue _certificateAttributesMapUpdate = { id_at_name: X520name(), id_at_surname: X520name(), id_at_givenName: X520name(), id_at_initials: X520name(), id_at_generationQualifier: X520name(), id_at_commonName: X520CommonName(), id_at_localityName: X520LocalityName(), id_at_stateOrProvinceName: X520StateOrProvinceName(), id_at_organizationName: X520OrganizationName(), id_at_organizationalUnitName: X520OrganizationalUnitName(), id_at_title: X520Title(), id_at_dnQualifier: X520dnQualifier(), id_at_countryName: X520countryName(), id_at_serialNumber: X520SerialNumber(), id_at_pseudonym: X520Pseudonym(), id_domainComponent: DomainComponent(), id_emailAddress: EmailAddress(), } certificateAttributesMap.update(_certificateAttributesMapUpdate) # map of Certificate Extension OIDs to Extensions _certificateExtensionsMap = { id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), id_ce_keyUsage: KeyUsage(), id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), id_ce_certificatePolicies: CertificatePolicies(), id_ce_policyMappings: PolicyMappings(), id_ce_subjectAltName: SubjectAltName(), id_ce_issuerAltName: IssuerAltName(), id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), id_ce_basicConstraints: BasicConstraints(), id_ce_nameConstraints: NameConstraints(), id_ce_policyConstraints: PolicyConstraints(), id_ce_extKeyUsage: ExtKeyUsageSyntax(), id_ce_cRLDistributionPoints: CRLDistributionPoints(), id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), id_ce_cRLNumber: univ.Integer(), id_ce_deltaCRLIndicator: BaseCRLNumber(), id_ce_issuingDistributionPoint: IssuingDistributionPoint(), id_ce_cRLReasons: CRLReason(), id_ce_holdInstructionCode: univ.ObjectIdentifier(), id_ce_invalidityDate: useful.GeneralizedTime(), id_ce_certificateIssuer: GeneralNames(), } certificateExtensionsMap.update(_certificateExtensionsMap) pyasn1-modules-0.2.8/pyasn1_modules/rfc5480.py0000644006321400632140000001134213551772550022465 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add maps for opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Elliptic Curve Cryptography Subject Public Key Information # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5480.txt # What can be imported from rfc4055.py ? from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc3279 from pyasn1_modules import rfc5280 # These structures are the same as RFC 3279. DHPublicKey = rfc3279.DHPublicKey DSAPublicKey = rfc3279.DSAPublicKey ValidationParms = rfc3279.ValidationParms DomainParameters = rfc3279.DomainParameters ECDSA_Sig_Value = rfc3279.ECDSA_Sig_Value ECPoint = rfc3279.ECPoint KEA_Parms_Id = rfc3279.KEA_Parms_Id RSAPublicKey = rfc3279.RSAPublicKey # RFC 5480 changed the names of these structures from RFC 3279. DSS_Parms = rfc3279.Dss_Parms DSA_Sig_Value = rfc3279.Dss_Sig_Value # RFC 3279 defines a more complex alternative for ECParameters. # RFC 5480 narrows the definition to a single CHOICE: namedCurve. class ECParameters(univ.Choice): pass ECParameters.componentType = namedtype.NamedTypes( namedtype.NamedType('namedCurve', univ.ObjectIdentifier()) ) # OIDs for Message Digest Algorithms id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2') id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5') id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') id_sha224 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.4') id_sha256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.1') id_sha384 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.2') id_sha512 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.3') # OID for RSA PK Algorithm and Key rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') # OID for DSA PK Algorithm, Key, and Parameters id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') # OID for Diffie-Hellman PK Algorithm, Key, and Parameters dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') # OID for KEA PK Algorithm and Parameters id_keyExchangeAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.22') # OIDs for Elliptic Curve Algorithm ID, Key, and Parameters # Note that ECDSA keys always use this OID id_ecPublicKey = univ.ObjectIdentifier('1.2.840.10045.2.1') id_ecDH = univ.ObjectIdentifier('1.3.132.1.12') id_ecMQV = univ.ObjectIdentifier('1.3.132.1.13') # OIDs for RSA Signature Algorithms md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') # OIDs for DSA Signature Algorithms id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') id_dsa_with_sha224 = univ.ObjectIdentifier('2.16.840.1.101.3.4.3.1') id_dsa_with_sha256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.3.2') # OIDs for ECDSA Signature Algorithms ecdsa_with_SHA1 = univ.ObjectIdentifier('1.2.840.10045.4.1') ecdsa_with_SHA224 = univ.ObjectIdentifier('1.2.840.10045.4.3.1') ecdsa_with_SHA256 = univ.ObjectIdentifier('1.2.840.10045.4.3.2') ecdsa_with_SHA384 = univ.ObjectIdentifier('1.2.840.10045.4.3.3') ecdsa_with_SHA512 = univ.ObjectIdentifier('1.2.840.10045.4.3.4') # OIDs for Named Elliptic Curves secp192r1 = univ.ObjectIdentifier('1.2.840.10045.3.1.1') sect163k1 = univ.ObjectIdentifier('1.3.132.0.1') sect163r2 = univ.ObjectIdentifier('1.3.132.0.15') secp224r1 = univ.ObjectIdentifier('1.3.132.0.33') sect233k1 = univ.ObjectIdentifier('1.3.132.0.26') sect233r1 = univ.ObjectIdentifier('1.3.132.0.27') secp256r1 = univ.ObjectIdentifier('1.2.840.10045.3.1.7') sect283k1 = univ.ObjectIdentifier('1.3.132.0.16') sect283r1 = univ.ObjectIdentifier('1.3.132.0.17') secp384r1 = univ.ObjectIdentifier('1.3.132.0.34') sect409k1 = univ.ObjectIdentifier('1.3.132.0.36') sect409r1 = univ.ObjectIdentifier('1.3.132.0.37') secp521r1 = univ.ObjectIdentifier('1.3.132.0.35') sect571k1 = univ.ObjectIdentifier('1.3.132.0.38') sect571r1 = univ.ObjectIdentifier('1.3.132.0.39') # Map of Algorithm Identifier OIDs to Parameters # The algorithm is not included if the parameters MUST be absent _algorithmIdentifierMapUpdate = { rsaEncryption: univ.Null(), md2WithRSAEncryption: univ.Null(), md5WithRSAEncryption: univ.Null(), sha1WithRSAEncryption: univ.Null(), id_dsa: DSS_Parms(), dhpublicnumber: DomainParameters(), id_keyExchangeAlgorithm: KEA_Parms_Id(), id_ecPublicKey: ECParameters(), id_ecDH: ECParameters(), id_ecMQV: ECParameters(), } # Add these Algorithm Identifier map entries to the ones in rfc5280.py rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5649.py0000644006321400632140000000147613551772550022503 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # AES Key Wrap with Padding # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5649.txt from pyasn1.type import univ from pyasn1_modules import rfc5280 class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5') id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25') id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45') id_aes128_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.8') id_aes192_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.28') id_aes256_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.48') pyasn1-modules-0.2.8/pyasn1_modules/rfc5652.py0000644006321400632140000005171313551772550022474 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Modified by Russ Housley to add support for opentypes. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Cryptographic Message Syntax (CMS) # # ASN.1 source from: # http://www.ietf.org/rfc/rfc5652.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc3281 from pyasn1_modules import rfc5280 MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) cmsContentTypesMap = { } cmsAttributesMap = { } otherKeyAttributesMap = { } otherCertFormatMap = { } otherRevInfoFormatMap = { } otherRecipientInfoMap = { } class AttCertVersionV1(univ.Integer): pass AttCertVersionV1.namedValues = namedval.NamedValues( ('v1', 0) ) class AttributeCertificateInfoV1(univ.Sequence): pass AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), namedtype.NamedType( 'subject', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) ) ), namedtype.NamedType('issuer', rfc5280.GeneralNames()), namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())), namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()), namedtype.OptionalNamedType('extensions', rfc5280.Extensions()) ) class AttributeCertificateV1(univ.Sequence): pass AttributeCertificateV1.componentType = namedtype.NamedTypes( namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class AttributeValue(univ.Any): pass class Attribute(univ.Sequence): pass Attribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', univ.ObjectIdentifier()), namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), openType=opentype.OpenType('attrType', cmsAttributesMap) ) ) class SignedAttributes(univ.SetOf): pass SignedAttributes.componentType = Attribute() SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class AttributeCertificateV2(rfc3281.AttributeCertificate): pass class OtherKeyAttribute(univ.Sequence): pass OtherKeyAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), namedtype.OptionalNamedType('keyAttr', univ.Any(), openType=opentype.OpenType('keyAttrId', otherKeyAttributesMap) ) ) class UnauthAttributes(univ.SetOf): pass UnauthAttributes.componentType = Attribute() UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) class SignatureValue(univ.OctetString): pass class IssuerAndSerialNumber(univ.Sequence): pass IssuerAndSerialNumber.componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', rfc5280.Name()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()) ) class SubjectKeyIdentifier(univ.OctetString): pass class RecipientKeyIdentifier(univ.Sequence): pass RecipientKeyIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), namedtype.OptionalNamedType('date', useful.GeneralizedTime()), namedtype.OptionalNamedType('other', OtherKeyAttribute()) ) class KeyAgreeRecipientIdentifier(univ.Choice): pass KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class EncryptedKey(univ.OctetString): pass class RecipientEncryptedKey(univ.Sequence): pass RecipientEncryptedKey.componentType = namedtype.NamedTypes( namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class RecipientEncryptedKeys(univ.SequenceOf): pass RecipientEncryptedKeys.componentType = RecipientEncryptedKey() class MessageAuthenticationCode(univ.OctetString): pass class CMSVersion(univ.Integer): pass CMSVersion.namedValues = namedval.NamedValues( ('v0', 0), ('v1', 1), ('v2', 2), ('v3', 3), ('v4', 4), ('v5', 5) ) class OtherCertificateFormat(univ.Sequence): pass OtherCertificateFormat.componentType = namedtype.NamedTypes( namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), namedtype.NamedType('otherCert', univ.Any(), openType=opentype.OpenType('otherCertFormat', otherCertFormatMap) ) ) class ExtendedCertificateInfo(univ.Sequence): pass ExtendedCertificateInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('certificate', rfc5280.Certificate()), namedtype.NamedType('attributes', UnauthAttributes()) ) class Signature(univ.BitString): pass class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class ExtendedCertificate(univ.Sequence): pass ExtendedCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) class CertificateChoices(univ.Choice): pass CertificateChoices.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc5280.Certificate()), namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('other', OtherCertificateFormat().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class CertificateSet(univ.SetOf): pass CertificateSet.componentType = CertificateChoices() class OtherRevocationInfoFormat(univ.Sequence): pass OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), namedtype.NamedType('otherRevInfo', univ.Any(), openType=opentype.OpenType('otherRevInfoFormat', otherRevInfoFormatMap) ) ) class RevocationInfoChoice(univ.Choice): pass RevocationInfoChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('crl', rfc5280.CertificateList()), namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class RevocationInfoChoices(univ.SetOf): pass RevocationInfoChoices.componentType = RevocationInfoChoice() class OriginatorInfo(univ.Sequence): pass OriginatorInfo.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('certs', CertificateSet().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ContentType(univ.ObjectIdentifier): pass class EncryptedContent(univ.OctetString): pass class ContentEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class EncryptedContentInfo(univ.Sequence): pass EncryptedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class UnprotectedAttributes(univ.SetOf): pass UnprotectedAttributes.componentType = Attribute() UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class KEKIdentifier(univ.Sequence): pass KEKIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('keyIdentifier', univ.OctetString()), namedtype.OptionalNamedType('date', useful.GeneralizedTime()), namedtype.OptionalNamedType('other', OtherKeyAttribute()) ) class KEKRecipientInfo(univ.Sequence): pass KEKRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('kekid', KEKIdentifier()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class KeyDerivationAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class PasswordRecipientInfo(univ.Sequence): pass PasswordRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class RecipientIdentifier(univ.Choice): pass RecipientIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class KeyTransRecipientInfo(univ.Sequence): pass KeyTransRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('rid', RecipientIdentifier()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class UserKeyingMaterial(univ.OctetString): pass class OriginatorPublicKey(univ.Sequence): pass OriginatorPublicKey.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('publicKey', univ.BitString()) ) class OriginatorIdentifierOrKey(univ.Choice): pass OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class KeyAgreeRecipientInfo(univ.Sequence): pass KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) ) class OtherRecipientInfo(univ.Sequence): pass OtherRecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('oriType', univ.ObjectIdentifier()), namedtype.NamedType('oriValue', univ.Any(), openType=opentype.OpenType('oriType', otherRecipientInfoMap) ) ) class RecipientInfo(univ.Choice): pass RecipientInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('ktri', KeyTransRecipientInfo()), namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('kekri', KEKRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('ori', OtherRecipientInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) ) class RecipientInfos(univ.SetOf): pass RecipientInfos.componentType = RecipientInfo() RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class EnvelopedData(univ.Sequence): pass EnvelopedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) class EncryptedData(univ.Sequence): pass EncryptedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier): pass class UnsignedAttributes(univ.SetOf): pass UnsignedAttributes.componentType = Attribute() UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class SignerIdentifier(univ.Choice): pass SignerIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class SignerInfo(univ.Sequence): pass SignerInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('sid', SignerIdentifier()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', SignatureValue()), namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class SignerInfos(univ.SetOf): pass SignerInfos.componentType = SignerInfo() class Countersignature(SignerInfo): pass class ContentInfo(univ.Sequence): pass ContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), openType=opentype.OpenType('contentType', cmsContentTypesMap) ) ) class EncapsulatedContentInfo(univ.Sequence): pass EncapsulatedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('eContentType', ContentType()), namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) class MessageDigest(univ.OctetString): pass class AuthAttributes(univ.SetOf): pass AuthAttributes.componentType = Attribute() AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class Time(univ.Choice): pass Time.componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) ) class AuthenticatedData(univ.Sequence): pass AuthenticatedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('mac', MessageAuthenticationCode()), namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) class ExtendedCertificateOrCertificate(univ.Choice): pass ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', rfc5280.Certificate()), namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class Digest(univ.OctetString): pass class DigestedData(univ.Sequence): pass DigestedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), namedtype.NamedType('digest', Digest()) ) id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) class DigestAlgorithmIdentifiers(univ.SetOf): pass DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() class SignedData(univ.Sequence): pass SignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('version', CMSVersion()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), namedtype.OptionalNamedType('certificates', CertificateSet().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) class SigningTime(Time): pass id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) # CMS Content Type Map _cmsContentTypesMapUpdate = { id_ct_contentInfo: ContentInfo(), id_data: univ.OctetString(), id_signedData: SignedData(), id_envelopedData: EnvelopedData(), id_digestedData: DigestedData(), id_encryptedData: EncryptedData(), id_ct_authData: AuthenticatedData(), } cmsContentTypesMap.update(_cmsContentTypesMapUpdate) # CMS Attribute Map _cmsAttributesMapUpdate = { id_contentType: ContentType(), id_messageDigest: MessageDigest(), id_signingTime: SigningTime(), id_countersignature: Countersignature(), } cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5751.py0000644006321400632140000000617613551772550022477 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # S/MIME Version 3.2 Message Specification # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5751.txt from pyasn1.type import namedtype from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5652 from pyasn1_modules import rfc8018 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) # Imports from RFC 5652 and RFC 8018 IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber RecipientKeyIdentifier = rfc5652.RecipientKeyIdentifier SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier rc2CBC = rfc8018.rc2CBC # S/MIME Capabilities Attribute smimeCapabilities = univ.ObjectIdentifier('1.2.840.113549.1.9.15') smimeCapabilityMap = { } class SMIMECapability(univ.Sequence): pass SMIMECapability.componentType = namedtype.NamedTypes( namedtype.NamedType('capabilityID', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any(), openType=opentype.OpenType('capabilityID', smimeCapabilityMap)) ) class SMIMECapabilities(univ.SequenceOf): pass SMIMECapabilities.componentType = SMIMECapability() class SMIMECapabilitiesParametersForRC2CBC(univ.Integer): # which carries the RC2 Key Length (number of bits) pass # S/MIME Encryption Key Preference Attribute id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16') id_aa = _OID(id_smime, 2) id_aa_encrypKeyPref = _OID(id_aa, 11) class SMIMEEncryptionKeyPreference(univ.Choice): pass SMIMEEncryptionKeyPreference.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('receipentKeyId', # Yes, 'receipentKeyId' is spelled incorrectly, but kept # this way for alignment with the ASN.1 module in the RFC. RecipientKeyIdentifier().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('subjectAltKeyIdentifier', SubjectKeyIdentifier().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 2))) ) # The Prefer Binary Inside SMIMECapabilities attribute id_cap = _OID(id_smime, 11) id_cap_preferBinaryInside = _OID(id_cap, 1) # CMS Attribute Map _cmsAttributesMapUpdate = { smimeCapabilities: SMIMECapabilities(), id_aa_encrypKeyPref: SMIMEEncryptionKeyPreference(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # SMIMECapabilities Attribute Map # # Do not include OIDs in the dictionary when the parameters are absent. _smimeCapabilityMapUpdate = { rc2CBC: SMIMECapabilitiesParametersForRC2CBC(), } smimeCapabilityMap.update(_smimeCapabilityMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5755.py0000664006321400632140000002746113605660315022500 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # An Internet Attribute Certificate Profile for Authorization # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5755.txt # https://www.rfc-editor.org/rfc/rfc5912.txt (see Section 13) # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 MAX = float('inf') # Map for Security Category type to value securityCategoryMap = { } # Imports from RFC 5652 ContentInfo = rfc5652.ContentInfo # Imports from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier Attribute = rfc5280.Attribute AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax AuthorityKeyIdentifier = rfc5280.AuthorityKeyIdentifier CertificateSerialNumber = rfc5280.CertificateSerialNumber CRLDistributionPoints = rfc5280.CRLDistributionPoints Extensions = rfc5280.Extensions Extension = rfc5280.Extension GeneralNames = rfc5280.GeneralNames GeneralName = rfc5280.GeneralName UniqueIdentifier = rfc5280.UniqueIdentifier # Object Identifier arcs id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) id_pe = id_pkix + (1, ) id_kp = id_pkix + (3, ) id_aca = id_pkix + (10, ) id_ad = id_pkix + (48, ) id_at = univ.ObjectIdentifier((2, 5, 4, )) id_ce = univ.ObjectIdentifier((2, 5, 29, )) # Attribute Certificate class AttCertVersion(univ.Integer): namedValues = namedval.NamedValues( ('v2', 1) ) class IssuerSerial(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', GeneralNames()), namedtype.NamedType('serial', CertificateSerialNumber()), namedtype.OptionalNamedType('issuerUID', UniqueIdentifier()) ) class ObjectDigestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('digestedObjectType', univ.Enumerated(namedValues=namedval.NamedValues( ('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))), namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()), namedtype.NamedType('digestAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('objectDigest', univ.BitString()) ) class Holder(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('entityName', GeneralNames().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 2))) ) class V2Form(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('issuerName', GeneralNames()), namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class AttCertIssuer(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('v1Form', GeneralNames()), namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class AttCertValidityPeriod(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()), namedtype.NamedType('notAfterTime', useful.GeneralizedTime()) ) class AttributeCertificateInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', AttCertVersion()), namedtype.NamedType('holder', Holder()), namedtype.NamedType('issuer', AttCertIssuer()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('attrCertValidityPeriod', AttCertValidityPeriod()), namedtype.NamedType('attributes', univ.SequenceOf(componentType=Attribute())), namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier()), namedtype.OptionalNamedType('extensions', Extensions()) ) class AttributeCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('acinfo', AttributeCertificateInfo()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signatureValue', univ.BitString()) ) # Attribute Certificate Extensions id_pe_ac_auditIdentity = id_pe + (4, ) id_ce_noRevAvail = id_ce + (56, ) id_ce_targetInformation = id_ce + (55, ) class TargetCert(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('targetCertificate', IssuerSerial()), namedtype.OptionalNamedType('targetName', GeneralName()), namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo()) ) class Target(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('targetName', GeneralName().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('targetGroup', GeneralName().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('targetCert', TargetCert().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 2))) ) class Targets(univ.SequenceOf): componentType = Target() id_pe_ac_proxying = id_pe + (10, ) class ProxyInfo(univ.SequenceOf): componentType = Targets() id_pe_aaControls = id_pe + (6, ) class AttrSpec(univ.SequenceOf): componentType = univ.ObjectIdentifier() class AAControls(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), namedtype.OptionalNamedType('permittedAttrs', AttrSpec().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('excludedAttrs', AttrSpec().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1)) ) # Attribute Certificate Attributes id_aca_authenticationInfo = id_aca + (1, ) id_aca_accessIdentity = id_aca + (2, ) class SvceAuthInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('service', GeneralName()), namedtype.NamedType('ident', GeneralName()), namedtype.OptionalNamedType('authInfo', univ.OctetString()) ) id_aca_chargingIdentity = id_aca + (3, ) id_aca_group = id_aca + (4, ) class IetfAttrSyntax(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('policyAuthority', GeneralNames().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('values', univ.SequenceOf( componentType=univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType('octets', univ.OctetString()), namedtype.NamedType('oid', univ.ObjectIdentifier()), namedtype.NamedType('string', char.UTF8String()) )) )) ) id_at_role = id_at + (72,) class RoleSyntax(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('roleAuthority', GeneralNames().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('roleName', GeneralName().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ClassList(univ.BitString): namedValues = namedval.NamedValues( ('unmarked', 0), ('unclassified', 1), ('restricted', 2), ('confidential', 3), ('secret', 4), ('topSecret', 5) ) class SecurityCategory(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1)), openType=opentype.OpenType('type', securityCategoryMap)) ) id_at_clearance = univ.ObjectIdentifier((2, 5, 4, 55, )) class Clearance(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyId', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('classList', ClassList().subtype(value='unclassified')), namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory())) ) id_at_clearance_rfc3281 = univ.ObjectIdentifier((2, 5, 1, 5, 55, )) class Clearance_rfc3281(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.DefaultedNamedType('classList', ClassList().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1)).subtype( value='unclassified')), namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype( implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 2))) ) id_aca_encAttrs = id_aca + (6, ) class ACClearAttrs(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('acIssuer', GeneralName()), namedtype.NamedType('acSerial', univ.Integer()), namedtype.NamedType('attrs', univ.SequenceOf(componentType=Attribute())) ) # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_ac_auditIdentity: univ.OctetString(), id_ce_noRevAvail: univ.Null(), id_ce_targetInformation: Targets(), id_pe_ac_proxying: ProxyInfo(), id_pe_aaControls: AAControls(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) # Map of AttributeType OIDs to AttributeValue added to the # ones that are in rfc5280.py _certificateAttributesMapUpdate = { id_aca_authenticationInfo: SvceAuthInfo(), id_aca_accessIdentity: SvceAuthInfo(), id_aca_chargingIdentity: IetfAttrSyntax(), id_aca_group: IetfAttrSyntax(), id_at_role: RoleSyntax(), id_at_clearance: Clearance(), id_at_clearance_rfc3281: Clearance_rfc3281(), id_aca_encAttrs: ContentInfo(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5913.py0000664006321400632140000000221113605660315022456 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Authority Clearance Constraints Certificate Extension # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5913.txt # https://www.rfc-editor.org/errata/eid5890 # from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5755 MAX = float('inf') # Authority Clearance Constraints Certificate Extension id_pe_clearanceConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.21') id_pe_authorityClearanceConstraints = id_pe_clearanceConstraints class AuthorityClearanceConstraints(univ.SequenceOf): componentType = rfc5755.Clearance() subtypeSpec=constraint.ValueSizeConstraint(1, MAX) # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_clearanceConstraints: AuthorityClearanceConstraints(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5914.py0000644006321400632140000000720213551772550022467 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Trust Anchor Format # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5914.txt from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') Certificate = rfc5280.Certificate Name = rfc5280.Name Extensions = rfc5280.Extensions SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo TBSCertificate = rfc5280.TBSCertificate CertificatePolicies = rfc5280.CertificatePolicies KeyIdentifier = rfc5280.KeyIdentifier NameConstraints = rfc5280.NameConstraints class CertPolicyFlags(univ.BitString): pass CertPolicyFlags.namedValues = namedval.NamedValues( ('inhibitPolicyMapping', 0), ('requireExplicitPolicy', 1), ('inhibitAnyPolicy', 2) ) class CertPathControls(univ.Sequence): pass CertPathControls.componentType = namedtype.NamedTypes( namedtype.NamedType('taName', Name()), namedtype.OptionalNamedType('certificate', Certificate().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('policySet', CertificatePolicies().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('policyFlags', CertPolicyFlags().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('nameConstr', NameConstraints().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class TrustAnchorTitle(char.UTF8String): pass TrustAnchorTitle.subtypeSpec = constraint.ValueSizeConstraint(1, 64) class TrustAnchorInfoVersion(univ.Integer): pass TrustAnchorInfoVersion.namedValues = namedval.NamedValues( ('v1', 1) ) class TrustAnchorInfo(univ.Sequence): pass TrustAnchorInfo.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TrustAnchorInfoVersion().subtype(value='v1')), namedtype.NamedType('pubKey', SubjectPublicKeyInfo()), namedtype.NamedType('keyId', KeyIdentifier()), namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()), namedtype.OptionalNamedType('certPath', CertPathControls()), namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('taTitleLangTag', char.UTF8String().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class TrustAnchorChoice(univ.Choice): pass TrustAnchorChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', Certificate()), namedtype.NamedType('tbsCert', TBSCertificate().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('taInfo', TrustAnchorInfo().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) id_ct_trustAnchorList = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.34') class TrustAnchorList(univ.SequenceOf): pass TrustAnchorList.componentType = TrustAnchorChoice() TrustAnchorList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) pyasn1-modules-0.2.8/pyasn1_modules/rfc5915.py0000644006321400632140000000204013551772550022463 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Elliptic Curve Private Key # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5915.txt from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5480 class ECPrivateKey(univ.Sequence): pass ECPrivateKey.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer( namedValues=namedval.NamedValues(('ecPrivkeyVer1', 1)))), namedtype.NamedType('privateKey', univ.OctetString()), namedtype.OptionalNamedType('parameters', rfc5480.ECParameters().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('publicKey', univ.BitString().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc5916.py0000664006321400632140000000144013605660315022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Device Owner Attribute # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5916.txt # from pyasn1.type import univ from pyasn1_modules import rfc5280 # Device Owner Attribute id_deviceOwner = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 69)) at_deviceOwner = rfc5280.Attribute() at_deviceOwner['type'] = id_deviceOwner at_deviceOwner['values'][0] = univ.ObjectIdentifier() # Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. _certificateAttributesMapUpdate = { id_deviceOwner: univ.ObjectIdentifier(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5917.py0000664006321400632140000000274713605660315022500 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Clearance Sponsor Attribute # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5917.txt # https://www.rfc-editor.org/errata/eid4558 # https://www.rfc-editor.org/errata/eid5883 # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 # DirectoryString is the same as RFC 5280, except for two things: # 1. the length is limited to 64; # 2. only the 'utf8String' choice remains because the ASN.1 # specification says: ( WITH COMPONENTS { utf8String PRESENT } ) class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 64))), ) # Clearance Sponsor Attribute id_clearanceSponsor = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 68)) ub_clearance_sponsor = univ.Integer(64) at_clearanceSponsor = rfc5280.Attribute() at_clearanceSponsor['type'] = id_clearanceSponsor at_clearanceSponsor['values'][0] = DirectoryString() # Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. _certificateAttributesMapUpdate = { id_clearanceSponsor: DirectoryString(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5924.py0000664006321400632140000000065113605660315022466 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Extended Key Usage (EKU) for Session Initiation Protocol (SIP) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5924.txt # from pyasn1.type import univ id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') id_kp_sipDomain = id_kp + (20, ) pyasn1-modules-0.2.8/pyasn1_modules/rfc5934.py0000644006321400632140000005636613551772550022510 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Trust Anchor Format # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5934.txt from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful from pyasn1_modules import rfc2985 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5914 MAX = float('inf') def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) # Imports from RFC 2985 SingleAttribute = rfc2985.SingleAttribute # Imports from RFC5914 CertPathControls = rfc5914.CertPathControls TrustAnchorChoice = rfc5914.TrustAnchorChoice TrustAnchorTitle = rfc5914.TrustAnchorTitle # Imports from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier AnotherName = rfc5280.AnotherName Attribute = rfc5280.Attribute Certificate = rfc5280.Certificate CertificateSerialNumber = rfc5280.CertificateSerialNumber Extension = rfc5280.Extension Extensions = rfc5280.Extensions KeyIdentifier = rfc5280.KeyIdentifier Name = rfc5280.Name SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo TBSCertificate = rfc5280.TBSCertificate Validity = rfc5280.Validity # Object Identifier Arc for TAMP Message Content Types id_tamp = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.77') # TAMP Status Query Message id_ct_TAMP_statusQuery = _OID(id_tamp, 1) class TAMPVersion(univ.Integer): pass TAMPVersion.namedValues = namedval.NamedValues( ('v1', 1), ('v2', 2) ) class TerseOrVerbose(univ.Enumerated): pass TerseOrVerbose.namedValues = namedval.NamedValues( ('terse', 1), ('verbose', 2) ) class HardwareSerialEntry(univ.Choice): pass HardwareSerialEntry.componentType = namedtype.NamedTypes( namedtype.NamedType('all', univ.Null()), namedtype.NamedType('single', univ.OctetString()), namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('low', univ.OctetString()), namedtype.NamedType('high', univ.OctetString()) )) ) ) class HardwareModules(univ.Sequence): pass HardwareModules.componentType = namedtype.NamedTypes( namedtype.NamedType('hwType', univ.ObjectIdentifier()), namedtype.NamedType('hwSerialEntries', univ.SequenceOf( componentType=HardwareSerialEntry()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class HardwareModuleIdentifierList(univ.SequenceOf): pass HardwareModuleIdentifierList.componentType = HardwareModules() HardwareModuleIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class Community(univ.ObjectIdentifier): pass class CommunityIdentifierList(univ.SequenceOf): pass CommunityIdentifierList.componentType = Community() CommunityIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(0, MAX) class TargetIdentifier(univ.Choice): pass TargetIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('hwModules', HardwareModuleIdentifierList().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('communities', CommunityIdentifierList().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('allModules', univ.Null().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('uri', char.IA5String().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.NamedType('otherName', AnotherName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) ) class SeqNumber(univ.Integer): pass SeqNumber.subtypeSpec = constraint.ValueRangeConstraint(0, 9223372036854775807) class TAMPMsgRef(univ.Sequence): pass TAMPMsgRef.componentType = namedtype.NamedTypes( namedtype.NamedType('target', TargetIdentifier()), namedtype.NamedType('seqNum', SeqNumber()) ) class TAMPStatusQuery(univ.Sequence): pass TAMPStatusQuery.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value='verbose')), namedtype.NamedType('query', TAMPMsgRef()) ) tamp_status_query = rfc5652.ContentInfo() tamp_status_query['contentType'] = id_ct_TAMP_statusQuery tamp_status_query['content'] = TAMPStatusQuery() # TAMP Status Response Message id_ct_TAMP_statusResponse = _OID(id_tamp, 2) class KeyIdentifiers(univ.SequenceOf): pass KeyIdentifiers.componentType = KeyIdentifier() KeyIdentifiers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class TrustAnchorChoiceList(univ.SequenceOf): pass TrustAnchorChoiceList.componentType = TrustAnchorChoice() TrustAnchorChoiceList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class TAMPSequenceNumber(univ.Sequence): pass TAMPSequenceNumber.componentType = namedtype.NamedTypes( namedtype.NamedType('keyId', KeyIdentifier()), namedtype.NamedType('seqNumber', SeqNumber()) ) class TAMPSequenceNumbers(univ.SequenceOf): pass TAMPSequenceNumbers.componentType = TAMPSequenceNumber() TAMPSequenceNumbers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class TerseStatusResponse(univ.Sequence): pass TerseStatusResponse.componentType = namedtype.NamedTypes( namedtype.NamedType('taKeyIds', KeyIdentifiers()), namedtype.OptionalNamedType('communities', CommunityIdentifierList()) ) class VerboseStatusResponse(univ.Sequence): pass VerboseStatusResponse.componentType = namedtype.NamedTypes( namedtype.NamedType('taInfo', TrustAnchorChoiceList()), namedtype.OptionalNamedType('continPubKeyDecryptAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('communities', CommunityIdentifierList().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 2))) ) class StatusResponse(univ.Choice): pass StatusResponse.componentType = namedtype.NamedTypes( namedtype.NamedType('terseResponse', TerseStatusResponse().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('verboseResponse', VerboseStatusResponse().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class TAMPStatusResponse(univ.Sequence): pass TAMPStatusResponse.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('query', TAMPMsgRef()), namedtype.NamedType('response', StatusResponse()), namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1)) ) tamp_status_response = rfc5652.ContentInfo() tamp_status_response['contentType'] = id_ct_TAMP_statusResponse tamp_status_response['content'] = TAMPStatusResponse() # Trust Anchor Update Message id_ct_TAMP_update = _OID(id_tamp, 3) class TBSCertificateChangeInfo(univ.Sequence): pass TBSCertificateChangeInfo.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('serialNumber', CertificateSerialNumber()), namedtype.OptionalNamedType('signature', AlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('validity', Validity().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 5))) ) class TrustAnchorChangeInfo(univ.Sequence): pass TrustAnchorChangeInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('pubKey', SubjectPublicKeyInfo()), namedtype.OptionalNamedType('keyId', KeyIdentifier()), namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()), namedtype.OptionalNamedType('certPath', CertPathControls()), namedtype.OptionalNamedType('exts', Extensions().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class TrustAnchorChangeInfoChoice(univ.Choice): pass TrustAnchorChangeInfoChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertChange', TBSCertificateChangeInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('taChange', TrustAnchorChangeInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class TrustAnchorUpdate(univ.Choice): pass TrustAnchorUpdate.componentType = namedtype.NamedTypes( namedtype.NamedType('add', TrustAnchorChoice().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('remove', SubjectPublicKeyInfo().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('change', TrustAnchorChangeInfoChoice().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class TAMPUpdate(univ.Sequence): pass TAMPUpdate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value='verbose')), namedtype.NamedType('msgRef', TAMPMsgRef()), namedtype.NamedType('updates', univ.SequenceOf(componentType=TrustAnchorUpdate()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 2))) ) tamp_update = rfc5652.ContentInfo() tamp_update['contentType'] = id_ct_TAMP_update tamp_update['content'] = TAMPUpdate() # Trust Anchor Update Confirm Message id_ct_TAMP_updateConfirm = _OID(id_tamp, 4) class StatusCode(univ.Enumerated): pass StatusCode.namedValues = namedval.NamedValues( ('success', 0), ('decodeFailure', 1), ('badContentInfo', 2), ('badSignedData', 3), ('badEncapContent', 4), ('badCertificate', 5), ('badSignerInfo', 6), ('badSignedAttrs', 7), ('badUnsignedAttrs', 8), ('missingContent', 9), ('noTrustAnchor', 10), ('notAuthorized', 11), ('badDigestAlgorithm', 12), ('badSignatureAlgorithm', 13), ('unsupportedKeySize', 14), ('unsupportedParameters', 15), ('signatureFailure', 16), ('insufficientMemory', 17), ('unsupportedTAMPMsgType', 18), ('apexTAMPAnchor', 19), ('improperTAAddition', 20), ('seqNumFailure', 21), ('contingencyPublicKeyDecrypt', 22), ('incorrectTarget', 23), ('communityUpdateFailed', 24), ('trustAnchorNotFound', 25), ('unsupportedTAAlgorithm', 26), ('unsupportedTAKeySize', 27), ('unsupportedContinPubKeyDecryptAlg', 28), ('missingSignature', 29), ('resourcesBusy', 30), ('versionNumberMismatch', 31), ('missingPolicySet', 32), ('revokedCertificate', 33), ('unsupportedTrustAnchorFormat', 34), ('improperTAChange', 35), ('malformed', 36), ('cmsError', 37), ('unsupportedTargetIdentifier', 38), ('other', 127) ) class StatusCodeList(univ.SequenceOf): pass StatusCodeList.componentType = StatusCode() StatusCodeList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class TerseUpdateConfirm(StatusCodeList): pass class VerboseUpdateConfirm(univ.Sequence): pass VerboseUpdateConfirm.componentType = namedtype.NamedTypes( namedtype.NamedType('status', StatusCodeList()), namedtype.NamedType('taInfo', TrustAnchorChoiceList()), namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers()), namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1)) ) class UpdateConfirm(univ.Choice): pass UpdateConfirm.componentType = namedtype.NamedTypes( namedtype.NamedType('terseConfirm', TerseUpdateConfirm().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('verboseConfirm', VerboseUpdateConfirm().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class TAMPUpdateConfirm(univ.Sequence): pass TAMPUpdateConfirm.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('update', TAMPMsgRef()), namedtype.NamedType('confirm', UpdateConfirm()) ) tamp_update_confirm = rfc5652.ContentInfo() tamp_update_confirm['contentType'] = id_ct_TAMP_updateConfirm tamp_update_confirm['content'] = TAMPUpdateConfirm() # Apex Trust Anchor Update Message id_ct_TAMP_apexUpdate = _OID(id_tamp, 5) class TAMPApexUpdate(univ.Sequence): pass TAMPApexUpdate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value='verbose')), namedtype.NamedType('msgRef', TAMPMsgRef()), namedtype.NamedType('clearTrustAnchors', univ.Boolean()), namedtype.NamedType('clearCommunities', univ.Boolean()), namedtype.OptionalNamedType('seqNumber', SeqNumber()), namedtype.NamedType('apexTA', TrustAnchorChoice()) ) tamp_apex_update = rfc5652.ContentInfo() tamp_apex_update['contentType'] = id_ct_TAMP_apexUpdate tamp_apex_update['content'] = TAMPApexUpdate() # Apex Trust Anchor Update Confirm Message id_ct_TAMP_apexUpdateConfirm = _OID(id_tamp, 6) class TerseApexUpdateConfirm(StatusCode): pass class VerboseApexUpdateConfirm(univ.Sequence): pass VerboseApexUpdateConfirm.componentType = namedtype.NamedTypes( namedtype.NamedType('status', StatusCode()), namedtype.NamedType('taInfo', TrustAnchorChoiceList()), namedtype.OptionalNamedType('communities', CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ApexUpdateConfirm(univ.Choice): pass ApexUpdateConfirm.componentType = namedtype.NamedTypes( namedtype.NamedType('terseApexConfirm', TerseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('verboseApexConfirm', VerboseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class TAMPApexUpdateConfirm(univ.Sequence): pass TAMPApexUpdateConfirm.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('apexReplace', TAMPMsgRef()), namedtype.NamedType('apexConfirm', ApexUpdateConfirm()) ) tamp_apex_update_confirm = rfc5652.ContentInfo() tamp_apex_update_confirm['contentType'] = id_ct_TAMP_apexUpdateConfirm tamp_apex_update_confirm['content'] = TAMPApexUpdateConfirm() # Community Update Message id_ct_TAMP_communityUpdate = _OID(id_tamp, 7) class CommunityUpdates(univ.Sequence): pass CommunityUpdates.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('remove', CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('add', CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class TAMPCommunityUpdate(univ.Sequence): pass TAMPCommunityUpdate.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value='verbose')), namedtype.NamedType('msgRef', TAMPMsgRef()), namedtype.NamedType('updates', CommunityUpdates()) ) tamp_community_update = rfc5652.ContentInfo() tamp_community_update['contentType'] = id_ct_TAMP_communityUpdate tamp_community_update['content'] = TAMPCommunityUpdate() # Community Update Confirm Message id_ct_TAMP_communityUpdateConfirm = _OID(id_tamp, 8) class TerseCommunityConfirm(StatusCode): pass class VerboseCommunityConfirm(univ.Sequence): pass VerboseCommunityConfirm.componentType = namedtype.NamedTypes( namedtype.NamedType('status', StatusCode()), namedtype.OptionalNamedType('communities', CommunityIdentifierList()) ) class CommunityConfirm(univ.Choice): pass CommunityConfirm.componentType = namedtype.NamedTypes( namedtype.NamedType('terseCommConfirm', TerseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('verboseCommConfirm', VerboseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class TAMPCommunityUpdateConfirm(univ.Sequence): pass TAMPCommunityUpdateConfirm.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('update', TAMPMsgRef()), namedtype.NamedType('commConfirm', CommunityConfirm()) ) tamp_community_update_confirm = rfc5652.ContentInfo() tamp_community_update_confirm['contentType'] = id_ct_TAMP_communityUpdateConfirm tamp_community_update_confirm['content'] = TAMPCommunityUpdateConfirm() # Sequence Number Adjust Message id_ct_TAMP_seqNumAdjust = _OID(id_tamp, 10) class SequenceNumberAdjust(univ.Sequence): pass SequenceNumberAdjust.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('msgRef', TAMPMsgRef()) ) tamp_sequence_number_adjust = rfc5652.ContentInfo() tamp_sequence_number_adjust['contentType'] = id_ct_TAMP_seqNumAdjust tamp_sequence_number_adjust['content'] = SequenceNumberAdjust() # Sequence Number Adjust Confirm Message id_ct_TAMP_seqNumAdjustConfirm = _OID(id_tamp, 11) class SequenceNumberAdjustConfirm(univ.Sequence): pass SequenceNumberAdjustConfirm.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('adjust', TAMPMsgRef()), namedtype.NamedType('status', StatusCode()) ) tamp_sequence_number_adjust_confirm = rfc5652.ContentInfo() tamp_sequence_number_adjust_confirm['contentType'] = id_ct_TAMP_seqNumAdjustConfirm tamp_sequence_number_adjust_confirm['content'] = SequenceNumberAdjustConfirm() # TAMP Error Message id_ct_TAMP_error = _OID(id_tamp, 9) class TAMPError(univ.Sequence): pass TAMPError.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value='v2')), namedtype.NamedType('msgType', univ.ObjectIdentifier()), namedtype.NamedType('status', StatusCode()), namedtype.OptionalNamedType('msgRef', TAMPMsgRef()) ) tamp_error = rfc5652.ContentInfo() tamp_error['contentType'] = id_ct_TAMP_error tamp_error['content'] = TAMPError() # Object Identifier Arc for Attributes id_attributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.5') # contingency-public-key-decrypt-key unsigned attribute id_aa_TAMP_contingencyPublicKeyDecryptKey = _OID(id_attributes, 63) class PlaintextSymmetricKey(univ.OctetString): pass contingency_public_key_decrypt_key = Attribute() contingency_public_key_decrypt_key['type'] = id_aa_TAMP_contingencyPublicKeyDecryptKey contingency_public_key_decrypt_key['values'][0] = PlaintextSymmetricKey() # id-pe-wrappedApexContinKey extension id_pe_wrappedApexContinKey =univ.ObjectIdentifier('1.3.6.1.5.5.7.1.20') class ApexContingencyKey(univ.Sequence): pass ApexContingencyKey.componentType = namedtype.NamedTypes( namedtype.NamedType('wrapAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('wrappedContinPubKey', univ.OctetString()) ) wrappedApexContinKey = Extension() wrappedApexContinKey['extnID'] = id_pe_wrappedApexContinKey wrappedApexContinKey['critical'] = 0 wrappedApexContinKey['extnValue'] = univ.OctetString() # Add to the map of CMS Content Type OIDs to Content Types in # rfc5652.py _cmsContentTypesMapUpdate = { id_ct_TAMP_statusQuery: TAMPStatusQuery(), id_ct_TAMP_statusResponse: TAMPStatusResponse(), id_ct_TAMP_update: TAMPUpdate(), id_ct_TAMP_updateConfirm: TAMPUpdateConfirm(), id_ct_TAMP_apexUpdate: TAMPApexUpdate(), id_ct_TAMP_apexUpdateConfirm: TAMPApexUpdateConfirm(), id_ct_TAMP_communityUpdate: TAMPCommunityUpdate(), id_ct_TAMP_communityUpdateConfirm: TAMPCommunityUpdateConfirm(), id_ct_TAMP_seqNumAdjust: SequenceNumberAdjust(), id_ct_TAMP_seqNumAdjustConfirm: SequenceNumberAdjustConfirm(), id_ct_TAMP_error: TAMPError(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) # Add to the map of CMS Attribute OIDs to Attribute Values in # rfc5652.py _cmsAttributesMapUpdate = { id_aa_TAMP_contingencyPublicKeyDecryptKey: PlaintextSymmetricKey(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # Add to the map of Certificate Extension OIDs to Extensions in # rfc5280.py _certificateExtensionsMap = { id_pe_wrappedApexContinKey: ApexContingencyKey(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) pyasn1-modules-0.2.8/pyasn1_modules/rfc5940.py0000644006321400632140000000311513551772550022465 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Additional CMS Revocation Information Choices # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5940.txt # from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc2560 from pyasn1_modules import rfc5652 # RevocationInfoChoice for OCSP response: # The OID is included in otherRevInfoFormat, and # signed OCSPResponse is included in otherRevInfo id_ri_ocsp_response = univ.ObjectIdentifier('1.3.6.1.5.5.7.16.2') OCSPResponse = rfc2560.OCSPResponse # RevocationInfoChoice for SCVP request/response: # The OID is included in otherRevInfoFormat, and # SCVPReqRes is included in otherRevInfo id_ri_scvp = univ.ObjectIdentifier('1.3.6.1.5.5.7.16.4') ContentInfo = rfc5652.ContentInfo class SCVPReqRes(univ.Sequence): pass SCVPReqRes.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('request', ContentInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('response', ContentInfo()) ) # Map of Revocation Info Format OIDs to Revocation Info Format # is added to the ones that are in rfc5652.py _otherRevInfoFormatMapUpdate = { id_ri_ocsp_response: OCSPResponse(), id_ri_scvp: SCVPReqRes(), } rfc5652.otherRevInfoFormatMap.update(_otherRevInfoFormatMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5958.py0000644006321400632140000000513213551772550022477 0ustar ietingofietingof00000000000000# # This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # Modified by Russ Housley to add a map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Asymmetric Key Packages, which is essentially version 2 of # the PrivateKeyInfo structure in PKCS#8 in RFC 5208 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5958.txt from pyasn1.type import univ, constraint, namedtype, namedval, tag from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 MAX = float('inf') class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class PrivateKeyAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class EncryptedData(univ.OctetString): pass class EncryptedPrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedData', EncryptedData()) ) class Version(univ.Integer): namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) class PrivateKey(univ.OctetString): pass class Attributes(univ.SetOf): componentType = rfc5652.Attribute() class PublicKey(univ.BitString): pass # OneAsymmetricKey is essentially version 2 of PrivateKeyInfo. # If publicKey is present, then the version must be v2; # otherwise, the version should be v1. class OneAsymmetricKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('privateKeyAlgorithm', PrivateKeyAlgorithmIdentifier()), namedtype.NamedType('privateKey', PrivateKey()), namedtype.OptionalNamedType('attributes', Attributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('publicKey', PublicKey().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class PrivateKeyInfo(OneAsymmetricKey): pass # The CMS AsymmetricKeyPackage Content Type id_ct_KP_aKeyPackage = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.5') class AsymmetricKeyPackage(univ.SequenceOf): pass AsymmetricKeyPackage.componentType = OneAsymmetricKey() AsymmetricKeyPackage.sizeSpec=constraint.ValueSizeConstraint(1, MAX) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_KP_aKeyPackage: AsymmetricKeyPackage(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc5990.py0000644006321400632140000001260113551772550022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Use of the RSA-KEM Key Transport Algorithm in the CMS # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5990.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) # Imports from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier # Useful types and definitions class NullParms(univ.Null): pass # Object identifier arcs is18033_2 = _OID(1, 0, 18033, 2) nistAlgorithm = _OID(2, 16, 840, 1, 101, 3, 4) pkcs_1 = _OID(1, 2, 840, 113549, 1, 1) x9_44 = _OID(1, 3, 133, 16, 840, 9, 44) x9_44_components = _OID(x9_44, 1) # Types for algorithm identifiers class Camellia_KeyWrappingScheme(AlgorithmIdentifier): pass class DataEncapsulationMechanism(AlgorithmIdentifier): pass class KDF2_HashFunction(AlgorithmIdentifier): pass class KDF3_HashFunction(AlgorithmIdentifier): pass class KeyDerivationFunction(AlgorithmIdentifier): pass class KeyEncapsulationMechanism(AlgorithmIdentifier): pass class X9_SymmetricKeyWrappingScheme(AlgorithmIdentifier): pass # RSA-KEM Key Transport Algorithm id_rsa_kem = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 14) class GenericHybridParameters(univ.Sequence): pass GenericHybridParameters.componentType = namedtype.NamedTypes( namedtype.NamedType('kem', KeyEncapsulationMechanism()), namedtype.NamedType('dem', DataEncapsulationMechanism()) ) rsa_kem = AlgorithmIdentifier() rsa_kem['algorithm'] = id_rsa_kem rsa_kem['parameters'] = GenericHybridParameters() # KEM-RSA Key Encapsulation Mechanism id_kem_rsa = _OID(is18033_2, 2, 4) class KeyLength(univ.Integer): pass KeyLength.subtypeSpec = constraint.ValueRangeConstraint(1, MAX) class RsaKemParameters(univ.Sequence): pass RsaKemParameters.componentType = namedtype.NamedTypes( namedtype.NamedType('keyDerivationFunction', KeyDerivationFunction()), namedtype.NamedType('keyLength', KeyLength()) ) kem_rsa = AlgorithmIdentifier() kem_rsa['algorithm'] = id_kem_rsa kem_rsa['parameters'] = RsaKemParameters() # Key Derivation Functions id_kdf_kdf2 = _OID(x9_44_components, 1) id_kdf_kdf3 = _OID(x9_44_components, 2) kdf2 = AlgorithmIdentifier() kdf2['algorithm'] = id_kdf_kdf2 kdf2['parameters'] = KDF2_HashFunction() kdf3 = AlgorithmIdentifier() kdf3['algorithm'] = id_kdf_kdf3 kdf3['parameters'] = KDF3_HashFunction() # Hash Functions id_sha1 = _OID(1, 3, 14, 3, 2, 26) id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4) id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1) id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2) id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3) sha1 = AlgorithmIdentifier() sha1['algorithm'] = id_sha1 sha1['parameters'] = univ.Null("") sha224 = AlgorithmIdentifier() sha224['algorithm'] = id_sha224 sha224['parameters'] = univ.Null("") sha256 = AlgorithmIdentifier() sha256['algorithm'] = id_sha256 sha256['parameters'] = univ.Null("") sha384 = AlgorithmIdentifier() sha384['algorithm'] = id_sha384 sha384['parameters'] = univ.Null("") sha512 = AlgorithmIdentifier() sha512['algorithm'] = id_sha512 sha512['parameters'] = univ.Null("") # Symmetric Key-Wrapping Schemes id_aes128_Wrap = _OID(nistAlgorithm, 1, 5) id_aes192_Wrap = _OID(nistAlgorithm, 1, 25) id_aes256_Wrap = _OID(nistAlgorithm, 1, 45) id_alg_CMS3DESwrap = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 6) id_camellia128_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 2) id_camellia192_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 3) id_camellia256_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 4) aes128_Wrap = AlgorithmIdentifier() aes128_Wrap['algorithm'] = id_aes128_Wrap # aes128_Wrap['parameters'] are absent aes192_Wrap = AlgorithmIdentifier() aes192_Wrap['algorithm'] = id_aes128_Wrap # aes192_Wrap['parameters'] are absent aes256_Wrap = AlgorithmIdentifier() aes256_Wrap['algorithm'] = id_sha256 # aes256_Wrap['parameters'] are absent tdes_Wrap = AlgorithmIdentifier() tdes_Wrap['algorithm'] = id_alg_CMS3DESwrap tdes_Wrap['parameters'] = univ.Null("") camellia128_Wrap = AlgorithmIdentifier() camellia128_Wrap['algorithm'] = id_camellia128_Wrap # camellia128_Wrap['parameters'] are absent camellia192_Wrap = AlgorithmIdentifier() camellia192_Wrap['algorithm'] = id_camellia192_Wrap # camellia192_Wrap['parameters'] are absent camellia256_Wrap = AlgorithmIdentifier() camellia256_Wrap['algorithm'] = id_camellia256_Wrap # camellia256_Wrap['parameters'] are absent # Update the Algorithm Identifier map in rfc5280.py. # Note that the ones that must not have parameters are not added to the map. _algorithmIdentifierMapUpdate = { id_rsa_kem: GenericHybridParameters(), id_kem_rsa: RsaKemParameters(), id_kdf_kdf2: KDF2_HashFunction(), id_kdf_kdf3: KDF3_HashFunction(), id_sha1: univ.Null(), id_sha224: univ.Null(), id_sha256: univ.Null(), id_sha384: univ.Null(), id_sha512: univ.Null(), id_alg_CMS3DESwrap: univ.Null(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6010.py0000644006321400632140000000445313551772550022460 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Certificate Extension for CMS Content Constraints (CCC) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6010.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') AttributeType = rfc5280.AttributeType AttributeValue = rfc5280.AttributeValue id_ct_anyContentType = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.0') class AttrConstraint(univ.Sequence): pass AttrConstraint.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', AttributeType()), namedtype.NamedType('attrValues', univ.SetOf( componentType=AttributeValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class AttrConstraintList(univ.SequenceOf): pass AttrConstraintList.componentType = AttrConstraint() AttrConstraintList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class ContentTypeGeneration(univ.Enumerated): pass ContentTypeGeneration.namedValues = namedval.NamedValues( ('canSource', 0), ('cannotSource', 1) ) class ContentTypeConstraint(univ.Sequence): pass ContentTypeConstraint.componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('canSource', ContentTypeGeneration().subtype(value='canSource')), namedtype.OptionalNamedType('attrConstraints', AttrConstraintList()) ) # CMS Content Constraints (CCC) Extension and Object Identifier id_pe_cmsContentConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.18') class CMSContentConstraints(univ.SequenceOf): pass CMSContentConstraints.componentType = ContentTypeConstraint() CMSContentConstraints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) # Map of Certificate Extension OIDs to Extensions # To be added to the ones that are in rfc5280.py _certificateExtensionsMap = { id_pe_cmsContentConstraints: CMSContentConstraints(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) pyasn1-modules-0.2.8/pyasn1_modules/rfc6019.py0000644006321400632140000000207613551772550022470 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # Modified by Russ Housley to add a map for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # BinaryTime: An Alternate Format for Representing Date and Time # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6019.txt from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5652 MAX = float('inf') # BinaryTime: Represent date and time as an integer class BinaryTime(univ.Integer): pass BinaryTime.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) # CMS Attribute for representing signing time in BinaryTime id_aa_binarySigningTime = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.46') class BinarySigningTime(BinaryTime): pass # Map of Attribute Type OIDs to Attributes ia added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_binarySigningTime: BinarySigningTime(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6031.py0000644006321400632140000002755113551772550022467 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # CMS Symmetric Key Package Content Type # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6031.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6019 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) MAX = float('inf') id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12') # Symmetric Key Package Attributes id_pskc_manufacturer = _OID(id_pskc, 1) class at_pskc_manufacturer(char.UTF8String): pass id_pskc_serialNo = _OID(id_pskc, 2) class at_pskc_serialNo(char.UTF8String): pass id_pskc_model = _OID(id_pskc, 3) class at_pskc_model(char.UTF8String): pass id_pskc_issueNo = _OID(id_pskc, 4) class at_pskc_issueNo(char.UTF8String): pass id_pskc_deviceBinding = _OID(id_pskc, 5) class at_pskc_deviceBinding(char.UTF8String): pass id_pskc_deviceStartDate = _OID(id_pskc, 6) class at_pskc_deviceStartDate(useful.GeneralizedTime): pass id_pskc_deviceExpiryDate = _OID(id_pskc, 7) class at_pskc_deviceExpiryDate(useful.GeneralizedTime): pass id_pskc_moduleId = _OID(id_pskc, 8) class at_pskc_moduleId(char.UTF8String): pass id_pskc_deviceUserId = _OID(id_pskc, 26) class at_pskc_deviceUserId(char.UTF8String): pass # Symmetric Key Attributes id_pskc_keyId = _OID(id_pskc, 9) class at_pskc_keyUserId(char.UTF8String): pass id_pskc_algorithm = _OID(id_pskc, 10) class at_pskc_algorithm(char.UTF8String): pass id_pskc_issuer = _OID(id_pskc, 11) class at_pskc_issuer(char.UTF8String): pass id_pskc_keyProfileId = _OID(id_pskc, 12) class at_pskc_keyProfileId(char.UTF8String): pass id_pskc_keyReference = _OID(id_pskc, 13) class at_pskc_keyReference(char.UTF8String): pass id_pskc_friendlyName = _OID(id_pskc, 14) class FriendlyName(univ.Sequence): pass FriendlyName.componentType = namedtype.NamedTypes( namedtype.NamedType('friendlyName', char.UTF8String()), namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String()) ) class at_pskc_friendlyName(FriendlyName): pass id_pskc_algorithmParameters = _OID(id_pskc, 15) class Encoding(char.UTF8String): pass Encoding.namedValues = namedval.NamedValues( ('dec', "DECIMAL"), ('hex', "HEXADECIMAL"), ('alpha', "ALPHANUMERIC"), ('b64', "BASE64"), ('bin', "BINARY") ) Encoding.subtypeSpec = constraint.SingleValueConstraint( "DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" ) class ChallengeFormat(univ.Sequence): pass ChallengeFormat.componentType = namedtype.NamedTypes( namedtype.NamedType('encoding', Encoding()), namedtype.DefaultedNamedType('checkDigit', univ.Boolean().subtype(value=0)), namedtype.NamedType('min', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), namedtype.NamedType('max', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) class ResponseFormat(univ.Sequence): pass ResponseFormat.componentType = namedtype.NamedTypes( namedtype.NamedType('encoding', Encoding()), namedtype.NamedType('length', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), namedtype.DefaultedNamedType('checkDigit', univ.Boolean().subtype(value=0)) ) class PSKCAlgorithmParameters(univ.Choice): pass PSKCAlgorithmParameters.componentType = namedtype.NamedTypes( namedtype.NamedType('suite', char.UTF8String()), namedtype.NamedType('challengeFormat', ChallengeFormat().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('responseFormat', ResponseFormat().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class at_pskc_algorithmParameters(PSKCAlgorithmParameters): pass id_pskc_counter = _OID(id_pskc, 16) class at_pskc_counter(univ.Integer): pass at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) id_pskc_time = _OID(id_pskc, 17) class at_pskc_time(rfc6019.BinaryTime): pass id_pskc_timeInterval = _OID(id_pskc, 18) class at_pskc_timeInterval(univ.Integer): pass at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) id_pskc_timeDrift = _OID(id_pskc, 19) class at_pskc_timeDrift(univ.Integer): pass at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) id_pskc_valueMAC = _OID(id_pskc, 20) class ValueMac(univ.Sequence): pass ValueMac.componentType = namedtype.NamedTypes( namedtype.NamedType('macAlgorithm', char.UTF8String()), namedtype.NamedType('mac', char.UTF8String()) ) class at_pskc_valueMAC(ValueMac): pass id_pskc_keyUserId = _OID(id_pskc, 27) class at_pskc_keyId(char.UTF8String): pass id_pskc_keyStartDate = _OID(id_pskc, 21) class at_pskc_keyStartDate(useful.GeneralizedTime): pass id_pskc_keyExpiryDate = _OID(id_pskc, 22) class at_pskc_keyExpiryDate(useful.GeneralizedTime): pass id_pskc_numberOfTransactions = _OID(id_pskc, 23) class at_pskc_numberOfTransactions(univ.Integer): pass at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) id_pskc_keyUsages = _OID(id_pskc, 24) class PSKCKeyUsage(char.UTF8String): pass PSKCKeyUsage.namedValues = namedval.NamedValues( ('otp', "OTP"), ('cr', "CR"), ('encrypt', "Encrypt"), ('integrity', "Integrity"), ('verify', "Verify"), ('unlock', "Unlock"), ('decrypt', "Decrypt"), ('keywrap', "KeyWrap"), ('unwrap', "Unwrap"), ('derive', "Derive"), ('generate', "Generate") ) PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint( "OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock", "Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" ) class PSKCKeyUsages(univ.SequenceOf): pass PSKCKeyUsages.componentType = PSKCKeyUsage() class at_pskc_keyUsage(PSKCKeyUsages): pass id_pskc_pinPolicy = _OID(id_pskc, 25) class PINUsageMode(char.UTF8String): pass PINUsageMode.namedValues = namedval.NamedValues( ("local", "Local"), ("prepend", "Prepend"), ("append", "Append"), ("algorithmic", "Algorithmic") ) PINUsageMode.subtypeSpec = constraint.SingleValueConstraint( "Local", "Prepend", "Append", "Algorithmic" ) class PINPolicy(univ.Sequence): pass PINPolicy.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('pinUsageMode', PINUsageMode().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('minLength', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('maxLength', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('pinEncoding', Encoding().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) ) class at_pskc_pinPolicy(PINPolicy): pass # Map of Symmetric Key Package Attribute OIDs to Attributes sKeyPkgAttributesMap = { id_pskc_manufacturer: at_pskc_manufacturer(), id_pskc_serialNo: at_pskc_serialNo(), id_pskc_model: at_pskc_model(), id_pskc_issueNo: at_pskc_issueNo(), id_pskc_deviceBinding: at_pskc_deviceBinding(), id_pskc_deviceStartDate: at_pskc_deviceStartDate(), id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(), id_pskc_moduleId: at_pskc_moduleId(), id_pskc_deviceUserId: at_pskc_deviceUserId(), } # Map of Symmetric Key Attribute OIDs to Attributes sKeyAttributesMap = { id_pskc_keyId: at_pskc_keyId(), id_pskc_algorithm: at_pskc_algorithm(), id_pskc_issuer: at_pskc_issuer(), id_pskc_keyProfileId: at_pskc_keyProfileId(), id_pskc_keyReference: at_pskc_keyReference(), id_pskc_friendlyName: at_pskc_friendlyName(), id_pskc_algorithmParameters: at_pskc_algorithmParameters(), id_pskc_counter: at_pskc_counter(), id_pskc_time: at_pskc_time(), id_pskc_timeInterval: at_pskc_timeInterval(), id_pskc_timeDrift: at_pskc_timeDrift(), id_pskc_valueMAC: at_pskc_valueMAC(), id_pskc_keyUserId: at_pskc_keyUserId(), id_pskc_keyStartDate: at_pskc_keyStartDate(), id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(), id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(), id_pskc_keyUsages: at_pskc_keyUsage(), id_pskc_pinPolicy: at_pskc_pinPolicy(), } # This definition replaces Attribute() from rfc5652.py; it is the same except # that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap class AttributeType(univ.ObjectIdentifier): pass class AttributeValue(univ.Any): pass class SKeyAttribute(univ.Sequence): pass SKeyAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', AttributeType()), namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), openType=opentype.OpenType('attrType', sKeyAttributesMap) ) ) class SKeyPkgAttribute(univ.Sequence): pass SKeyPkgAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', AttributeType()), namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), openType=opentype.OpenType('attrType', sKeyPkgAttributesMap) ) ) # Symmetric Key Package Content Type id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25') class KeyPkgVersion(univ.Integer): pass KeyPkgVersion.namedValues = namedval.NamedValues( ('v1', 1) ) class OneSymmetricKey(univ.Sequence): pass OneSymmetricKey.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('sKeyAttrs', univ.SequenceOf(componentType=SKeyAttribute()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.OptionalNamedType('sKey', univ.OctetString()) ) OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) class SymmetricKeys(univ.SequenceOf): pass SymmetricKeys.componentType = OneSymmetricKey() SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) class SymmetricKeyPackage(univ.Sequence): pass SymmetricKeyPackage.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')), namedtype.OptionalNamedType('sKeyPkgAttrs', univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX), implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('sKeys', SymmetricKeys()) ) # Map of Content Type OIDs to Content Types are # added to the ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_KP_sKeyPackage: SymmetricKeyPackage(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6032.py0000644006321400632140000000363613551772550022466 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # CMS Encrypted Key Package Content Type # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6032.txt # from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5083 # Content Decryption Key Identifier attribute id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') class ContentDecryptKeyID(univ.OctetString): pass aa_content_decrypt_key_identifier = rfc5652.Attribute() aa_content_decrypt_key_identifier['attrType'] = id_aa_KP_contentDecryptKeyID aa_content_decrypt_key_identifier['attrValues'][0] = ContentDecryptKeyID() # Encrypted Key Package Content Type id_ct_KP_encryptedKeyPkg = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.2') class EncryptedKeyPackage(univ.Choice): pass EncryptedKeyPackage.componentType = namedtype.NamedTypes( namedtype.NamedType('encrypted', rfc5652.EncryptedData()), namedtype.NamedType('enveloped', rfc5652.EnvelopedData().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('authEnveloped', rfc5083.AuthEnvelopedData().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) # Map of Attribute Type OIDs to Attributes are # added to the ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # Map of Content Type OIDs to Content Types are # added to the ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_KP_encryptedKeyPkg: EncryptedKeyPackage(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6120.py0000664006321400632140000000146213605660315022454 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Extensible Messaging and Presence Protocol (XMPP) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6120.txt # from pyasn1.type import char from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') # XmppAddr Identifier Type as specified in Section 13.7.1.4. of RFC 6120 id_pkix = rfc5280.id_pkix id_on = id_pkix + (8, ) id_on_xmppAddr = id_on + (5, ) class XmppAddr(char.UTF8String): pass # Map of Other Name OIDs to Other Name is added to the # ones that are in rfc5280.py _anotherNameMapUpdate = { id_on_xmppAddr: XmppAddr(), } rfc5280.anotherNameMap.update(_anotherNameMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6170.py0000664006321400632140000000063113605660315022456 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Certificate Image in the Internet X.509 Public Key Infrastructure # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6170.txt # from pyasn1.type import univ id_logo_certImage = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.3') pyasn1-modules-0.2.8/pyasn1_modules/rfc6187.py0000664006321400632140000000075113605660315022471 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # X.509v3 Certificates for Secure Shell Authentication # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6187.txt # from pyasn1.type import univ id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_kp = id_pkix + (3, ) id_kp_secureShellClient = id_kp + (21, ) id_kp_secureShellServer = id_kp + (22, ) pyasn1-modules-0.2.8/pyasn1_modules/rfc6210.py0000644006321400632140000000203413551772550022453 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Experiment for Hash Functions with Parameters in the CMS # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6210.txt # from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 id_alg_MD5_XOR_EXPERIMENT = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.13') class MD5_XOR_EXPERIMENT(univ.OctetString): pass MD5_XOR_EXPERIMENT.subtypeSpec = constraint.ValueSizeConstraint(64, 64) mda_xor_md5_EXPERIMENT = rfc5280.AlgorithmIdentifier() mda_xor_md5_EXPERIMENT['algorithm'] = id_alg_MD5_XOR_EXPERIMENT mda_xor_md5_EXPERIMENT['parameters'] = MD5_XOR_EXPERIMENT() # Map of Algorithm Identifier OIDs to Parameters added to the # ones that are in rfc5280.py. _algorithmIdentifierMapUpdate = { id_alg_MD5_XOR_EXPERIMENT: MD5_XOR_EXPERIMENT(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6211.py0000644006321400632140000000432113551772550022455 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # CMS Algorithm Identifier Protection Attribute # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6211.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5652 # Imports from RFC 5652 DigestAlgorithmIdentifier = rfc5652.DigestAlgorithmIdentifier MessageAuthenticationCodeAlgorithm = rfc5652.MessageAuthenticationCodeAlgorithm SignatureAlgorithmIdentifier = rfc5652.SignatureAlgorithmIdentifier # CMS Algorithm Protection attribute id_aa_cmsAlgorithmProtect = univ.ObjectIdentifier('1.2.840.113549.1.9.52') class CMSAlgorithmProtection(univ.Sequence): pass CMSAlgorithmProtection.componentType = namedtype.NamedTypes( namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.OptionalNamedType('signatureAlgorithm', SignatureAlgorithmIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) CMSAlgorithmProtection.subtypeSpec = constraint.ConstraintsUnion( constraint.WithComponentsConstraint( ('signatureAlgorithm', constraint.ComponentPresentConstraint()), ('macAlgorithm', constraint.ComponentAbsentConstraint())), constraint.WithComponentsConstraint( ('signatureAlgorithm', constraint.ComponentAbsentConstraint()), ('macAlgorithm', constraint.ComponentPresentConstraint())) ) aa_cmsAlgorithmProtection = rfc5652.Attribute() aa_cmsAlgorithmProtection['attrType'] = id_aa_cmsAlgorithmProtect aa_cmsAlgorithmProtection['attrValues'][0] = CMSAlgorithmProtection() # Map of Attribute Type OIDs to Attributes are # added to the ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_cmsAlgorithmProtect: CMSAlgorithmProtection(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)pyasn1-modules-0.2.8/pyasn1_modules/rfc6402-1.py0000644006321400632140000004123113551772550022616 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Modified by Russ Housley to add a maps for CMC Control Attributes # and CMC Content Types for use with opentypes. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Certificate Management over CMS (CMC) Updates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6402.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc4211 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) cmcControlAttributesMap = { } class ChangeSubjectName(univ.Sequence): pass ChangeSubjectName.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('subject', rfc5280.Name()), namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames()) ) class AttributeValue(univ.Any): pass class CMCStatus(univ.Integer): pass CMCStatus.namedValues = namedval.NamedValues( ('success', 0), ('failed', 2), ('pending', 3), ('noSupport', 4), ('confirmRequired', 5), ('popRequired', 6), ('partial', 7) ) class PendInfo(univ.Sequence): pass PendInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('pendToken', univ.OctetString()), namedtype.NamedType('pendTime', useful.GeneralizedTime()) ) bodyIdMax = univ.Integer(4294967295) class BodyPartID(univ.Integer): pass BodyPartID.subtypeSpec = constraint.ValueRangeConstraint(0, bodyIdMax) class BodyPartPath(univ.SequenceOf): pass BodyPartPath.componentType = BodyPartID() BodyPartPath.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class BodyPartReference(univ.Choice): pass BodyPartReference.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('bodyPartPath', BodyPartPath()) ) class CMCFailInfo(univ.Integer): pass CMCFailInfo.namedValues = namedval.NamedValues( ('badAlg', 0), ('badMessageCheck', 1), ('badRequest', 2), ('badTime', 3), ('badCertId', 4), ('unsupportedExt', 5), ('mustArchiveKeys', 6), ('badIdentity', 7), ('popRequired', 8), ('popFailed', 9), ('noKeyReuse', 10), ('internalCAError', 11), ('tryLater', 12), ('authDataFail', 13) ) class CMCStatusInfoV2(univ.Sequence): pass CMCStatusInfoV2.componentType = namedtype.NamedTypes( namedtype.NamedType('cMCStatus', CMCStatus()), namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())), namedtype.OptionalNamedType('statusString', char.UTF8String()), namedtype.OptionalNamedType( 'otherInfo', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('failInfo', CMCFailInfo()), namedtype.NamedType('pendInfo', PendInfo()), namedtype.NamedType( 'extendedFailInfo', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), namedtype.NamedType('failInfoValue', AttributeValue())) ) ) ) ) ) ) class GetCRL(univ.Sequence): pass GetCRL.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerName', rfc5280.Name()), namedtype.OptionalNamedType('cRLName', rfc5280.GeneralName()), namedtype.OptionalNamedType('time', useful.GeneralizedTime()), namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags()) ) id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) id_cmc = _buildOid(id_pkix, 7) id_cmc_batchResponses = _buildOid(id_cmc, 29) id_cmc_popLinkWitness = _buildOid(id_cmc, 23) class PopLinkWitnessV2(univ.Sequence): pass PopLinkWitnessV2.componentType = namedtype.NamedTypes( namedtype.NamedType('keyGenAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('macAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()) ) id_cmc_popLinkWitnessV2 = _buildOid(id_cmc, 33) id_cmc_identityProofV2 = _buildOid(id_cmc, 34) id_cmc_revokeRequest = _buildOid(id_cmc, 17) id_cmc_recipientNonce = _buildOid(id_cmc, 7) class ControlsProcessed(univ.Sequence): pass ControlsProcessed.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())) ) class CertificationRequest(univ.Sequence): pass CertificationRequest.componentType = namedtype.NamedTypes( namedtype.NamedType( 'certificationRequestInfo', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer()), namedtype.NamedType('subject', rfc5280.Name()), namedtype.NamedType( 'subjectPublicKeyInfo', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) ) ) ), namedtype.NamedType( 'attributes', univ.SetOf( componentType=rfc5652.Attribute()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) ) ) ) ), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class TaggedCertificationRequest(univ.Sequence): pass TaggedCertificationRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('certificationRequest', CertificationRequest()) ) class TaggedRequest(univ.Choice): pass TaggedRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('tcr', TaggedCertificationRequest().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('crm', rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()), namedtype.NamedType('requestMessageValue', univ.Any()) )) .subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) id_cmc_popLinkRandom = _buildOid(id_cmc, 22) id_cmc_statusInfo = _buildOid(id_cmc, 1) id_cmc_trustedAnchors = _buildOid(id_cmc, 26) id_cmc_transactionId = _buildOid(id_cmc, 5) id_cmc_encryptedPOP = _buildOid(id_cmc, 9) class PublishTrustAnchors(univ.Sequence): pass PublishTrustAnchors.componentType = namedtype.NamedTypes( namedtype.NamedType('seqNumber', univ.Integer()), namedtype.NamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('anchorHashes', univ.SequenceOf(componentType=univ.OctetString())) ) class RevokeRequest(univ.Sequence): pass RevokeRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerName', rfc5280.Name()), namedtype.NamedType('serialNumber', univ.Integer()), namedtype.NamedType('reason', rfc5280.CRLReason()), namedtype.OptionalNamedType('invalidityDate', useful.GeneralizedTime()), namedtype.OptionalNamedType('passphrase', univ.OctetString()), namedtype.OptionalNamedType('comment', char.UTF8String()) ) id_cmc_senderNonce = _buildOid(id_cmc, 6) id_cmc_authData = _buildOid(id_cmc, 27) class TaggedContentInfo(univ.Sequence): pass TaggedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('contentInfo', rfc5652.ContentInfo()) ) class IdentifyProofV2(univ.Sequence): pass IdentifyProofV2.componentType = namedtype.NamedTypes( namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()) ) class CMCPublicationInfo(univ.Sequence): pass CMCPublicationInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('certHashes', univ.SequenceOf(componentType=univ.OctetString())), namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo()) ) id_kp_cmcCA = _buildOid(rfc5280.id_kp, 27) id_cmc_confirmCertAcceptance = _buildOid(id_cmc, 24) id_cmc_raIdentityWitness = _buildOid(id_cmc, 35) id_ExtensionReq = _buildOid(1, 2, 840, 113549, 1, 9, 14) id_cct = _buildOid(id_pkix, 12) id_cct_PKIData = _buildOid(id_cct, 2) id_kp_cmcRA = _buildOid(rfc5280.id_kp, 28) class CMCStatusInfo(univ.Sequence): pass CMCStatusInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('cMCStatus', CMCStatus()), namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())), namedtype.OptionalNamedType('statusString', char.UTF8String()), namedtype.OptionalNamedType( 'otherInfo', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('failInfo', CMCFailInfo()), namedtype.NamedType('pendInfo', PendInfo()) ) ) ) ) class DecryptedPOP(univ.Sequence): pass DecryptedPOP.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('thePOP', univ.OctetString()) ) id_cmc_addExtensions = _buildOid(id_cmc, 8) id_cmc_modCertTemplate = _buildOid(id_cmc, 31) class TaggedAttribute(univ.Sequence): pass TaggedAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('attrType', univ.ObjectIdentifier()), namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), openType=opentype.OpenType('attrType', cmcControlAttributesMap) ) ) class OtherMsg(univ.Sequence): pass OtherMsg.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('otherMsgType', univ.ObjectIdentifier()), namedtype.NamedType('otherMsgValue', univ.Any()) ) class PKIData(univ.Sequence): pass PKIData.componentType = namedtype.NamedTypes( namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), namedtype.NamedType('reqSequence', univ.SequenceOf(componentType=TaggedRequest())), namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) ) class BodyPartList(univ.SequenceOf): pass BodyPartList.componentType = BodyPartID() BodyPartList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_cmc_responseBody = _buildOid(id_cmc, 37) class AuthPublish(BodyPartID): pass class CMCUnsignedData(univ.Sequence): pass CMCUnsignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartPath', BodyPartPath()), namedtype.NamedType('identifier', univ.ObjectIdentifier()), namedtype.NamedType('content', univ.Any()) ) class CMCCertId(rfc5652.IssuerAndSerialNumber): pass class PKIResponse(univ.Sequence): pass PKIResponse.componentType = namedtype.NamedTypes( namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) ) class ResponseBody(PKIResponse): pass id_cmc_statusInfoV2 = _buildOid(id_cmc, 25) id_cmc_lraPOPWitness = _buildOid(id_cmc, 11) class ModCertTemplate(univ.Sequence): pass ModCertTemplate.componentType = namedtype.NamedTypes( namedtype.NamedType('pkiDataReference', BodyPartPath()), namedtype.NamedType('certReferences', BodyPartList()), namedtype.DefaultedNamedType('replace', univ.Boolean().subtype(value=1)), namedtype.NamedType('certTemplate', rfc4211.CertTemplate()) ) id_cmc_regInfo = _buildOid(id_cmc, 18) id_cmc_identityProof = _buildOid(id_cmc, 3) class ExtensionReq(univ.SequenceOf): pass ExtensionReq.componentType = rfc5280.Extension() ExtensionReq.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_kp_cmcArchive = _buildOid(rfc5280.id_kp, 28) id_cmc_publishCert = _buildOid(id_cmc, 30) id_cmc_dataReturn = _buildOid(id_cmc, 4) class LraPopWitness(univ.Sequence): pass LraPopWitness.componentType = namedtype.NamedTypes( namedtype.NamedType('pkiDataBodyid', BodyPartID()), namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID())) ) id_aa = _buildOid(1, 2, 840, 113549, 1, 9, 16, 2) id_aa_cmc_unsignedData = _buildOid(id_aa, 34) id_cmc_getCert = _buildOid(id_cmc, 15) id_cmc_batchRequests = _buildOid(id_cmc, 28) id_cmc_decryptedPOP = _buildOid(id_cmc, 10) id_cmc_responseInfo = _buildOid(id_cmc, 19) id_cmc_changeSubjectName = _buildOid(id_cmc, 36) class GetCert(univ.Sequence): pass GetCert.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerName', rfc5280.GeneralName()), namedtype.NamedType('serialNumber', univ.Integer()) ) id_cmc_identification = _buildOid(id_cmc, 2) id_cmc_queryPending = _buildOid(id_cmc, 21) class AddExtensions(univ.Sequence): pass AddExtensions.componentType = namedtype.NamedTypes( namedtype.NamedType('pkiDataReference', BodyPartID()), namedtype.NamedType('certReferences', univ.SequenceOf(componentType=BodyPartID())), namedtype.NamedType('extensions', univ.SequenceOf(componentType=rfc5280.Extension())) ) class EncryptedPOP(univ.Sequence): pass EncryptedPOP.componentType = namedtype.NamedTypes( namedtype.NamedType('request', TaggedRequest()), namedtype.NamedType('cms', rfc5652.ContentInfo()), namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witnessAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()) ) id_cmc_getCRL = _buildOid(id_cmc, 16) id_cct_PKIResponse = _buildOid(id_cct, 3) id_cmc_controlProcessed = _buildOid(id_cmc, 32) class NoSignatureValue(univ.OctetString): pass id_ad_cmc = _buildOid(rfc5280.id_ad, 12) id_alg_noSignature = _buildOid(id_pkix, 6, 2) # Map of CMC Control OIDs to CMC Control Attributes _cmcControlAttributesMapUpdate = { id_cmc_statusInfo: CMCStatusInfo(), id_cmc_statusInfoV2: CMCStatusInfoV2(), id_cmc_identification: char.UTF8String(), id_cmc_identityProof: univ.OctetString(), id_cmc_identityProofV2: IdentifyProofV2(), id_cmc_dataReturn: univ.OctetString(), id_cmc_transactionId: univ.Integer(), id_cmc_senderNonce: univ.OctetString(), id_cmc_recipientNonce: univ.OctetString(), id_cmc_addExtensions: AddExtensions(), id_cmc_encryptedPOP: EncryptedPOP(), id_cmc_decryptedPOP: DecryptedPOP(), id_cmc_lraPOPWitness: LraPopWitness(), id_cmc_getCert: GetCert(), id_cmc_getCRL: GetCRL(), id_cmc_revokeRequest: RevokeRequest(), id_cmc_regInfo: univ.OctetString(), id_cmc_responseInfo: univ.OctetString(), id_cmc_queryPending: univ.OctetString(), id_cmc_popLinkRandom: univ.OctetString(), id_cmc_popLinkWitness: univ.OctetString(), id_cmc_popLinkWitnessV2: PopLinkWitnessV2(), id_cmc_confirmCertAcceptance: CMCCertId(), id_cmc_trustedAnchors: PublishTrustAnchors(), id_cmc_authData: AuthPublish(), id_cmc_batchRequests: BodyPartList(), id_cmc_batchResponses: BodyPartList(), id_cmc_publishCert: CMCPublicationInfo(), id_cmc_modCertTemplate: ModCertTemplate(), id_cmc_controlProcessed: ControlsProcessed(), id_ExtensionReq: ExtensionReq(), } cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) # Map of CMC Content Type OIDs to CMC Content Types are added to # the ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_cct_PKIData: PKIData(), id_cct_PKIResponse: PKIResponse(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6402.py0000644006321400632140000004137413551772550022470 0ustar ietingofietingof00000000000000# coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Modified by Russ Housley to add a maps for CMC Control Attributes # and CMC Content Types for use with opentypes. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Certificate Management over CMS (CMC) Updates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6402.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1.type import useful from pyasn1_modules import rfc4211 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 MAX = float('inf') def _buildOid(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) # Since CMS Attributes and CMC Controls both use 'attrType', one map is used cmcControlAttributesMap = rfc5652.cmsAttributesMap class ChangeSubjectName(univ.Sequence): pass ChangeSubjectName.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('subject', rfc5280.Name()), namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames()) ) class AttributeValue(univ.Any): pass class CMCStatus(univ.Integer): pass CMCStatus.namedValues = namedval.NamedValues( ('success', 0), ('failed', 2), ('pending', 3), ('noSupport', 4), ('confirmRequired', 5), ('popRequired', 6), ('partial', 7) ) class PendInfo(univ.Sequence): pass PendInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('pendToken', univ.OctetString()), namedtype.NamedType('pendTime', useful.GeneralizedTime()) ) bodyIdMax = univ.Integer(4294967295) class BodyPartID(univ.Integer): pass BodyPartID.subtypeSpec = constraint.ValueRangeConstraint(0, bodyIdMax) class BodyPartPath(univ.SequenceOf): pass BodyPartPath.componentType = BodyPartID() BodyPartPath.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class BodyPartReference(univ.Choice): pass BodyPartReference.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('bodyPartPath', BodyPartPath()) ) class CMCFailInfo(univ.Integer): pass CMCFailInfo.namedValues = namedval.NamedValues( ('badAlg', 0), ('badMessageCheck', 1), ('badRequest', 2), ('badTime', 3), ('badCertId', 4), ('unsupportedExt', 5), ('mustArchiveKeys', 6), ('badIdentity', 7), ('popRequired', 8), ('popFailed', 9), ('noKeyReuse', 10), ('internalCAError', 11), ('tryLater', 12), ('authDataFail', 13) ) class CMCStatusInfoV2(univ.Sequence): pass CMCStatusInfoV2.componentType = namedtype.NamedTypes( namedtype.NamedType('cMCStatus', CMCStatus()), namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())), namedtype.OptionalNamedType('statusString', char.UTF8String()), namedtype.OptionalNamedType( 'otherInfo', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('failInfo', CMCFailInfo()), namedtype.NamedType('pendInfo', PendInfo()), namedtype.NamedType( 'extendedFailInfo', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), namedtype.NamedType('failInfoValue', AttributeValue())) ) ) ) ) ) ) class GetCRL(univ.Sequence): pass GetCRL.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerName', rfc5280.Name()), namedtype.OptionalNamedType('cRLName', rfc5280.GeneralName()), namedtype.OptionalNamedType('time', useful.GeneralizedTime()), namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags()) ) id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) id_cmc = _buildOid(id_pkix, 7) id_cmc_batchResponses = _buildOid(id_cmc, 29) id_cmc_popLinkWitness = _buildOid(id_cmc, 23) class PopLinkWitnessV2(univ.Sequence): pass PopLinkWitnessV2.componentType = namedtype.NamedTypes( namedtype.NamedType('keyGenAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('macAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()) ) id_cmc_popLinkWitnessV2 = _buildOid(id_cmc, 33) id_cmc_identityProofV2 = _buildOid(id_cmc, 34) id_cmc_revokeRequest = _buildOid(id_cmc, 17) id_cmc_recipientNonce = _buildOid(id_cmc, 7) class ControlsProcessed(univ.Sequence): pass ControlsProcessed.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())) ) class CertificationRequest(univ.Sequence): pass CertificationRequest.componentType = namedtype.NamedTypes( namedtype.NamedType( 'certificationRequestInfo', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer()), namedtype.NamedType('subject', rfc5280.Name()), namedtype.NamedType( 'subjectPublicKeyInfo', univ.Sequence( componentType=namedtype.NamedTypes( namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) ) ) ), namedtype.NamedType( 'attributes', univ.SetOf( componentType=rfc5652.Attribute()).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) ) ) ) ), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class TaggedCertificationRequest(univ.Sequence): pass TaggedCertificationRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('certificationRequest', CertificationRequest()) ) class TaggedRequest(univ.Choice): pass TaggedRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('tcr', TaggedCertificationRequest().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('crm', rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()), namedtype.NamedType('requestMessageValue', univ.Any()) )) .subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) id_cmc_popLinkRandom = _buildOid(id_cmc, 22) id_cmc_statusInfo = _buildOid(id_cmc, 1) id_cmc_trustedAnchors = _buildOid(id_cmc, 26) id_cmc_transactionId = _buildOid(id_cmc, 5) id_cmc_encryptedPOP = _buildOid(id_cmc, 9) class PublishTrustAnchors(univ.Sequence): pass PublishTrustAnchors.componentType = namedtype.NamedTypes( namedtype.NamedType('seqNumber', univ.Integer()), namedtype.NamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('anchorHashes', univ.SequenceOf(componentType=univ.OctetString())) ) class RevokeRequest(univ.Sequence): pass RevokeRequest.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerName', rfc5280.Name()), namedtype.NamedType('serialNumber', univ.Integer()), namedtype.NamedType('reason', rfc5280.CRLReason()), namedtype.OptionalNamedType('invalidityDate', useful.GeneralizedTime()), namedtype.OptionalNamedType('passphrase', univ.OctetString()), namedtype.OptionalNamedType('comment', char.UTF8String()) ) id_cmc_senderNonce = _buildOid(id_cmc, 6) id_cmc_authData = _buildOid(id_cmc, 27) class TaggedContentInfo(univ.Sequence): pass TaggedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('contentInfo', rfc5652.ContentInfo()) ) class IdentifyProofV2(univ.Sequence): pass IdentifyProofV2.componentType = namedtype.NamedTypes( namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()) ) class CMCPublicationInfo(univ.Sequence): pass CMCPublicationInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('certHashes', univ.SequenceOf(componentType=univ.OctetString())), namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo()) ) id_kp_cmcCA = _buildOid(rfc5280.id_kp, 27) id_cmc_confirmCertAcceptance = _buildOid(id_cmc, 24) id_cmc_raIdentityWitness = _buildOid(id_cmc, 35) id_ExtensionReq = _buildOid(1, 2, 840, 113549, 1, 9, 14) id_cct = _buildOid(id_pkix, 12) id_cct_PKIData = _buildOid(id_cct, 2) id_kp_cmcRA = _buildOid(rfc5280.id_kp, 28) class CMCStatusInfo(univ.Sequence): pass CMCStatusInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('cMCStatus', CMCStatus()), namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())), namedtype.OptionalNamedType('statusString', char.UTF8String()), namedtype.OptionalNamedType( 'otherInfo', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('failInfo', CMCFailInfo()), namedtype.NamedType('pendInfo', PendInfo()) ) ) ) ) class DecryptedPOP(univ.Sequence): pass DecryptedPOP.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('thePOP', univ.OctetString()) ) id_cmc_addExtensions = _buildOid(id_cmc, 8) id_cmc_modCertTemplate = _buildOid(id_cmc, 31) class TaggedAttribute(univ.Sequence): pass TaggedAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('attrType', univ.ObjectIdentifier()), namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), openType=opentype.OpenType('attrType', cmcControlAttributesMap) ) ) class OtherMsg(univ.Sequence): pass OtherMsg.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartID', BodyPartID()), namedtype.NamedType('otherMsgType', univ.ObjectIdentifier()), namedtype.NamedType('otherMsgValue', univ.Any()) ) class PKIData(univ.Sequence): pass PKIData.componentType = namedtype.NamedTypes( namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), namedtype.NamedType('reqSequence', univ.SequenceOf(componentType=TaggedRequest())), namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) ) class BodyPartList(univ.SequenceOf): pass BodyPartList.componentType = BodyPartID() BodyPartList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_cmc_responseBody = _buildOid(id_cmc, 37) class AuthPublish(BodyPartID): pass class CMCUnsignedData(univ.Sequence): pass CMCUnsignedData.componentType = namedtype.NamedTypes( namedtype.NamedType('bodyPartPath', BodyPartPath()), namedtype.NamedType('identifier', univ.ObjectIdentifier()), namedtype.NamedType('content', univ.Any()) ) class CMCCertId(rfc5652.IssuerAndSerialNumber): pass class PKIResponse(univ.Sequence): pass PKIResponse.componentType = namedtype.NamedTypes( namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) ) class ResponseBody(PKIResponse): pass id_cmc_statusInfoV2 = _buildOid(id_cmc, 25) id_cmc_lraPOPWitness = _buildOid(id_cmc, 11) class ModCertTemplate(univ.Sequence): pass ModCertTemplate.componentType = namedtype.NamedTypes( namedtype.NamedType('pkiDataReference', BodyPartPath()), namedtype.NamedType('certReferences', BodyPartList()), namedtype.DefaultedNamedType('replace', univ.Boolean().subtype(value=1)), namedtype.NamedType('certTemplate', rfc4211.CertTemplate()) ) id_cmc_regInfo = _buildOid(id_cmc, 18) id_cmc_identityProof = _buildOid(id_cmc, 3) class ExtensionReq(univ.SequenceOf): pass ExtensionReq.componentType = rfc5280.Extension() ExtensionReq.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_kp_cmcArchive = _buildOid(rfc5280.id_kp, 28) id_cmc_publishCert = _buildOid(id_cmc, 30) id_cmc_dataReturn = _buildOid(id_cmc, 4) class LraPopWitness(univ.Sequence): pass LraPopWitness.componentType = namedtype.NamedTypes( namedtype.NamedType('pkiDataBodyid', BodyPartID()), namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID())) ) id_aa = _buildOid(1, 2, 840, 113549, 1, 9, 16, 2) id_aa_cmc_unsignedData = _buildOid(id_aa, 34) id_cmc_getCert = _buildOid(id_cmc, 15) id_cmc_batchRequests = _buildOid(id_cmc, 28) id_cmc_decryptedPOP = _buildOid(id_cmc, 10) id_cmc_responseInfo = _buildOid(id_cmc, 19) id_cmc_changeSubjectName = _buildOid(id_cmc, 36) class GetCert(univ.Sequence): pass GetCert.componentType = namedtype.NamedTypes( namedtype.NamedType('issuerName', rfc5280.GeneralName()), namedtype.NamedType('serialNumber', univ.Integer()) ) id_cmc_identification = _buildOid(id_cmc, 2) id_cmc_queryPending = _buildOid(id_cmc, 21) class AddExtensions(univ.Sequence): pass AddExtensions.componentType = namedtype.NamedTypes( namedtype.NamedType('pkiDataReference', BodyPartID()), namedtype.NamedType('certReferences', univ.SequenceOf(componentType=BodyPartID())), namedtype.NamedType('extensions', univ.SequenceOf(componentType=rfc5280.Extension())) ) class EncryptedPOP(univ.Sequence): pass EncryptedPOP.componentType = namedtype.NamedTypes( namedtype.NamedType('request', TaggedRequest()), namedtype.NamedType('cms', rfc5652.ContentInfo()), namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witnessAlgID', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('witness', univ.OctetString()) ) id_cmc_getCRL = _buildOid(id_cmc, 16) id_cct_PKIResponse = _buildOid(id_cct, 3) id_cmc_controlProcessed = _buildOid(id_cmc, 32) class NoSignatureValue(univ.OctetString): pass id_ad_cmc = _buildOid(rfc5280.id_ad, 12) id_alg_noSignature = _buildOid(id_pkix, 6, 2) # Map of CMC Control OIDs to CMC Control Attributes _cmcControlAttributesMapUpdate = { id_cmc_statusInfo: CMCStatusInfo(), id_cmc_statusInfoV2: CMCStatusInfoV2(), id_cmc_identification: char.UTF8String(), id_cmc_identityProof: univ.OctetString(), id_cmc_identityProofV2: IdentifyProofV2(), id_cmc_dataReturn: univ.OctetString(), id_cmc_transactionId: univ.Integer(), id_cmc_senderNonce: univ.OctetString(), id_cmc_recipientNonce: univ.OctetString(), id_cmc_addExtensions: AddExtensions(), id_cmc_encryptedPOP: EncryptedPOP(), id_cmc_decryptedPOP: DecryptedPOP(), id_cmc_lraPOPWitness: LraPopWitness(), id_cmc_getCert: GetCert(), id_cmc_getCRL: GetCRL(), id_cmc_revokeRequest: RevokeRequest(), id_cmc_regInfo: univ.OctetString(), id_cmc_responseInfo: univ.OctetString(), id_cmc_queryPending: univ.OctetString(), id_cmc_popLinkRandom: univ.OctetString(), id_cmc_popLinkWitness: univ.OctetString(), id_cmc_popLinkWitnessV2: PopLinkWitnessV2(), id_cmc_confirmCertAcceptance: CMCCertId(), id_cmc_trustedAnchors: PublishTrustAnchors(), id_cmc_authData: AuthPublish(), id_cmc_batchRequests: BodyPartList(), id_cmc_batchResponses: BodyPartList(), id_cmc_publishCert: CMCPublicationInfo(), id_cmc_modCertTemplate: ModCertTemplate(), id_cmc_controlProcessed: ControlsProcessed(), id_ExtensionReq: ExtensionReq(), } cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) # Map of CMC Content Type OIDs to CMC Content Types are added to # the ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_cct_PKIData: PKIData(), id_cct_PKIResponse: PKIResponse(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6482.py0000664006321400632140000000404513605660315022467 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # RPKI Route Origin Authorizations (ROAs) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6482.txt # https://www.rfc-editor.org/errata/eid5881 # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5652 MAX = float('inf') id_ct_routeOriginAuthz = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.24') class ASID(univ.Integer): pass class IPAddress(univ.BitString): pass class ROAIPAddress(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('address', IPAddress()), namedtype.OptionalNamedType('maxLength', univ.Integer()) ) class ROAIPAddressFamily(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('addressFamily', univ.OctetString().subtype( subtypeSpec=constraint.ValueSizeConstraint(2, 3))), namedtype.NamedType('addresses', univ.SequenceOf(componentType=ROAIPAddress()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class RouteOriginAttestation(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', univ.Integer().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), namedtype.NamedType('asID', ASID()), namedtype.NamedType('ipAddrBlocks', univ.SequenceOf(componentType=ROAIPAddressFamily()).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) # Map of Content Type OIDs to Content Types added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_routeOriginAuthz: RouteOriginAttestation(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6486.py0000664006321400632140000000357413605660315022501 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # RPKI Manifests # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6486.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import useful from pyasn1.type import univ from pyasn1_modules import rfc5652 MAX = float('inf') id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16') id_ct = id_smime + (1, ) id_ct_rpkiManifest = id_ct + (26, ) class FileAndHash(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('file', char.IA5String()), namedtype.NamedType('hash', univ.BitString()) ) class Manifest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', univ.Integer().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), namedtype.NamedType('manifestNumber', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), namedtype.NamedType('nextUpdate', useful.GeneralizedTime()), namedtype.NamedType('fileHashAlg', univ.ObjectIdentifier()), namedtype.NamedType('fileList', univ.SequenceOf(componentType=FileAndHash()).subtype( subtypeSpec=constraint.ValueSizeConstraint(0, MAX))) ) # Map of Content Type OIDs to Content Types added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_rpkiManifest: Manifest(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6487.py0000664006321400632140000000073013605660315022471 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Profile for X.509 PKIX Resource Certificates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6487.txt # from pyasn1.type import univ id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_ad = id_pkix + (48, ) id_ad_rpkiManifest = id_ad + (10, ) id_ad_signedObject = id_ad + (11, ) pyasn1-modules-0.2.8/pyasn1_modules/rfc6664.py0000664006321400632140000001025613605660315022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with some assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # S/MIME Capabilities for Public Key Definitions # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6664.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5751 from pyasn1_modules import rfc5480 from pyasn1_modules import rfc4055 from pyasn1_modules import rfc3279 MAX = float('inf') # Imports from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier # Imports from RFC 3279 dhpublicnumber = rfc3279.dhpublicnumber Dss_Parms = rfc3279.Dss_Parms id_dsa = rfc3279.id_dsa id_ecPublicKey = rfc3279.id_ecPublicKey rsaEncryption = rfc3279.rsaEncryption # Imports from RFC 4055 id_mgf1 = rfc4055.id_mgf1 id_RSAES_OAEP = rfc4055.id_RSAES_OAEP id_RSASSA_PSS = rfc4055.id_RSASSA_PSS # Imports from RFC 5480 ECParameters = rfc5480.ECParameters id_ecDH = rfc5480.id_ecDH id_ecMQV = rfc5480.id_ecMQV # RSA class RSAKeySize(univ.Integer): # suggested values are 1024, 2048, 3072, 4096, 7680, 8192, and 15360; # however, the integer value is not limited to these suggestions pass class RSAKeyCapabilities(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('minKeySize', RSAKeySize()), namedtype.OptionalNamedType('maxKeySize', RSAKeySize()) ) class RsaSsa_Pss_sig_caps(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlg', AlgorithmIdentifier()), namedtype.OptionalNamedType('maskAlg', AlgorithmIdentifier()), namedtype.DefaultedNamedType('trailerField', univ.Integer().subtype(value=1)) ) # Diffie-Hellman and DSA class DSAKeySize(univ.Integer): subtypeSpec = constraint.SingleValueConstraint(1024, 2048, 3072, 7680, 15360) class DSAKeyCapabilities(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('keySizes', univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('minKeySize', DSAKeySize()), namedtype.OptionalNamedType('maxKeySize', DSAKeySize()), namedtype.OptionalNamedType('maxSizeP', univ.Integer().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('maxSizeQ', univ.Integer().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('maxSizeG', univ.Integer().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 3))) )).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('keyParams', Dss_Parms().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 1))) ) # Elliptic Curve class EC_SMimeCaps(univ.SequenceOf): componentType = ECParameters() subtypeSpec=constraint.ValueSizeConstraint(1, MAX) # Update the SMIMECapabilities Attribute Map in rfc5751.py # # The map can either include an entry for scap-sa-rsaSSA-PSS or # scap-pk-rsaSSA-PSS, but not both. One is associated with the # public key and the other is associated with the signature # algorithm; however, they use the same OID. If you need the # other one in your application, copy the map into a local dict, # adjust as needed, and pass the local dict to the decoder with # openTypes=your_local_map. _smimeCapabilityMapUpdate = { rsaEncryption: RSAKeyCapabilities(), id_RSASSA_PSS: RSAKeyCapabilities(), # id_RSASSA_PSS: RsaSsa_Pss_sig_caps(), id_RSAES_OAEP: RSAKeyCapabilities(), id_dsa: DSAKeyCapabilities(), dhpublicnumber: DSAKeyCapabilities(), id_ecPublicKey: EC_SMimeCaps(), id_ecDH: EC_SMimeCaps(), id_ecMQV: EC_SMimeCaps(), id_mgf1: AlgorithmIdentifier(), } rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6955.py0000664006321400632140000000537613605660315022504 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Diffie-Hellman Proof-of-Possession Algorithms # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6955.txt # from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc3279 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 # Imports from RFC 5652 MessageDigest = rfc5652.MessageDigest IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber # Imports from RFC 5280 id_pkix = rfc5280.id_pkix # Imports from RFC 3279 Dss_Sig_Value = rfc3279.Dss_Sig_Value DomainParameters = rfc3279.DomainParameters # Static DH Proof-of-Possession class DhSigStatic(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('issuerAndSerial', IssuerAndSerialNumber()), namedtype.NamedType('hashValue', MessageDigest()) ) # Object Identifiers id_dh_sig_hmac_sha1 = id_pkix + (6, 3, ) id_dhPop_static_sha1_hmac_sha1 = univ.ObjectIdentifier(id_dh_sig_hmac_sha1) id_alg_dh_pop = id_pkix + (6, 4, ) id_alg_dhPop_sha1 = univ.ObjectIdentifier(id_alg_dh_pop) id_alg_dhPop_sha224 = id_pkix + (6, 5, ) id_alg_dhPop_sha256 = id_pkix + (6, 6, ) id_alg_dhPop_sha384 = id_pkix + (6, 7, ) id_alg_dhPop_sha512 = id_pkix + (6, 8, ) id_alg_dhPop_static_sha224_hmac_sha224 = id_pkix + (6, 15, ) id_alg_dhPop_static_sha256_hmac_sha256 = id_pkix + (6, 16, ) id_alg_dhPop_static_sha384_hmac_sha384 = id_pkix + (6, 17, ) id_alg_dhPop_static_sha512_hmac_sha512 = id_pkix + (6, 18, ) id_alg_ecdhPop_static_sha224_hmac_sha224 = id_pkix + (6, 25, ) id_alg_ecdhPop_static_sha256_hmac_sha256 = id_pkix + (6, 26, ) id_alg_ecdhPop_static_sha384_hmac_sha384 = id_pkix + (6, 27, ) id_alg_ecdhPop_static_sha512_hmac_sha512 = id_pkix + (6, 28, ) # Update the Algorithm Identifier map in rfc5280.py _algorithmIdentifierMapUpdate = { id_alg_dh_pop: DomainParameters(), id_alg_dhPop_sha224: DomainParameters(), id_alg_dhPop_sha256: DomainParameters(), id_alg_dhPop_sha384: DomainParameters(), id_alg_dhPop_sha512: DomainParameters(), id_dh_sig_hmac_sha1: univ.Null(""), id_alg_dhPop_static_sha224_hmac_sha224: univ.Null(""), id_alg_dhPop_static_sha256_hmac_sha256: univ.Null(""), id_alg_dhPop_static_sha384_hmac_sha384: univ.Null(""), id_alg_dhPop_static_sha512_hmac_sha512: univ.Null(""), id_alg_ecdhPop_static_sha224_hmac_sha224: univ.Null(""), id_alg_ecdhPop_static_sha256_hmac_sha256: univ.Null(""), id_alg_ecdhPop_static_sha384_hmac_sha384: univ.Null(""), id_alg_ecdhPop_static_sha512_hmac_sha512: univ.Null(""), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc6960.py0000664006321400632140000001735113551773023022475 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Online Certificate Status Protocol (OCSP) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc6960.txt # from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful from pyasn1_modules import rfc2560 from pyasn1_modules import rfc5280 MAX = float('inf') # Imports from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax Certificate = rfc5280.Certificate CertificateSerialNumber = rfc5280.CertificateSerialNumber CRLReason = rfc5280.CRLReason Extensions = rfc5280.Extensions GeneralName = rfc5280.GeneralName Name = rfc5280.Name id_kp = rfc5280.id_kp id_ad_ocsp = rfc5280.id_ad_ocsp # Imports from the original OCSP module in RFC 2560 AcceptableResponses = rfc2560.AcceptableResponses ArchiveCutoff = rfc2560.ArchiveCutoff CertStatus = rfc2560.CertStatus KeyHash = rfc2560.KeyHash OCSPResponse = rfc2560.OCSPResponse OCSPResponseStatus = rfc2560.OCSPResponseStatus ResponseBytes = rfc2560.ResponseBytes RevokedInfo = rfc2560.RevokedInfo UnknownInfo = rfc2560.UnknownInfo Version = rfc2560.Version id_kp_OCSPSigning = rfc2560.id_kp_OCSPSigning id_pkix_ocsp = rfc2560.id_pkix_ocsp id_pkix_ocsp_archive_cutoff = rfc2560.id_pkix_ocsp_archive_cutoff id_pkix_ocsp_basic = rfc2560.id_pkix_ocsp_basic id_pkix_ocsp_crl = rfc2560.id_pkix_ocsp_crl id_pkix_ocsp_nocheck = rfc2560.id_pkix_ocsp_nocheck id_pkix_ocsp_nonce = rfc2560.id_pkix_ocsp_nonce id_pkix_ocsp_response = rfc2560.id_pkix_ocsp_response id_pkix_ocsp_service_locator = rfc2560.id_pkix_ocsp_service_locator # Additional object identifiers id_pkix_ocsp_pref_sig_algs = id_pkix_ocsp + (8, ) id_pkix_ocsp_extended_revoke = id_pkix_ocsp + (9, ) # Updated structures (mostly to improve openTypes support) class CertID(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('issuerNameHash', univ.OctetString()), namedtype.NamedType('issuerKeyHash', univ.OctetString()), namedtype.NamedType('serialNumber', CertificateSerialNumber()) ) class SingleResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certID', CertID()), namedtype.NamedType('certStatus', CertStatus()), namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('singleExtensions', Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ResponderID(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('byName', Name().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('byKey', KeyHash().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class ResponseData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('responderID', ResponderID()), namedtype.NamedType('producedAt', useful.GeneralizedTime()), namedtype.NamedType('responses', univ.SequenceOf( componentType=SingleResponse())), namedtype.OptionalNamedType('responseExtensions', Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class BasicOCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsResponseData', ResponseData()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), namedtype.OptionalNamedType('certs', univ.SequenceOf( componentType=Certificate()).subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Request(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('reqCert', CertID()), namedtype.OptionalNamedType('singleRequestExtensions', Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Signature(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), namedtype.OptionalNamedType('certs', univ.SequenceOf( componentType=Certificate()).subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))) ) class TBSRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('requestorName', GeneralName().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('requestList', univ.SequenceOf( componentType=Request())), namedtype.OptionalNamedType('requestExtensions', Extensions().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class OCSPRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsRequest', TBSRequest()), namedtype.OptionalNamedType('optionalSignature', Signature().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) # Previously omitted structure class ServiceLocator(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('locator', AuthorityInfoAccessSyntax()) ) # Additional structures class CrlID(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('crlUrl', char.IA5String().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('crlNum', univ.Integer().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('crlTime', useful.GeneralizedTime().subtype( explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class PreferredSignatureAlgorithm(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('sigIdentifier', AlgorithmIdentifier()), namedtype.OptionalNamedType('certIdentifier', AlgorithmIdentifier()) ) class PreferredSignatureAlgorithms(univ.SequenceOf): componentType = PreferredSignatureAlgorithm() # Response Type OID to Response Map ocspResponseMap = { id_pkix_ocsp_basic: BasicOCSPResponse(), } # Map of Extension OIDs to Extensions added to the ones # that are in rfc5280.py _certificateExtensionsMapUpdate = { # Certificate Extension id_pkix_ocsp_nocheck: univ.Null(""), # OCSP Request Extensions id_pkix_ocsp_nonce: univ.OctetString(), id_pkix_ocsp_response: AcceptableResponses(), id_pkix_ocsp_service_locator: ServiceLocator(), id_pkix_ocsp_pref_sig_algs: PreferredSignatureAlgorithms(), # OCSP Response Extensions id_pkix_ocsp_crl: CrlID(), id_pkix_ocsp_archive_cutoff: ArchiveCutoff(), id_pkix_ocsp_extended_revoke: univ.Null(""), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7030.py0000644006321400632140000000264113551772550022460 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Enrollment over Secure Transport (EST) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7030.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5652 MAX = float('inf') # Imports from RFC 5652 Attribute = rfc5652.Attribute # Asymmetric Decrypt Key Identifier Attribute id_aa_asymmDecryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.54') class AsymmetricDecryptKeyIdentifier(univ.OctetString): pass aa_asymmDecryptKeyID = Attribute() aa_asymmDecryptKeyID['attrType'] = id_aa_asymmDecryptKeyID aa_asymmDecryptKeyID['attrValues'][0] = AsymmetricDecryptKeyIdentifier() # CSR Attributes class AttrOrOID(univ.Choice): pass AttrOrOID.componentType = namedtype.NamedTypes( namedtype.NamedType('oid', univ.ObjectIdentifier()), namedtype.NamedType('attribute', Attribute()) ) class CsrAttrs(univ.SequenceOf): pass CsrAttrs.componentType = AttrOrOID() CsrAttrs.subtypeSpec=constraint.ValueSizeConstraint(0, MAX) # Update CMS Attribute Map _cmsAttributesMapUpdate = { id_aa_asymmDecryptKeyID: AsymmetricDecryptKeyIdentifier(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7191.py0000644006321400632140000001562613551772550022477 0ustar ietingofietingof00000000000000# This file is being contributed to of pyasn1-modules software. # # Created by Russ Housley without assistance from the asn1ate tool. # Modified by Russ Housley to add support for opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # CMS Key Package Receipt and Error Content Types # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7191.txt from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 MAX = float('inf') DistinguishedName = rfc5280.DistinguishedName # SingleAttribute is the same as Attribute in RFC 5652, except that the # attrValues SET must have one and only one member class AttributeValue(univ.Any): pass class AttributeValues(univ.SetOf): pass AttributeValues.componentType = AttributeValue() AttributeValues.sizeSpec = univ.Set.sizeSpec + constraint.ValueSizeConstraint(1, 1) class SingleAttribute(univ.Sequence): pass SingleAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', univ.ObjectIdentifier()), namedtype.NamedType('attrValues', AttributeValues(), openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) ) ) # SIR Entity Name class SIREntityNameType(univ.ObjectIdentifier): pass class SIREntityNameValue(univ.Any): pass class SIREntityName(univ.Sequence): pass SIREntityName.componentType = namedtype.NamedTypes( namedtype.NamedType('sirenType', SIREntityNameType()), namedtype.NamedType('sirenValue', univ.OctetString()) # CONTAINING the DER-encoded SIREntityNameValue ) class SIREntityNames(univ.SequenceOf): pass SIREntityNames.componentType = SIREntityName() SIREntityNames.sizeSpec=constraint.ValueSizeConstraint(1, MAX) id_dn = univ.ObjectIdentifier('2.16.840.1.101.2.1.16.0') class siren_dn(SIREntityName): def __init__(self): SIREntityName.__init__(self) self['sirenType'] = id_dn # Key Package Error CMS Content Type class EnumeratedErrorCode(univ.Enumerated): pass # Error codes with values <= 33 are aligned with RFC 5934 EnumeratedErrorCode.namedValues = namedval.NamedValues( ('decodeFailure', 1), ('badContentInfo', 2), ('badSignedData', 3), ('badEncapContent', 4), ('badCertificate', 5), ('badSignerInfo', 6), ('badSignedAttrs', 7), ('badUnsignedAttrs', 8), ('missingContent', 9), ('noTrustAnchor', 10), ('notAuthorized', 11), ('badDigestAlgorithm', 12), ('badSignatureAlgorithm', 13), ('unsupportedKeySize', 14), ('unsupportedParameters', 15), ('signatureFailure', 16), ('insufficientMemory', 17), ('incorrectTarget', 23), ('missingSignature', 29), ('resourcesBusy', 30), ('versionNumberMismatch', 31), ('revokedCertificate', 33), ('ambiguousDecrypt', 60), ('noDecryptKey', 61), ('badEncryptedData', 62), ('badEnvelopedData', 63), ('badAuthenticatedData', 64), ('badAuthEnvelopedData', 65), ('badKeyAgreeRecipientInfo', 66), ('badKEKRecipientInfo', 67), ('badEncryptContent', 68), ('badEncryptAlgorithm', 69), ('missingCiphertext', 70), ('decryptFailure', 71), ('badMACAlgorithm', 72), ('badAuthAttrs', 73), ('badUnauthAttrs', 74), ('invalidMAC', 75), ('mismatchedDigestAlg', 76), ('missingCertificate', 77), ('tooManySigners', 78), ('missingSignedAttributes', 79), ('derEncodingNotUsed', 80), ('missingContentHints', 81), ('invalidAttributeLocation', 82), ('badMessageDigest', 83), ('badKeyPackage', 84), ('badAttributes', 85), ('attributeComparisonFailure', 86), ('unsupportedSymmetricKeyPackage', 87), ('unsupportedAsymmetricKeyPackage', 88), ('constraintViolation', 89), ('ambiguousDefaultValue', 90), ('noMatchingRecipientInfo', 91), ('unsupportedKeyWrapAlgorithm', 92), ('badKeyTransRecipientInfo', 93), ('other', 127) ) class ErrorCodeChoice(univ.Choice): pass ErrorCodeChoice.componentType = namedtype.NamedTypes( namedtype.NamedType('enum', EnumeratedErrorCode()), namedtype.NamedType('oid', univ.ObjectIdentifier()) ) class KeyPkgID(univ.OctetString): pass class KeyPkgIdentifier(univ.Choice): pass KeyPkgIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('pkgID', KeyPkgID()), namedtype.NamedType('attribute', SingleAttribute()) ) class KeyPkgVersion(univ.Integer): pass KeyPkgVersion.namedValues = namedval.NamedValues( ('v1', 1), ('v2', 2) ) KeyPkgVersion.subtypeSpec = constraint.ValueRangeConstraint(1, 65535) id_ct_KP_keyPackageError = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.6') class KeyPackageError(univ.Sequence): pass KeyPackageError.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v2')), namedtype.OptionalNamedType('errorOf', KeyPkgIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('errorBy', SIREntityName()), namedtype.NamedType('errorCode', ErrorCodeChoice()) ) # Key Package Receipt CMS Content Type id_ct_KP_keyPackageReceipt = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.3') class KeyPackageReceipt(univ.Sequence): pass KeyPackageReceipt.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v2')), namedtype.NamedType('receiptOf', KeyPkgIdentifier()), namedtype.NamedType('receivedBy', SIREntityName()) ) # Key Package Receipt Request Attribute class KeyPkgReceiptReq(univ.Sequence): pass KeyPkgReceiptReq.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('encryptReceipt', univ.Boolean().subtype(value=0)), namedtype.OptionalNamedType('receiptsFrom', SIREntityNames().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('receiptsTo', SIREntityNames()) ) id_aa_KP_keyPkgIdAndReceiptReq = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.65') class KeyPkgIdentifierAndReceiptReq(univ.Sequence): pass KeyPkgIdentifierAndReceiptReq.componentType = namedtype.NamedTypes( namedtype.NamedType('pkgID', KeyPkgID()), namedtype.OptionalNamedType('receiptReq', KeyPkgReceiptReq()) ) # Map of Attribute Type OIDs to Attributes are added to # the ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) # Map of CMC Content Type OIDs to CMC Content Types are added to # the ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_KP_keyPackageError: KeyPackageError(), id_ct_KP_keyPackageReceipt: KeyPackageReceipt(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7229.py0000664006321400632140000000134713551773023022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Object Identifiers for Test Certificate Policies # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7229.txt # from pyasn1.type import univ id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_TEST = id_pkix + (13, ) id_TEST_certPolicyOne = id_TEST + (1, ) id_TEST_certPolicyTwo = id_TEST + (2, ) id_TEST_certPolicyThree = id_TEST + (3, ) id_TEST_certPolicyFour = id_TEST + (4, ) id_TEST_certPolicyFive = id_TEST + (5, ) id_TEST_certPolicySix = id_TEST + (6, ) id_TEST_certPolicySeven = id_TEST + (7, ) id_TEST_certPolicyEight = id_TEST + (8, ) pyasn1-modules-0.2.8/pyasn1_modules/rfc7292.py0000644006321400632140000002043613551772550022474 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from the asn1ate tool. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # PKCS #12: Personal Information Exchange Syntax v1.1 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7292.txt # https://www.rfc-editor.org/errata_search.php?rfc=7292 from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import opentype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc2315 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5958 def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) # Initialize the maps used in PKCS#12 pkcs12BagTypeMap = { } pkcs12CertBagMap = { } pkcs12CRLBagMap = { } pkcs12SecretBagMap = { } # Imports from RFC 2315, RFC 5652, and RFC 5958 DigestInfo = rfc2315.DigestInfo ContentInfo = rfc5652.ContentInfo PKCS12Attribute = rfc5652.Attribute EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo PrivateKeyInfo = rfc5958.PrivateKeyInfo # CMSSingleAttribute is the same as Attribute in RFC 5652 except the attrValues # SET must have one and only one member class AttributeType(univ.ObjectIdentifier): pass class AttributeValue(univ.Any): pass class AttributeValues(univ.SetOf): pass AttributeValues.componentType = AttributeValue() class CMSSingleAttribute(univ.Sequence): pass CMSSingleAttribute.componentType = namedtype.NamedTypes( namedtype.NamedType('attrType', AttributeType()), namedtype.NamedType('attrValues', AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) ) ) # Object identifier arcs rsadsi = _OID(1, 2, 840, 113549) pkcs = _OID(rsadsi, 1) pkcs_9 = _OID(pkcs, 9) certTypes = _OID(pkcs_9, 22) crlTypes = _OID(pkcs_9, 23) pkcs_12 = _OID(pkcs, 12) # PBE Algorithm Identifiers and Parameters Structure pkcs_12PbeIds = _OID(pkcs_12, 1) pbeWithSHAAnd128BitRC4 = _OID(pkcs_12PbeIds, 1) pbeWithSHAAnd40BitRC4 = _OID(pkcs_12PbeIds, 2) pbeWithSHAAnd3_KeyTripleDES_CBC = _OID(pkcs_12PbeIds, 3) pbeWithSHAAnd2_KeyTripleDES_CBC = _OID(pkcs_12PbeIds, 4) pbeWithSHAAnd128BitRC2_CBC = _OID(pkcs_12PbeIds, 5) pbeWithSHAAnd40BitRC2_CBC = _OID(pkcs_12PbeIds, 6) class Pkcs_12PbeParams(univ.Sequence): pass Pkcs_12PbeParams.componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString()), namedtype.NamedType('iterations', univ.Integer()) ) # Bag types bagtypes = _OID(pkcs_12, 10, 1) class BAG_TYPE(univ.Sequence): pass BAG_TYPE.componentType = namedtype.NamedTypes( namedtype.NamedType('id', univ.ObjectIdentifier()), namedtype.NamedType('unnamed1', univ.Any(), openType=opentype.OpenType('attrType', pkcs12BagTypeMap) ) ) id_keyBag = _OID(bagtypes, 1) class KeyBag(PrivateKeyInfo): pass id_pkcs8ShroudedKeyBag = _OID(bagtypes, 2) class PKCS8ShroudedKeyBag(EncryptedPrivateKeyInfo): pass id_certBag = _OID(bagtypes, 3) class CertBag(univ.Sequence): pass CertBag.componentType = namedtype.NamedTypes( namedtype.NamedType('certId', univ.ObjectIdentifier()), namedtype.NamedType('certValue', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), openType=opentype.OpenType('certId', pkcs12CertBagMap) ) ) x509Certificate = CertBag() x509Certificate['certId'] = _OID(certTypes, 1) x509Certificate['certValue'] = univ.OctetString() # DER-encoded X.509 certificate stored in OCTET STRING sdsiCertificate = CertBag() sdsiCertificate['certId'] = _OID(certTypes, 2) sdsiCertificate['certValue'] = char.IA5String() # Base64-encoded SDSI certificate stored in IA5String id_CRLBag = _OID(bagtypes, 4) class CRLBag(univ.Sequence): pass CRLBag.componentType = namedtype.NamedTypes( namedtype.NamedType('crlId', univ.ObjectIdentifier()), namedtype.NamedType('crlValue', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), openType=opentype.OpenType('crlId', pkcs12CRLBagMap) ) ) x509CRL = CRLBag() x509CRL['crlId'] = _OID(crlTypes, 1) x509CRL['crlValue'] = univ.OctetString() # DER-encoded X.509 CRL stored in OCTET STRING id_secretBag = _OID(bagtypes, 5) class SecretBag(univ.Sequence): pass SecretBag.componentType = namedtype.NamedTypes( namedtype.NamedType('secretTypeId', univ.ObjectIdentifier()), namedtype.NamedType('secretValue', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), openType=opentype.OpenType('secretTypeId', pkcs12SecretBagMap) ) ) id_safeContentsBag = _OID(bagtypes, 6) class SafeBag(univ.Sequence): pass SafeBag.componentType = namedtype.NamedTypes( namedtype.NamedType('bagId', univ.ObjectIdentifier()), namedtype.NamedType('bagValue', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), openType=opentype.OpenType('bagId', pkcs12BagTypeMap) ), namedtype.OptionalNamedType('bagAttributes', univ.SetOf(componentType=PKCS12Attribute()) ) ) class SafeContents(univ.SequenceOf): pass SafeContents.componentType = SafeBag() # The PFX PDU class AuthenticatedSafe(univ.SequenceOf): pass AuthenticatedSafe.componentType = ContentInfo() # Data if unencrypted # EncryptedData if password-encrypted # EnvelopedData if public key-encrypted class MacData(univ.Sequence): pass MacData.componentType = namedtype.NamedTypes( namedtype.NamedType('mac', DigestInfo()), namedtype.NamedType('macSalt', univ.OctetString()), namedtype.DefaultedNamedType('iterations', univ.Integer().subtype(value=1)) # Note: The default is for historical reasons and its use is deprecated ) class PFX(univ.Sequence): pass PFX.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v3', 3))) ), namedtype.NamedType('authSafe', ContentInfo()), namedtype.OptionalNamedType('macData', MacData()) ) # Local key identifier (also defined as certificateAttribute in rfc2985.py) pkcs_9_at_localKeyId = _OID(pkcs_9, 21) localKeyId = CMSSingleAttribute() localKeyId['attrType'] = pkcs_9_at_localKeyId localKeyId['attrValues'][0] = univ.OctetString() # Friendly name (also defined as certificateAttribute in rfc2985.py) pkcs_9_ub_pkcs9String = univ.Integer(255) pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String) pkcs_9_at_friendlyName = _OID(pkcs_9, 20) class FriendlyName(char.BMPString): pass FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName) friendlyName = CMSSingleAttribute() friendlyName['attrType'] = pkcs_9_at_friendlyName friendlyName['attrValues'][0] = FriendlyName() # Update the PKCS#12 maps _pkcs12BagTypeMap = { id_keyBag: KeyBag(), id_pkcs8ShroudedKeyBag: PKCS8ShroudedKeyBag(), id_certBag: CertBag(), id_CRLBag: CRLBag(), id_secretBag: SecretBag(), id_safeContentsBag: SafeBag(), } pkcs12BagTypeMap.update(_pkcs12BagTypeMap) _pkcs12CertBagMap = { _OID(certTypes, 1): univ.OctetString(), _OID(certTypes, 2): char.IA5String(), } pkcs12CertBagMap.update(_pkcs12CertBagMap) _pkcs12CRLBagMap = { _OID(crlTypes, 1): univ.OctetString(), } pkcs12CRLBagMap.update(_pkcs12CRLBagMap) # Update the Algorithm Identifier map _algorithmIdentifierMapUpdate = { pbeWithSHAAnd128BitRC4: Pkcs_12PbeParams(), pbeWithSHAAnd40BitRC4: Pkcs_12PbeParams(), pbeWithSHAAnd3_KeyTripleDES_CBC: Pkcs_12PbeParams(), pbeWithSHAAnd2_KeyTripleDES_CBC: Pkcs_12PbeParams(), pbeWithSHAAnd128BitRC2_CBC: Pkcs_12PbeParams(), pbeWithSHAAnd40BitRC2_CBC: Pkcs_12PbeParams(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) # Update the CMS Attribute map _cmsAttributesMapUpdate = { pkcs_9_at_friendlyName: FriendlyName(), pkcs_9_at_localKeyId: univ.OctetString(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7296.py0000644006321400632140000000156513551772550022502 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # IKEv2 Certificate Bundle # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7296.txt from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 class CertificateOrCRL(univ.Choice): pass CertificateOrCRL.componentType = namedtype.NamedTypes( namedtype.NamedType('cert', rfc5280.Certificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('crl', rfc5280.CertificateList().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class CertificateBundle(univ.SequenceOf): pass CertificateBundle.componentType = CertificateOrCRL() pyasn1-modules-0.2.8/pyasn1_modules/rfc7508.py0000664006321400632140000000420613605660315022466 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Securing Header Fields with S/MIME # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7508.txt # https://www.rfc-editor.org/errata/eid5875 # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ from pyasn1_modules import rfc5652 import string MAX = float('inf') class Algorithm(univ.Enumerated): namedValues = namedval.NamedValues( ('canonAlgorithmSimple', 0), ('canonAlgorithmRelaxed', 1) ) class HeaderFieldStatus(univ.Integer): namedValues = namedval.NamedValues( ('duplicated', 0), ('deleted', 1), ('modified', 2) ) class HeaderFieldName(char.VisibleString): subtypeSpec = ( constraint.PermittedAlphabetConstraint(*string.printable) - constraint.PermittedAlphabetConstraint(':') ) class HeaderFieldValue(char.UTF8String): pass class HeaderField(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('field-Name', HeaderFieldName()), namedtype.NamedType('field-Value', HeaderFieldValue()), namedtype.DefaultedNamedType('field-Status', HeaderFieldStatus().subtype(value='duplicated')) ) class HeaderFields(univ.SequenceOf): componentType = HeaderField() subtypeSpec = constraint.ValueSizeConstraint(1, MAX) class SecureHeaderFields(univ.Set): componentType = namedtype.NamedTypes( namedtype.NamedType('canonAlgorithm', Algorithm()), namedtype.NamedType('secHeaderFields', HeaderFields()) ) id_aa = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, 2, )) id_aa_secureHeaderFieldsIdentifier = id_aa + (55, ) # Map of Attribute Type OIDs to Attributes added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_secureHeaderFieldsIdentifier: SecureHeaderFields(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7585.py0000664006321400632140000000206413605660315022473 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with some assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Network Access Identifier (NAI) Realm Name for Certificates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7585.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 # NAI Realm Name for Certificates id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_on = id_pkix + (8, ) id_on_naiRealm = id_on + (8, ) ub_naiRealm_length = univ.Integer(255) class NAIRealm(char.UTF8String): subtypeSpec = constraint.ValueSizeConstraint(1, ub_naiRealm_length) naiRealm = rfc5280.AnotherName() naiRealm['type-id'] = id_on_naiRealm naiRealm['value'] = NAIRealm() # Map of Other Name OIDs to Other Name is added to the # ones that are in rfc5280.py _anotherNameMapUpdate = { id_on_naiRealm: NAIRealm(), } rfc5280.anotherNameMap.update(_anotherNameMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7633.py0000664006321400632140000000151113551773023022462 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with some assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Transport Layer Security (TLS) Feature Certificate Extension # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7633.txt # from pyasn1.type import univ from pyasn1_modules import rfc5280 # TLS Features Extension id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') id_pe_tlsfeature = id_pe + (24, ) class Features(univ.SequenceOf): componentType = univ.Integer() # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_tlsfeature: Features(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7773.py0000644006321400632140000000244313551772550022476 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with some assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Authentication Context Certificate Extension # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7773.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') # Authentication Context Extension e_legnamnden = univ.ObjectIdentifier('1.2.752.201') id_eleg_ce = e_legnamnden + (5, ) id_ce_authContext = id_eleg_ce + (1, ) class AuthenticationContext(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contextType', char.UTF8String()), namedtype.OptionalNamedType('contextInfo', char.UTF8String()) ) class AuthenticationContexts(univ.SequenceOf): componentType = AuthenticationContext() subtypeSpec=constraint.ValueSizeConstraint(1, MAX) # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_ce_authContext: AuthenticationContexts(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7894-1.py0000644006321400632140000000535013551772550022640 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Alternative Challenge Password Attributes for EST # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7894.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6402 from pyasn1_modules import rfc7191 # SingleAttribute is the same as Attribute in RFC 5652, except that the # attrValues SET must have one and only one member Attribute = rfc7191.SingleAttribute # DirectoryString is the same as RFC 5280, except the length is limited to 255 class DirectoryString(univ.Choice): pass DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))) ) # OTP Challenge Attribute id_aa_otpChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.56') ub_aa_otpChallenge = univ.Integer(255) otpChallenge = rfc5652.Attribute() otpChallenge['attrType'] = id_aa_otpChallenge otpChallenge['attrValues'][0] = DirectoryString() # Revocation Challenge Attribute id_aa_revocationChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.57') ub_aa_revocationChallenge = univ.Integer(255) revocationChallenge = rfc5652.Attribute() revocationChallenge['attrType'] = id_aa_revocationChallenge revocationChallenge['attrValues'][0] = DirectoryString() # EST Identity Linking Attribute id_aa_estIdentityLinking = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.58') ub_aa_est_identity_linking = univ.Integer(255) estIdentityLinking = rfc5652.Attribute() estIdentityLinking['attrType'] = id_aa_estIdentityLinking estIdentityLinking['attrValues'][0] = DirectoryString() # Map of Attribute Type OIDs to Attributes added to the # ones that are in rfc6402.py _cmcControlAttributesMapUpdate = { id_aa_otpChallenge: DirectoryString(), id_aa_revocationChallenge: DirectoryString(), id_aa_estIdentityLinking: DirectoryString(), } rfc6402.cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate)pyasn1-modules-0.2.8/pyasn1_modules/rfc7894.py0000644006321400632140000000532113551772550022500 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Alternative Challenge Password Attributes for EST # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7894.txt # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6402 from pyasn1_modules import rfc7191 # SingleAttribute is the same as Attribute in RFC 5652, except that the # attrValues SET must have one and only one member Attribute = rfc7191.SingleAttribute # DirectoryString is the same as RFC 5280, except the length is limited to 255 class DirectoryString(univ.Choice): pass DirectoryString.componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('printableString', char.PrintableString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('universalString', char.UniversalString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))), namedtype.NamedType('bmpString', char.BMPString().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 255))) ) # OTP Challenge Attribute id_aa_otpChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.56') ub_aa_otpChallenge = univ.Integer(255) otpChallenge = Attribute() otpChallenge['attrType'] = id_aa_otpChallenge otpChallenge['attrValues'][0] = DirectoryString() # Revocation Challenge Attribute id_aa_revocationChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.57') ub_aa_revocationChallenge = univ.Integer(255) revocationChallenge = Attribute() revocationChallenge['attrType'] = id_aa_revocationChallenge revocationChallenge['attrValues'][0] = DirectoryString() # EST Identity Linking Attribute id_aa_estIdentityLinking = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.58') ub_aa_est_identity_linking = univ.Integer(255) estIdentityLinking = Attribute() estIdentityLinking['attrType'] = id_aa_estIdentityLinking estIdentityLinking['attrValues'][0] = DirectoryString() # Map of Attribute Type OIDs to Attributes added to the # ones that are in rfc6402.py _cmcControlAttributesMapUpdate = { id_aa_otpChallenge: DirectoryString(), id_aa_revocationChallenge: DirectoryString(), id_aa_estIdentityLinking: DirectoryString(), } rfc6402.cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7906.py0000644006321400632140000004475113551772550022504 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # NSA's CMS Key Management Attributes # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc7906.txt # https://www.rfc-editor.org/errata/eid5850 # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc2634 from pyasn1_modules import rfc4108 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6010 from pyasn1_modules import rfc6019 from pyasn1_modules import rfc7191 MAX = float('inf') # Imports From RFC 2634 id_aa_contentHint = rfc2634.id_aa_contentHint ContentHints = rfc2634.ContentHints id_aa_securityLabel = rfc2634.id_aa_securityLabel SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier SecurityClassification = rfc2634.SecurityClassification ESSPrivacyMark = rfc2634.ESSPrivacyMark SecurityCategories= rfc2634.SecurityCategories ESSSecurityLabel = rfc2634.ESSSecurityLabel # Imports From RFC 4108 id_aa_communityIdentifiers = rfc4108.id_aa_communityIdentifiers CommunityIdentifier = rfc4108.CommunityIdentifier CommunityIdentifiers = rfc4108.CommunityIdentifiers # Imports From RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier Name = rfc5280.Name Certificate = rfc5280.Certificate GeneralNames = rfc5280.GeneralNames GeneralName = rfc5280.GeneralName SubjectInfoAccessSyntax = rfc5280.SubjectInfoAccessSyntax id_pkix = rfc5280.id_pkix id_pe = rfc5280.id_pe id_pe_subjectInfoAccess = rfc5280.id_pe_subjectInfoAccess # Imports From RFC 6010 CMSContentConstraints = rfc6010.CMSContentConstraints # Imports From RFC 6019 BinaryTime = rfc6019.BinaryTime id_aa_binarySigningTime = rfc6019.id_aa_binarySigningTime BinarySigningTime = rfc6019.BinarySigningTime # Imports From RFC 5652 Attribute = rfc5652.Attribute CertificateSet = rfc5652.CertificateSet CertificateChoices = rfc5652.CertificateChoices id_contentType = rfc5652.id_contentType ContentType = rfc5652.ContentType id_messageDigest = rfc5652.id_messageDigest MessageDigest = rfc5652.MessageDigest # Imports From RFC 7191 SIREntityName = rfc7191.SIREntityName id_aa_KP_keyPkgIdAndReceiptReq = rfc7191.id_aa_KP_keyPkgIdAndReceiptReq KeyPkgIdentifierAndReceiptReq = rfc7191.KeyPkgIdentifierAndReceiptReq # Key Province Attribute id_aa_KP_keyProvinceV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.71') class KeyProvinceV2(univ.ObjectIdentifier): pass aa_keyProvince_v2 = Attribute() aa_keyProvince_v2['attrType'] = id_aa_KP_keyProvinceV2 aa_keyProvince_v2['attrValues'][0] = KeyProvinceV2() # Manifest Attribute id_aa_KP_manifest = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.72') class ShortTitle(char.PrintableString): pass class Manifest(univ.SequenceOf): pass Manifest.componentType = ShortTitle() Manifest.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) aa_manifest = Attribute() aa_manifest['attrType'] = id_aa_KP_manifest aa_manifest['attrValues'][0] = Manifest() # Key Algorithm Attribute id_kma_keyAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.1') class KeyAlgorithm(univ.Sequence): pass KeyAlgorithm.componentType = namedtype.NamedTypes( namedtype.NamedType('keyAlg', univ.ObjectIdentifier()), namedtype.OptionalNamedType('checkWordAlg', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('crcAlg', univ.ObjectIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) aa_keyAlgorithm = Attribute() aa_keyAlgorithm['attrType'] = id_kma_keyAlgorithm aa_keyAlgorithm['attrValues'][0] = KeyAlgorithm() # User Certificate Attribute id_at_userCertificate = univ.ObjectIdentifier('2.5.4.36') aa_userCertificate = Attribute() aa_userCertificate['attrType'] = id_at_userCertificate aa_userCertificate['attrValues'][0] = Certificate() # Key Package Receivers Attribute id_kma_keyPkgReceiversV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.16') class KeyPkgReceiver(univ.Choice): pass KeyPkgReceiver.componentType = namedtype.NamedTypes( namedtype.NamedType('sirEntity', SIREntityName().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('community', CommunityIdentifier().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class KeyPkgReceiversV2(univ.SequenceOf): pass KeyPkgReceiversV2.componentType = KeyPkgReceiver() KeyPkgReceiversV2.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) aa_keyPackageReceivers_v2 = Attribute() aa_keyPackageReceivers_v2['attrType'] = id_kma_keyPkgReceiversV2 aa_keyPackageReceivers_v2['attrValues'][0] = KeyPkgReceiversV2() # TSEC Nomenclature Attribute id_kma_TSECNomenclature = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.3') class CharEdition(char.PrintableString): pass class CharEditionRange(univ.Sequence): pass CharEditionRange.componentType = namedtype.NamedTypes( namedtype.NamedType('firstCharEdition', CharEdition()), namedtype.NamedType('lastCharEdition', CharEdition()) ) class NumEdition(univ.Integer): pass NumEdition.subtypeSpec = constraint.ValueRangeConstraint(0, 308915776) class NumEditionRange(univ.Sequence): pass NumEditionRange.componentType = namedtype.NamedTypes( namedtype.NamedType('firstNumEdition', NumEdition()), namedtype.NamedType('lastNumEdition', NumEdition()) ) class EditionID(univ.Choice): pass EditionID.componentType = namedtype.NamedTypes( namedtype.NamedType('char', univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType('charEdition', CharEdition().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('charEditionRange', CharEditionRange().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) )) ), namedtype.NamedType('num', univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType('numEdition', NumEdition().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('numEditionRange', NumEditionRange().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) )) ) ) class Register(univ.Integer): pass Register.subtypeSpec = constraint.ValueRangeConstraint(0, 2147483647) class RegisterRange(univ.Sequence): pass RegisterRange.componentType = namedtype.NamedTypes( namedtype.NamedType('firstRegister', Register()), namedtype.NamedType('lastRegister', Register()) ) class RegisterID(univ.Choice): pass RegisterID.componentType = namedtype.NamedTypes( namedtype.NamedType('register', Register().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), namedtype.NamedType('registerRange', RegisterRange().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))) ) class SegmentNumber(univ.Integer): pass SegmentNumber.subtypeSpec = constraint.ValueRangeConstraint(1, 127) class SegmentRange(univ.Sequence): pass SegmentRange.componentType = namedtype.NamedTypes( namedtype.NamedType('firstSegment', SegmentNumber()), namedtype.NamedType('lastSegment', SegmentNumber()) ) class SegmentID(univ.Choice): pass SegmentID.componentType = namedtype.NamedTypes( namedtype.NamedType('segmentNumber', SegmentNumber().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('segmentRange', SegmentRange().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))) ) class TSECNomenclature(univ.Sequence): pass TSECNomenclature.componentType = namedtype.NamedTypes( namedtype.NamedType('shortTitle', ShortTitle()), namedtype.OptionalNamedType('editionID', EditionID()), namedtype.OptionalNamedType('registerID', RegisterID()), namedtype.OptionalNamedType('segmentID', SegmentID()) ) aa_tsecNomenclature = Attribute() aa_tsecNomenclature['attrType'] = id_kma_TSECNomenclature aa_tsecNomenclature['attrValues'][0] = TSECNomenclature() # Key Purpose Attribute id_kma_keyPurpose = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.13') class KeyPurpose(univ.Enumerated): pass KeyPurpose.namedValues = namedval.NamedValues( ('n-a', 0), ('a', 65), ('b', 66), ('l', 76), ('m', 77), ('r', 82), ('s', 83), ('t', 84), ('v', 86), ('x', 88), ('z', 90) ) aa_keyPurpose = Attribute() aa_keyPurpose['attrType'] = id_kma_keyPurpose aa_keyPurpose['attrValues'][0] = KeyPurpose() # Key Use Attribute id_kma_keyUse = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.14') class KeyUse(univ.Enumerated): pass KeyUse.namedValues = namedval.NamedValues( ('n-a', 0), ('ffk', 1), ('kek', 2), ('kpk', 3), ('msk', 4), ('qkek', 5), ('tek', 6), ('tsk', 7), ('trkek', 8), ('nfk', 9), ('effk', 10), ('ebfk', 11), ('aek', 12), ('wod', 13), ('kesk', 246), ('eik', 247), ('ask', 248), ('kmk', 249), ('rsk', 250), ('csk', 251), ('sak', 252), ('rgk', 253), ('cek', 254), ('exk', 255) ) aa_keyUse = Attribute() aa_keyPurpose['attrType'] = id_kma_keyUse aa_keyPurpose['attrValues'][0] = KeyUse() # Transport Key Attribute id_kma_transportKey = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.15') class TransOp(univ.Enumerated): pass TransOp.namedValues = namedval.NamedValues( ('transport', 1), ('operational', 2) ) aa_transportKey = Attribute() aa_transportKey['attrType'] = id_kma_transportKey aa_transportKey['attrValues'][0] = TransOp() # Key Distribution Period Attribute id_kma_keyDistPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.5') class KeyDistPeriod(univ.Sequence): pass KeyDistPeriod.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('doNotDistBefore', BinaryTime().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('doNotDistAfter', BinaryTime()) ) aa_keyDistributionPeriod = Attribute() aa_keyDistributionPeriod['attrType'] = id_kma_keyDistPeriod aa_keyDistributionPeriod['attrValues'][0] = KeyDistPeriod() # Key Validity Period Attribute id_kma_keyValidityPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.6') class KeyValidityPeriod(univ.Sequence): pass KeyValidityPeriod.componentType = namedtype.NamedTypes( namedtype.NamedType('doNotUseBefore', BinaryTime()), namedtype.OptionalNamedType('doNotUseAfter', BinaryTime()) ) aa_keyValidityPeriod = Attribute() aa_keyValidityPeriod['attrType'] = id_kma_keyValidityPeriod aa_keyValidityPeriod['attrValues'][0] = KeyValidityPeriod() # Key Duration Attribute id_kma_keyDuration = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.7') ub_KeyDuration_months = univ.Integer(72) ub_KeyDuration_hours = univ.Integer(96) ub_KeyDuration_days = univ.Integer(732) ub_KeyDuration_weeks = univ.Integer(104) ub_KeyDuration_years = univ.Integer(100) class KeyDuration(univ.Choice): pass KeyDuration.componentType = namedtype.NamedTypes( namedtype.NamedType('hours', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_hours)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('days', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_days))), namedtype.NamedType('weeks', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_weeks)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('months', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_months)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('years', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_years)).subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) aa_keyDurationPeriod = Attribute() aa_keyDurationPeriod['attrType'] = id_kma_keyDuration aa_keyDurationPeriod['attrValues'][0] = KeyDuration() # Classification Attribute id_aa_KP_classification = univ.ObjectIdentifier(id_aa_securityLabel) id_enumeratedPermissiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.1') id_enumeratedRestrictiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.4') id_informativeAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.3') class SecurityAttribute(univ.Integer): pass SecurityAttribute.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) class EnumeratedTag(univ.Sequence): pass EnumeratedTag.componentType = namedtype.NamedTypes( namedtype.NamedType('tagName', univ.ObjectIdentifier()), namedtype.NamedType('attributeList', univ.SetOf(componentType=SecurityAttribute())) ) class FreeFormField(univ.Choice): pass FreeFormField.componentType = namedtype.NamedTypes( namedtype.NamedType('bitSetAttributes', univ.BitString()), # Not permitted in RFC 7906 namedtype.NamedType('securityAttributes', univ.SetOf(componentType=SecurityAttribute())) ) class InformativeTag(univ.Sequence): pass InformativeTag.componentType = namedtype.NamedTypes( namedtype.NamedType('tagName', univ.ObjectIdentifier()), namedtype.NamedType('attributes', FreeFormField()) ) class Classification(ESSSecurityLabel): pass aa_classification = Attribute() aa_classification['attrType'] = id_aa_KP_classification aa_classification['attrValues'][0] = Classification() # Split Identifier Attribute id_kma_splitID = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.11') class SplitID(univ.Sequence): pass SplitID.componentType = namedtype.NamedTypes( namedtype.NamedType('half', univ.Enumerated( namedValues=namedval.NamedValues(('a', 0), ('b', 1)))), namedtype.OptionalNamedType('combineAlg', AlgorithmIdentifier()) ) aa_splitIdentifier = Attribute() aa_splitIdentifier['attrType'] = id_kma_splitID aa_splitIdentifier['attrValues'][0] = SplitID() # Key Package Type Attribute id_kma_keyPkgType = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.12') class KeyPkgType(univ.ObjectIdentifier): pass aa_keyPackageType = Attribute() aa_keyPackageType['attrType'] = id_kma_keyPkgType aa_keyPackageType['attrValues'][0] = KeyPkgType() # Signature Usage Attribute id_kma_sigUsageV3 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.22') class SignatureUsage(CMSContentConstraints): pass aa_signatureUsage_v3 = Attribute() aa_signatureUsage_v3['attrType'] = id_kma_sigUsageV3 aa_signatureUsage_v3['attrValues'][0] = SignatureUsage() # Other Certificate Format Attribute id_kma_otherCertFormats = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.19') aa_otherCertificateFormats = Attribute() aa_signatureUsage_v3['attrType'] = id_kma_otherCertFormats aa_signatureUsage_v3['attrValues'][0] = CertificateChoices() # PKI Path Attribute id_at_pkiPath = univ.ObjectIdentifier('2.5.4.70') class PkiPath(univ.SequenceOf): pass PkiPath.componentType = Certificate() PkiPath.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) aa_pkiPath = Attribute() aa_pkiPath['attrType'] = id_at_pkiPath aa_pkiPath['attrValues'][0] = PkiPath() # Useful Certificates Attribute id_kma_usefulCerts = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.20') aa_usefulCertificates = Attribute() aa_usefulCertificates['attrType'] = id_kma_usefulCerts aa_usefulCertificates['attrValues'][0] = CertificateSet() # Key Wrap Attribute id_kma_keyWrapAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.21') aa_keyWrapAlgorithm = Attribute() aa_keyWrapAlgorithm['attrType'] = id_kma_keyWrapAlgorithm aa_keyWrapAlgorithm['attrValues'][0] = AlgorithmIdentifier() # Content Decryption Key Identifier Attribute id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') class ContentDecryptKeyID(univ.OctetString): pass aa_contentDecryptKeyIdentifier = Attribute() aa_contentDecryptKeyIdentifier['attrType'] = id_aa_KP_contentDecryptKeyID aa_contentDecryptKeyIdentifier['attrValues'][0] = ContentDecryptKeyID() # Certificate Pointers Attribute aa_certificatePointers = Attribute() aa_certificatePointers['attrType'] = id_pe_subjectInfoAccess aa_certificatePointers['attrValues'][0] = SubjectInfoAccessSyntax() # CRL Pointers Attribute id_aa_KP_crlPointers = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.70') aa_cRLDistributionPoints = Attribute() aa_cRLDistributionPoints['attrType'] = id_aa_KP_crlPointers aa_cRLDistributionPoints['attrValues'][0] = GeneralNames() # Extended Error Codes id_errorCodes = univ.ObjectIdentifier('2.16.840.1.101.2.1.22') id_missingKeyType = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.1') id_privacyMarkTooLong = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.2') id_unrecognizedSecurityPolicy = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.3') # Map of Attribute Type OIDs to Attributes added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_aa_contentHint: ContentHints(), id_aa_communityIdentifiers: CommunityIdentifiers(), id_aa_binarySigningTime: BinarySigningTime(), id_contentType: ContentType(), id_messageDigest: MessageDigest(), id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), id_aa_KP_keyProvinceV2: KeyProvinceV2(), id_aa_KP_manifest: Manifest(), id_kma_keyAlgorithm: KeyAlgorithm(), id_at_userCertificate: Certificate(), id_kma_keyPkgReceiversV2: KeyPkgReceiversV2(), id_kma_TSECNomenclature: TSECNomenclature(), id_kma_keyPurpose: KeyPurpose(), id_kma_keyUse: KeyUse(), id_kma_transportKey: TransOp(), id_kma_keyDistPeriod: KeyDistPeriod(), id_kma_keyValidityPeriod: KeyValidityPeriod(), id_kma_keyDuration: KeyDuration(), id_aa_KP_classification: Classification(), id_kma_splitID: SplitID(), id_kma_keyPkgType: KeyPkgType(), id_kma_sigUsageV3: SignatureUsage(), id_kma_otherCertFormats: CertificateChoices(), id_at_pkiPath: PkiPath(), id_kma_usefulCerts: CertificateSet(), id_kma_keyWrapAlgorithm: AlgorithmIdentifier(), id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), id_pe_subjectInfoAccess: SubjectInfoAccessSyntax(), id_aa_KP_crlPointers: GeneralNames(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc7914.py0000644006321400632140000000272513551772550022476 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # #The scrypt Password-Based Key Derivation Function # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8520.txt # https://www.rfc-editor.org/errata/eid5871 # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') id_scrypt = univ.ObjectIdentifier('1.3.6.1.4.1.11591.4.11') class Scrypt_params(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString()), namedtype.NamedType('costParameter', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), namedtype.NamedType('blockSize', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), namedtype.NamedType('parallelizationParameter', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), namedtype.OptionalNamedType('keyLength', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))) ) # Update the Algorithm Identifier map in rfc5280.py _algorithmIdentifierMapUpdate = { id_scrypt: Scrypt_params(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8017.py0000644006321400632140000001012213551772550022457 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # PKCS #1: RSA Cryptography Specifications Version 2.2 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8017.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ from pyasn1_modules import rfc2437 from pyasn1_modules import rfc3447 from pyasn1_modules import rfc4055 from pyasn1_modules import rfc5280 MAX = float('inf') # Import Algorithm Identifier from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier class DigestAlgorithm(AlgorithmIdentifier): pass class HashAlgorithm(AlgorithmIdentifier): pass class MaskGenAlgorithm(AlgorithmIdentifier): pass class PSourceAlgorithm(AlgorithmIdentifier): pass # Object identifiers from NIST SHA2 hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') id_sha256 = rfc4055.id_sha256 id_sha384 = rfc4055.id_sha384 id_sha512 = rfc4055.id_sha512 id_sha224 = rfc4055.id_sha224 id_sha512_224 = hashAlgs + (5, ) id_sha512_256 = hashAlgs + (6, ) # Basic object identifiers pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') rsaEncryption = rfc2437.rsaEncryption id_RSAES_OAEP = rfc2437.id_RSAES_OAEP id_pSpecified = rfc2437.id_pSpecified id_RSASSA_PSS = rfc4055.id_RSASSA_PSS md2WithRSAEncryption = rfc2437.md2WithRSAEncryption md5WithRSAEncryption = rfc2437.md5WithRSAEncryption sha1WithRSAEncryption = rfc2437.sha1WithRSAEncryption sha224WithRSAEncryption = rfc4055.sha224WithRSAEncryption sha256WithRSAEncryption = rfc4055.sha256WithRSAEncryption sha384WithRSAEncryption = rfc4055.sha384WithRSAEncryption sha512WithRSAEncryption = rfc4055.sha512WithRSAEncryption sha512_224WithRSAEncryption = pkcs_1 + (15, ) sha512_256WithRSAEncryption = pkcs_1 + (16, ) id_sha1 = rfc2437.id_sha1 id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2') id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5') id_mgf1 = rfc2437.id_mgf1 # Default parameter values sha1 = rfc4055.sha1Identifier SHA1Parameters = univ.Null("") mgf1SHA1 = rfc4055.mgf1SHA1Identifier class EncodingParameters(univ.OctetString): subtypeSpec = constraint.ValueSizeConstraint(0, MAX) pSpecifiedEmpty = rfc4055.pSpecifiedEmptyIdentifier emptyString = EncodingParameters(value='') # Main structures class Version(univ.Integer): namedValues = namedval.NamedValues( ('two-prime', 0), ('multi', 1) ) class TrailerField(univ.Integer): namedValues = namedval.NamedValues( ('trailerFieldBC', 1) ) RSAPublicKey = rfc2437.RSAPublicKey OtherPrimeInfo = rfc3447.OtherPrimeInfo OtherPrimeInfos = rfc3447.OtherPrimeInfos RSAPrivateKey = rfc3447.RSAPrivateKey RSAES_OAEP_params = rfc4055.RSAES_OAEP_params rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier RSASSA_PSS_params = rfc4055.RSASSA_PSS_params rSASSA_PSS_Default_Identifier = rfc4055.rSASSA_PSS_Default_Identifier # Syntax for the EMSA-PKCS1-v1_5 hash identifier class DigestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('digestAlgorithm', DigestAlgorithm()), namedtype.NamedType('digest', univ.OctetString()) ) # Update the Algorithm Identifier map _algorithmIdentifierMapUpdate = { id_sha1: univ.Null(), id_sha224: univ.Null(), id_sha256: univ.Null(), id_sha384: univ.Null(), id_sha512: univ.Null(), id_sha512_224: univ.Null(), id_sha512_256: univ.Null(), id_mgf1: AlgorithmIdentifier(), id_pSpecified: univ.OctetString(), id_RSAES_OAEP: RSAES_OAEP_params(), id_RSASSA_PSS: RSASSA_PSS_params(), md2WithRSAEncryption: univ.Null(), md5WithRSAEncryption: univ.Null(), sha1WithRSAEncryption: univ.Null(), sha224WithRSAEncryption: univ.Null(), sha256WithRSAEncryption: univ.Null(), sha384WithRSAEncryption: univ.Null(), sha512WithRSAEncryption: univ.Null(), sha512_224WithRSAEncryption: univ.Null(), sha512_256WithRSAEncryption: univ.Null(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8018.py0000644006321400632140000001402613551772550022467 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # PKCS #5: Password-Based Cryptography Specification, Version 2.1 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8018.txt # from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import univ from pyasn1_modules import rfc3565 from pyasn1_modules import rfc5280 MAX = float('inf') def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) # Import from RFC 3565 AES_IV = rfc3565.AES_IV # Import from RFC 5280 AlgorithmIdentifier = rfc5280.AlgorithmIdentifier # Basic object identifiers nistAlgorithms = _OID(2, 16, 840, 1, 101, 3, 4) aes = _OID(nistAlgorithms, 1) oiw = _OID(1, 3, 14) rsadsi = _OID(1, 2, 840, 113549) pkcs = _OID(rsadsi, 1) digestAlgorithm = _OID(rsadsi, 2) encryptionAlgorithm = _OID(rsadsi, 3) pkcs_5 = _OID(pkcs, 5) # HMAC object identifiers id_hmacWithSHA1 = _OID(digestAlgorithm, 7) id_hmacWithSHA224 = _OID(digestAlgorithm, 8) id_hmacWithSHA256 = _OID(digestAlgorithm, 9) id_hmacWithSHA384 = _OID(digestAlgorithm, 10) id_hmacWithSHA512 = _OID(digestAlgorithm, 11) id_hmacWithSHA512_224 = _OID(digestAlgorithm, 12) id_hmacWithSHA512_256 = _OID(digestAlgorithm, 13) # PBES1 object identifiers pbeWithMD2AndDES_CBC = _OID(pkcs_5, 1) pbeWithMD2AndRC2_CBC = _OID(pkcs_5, 4) pbeWithMD5AndDES_CBC = _OID(pkcs_5, 3) pbeWithMD5AndRC2_CBC = _OID(pkcs_5, 6) pbeWithSHA1AndDES_CBC = _OID(pkcs_5, 10) pbeWithSHA1AndRC2_CBC = _OID(pkcs_5, 11) # Supporting techniques object identifiers desCBC = _OID(oiw, 3, 2, 7) des_EDE3_CBC = _OID(encryptionAlgorithm, 7) rc2CBC = _OID(encryptionAlgorithm, 2) rc5_CBC_PAD = _OID(encryptionAlgorithm, 9) aes128_CBC_PAD = _OID(aes, 2) aes192_CBC_PAD = _OID(aes, 22) aes256_CBC_PAD = _OID(aes, 42) # PBES1 class PBEParameter(univ.Sequence): pass PBEParameter.componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString().subtype( subtypeSpec=constraint.ValueSizeConstraint(8, 8))), namedtype.NamedType('iterationCount', univ.Integer()) ) # PBES2 id_PBES2 = _OID(pkcs_5, 13) class PBES2_params(univ.Sequence): pass PBES2_params.componentType = namedtype.NamedTypes( namedtype.NamedType('keyDerivationFunc', AlgorithmIdentifier()), namedtype.NamedType('encryptionScheme', AlgorithmIdentifier()) ) # PBMAC1 id_PBMAC1 = _OID(pkcs_5, 14) class PBMAC1_params(univ.Sequence): pass PBMAC1_params.componentType = namedtype.NamedTypes( namedtype.NamedType('keyDerivationFunc', AlgorithmIdentifier()), namedtype.NamedType('messageAuthScheme', AlgorithmIdentifier()) ) # PBKDF2 id_PBKDF2 = _OID(pkcs_5, 12) algid_hmacWithSHA1 = AlgorithmIdentifier() algid_hmacWithSHA1['algorithm'] = id_hmacWithSHA1 algid_hmacWithSHA1['parameters'] = univ.Null("") class PBKDF2_params(univ.Sequence): pass PBKDF2_params.componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType('specified', univ.OctetString()), namedtype.NamedType('otherSource', AlgorithmIdentifier()) ))), namedtype.NamedType('iterationCount', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), namedtype.OptionalNamedType('keyLength', univ.Integer().subtype( subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), namedtype.DefaultedNamedType('prf', algid_hmacWithSHA1) ) # RC2 CBC algorithm parameter class RC2_CBC_Parameter(univ.Sequence): pass RC2_CBC_Parameter.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('rc2ParameterVersion', univ.Integer()), namedtype.NamedType('iv', univ.OctetString().subtype( subtypeSpec=constraint.ValueSizeConstraint(8, 8))) ) # RC5 CBC algorithm parameter class RC5_CBC_Parameters(univ.Sequence): pass RC5_CBC_Parameters.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1_0', 16))).subtype( subtypeSpec=constraint.SingleValueConstraint(16))), namedtype.NamedType('rounds', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(8, 127))), namedtype.NamedType('blockSizeInBits', univ.Integer().subtype(subtypeSpec=constraint.SingleValueConstraint(64, 128))), namedtype.OptionalNamedType('iv', univ.OctetString()) ) # Initialization Vector for AES: OCTET STRING (SIZE(16)) class AES_IV(univ.OctetString): pass AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) # Initialization Vector for DES: OCTET STRING (SIZE(8)) class DES_IV(univ.OctetString): pass DES_IV.subtypeSpec = constraint.ValueSizeConstraint(8, 8) # Update the Algorithm Identifier map _algorithmIdentifierMapUpdate = { # PBKDF2-PRFs id_hmacWithSHA1: univ.Null(), id_hmacWithSHA224: univ.Null(), id_hmacWithSHA256: univ.Null(), id_hmacWithSHA384: univ.Null(), id_hmacWithSHA512: univ.Null(), id_hmacWithSHA512_224: univ.Null(), id_hmacWithSHA512_256: univ.Null(), # PBES1Algorithms pbeWithMD2AndDES_CBC: PBEParameter(), pbeWithMD2AndRC2_CBC: PBEParameter(), pbeWithMD5AndDES_CBC: PBEParameter(), pbeWithMD5AndRC2_CBC: PBEParameter(), pbeWithSHA1AndDES_CBC: PBEParameter(), pbeWithSHA1AndRC2_CBC: PBEParameter(), # PBES2Algorithms id_PBES2: PBES2_params(), # PBES2-KDFs id_PBKDF2: PBKDF2_params(), # PBMAC1Algorithms id_PBMAC1: PBMAC1_params(), # SupportingAlgorithms desCBC: DES_IV(), des_EDE3_CBC: DES_IV(), rc2CBC: RC2_CBC_Parameter(), rc5_CBC_PAD: RC5_CBC_Parameters(), aes128_CBC_PAD: AES_IV(), aes192_CBC_PAD: AES_IV(), aes256_CBC_PAD: AES_IV(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8103.py0000644006321400632140000000177113551772550022465 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from the asn1ate tool. # Auto-generated by asn1ate v.0.6.0 from rfc8103.asn. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # ChaCha20Poly1305 algorithm fo use with the Authenticated-Enveloped-Data # protecting content type for the Cryptographic Message Syntax (CMS) # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8103.txt from pyasn1.type import constraint from pyasn1.type import univ def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) class AEADChaCha20Poly1305Nonce(univ.OctetString): pass AEADChaCha20Poly1305Nonce.subtypeSpec = constraint.ValueSizeConstraint(12, 12) id_alg_AEADChaCha20Poly1305 = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 18) pyasn1-modules-0.2.8/pyasn1_modules/rfc8209.py0000644006321400632140000000061113551772550022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # BGPsec Router PKI Profile # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8209.txt # from pyasn1.type import univ id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') id_kp_bgpsec_router = id_kp + (30, ) pyasn1-modules-0.2.8/pyasn1_modules/rfc8226.py0000664006321400632140000001030313605660315022457 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from the asn1ate tool, with manual # changes to implement appropriate constraints and added comments. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # JWT Claim Constraints and TN Authorization List for certificate extensions. # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8226.txt (with errata corrected) from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import namedtype from pyasn1.type import tag from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') def _OID(*components): output = [] for x in tuple(components): if isinstance(x, univ.ObjectIdentifier): output.extend(list(x)) else: output.append(int(x)) return univ.ObjectIdentifier(output) class JWTClaimName(char.IA5String): pass class JWTClaimNames(univ.SequenceOf): pass JWTClaimNames.componentType = JWTClaimName() JWTClaimNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class JWTClaimPermittedValues(univ.Sequence): pass JWTClaimPermittedValues.componentType = namedtype.NamedTypes( namedtype.NamedType('claim', JWTClaimName()), namedtype.NamedType('permitted', univ.SequenceOf( componentType=char.UTF8String()).subtype( sizeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class JWTClaimPermittedValuesList(univ.SequenceOf): pass JWTClaimPermittedValuesList.componentType = JWTClaimPermittedValues() JWTClaimPermittedValuesList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) class JWTClaimConstraints(univ.Sequence): pass JWTClaimConstraints.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('mustInclude', JWTClaimNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('permittedValues', JWTClaimPermittedValuesList().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) JWTClaimConstraints.subtypeSpec = constraint.ConstraintsUnion( constraint.WithComponentsConstraint( ('mustInclude', constraint.ComponentPresentConstraint())), constraint.WithComponentsConstraint( ('permittedValues', constraint.ComponentPresentConstraint())) ) id_pe_JWTClaimConstraints = _OID(1, 3, 6, 1, 5, 5, 7, 1, 27) class ServiceProviderCode(char.IA5String): pass class TelephoneNumber(char.IA5String): pass TelephoneNumber.subtypeSpec = constraint.ConstraintsIntersection( constraint.ValueSizeConstraint(1, 15), constraint.PermittedAlphabetConstraint( '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '#', '*') ) class TelephoneNumberRange(univ.Sequence): pass TelephoneNumberRange.componentType = namedtype.NamedTypes( namedtype.NamedType('start', TelephoneNumber()), namedtype.NamedType('count', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(2, MAX))) ) class TNEntry(univ.Choice): pass TNEntry.componentType = namedtype.NamedTypes( namedtype.NamedType('spc', ServiceProviderCode().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('range', TelephoneNumberRange().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('one', TelephoneNumber().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class TNAuthorizationList(univ.SequenceOf): pass TNAuthorizationList.componentType = TNEntry() TNAuthorizationList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) id_pe_TNAuthList = _OID(1, 3, 6, 1, 5, 5, 7, 1, 26) id_ad_stirTNList = _OID(1, 3, 6, 1, 5, 5, 7, 48, 14) # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_TNAuthList: TNAuthorizationList(), id_pe_JWTClaimConstraints: JWTClaimConstraints(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8358.py0000644006321400632140000000216013551772550022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Digital Signatures on Internet-Draft Documents # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8358.txt # from pyasn1.type import univ from pyasn1_modules import rfc5652 id_ct = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1') id_ct_asciiTextWithCRLF = id_ct + (27, ) id_ct_epub = id_ct + (39, ) id_ct_htmlWithCRLF = id_ct + (38, ) id_ct_pdf = id_ct + (29, ) id_ct_postscript = id_ct + (30, ) id_ct_utf8TextWithCRLF = id_ct + (37, ) id_ct_xml = id_ct + (28, ) # Map of Content Type OIDs to Content Types is added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_asciiTextWithCRLF: univ.OctetString(), id_ct_epub: univ.OctetString(), id_ct_htmlWithCRLF: univ.OctetString(), id_ct_pdf: univ.OctetString(), id_ct_postscript: univ.OctetString(), id_ct_utf8TextWithCRLF: univ.OctetString(), id_ct_xml: univ.OctetString(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8360.py0000644006321400632140000000206313551772550022465 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Resource Public Key Infrastructure (RPKI) Validation Reconsidered # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8360.txt # https://www.rfc-editor.org/errata/eid5870 # from pyasn1.type import univ from pyasn1_modules import rfc3779 from pyasn1_modules import rfc5280 # IP Address Delegation Extension V2 id_pe_ipAddrBlocks_v2 = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.28') IPAddrBlocks = rfc3779.IPAddrBlocks # Autonomous System Identifier Delegation Extension V2 id_pe_autonomousSysIds_v2 = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.29') ASIdentifiers = rfc3779.ASIdentifiers # Map of Certificate Extension OIDs to Extensions is added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_ipAddrBlocks_v2: IPAddrBlocks(), id_pe_autonomousSysIds_v2: ASIdentifiers(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8398.py0000644006321400632140000000225013551772550022476 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with some assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Internationalized Email Addresses in X.509 Certificates # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8398.txt # https://www.rfc-editor.org/errata/eid5418 # from pyasn1.type import char from pyasn1.type import constraint from pyasn1.type import univ from pyasn1_modules import rfc5280 MAX = float('inf') # SmtpUTF8Mailbox contains Mailbox as specified in Section 3.3 of RFC 6531 id_pkix = rfc5280.id_pkix id_on = id_pkix + (8, ) id_on_SmtpUTF8Mailbox = id_on + (9, ) class SmtpUTF8Mailbox(char.UTF8String): pass SmtpUTF8Mailbox.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) on_SmtpUTF8Mailbox = rfc5280.AnotherName() on_SmtpUTF8Mailbox['type-id'] = id_on_SmtpUTF8Mailbox on_SmtpUTF8Mailbox['value'] = SmtpUTF8Mailbox() # Map of Other Name OIDs to Other Name is added to the # ones that are in rfc5280.py _anotherNameMapUpdate = { id_on_SmtpUTF8Mailbox: SmtpUTF8Mailbox(), } rfc5280.anotherNameMap.update(_anotherNameMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8410.py0000644006321400632140000000171313551772550022462 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8410.txt from pyasn1.type import univ from pyasn1_modules import rfc3565 from pyasn1_modules import rfc4055 from pyasn1_modules import rfc5280 class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class CurvePrivateKey(univ.OctetString): pass id_X25519 = univ.ObjectIdentifier('1.3.101.110') id_X448 = univ.ObjectIdentifier('1.3.101.111') id_Ed25519 = univ.ObjectIdentifier('1.3.101.112') id_Ed448 = univ.ObjectIdentifier('1.3.101.113') id_sha512 = rfc4055.id_sha512 id_aes128_wrap = rfc3565.id_aes128_wrap id_aes256_wrap = rfc3565.id_aes256_wrap pyasn1-modules-0.2.8/pyasn1_modules/rfc8418.py0000644006321400632140000000212513551772550022470 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Elliptic Curve Diffie-Hellman (ECDH) Key Agreement Algorithm # with X25519 and X448 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8418.txt from pyasn1.type import univ from pyasn1_modules import rfc5280 class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass class KeyWrapAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): pass dhSinglePass_stdDH_sha256kdf_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0.11.1') dhSinglePass_stdDH_sha384kdf_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0.11.2') dhSinglePass_stdDH_sha512kdf_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0.11.3') dhSinglePass_stdDH_hkdf_sha256_scheme = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.19') dhSinglePass_stdDH_hkdf_sha384_scheme = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.20') dhSinglePass_stdDH_hkdf_sha512_scheme = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.21') pyasn1-modules-0.2.8/pyasn1_modules/rfc8419.py0000644006321400632140000000325013551772550022471 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the CMS # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8419.txt # https://www.rfc-editor.org/errata/eid5869 from pyasn1.type import univ from pyasn1_modules import rfc5280 class ShakeOutputLen(univ.Integer): pass id_Ed25519 = univ.ObjectIdentifier('1.3.101.112') sigAlg_Ed25519 = rfc5280.AlgorithmIdentifier() sigAlg_Ed25519['algorithm'] = id_Ed25519 # sigAlg_Ed25519['parameters'] is absent id_Ed448 = univ.ObjectIdentifier('1.3.101.113') sigAlg_Ed448 = rfc5280.AlgorithmIdentifier() sigAlg_Ed448['algorithm'] = id_Ed448 # sigAlg_Ed448['parameters'] is absent hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') id_sha512 = hashAlgs + (3, ) hashAlg_SHA_512 = rfc5280.AlgorithmIdentifier() hashAlg_SHA_512['algorithm'] = id_sha512 # hashAlg_SHA_512['parameters'] is absent id_shake256 = hashAlgs + (12, ) hashAlg_SHAKE256 = rfc5280.AlgorithmIdentifier() hashAlg_SHAKE256['algorithm'] = id_shake256 # hashAlg_SHAKE256['parameters']is absent id_shake256_len = hashAlgs + (18, ) hashAlg_SHAKE256_LEN = rfc5280.AlgorithmIdentifier() hashAlg_SHAKE256_LEN['algorithm'] = id_shake256_len hashAlg_SHAKE256_LEN['parameters'] = ShakeOutputLen() # Map of Algorithm Identifier OIDs to Parameters added to the # ones in rfc5280.py. Do not add OIDs with absent paramaters. _algorithmIdentifierMapUpdate = { id_shake256_len: ShakeOutputLen(), } rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8479.py0000644006321400632140000000216613551772550022504 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Storing Validation Parameters in PKCS#8 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8479.txt # from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5652 id_attr_validation_parameters = univ.ObjectIdentifier('1.3.6.1.4.1.2312.18.8.1') class ValidationParams(univ.Sequence): pass ValidationParams.componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlg', univ.ObjectIdentifier()), namedtype.NamedType('seed', univ.OctetString()) ) at_validation_parameters = rfc5652.Attribute() at_validation_parameters['attrType'] = id_attr_validation_parameters at_validation_parameters['attrValues'][0] = ValidationParams() # Map of Attribute Type OIDs to Attributes added to the # ones that are in rfc5652.py _cmsAttributesMapUpdate = { id_attr_validation_parameters: ValidationParams(), } rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8494.py0000644006321400632140000000447313551772550022504 0ustar ietingofietingof00000000000000# This file is being contributed to pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Multicast Email (MULE) over Allied Communications Publication 142 # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8494.txt from pyasn1.type import namedtype from pyasn1.type import namedval from pyasn1.type import tag from pyasn1.type import univ id_mmhs_CDT = univ.ObjectIdentifier('1.3.26.0.4406.0.4.2') class AlgorithmID_ShortForm(univ.Integer): pass AlgorithmID_ShortForm.namedValues = namedval.NamedValues( ('zlibCompress', 0) ) class ContentType_ShortForm(univ.Integer): pass ContentType_ShortForm.namedValues = namedval.NamedValues( ('unidentified', 0), ('external', 1), ('p1', 2), ('p3', 3), ('p7', 4), ('mule', 25) ) class CompressedContentInfo(univ.Sequence): pass CompressedContentInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('unnamed', univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType('contentType-ShortForm', ContentType_ShortForm().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('contentType-OID', univ.ObjectIdentifier().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))) ))), namedtype.NamedType('compressedContent', univ.OctetString().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))) ) class CompressionAlgorithmIdentifier(univ.Choice): pass CompressionAlgorithmIdentifier.componentType = namedtype.NamedTypes( namedtype.NamedType('algorithmID-ShortForm', AlgorithmID_ShortForm().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('algorithmID-OID', univ.ObjectIdentifier().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1))) ) class CompressedData(univ.Sequence): pass CompressedData.componentType = namedtype.NamedTypes( namedtype.NamedType('compressionAlgorithm', CompressionAlgorithmIdentifier()), namedtype.NamedType('compressedContentInfo', CompressedContentInfo()) ) pyasn1-modules-0.2.8/pyasn1_modules/rfc8520.py0000644006321400632140000000273013551772550022464 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # Modified by Russ Housley to add maps for use with opentypes. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # X.509 Extensions for MUD URL and MUD Signer; # Object Identifier for CMS Content Type for a MUD file # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8520.txt # from pyasn1.type import char from pyasn1.type import univ from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 # X.509 Extension for MUD URL id_pe_mud_url = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.25') class MUDURLSyntax(char.IA5String): pass # X.509 Extension for MUD Signer id_pe_mudsigner = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.30') class MUDsignerSyntax(rfc5280.Name): pass # Object Identifier for CMS Content Type for a MUD file id_ct_mudtype = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.41') # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_pe_mud_url: MUDURLSyntax(), id_pe_mudsigner: MUDsignerSyntax(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) # Map of Content Type OIDs to Content Types added to the # ones that are in rfc5652.py _cmsContentTypesMapUpdate = { id_ct_mudtype: univ.OctetString(), } rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules/rfc8619.py0000644006321400632140000000216013551772550022472 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Algorithm Identifiers for HKDF # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8619.txt # from pyasn1.type import univ from pyasn1_modules import rfc5280 # Object Identifiers id_alg_hkdf_with_sha256 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.28') id_alg_hkdf_with_sha384 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.29') id_alg_hkdf_with_sha512 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.30') # Key Derivation Algorithm Identifiers kda_hkdf_with_sha256 = rfc5280.AlgorithmIdentifier() kda_hkdf_with_sha256['algorithm'] = id_alg_hkdf_with_sha256 # kda_hkdf_with_sha256['parameters'] are absent kda_hkdf_with_sha384 = rfc5280.AlgorithmIdentifier() kda_hkdf_with_sha384['algorithm'] = id_alg_hkdf_with_sha384 # kda_hkdf_with_sha384['parameters'] are absent kda_hkdf_with_sha512 = rfc5280.AlgorithmIdentifier() kda_hkdf_with_sha512['algorithm'] = id_alg_hkdf_with_sha512 # kda_hkdf_with_sha512['parameters'] are absent pyasn1-modules-0.2.8/pyasn1_modules/rfc8649.py0000644006321400632140000000172613551772550022504 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley with assistance from asn1ate v.0.6.0. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # X.509 Certificate Extension for Hash Of Root Key # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc8649.txt # from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import rfc5280 id_ce_hashOfRootKey = univ.ObjectIdentifier('1.3.6.1.4.1.51483.2.1') class HashedRootKey(univ.Sequence): pass HashedRootKey.componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('hashValue', univ.OctetString()) ) # Map of Certificate Extension OIDs to Extensions added to the # ones that are in rfc5280.py _certificateExtensionsMapUpdate = { id_ce_hashOfRootKey: HashedRootKey(), } rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) pyasn1-modules-0.2.8/pyasn1_modules.egg-info/0000775006321400632140000000000013605660531022506 5ustar ietingofietingof00000000000000pyasn1-modules-0.2.8/pyasn1_modules.egg-info/PKG-INFO0000644006321400632140000000343713605660531023610 0ustar ietingofietingof00000000000000Metadata-Version: 1.2 Name: pyasn1-modules Version: 0.2.8 Summary: A collection of ASN.1-based protocols modules. Home-page: https://github.com/etingof/pyasn1-modules Author: Ilya Etingof Author-email: etingof@gmail.com Maintainer: Ilya Etingof License: BSD-2-Clause Description: A collection of ASN.1 modules expressed in form of pyasn1 classes. Includes protocols PDUs definition (SNMP, LDAP etc.) and various data structures (X.509, PKCS etc.). Platform: any Classifier: Development Status :: 5 - Production/Stable Classifier: Environment :: Console Classifier: Intended Audience :: Developers Classifier: Intended Audience :: Education Classifier: Intended Audience :: Information Technology Classifier: Intended Audience :: System Administrators Classifier: Intended Audience :: Telecommunications Industry Classifier: License :: OSI Approved :: BSD License Classifier: Natural Language :: English Classifier: Operating System :: OS Independent Classifier: Programming Language :: Python :: 2 Classifier: Programming Language :: Python :: 2.4 Classifier: Programming Language :: Python :: 2.5 Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 Classifier: Programming Language :: Python :: 3.2 Classifier: Programming Language :: Python :: 3.3 Classifier: Programming Language :: Python :: 3.4 Classifier: Programming Language :: Python :: 3.5 Classifier: Programming Language :: Python :: 3.6 Classifier: Programming Language :: Python :: 3.7 Classifier: Programming Language :: Python :: 3.8 Classifier: Topic :: Communications Classifier: Topic :: System :: Monitoring Classifier: Topic :: System :: Networking :: Monitoring Classifier: Topic :: Software Development :: Libraries :: Python Modules pyasn1-modules-0.2.8/pyasn1_modules.egg-info/SOURCES.txt0000644006321400632140000001254513605660531024377 0ustar ietingofietingof00000000000000CHANGES.txt LICENSE.txt MANIFEST.in README.md requirements.txt setup.cfg setup.py pyasn1_modules/__init__.py pyasn1_modules/pem.py pyasn1_modules/rfc1155.py pyasn1_modules/rfc1157.py pyasn1_modules/rfc1901.py pyasn1_modules/rfc1902.py pyasn1_modules/rfc1905.py pyasn1_modules/rfc2251.py pyasn1_modules/rfc2314.py pyasn1_modules/rfc2315.py pyasn1_modules/rfc2437.py pyasn1_modules/rfc2459.py pyasn1_modules/rfc2511.py pyasn1_modules/rfc2560.py pyasn1_modules/rfc2631.py pyasn1_modules/rfc2634.py pyasn1_modules/rfc2985.py pyasn1_modules/rfc2986.py pyasn1_modules/rfc3114.py pyasn1_modules/rfc3161.py pyasn1_modules/rfc3274.py pyasn1_modules/rfc3279.py pyasn1_modules/rfc3280.py pyasn1_modules/rfc3281.py pyasn1_modules/rfc3412.py pyasn1_modules/rfc3414.py pyasn1_modules/rfc3447.py pyasn1_modules/rfc3560.py pyasn1_modules/rfc3565.py pyasn1_modules/rfc3709.py pyasn1_modules/rfc3770.py pyasn1_modules/rfc3779.py pyasn1_modules/rfc3852.py pyasn1_modules/rfc4043.py pyasn1_modules/rfc4055.py pyasn1_modules/rfc4073.py pyasn1_modules/rfc4108.py pyasn1_modules/rfc4210.py pyasn1_modules/rfc4211.py pyasn1_modules/rfc4334.py pyasn1_modules/rfc4985.py pyasn1_modules/rfc5035.py pyasn1_modules/rfc5083.py pyasn1_modules/rfc5084.py pyasn1_modules/rfc5208.py pyasn1_modules/rfc5280.py pyasn1_modules/rfc5480.py pyasn1_modules/rfc5649.py pyasn1_modules/rfc5652.py pyasn1_modules/rfc5751.py pyasn1_modules/rfc5755.py pyasn1_modules/rfc5913.py pyasn1_modules/rfc5914.py pyasn1_modules/rfc5915.py pyasn1_modules/rfc5916.py pyasn1_modules/rfc5917.py pyasn1_modules/rfc5924.py pyasn1_modules/rfc5934.py pyasn1_modules/rfc5940.py pyasn1_modules/rfc5958.py pyasn1_modules/rfc5990.py pyasn1_modules/rfc6010.py pyasn1_modules/rfc6019.py pyasn1_modules/rfc6031.py pyasn1_modules/rfc6032.py pyasn1_modules/rfc6120.py pyasn1_modules/rfc6170.py pyasn1_modules/rfc6187.py pyasn1_modules/rfc6210.py pyasn1_modules/rfc6211.py pyasn1_modules/rfc6402-1.py pyasn1_modules/rfc6402.py pyasn1_modules/rfc6482.py pyasn1_modules/rfc6486.py pyasn1_modules/rfc6487.py pyasn1_modules/rfc6664.py pyasn1_modules/rfc6955.py pyasn1_modules/rfc6960.py pyasn1_modules/rfc7030.py pyasn1_modules/rfc7191.py pyasn1_modules/rfc7229.py pyasn1_modules/rfc7292.py pyasn1_modules/rfc7296.py pyasn1_modules/rfc7508.py pyasn1_modules/rfc7585.py pyasn1_modules/rfc7633.py pyasn1_modules/rfc7773.py pyasn1_modules/rfc7894-1.py pyasn1_modules/rfc7894.py pyasn1_modules/rfc7906.py pyasn1_modules/rfc7914.py pyasn1_modules/rfc8017.py pyasn1_modules/rfc8018.py pyasn1_modules/rfc8103.py pyasn1_modules/rfc8209.py pyasn1_modules/rfc8226.py pyasn1_modules/rfc8358.py pyasn1_modules/rfc8360.py pyasn1_modules/rfc8398.py pyasn1_modules/rfc8410.py pyasn1_modules/rfc8418.py pyasn1_modules/rfc8419.py pyasn1_modules/rfc8479.py pyasn1_modules/rfc8494.py pyasn1_modules/rfc8520.py pyasn1_modules/rfc8619.py pyasn1_modules/rfc8649.py pyasn1_modules.egg-info/PKG-INFO pyasn1_modules.egg-info/SOURCES.txt pyasn1_modules.egg-info/dependency_links.txt pyasn1_modules.egg-info/requires.txt pyasn1_modules.egg-info/top_level.txt pyasn1_modules.egg-info/zip-safe tests/__init__.py tests/__main__.py tests/test_pem.py tests/test_rfc2314.py tests/test_rfc2315.py tests/test_rfc2437.py tests/test_rfc2459.py tests/test_rfc2511.py tests/test_rfc2560.py tests/test_rfc2631.py tests/test_rfc2634.py tests/test_rfc2985.py tests/test_rfc2986.py tests/test_rfc3114.py tests/test_rfc3161.py tests/test_rfc3274.py tests/test_rfc3279.py tests/test_rfc3280.py tests/test_rfc3281.py tests/test_rfc3447.py tests/test_rfc3560.py tests/test_rfc3565.py tests/test_rfc3709.py tests/test_rfc3770.py tests/test_rfc3779.py tests/test_rfc3852.py tests/test_rfc4043.py tests/test_rfc4055.py tests/test_rfc4073.py tests/test_rfc4108.py tests/test_rfc4210.py tests/test_rfc4211.py tests/test_rfc4334.py tests/test_rfc4985.py tests/test_rfc5035.py tests/test_rfc5083.py tests/test_rfc5084.py tests/test_rfc5208.py tests/test_rfc5280.py tests/test_rfc5480.py tests/test_rfc5649.py tests/test_rfc5652.py tests/test_rfc5751.py tests/test_rfc5755.py tests/test_rfc5913.py tests/test_rfc5914.py tests/test_rfc5915.py tests/test_rfc5916.py tests/test_rfc5917.py tests/test_rfc5924.py tests/test_rfc5934.py tests/test_rfc5940.py tests/test_rfc5958.py tests/test_rfc5990.py tests/test_rfc6010.py tests/test_rfc6019.py tests/test_rfc6031.py tests/test_rfc6032.py tests/test_rfc6120.py tests/test_rfc6187.py tests/test_rfc6210.py tests/test_rfc6211.py tests/test_rfc6402.py tests/test_rfc6482.py tests/test_rfc6486.py tests/test_rfc6487.py tests/test_rfc6664.py tests/test_rfc6955.py tests/test_rfc6960.py tests/test_rfc7030.py tests/test_rfc7191.py tests/test_rfc7229.py tests/test_rfc7292.py tests/test_rfc7296.py tests/test_rfc7508.py tests/test_rfc7585.py tests/test_rfc7633.py tests/test_rfc7773.py tests/test_rfc7894.py tests/test_rfc7906.py tests/test_rfc7914.py tests/test_rfc8017.py tests/test_rfc8018.py tests/test_rfc8103.py tests/test_rfc8209.py tests/test_rfc8226.py tests/test_rfc8358.py tests/test_rfc8360.py tests/test_rfc8398.py tests/test_rfc8410.py tests/test_rfc8418.py tests/test_rfc8419.py tests/test_rfc8479.py tests/test_rfc8494.py tests/test_rfc8520.py tests/test_rfc8619.py tests/test_rfc8649.py tools/cmcdump.py tools/cmpdump.py tools/crldump.py tools/crmfdump.py tools/ocspclient.py tools/ocspreqdump.py tools/ocsprspdump.py tools/pkcs10dump.py tools/pkcs1dump.py tools/pkcs7dump.py tools/pkcs8dump.py tools/snmpget.py tools/x509dump-rfc5280.py tools/x509dump.pypyasn1-modules-0.2.8/pyasn1_modules.egg-info/dependency_links.txt0000644006321400632140000000000113605660531026552 0ustar ietingofietingof00000000000000 pyasn1-modules-0.2.8/pyasn1_modules.egg-info/requires.txt0000644006321400632140000000002513605660531025101 0ustar ietingofietingof00000000000000pyasn1<0.5.0,>=0.4.6 pyasn1-modules-0.2.8/pyasn1_modules.egg-info/top_level.txt0000644006321400632140000000001713605660531025234 0ustar ietingofietingof00000000000000pyasn1_modules pyasn1-modules-0.2.8/pyasn1_modules.egg-info/zip-safe0000644006321400632140000000000113551772550024141 0ustar ietingofietingof00000000000000 pyasn1-modules-0.2.8/requirements.txt0000664006321400632140000000002513605660315021332 0ustar ietingofietingof00000000000000pyasn1>=0.4.7,<0.6.0 pyasn1-modules-0.2.8/setup.cfg0000644006321400632140000000015213605660531017666 0ustar ietingofietingof00000000000000[bdist_wheel] universal = 1 [metadata] license_file = LICENSE.txt [egg_info] tag_build = tag_date = 0 pyasn1-modules-0.2.8/setup.py0000664006321400632140000000674613605660325017601 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys doclines = """A collection of ASN.1-based protocols modules. A collection of ASN.1 modules expressed in form of pyasn1 classes. Includes protocols PDUs definition (SNMP, LDAP etc.) and various data structures (X.509, PKCS etc.). """ doclines = [x.strip() for x in doclines.split('\n') if x] classifiers = """\ Development Status :: 5 - Production/Stable Environment :: Console Intended Audience :: Developers Intended Audience :: Education Intended Audience :: Information Technology Intended Audience :: System Administrators Intended Audience :: Telecommunications Industry License :: OSI Approved :: BSD License Natural Language :: English Operating System :: OS Independent Programming Language :: Python :: 2 Programming Language :: Python :: 2.4 Programming Language :: Python :: 2.5 Programming Language :: Python :: 2.6 Programming Language :: Python :: 2.7 Programming Language :: Python :: 3 Programming Language :: Python :: 3.2 Programming Language :: Python :: 3.3 Programming Language :: Python :: 3.4 Programming Language :: Python :: 3.5 Programming Language :: Python :: 3.6 Programming Language :: Python :: 3.7 Programming Language :: Python :: 3.8 Topic :: Communications Topic :: System :: Monitoring Topic :: System :: Networking :: Monitoring Topic :: Software Development :: Libraries :: Python Modules """ def howto_install_setuptools(): print(""" Error: You need setuptools Python package! It's very easy to install it, just type (as root on Linux): wget https://bitbucket.org/pypa/setuptools/raw/bootstrap/ez_setup.py python ez_setup.py Then you could make eggs from this package. """) if sys.version_info[:2] < (2, 4): print("ERROR: this package requires Python 2.4 or later!") sys.exit(1) try: from setuptools import setup, Command params = { 'zip_safe': True, 'install_requires': ['pyasn1>=0.4.6,<0.5.0'] } except ImportError: for arg in sys.argv: if 'egg' in arg: howto_install_setuptools() sys.exit(1) from distutils.core import setup, Command if sys.version_info[:2] > (2, 4): params = { 'requires': ['pyasn1(>=0.4.6,<0.5.0)'] } else: params = { 'requires': ['pyasn1'] } params.update( {'name': 'pyasn1-modules', 'version': open('pyasn1_modules/__init__.py').read().split('\'')[1], 'description': doclines[0], 'long_description': ' '.join(doclines[1:]), 'maintainer': 'Ilya Etingof ', 'author': 'Ilya Etingof', 'author_email': 'etingof@gmail.com', 'url': 'https://github.com/etingof/pyasn1-modules', 'platforms': ['any'], 'classifiers': [x for x in classifiers.split('\n') if x], 'license': 'BSD-2-Clause', 'packages': ['pyasn1_modules']} ) # handle unittest discovery feature try: import unittest2 as unittest except ImportError: import unittest class PyTest(Command): user_options = [] def initialize_options(self): pass def finalize_options(self): pass def run(self): suite = unittest.TestLoader().loadTestsFromNames( ['tests.__main__.suite'] ) unittest.TextTestRunner(verbosity=2).run(suite) params['cmdclass'] = { 'test': PyTest, 'tests': PyTest } setup(**params) pyasn1-modules-0.2.8/tests/0000775006321400632140000000000013605660531017213 5ustar ietingofietingof00000000000000pyasn1-modules-0.2.8/tests/__init__.py0000644006321400632140000000007313551772550021327 0ustar ietingofietingof00000000000000# This file is necessary to make this directory a package. pyasn1-modules-0.2.8/tests/__main__.py0000664006321400632140000000672613605660325021321 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # try: import unittest2 as unittest except ImportError: import unittest suite = unittest.TestLoader().loadTestsFromNames( ['tests.test_pem.suite', 'tests.test_rfc2314.suite', 'tests.test_rfc2315.suite', 'tests.test_rfc2437.suite', 'tests.test_rfc2459.suite', 'tests.test_rfc2511.suite', 'tests.test_rfc2560.suite', 'tests.test_rfc2631.suite', 'tests.test_rfc2634.suite', 'tests.test_rfc2985.suite', 'tests.test_rfc2986.suite', 'tests.test_rfc3114.suite', 'tests.test_rfc3161.suite', 'tests.test_rfc3274.suite', 'tests.test_rfc3279.suite', 'tests.test_rfc3280.suite', 'tests.test_rfc3281.suite', 'tests.test_rfc3447.suite', 'tests.test_rfc3560.suite', 'tests.test_rfc3565.suite', 'tests.test_rfc3709.suite', 'tests.test_rfc3770.suite', 'tests.test_rfc3779.suite', 'tests.test_rfc3852.suite', 'tests.test_rfc4043.suite', 'tests.test_rfc4055.suite', 'tests.test_rfc4073.suite', 'tests.test_rfc4108.suite', 'tests.test_rfc4210.suite', 'tests.test_rfc4211.suite', 'tests.test_rfc4334.suite', 'tests.test_rfc4985.suite', 'tests.test_rfc5035.suite', 'tests.test_rfc5083.suite', 'tests.test_rfc5084.suite', 'tests.test_rfc5208.suite', 'tests.test_rfc5280.suite', 'tests.test_rfc5480.suite', 'tests.test_rfc5649.suite', 'tests.test_rfc5652.suite', 'tests.test_rfc5751.suite', 'tests.test_rfc5755.suite', 'tests.test_rfc5913.suite', 'tests.test_rfc5914.suite', 'tests.test_rfc5915.suite', 'tests.test_rfc5916.suite', 'tests.test_rfc5917.suite', 'tests.test_rfc5924.suite', 'tests.test_rfc5934.suite', 'tests.test_rfc5940.suite', 'tests.test_rfc5958.suite', 'tests.test_rfc5990.suite', 'tests.test_rfc6010.suite', 'tests.test_rfc6019.suite', 'tests.test_rfc6031.suite', 'tests.test_rfc6032.suite', 'tests.test_rfc6120.suite', 'tests.test_rfc6187.suite', 'tests.test_rfc6210.suite', 'tests.test_rfc6211.suite', 'tests.test_rfc6482.suite', 'tests.test_rfc6486.suite', 'tests.test_rfc6487.suite', 'tests.test_rfc6664.suite', 'tests.test_rfc6955.suite', 'tests.test_rfc6960.suite', 'tests.test_rfc7030.suite', 'tests.test_rfc7191.suite', 'tests.test_rfc7229.suite', 'tests.test_rfc7292.suite', 'tests.test_rfc7296.suite', 'tests.test_rfc7508.suite', 'tests.test_rfc7585.suite', 'tests.test_rfc7633.suite', 'tests.test_rfc7773.suite', 'tests.test_rfc7894.suite', 'tests.test_rfc7906.suite', 'tests.test_rfc7914.suite', 'tests.test_rfc8017.suite', 'tests.test_rfc8018.suite', 'tests.test_rfc8103.suite', 'tests.test_rfc8209.suite', 'tests.test_rfc8226.suite', 'tests.test_rfc8358.suite', 'tests.test_rfc8360.suite', 'tests.test_rfc8398.suite', 'tests.test_rfc8410.suite', 'tests.test_rfc8418.suite', 'tests.test_rfc8419.suite', 'tests.test_rfc8479.suite', 'tests.test_rfc8494.suite', 'tests.test_rfc8520.suite', 'tests.test_rfc8619.suite', 'tests.test_rfc8649.suite'] ) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_pem.py0000664006321400632140000001337213605660325021414 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.compat.octets import ints2octs from pyasn1_modules import pem try: import unittest2 as unittest except ImportError: import unittest class PemTestCase(unittest.TestCase): pem_text = """\ MIIDATCCAekCAQAwgZkxCzAJBgNVBAYTAlJVMRYwFAYDVQQIEw1Nb3Njb3cgUmVn aW9uMQ8wDQYDVQQHEwZNb3Njb3cxGjAYBgNVBAoTEVNOTVAgTGFib3JhdG9yaWVz MQwwCgYDVQQLFANSJkQxFTATBgNVBAMTDHNubXBsYWJzLmNvbTEgMB4GCSqGSIb3 DQEJARYRaW5mb0Bzbm1wbGFicy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQC9n2NfGS98JDBmAXQn+vNUyPB3QPYC1cwpX8UMYh9MdAmBZJCnvXrQ Pp14gNAv6AQKxefmGES1b+Yd+1we9HB8AKm1/8xvRDUjAvy4iO0sqFCPvIfSujUy pBcfnR7QE2itvyrMxCDSEVnMhKdCNb23L2TptUmpvLcb8wfAMLFsSu2yaOtJysep oH/mvGqlRv2ti2+E2YA0M7Pf83wyV1XmuEsc9tQ225rprDk2uyshUglkDD2235rf 0QyONq3Aw3BMrO9ss1qj7vdDhVHVsxHnTVbEgrxEWkq2GkVKh9QReMZ2AKxe40j4 og+OjKXguOCggCZHJyXKxccwqCaeCztbAgMBAAGgIjAgBgkqhkiG9w0BCQIxExMR U05NUCBMYWJvcmF0b3JpZXMwDQYJKoZIhvcNAQEFBQADggEBAAihbwmN9M2bsNNm 9KfxqiGMqqcGCtzIlpDz/2NVwY93cEZsbz3Qscc0QpknRmyTSoDwIG+1nUH0vzkT Nv8sBmp9I1GdhGg52DIaWwL4t9O5WUHgfHSJpPxZ/zMP2qIsdPJ+8o19BbXRlufc 73c03H1piGeb9VcePIaulSHI622xukI6f4Sis49vkDaoi+jadbEEb6TYkJQ3AMRD WdApGGm0BePdLqboW1Yv70WRRFFD8sxeT7Yw4qrJojdnq0xMHPGfKpf6dJsqWkHk b5DRbjil1Zt9pJuF680S9wtBzSi0hsMHXR9TzS7HpMjykL2nmCVY6A78MZapsCzn GGbx7DI= """ def testReadBase64fromText(self): binary = pem.readBase64fromText(self.pem_text) assert binary expected = [ 48, 130, 3, 1, 48, 130, 1, 233, 2, 1, 0, 48, 129, 153, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 82, 85, 49, 22, 48, 20, 6, 3, 85, 4, 8, 19, 13, 77, 111, 115, 99, 111, 119, 32, 82, 101, 103, 105, 111, 110, 49, 15, 48, 13, 6, 3, 85, 4, 7, 19, 6, 77, 111, 115, 99, 111, 119, 49, 26, 48, 24, 6, 3, 85, 4, 10, 19, 17, 83, 78, 77, 80, 32, 76, 97, 98, 111, 114, 97, 116, 111, 114, 105, 101, 115, 49, 12, 48, 10, 6, 3, 85, 4, 11, 20, 3, 82, 38, 68, 49, 21, 48, 19, 6, 3, 85, 4, 3, 19, 12, 115, 110, 109, 112, 108, 97, 98, 115, 46, 99, 111, 109, 49, 32, 48, 30, 6, 9, 42, 134, 72, 134, 247, 13, 1, 9, 1, 22, 17, 105, 110, 102, 111, 64, 115, 110, 109, 112, 108, 97, 98, 115, 46, 99, 111, 109, 48, 130, 1, 34, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 130, 1, 15, 0, 48, 130, 1, 10, 2, 130, 1, 1, 0, 189, 159, 99, 95, 25, 47, 124, 36, 48, 102, 1, 116, 39, 250, 243, 84, 200, 240, 119, 64, 246, 2, 213, 204, 41, 95, 197, 12, 98, 31, 76, 116, 9, 129, 100, 144, 167, 189, 122, 208, 62, 157, 120, 128, 208, 47, 232, 4, 10, 197, 231, 230, 24, 68, 181, 111, 230, 29, 251, 92, 30, 244, 112, 124, 0, 169, 181, 255, 204, 111, 68, 53, 35, 2, 252, 184, 136, 237, 44, 168, 80, 143, 188, 135, 210, 186, 53, 50, 164, 23, 31, 157, 30, 208, 19, 104, 173, 191, 42, 204, 196, 32, 210, 17, 89, 204, 132, 167, 66, 53, 189, 183, 47, 100, 233, 181, 73, 169, 188, 183, 27, 243, 7, 192, 48, 177, 108, 74, 237, 178, 104, 235, 73, 202, 199, 169, 160, 127, 230, 188, 106, 165, 70, 253, 173, 139, 111, 132, 217, 128, 52, 51, 179, 223, 243, 124, 50, 87, 85, 230, 184, 75, 28, 246, 212, 54, 219, 154, 233, 172, 57, 54, 187, 43, 33, 82, 9, 100, 12, 61, 182, 223, 154, 223, 209, 12, 142, 54, 173, 192, 195, 112, 76, 172, 239, 108, 179, 90, 163, 238, 247, 67, 133, 81, 213, 179, 17, 231, 77, 86, 196, 130, 188, 68, 90, 74, 182, 26, 69, 74, 135, 212, 17, 120, 198, 118, 0, 172, 94, 227, 72, 248, 162, 15, 142, 140, 165, 224, 184, 224, 160, 128, 38, 71, 39, 37, 202, 197, 199, 48, 168, 38, 158, 11, 59, 91, 2, 3, 1, 0, 1, 160, 34, 48, 32, 6, 9, 42, 134, 72, 134, 247, 13, 1, 9, 2, 49, 19, 19, 17, 83, 78, 77, 80, 32, 76, 97, 98, 111, 114, 97, 116, 111, 114, 105, 101, 115, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 5, 5, 0, 3, 130, 1, 1, 0, 8, 161, 111, 9, 141, 244, 205, 155, 176, 211, 102, 244, 167, 241, 170, 33, 140, 170, 167, 6, 10, 220, 200, 150, 144, 243, 255, 99, 85, 193, 143, 119, 112, 70, 108, 111, 61, 208, 177, 199, 52, 66, 153, 39, 70, 108, 147, 74, 128, 240, 32, 111, 181, 157, 65, 244, 191, 57, 19, 54, 255, 44, 6, 106, 125, 35, 81, 157, 132, 104, 57, 216, 50, 26, 91, 2, 248, 183, 211, 185, 89, 65, 224, 124, 116, 137, 164, 252, 89, 255, 51, 15, 218, 162, 44, 116, 242, 126, 242, 141, 125, 5, 181, 209, 150, 231, 220, 239, 119, 52, 220, 125, 105, 136, 103, 155, 245, 87, 30, 60, 134, 174, 149, 33, 200, 235, 109, 177, 186, 66, 58, 127, 132, 162, 179, 143, 111, 144, 54, 168, 139, 232, 218, 117, 177, 4, 111, 164, 216, 144, 148, 55, 0, 196, 67, 89, 208, 41, 24, 105, 180, 5, 227, 221, 46, 166, 232, 91, 86, 47, 239, 69, 145, 68, 81, 67, 242, 204, 94, 79, 182, 48, 226, 170, 201, 162, 55, 103, 171, 76, 76, 28, 241, 159, 42, 151, 250, 116, 155, 42, 90, 65, 228, 111, 144, 209, 110, 56, 165, 213, 155, 125, 164, 155, 133, 235, 205, 18, 247, 11, 65, 205, 40, 180, 134, 195, 7, 93, 31, 83, 205, 46, 199, 164, 200, 242, 144, 189, 167, 152, 37, 88, 232, 14, 252, 49, 150, 169, 176, 44, 231, 24, 102, 241, 236, 50 ] assert ints2octs(expected) == binary suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2314.py0000664006321400632140000000414613605660325021716 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc2314 try: import unittest2 as unittest except ImportError: import unittest class CertificationRequestTestCase(unittest.TestCase): pem_text = """\ MIIDATCCAekCAQAwgZkxCzAJBgNVBAYTAlJVMRYwFAYDVQQIEw1Nb3Njb3cgUmVn aW9uMQ8wDQYDVQQHEwZNb3Njb3cxGjAYBgNVBAoTEVNOTVAgTGFib3JhdG9yaWVz MQwwCgYDVQQLFANSJkQxFTATBgNVBAMTDHNubXBsYWJzLmNvbTEgMB4GCSqGSIb3 DQEJARYRaW5mb0Bzbm1wbGFicy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQC9n2NfGS98JDBmAXQn+vNUyPB3QPYC1cwpX8UMYh9MdAmBZJCnvXrQ Pp14gNAv6AQKxefmGES1b+Yd+1we9HB8AKm1/8xvRDUjAvy4iO0sqFCPvIfSujUy pBcfnR7QE2itvyrMxCDSEVnMhKdCNb23L2TptUmpvLcb8wfAMLFsSu2yaOtJysep oH/mvGqlRv2ti2+E2YA0M7Pf83wyV1XmuEsc9tQ225rprDk2uyshUglkDD2235rf 0QyONq3Aw3BMrO9ss1qj7vdDhVHVsxHnTVbEgrxEWkq2GkVKh9QReMZ2AKxe40j4 og+OjKXguOCggCZHJyXKxccwqCaeCztbAgMBAAGgIjAgBgkqhkiG9w0BCQIxExMR U05NUCBMYWJvcmF0b3JpZXMwDQYJKoZIhvcNAQEFBQADggEBAAihbwmN9M2bsNNm 9KfxqiGMqqcGCtzIlpDz/2NVwY93cEZsbz3Qscc0QpknRmyTSoDwIG+1nUH0vzkT Nv8sBmp9I1GdhGg52DIaWwL4t9O5WUHgfHSJpPxZ/zMP2qIsdPJ+8o19BbXRlufc 73c03H1piGeb9VcePIaulSHI622xukI6f4Sis49vkDaoi+jadbEEb6TYkJQ3AMRD WdApGGm0BePdLqboW1Yv70WRRFFD8sxeT7Yw4qrJojdnq0xMHPGfKpf6dJsqWkHk b5DRbjil1Zt9pJuF680S9wtBzSi0hsMHXR9TzS7HpMjykL2nmCVY6A78MZapsCzn GGbx7DI= """ def setUp(self): self.asn1Spec = rfc2314.CertificationRequest() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2315.py0000664006321400632140000002115413605660325021715 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc2315 try: import unittest2 as unittest except ImportError: import unittest class Pkcs7TestCase(unittest.TestCase): pem_text_unordered = """\ MIIKdQYJKoZIhvcNAQcCoIIKZjCCCmICAQExADALBgkqhkiG9w0BBwGgggpIMIIC XjCCAcegAwIBAgIBADANBgkqhkiG9w0BAQQFADB1MQswCQYDVQQGEwJSVTEPMA0G A1UEBxMGTW9zY293MRcwFQYDVQQKEw5Tb3ZhbSBUZWxlcG9ydDEMMAoGA1UECxMD TklTMQ8wDQYDVQQDEwZBQlMgQ0ExHTAbBgkqhkiG9w0BCQEWDmNlcnRAb25saW5l LnJ1MB4XDTk5MDgxNTE5MDI1OFoXDTAwMDExMjE5MDI1OFowdTELMAkGA1UEBhMC UlUxDzANBgNVBAcTBk1vc2NvdzEXMBUGA1UEChMOU292YW0gVGVsZXBvcnQxDDAK BgNVBAsTA05JUzEPMA0GA1UEAxMGQUJTIENBMR0wGwYJKoZIhvcNAQkBFg5jZXJ0 QG9ubGluZS5ydTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAw0g1P0yQAZIi ml2XOCOxnCcuhHmAgj4Ei9M2ebrrGwUMONPzr1a8W7JcpnR3FeOjxEIxrzkHr6UA oj4l/oC7Rv28uIig+Okf+82ekhH6VgAQNr5LAzfN8J6dZLx2OXAmmLleAqHuisT7 I40vEFRoRmC5hiMlILE2rIlIKJn6cUkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBZ 7ELDfGUNb+fbpHl5W3d9JMXsdOgd96+HG+X1SPgeiRAMjkla8WFCSaQPIR4vCy0m tm5a2bWSji6+vP5FGbjOz5iMlHMrCtu0He7Eim2zpaGI06ZIY75Cn1h2r3+KS0/R h01TJUbmsfV1tZm6Wk3bayJ+/K8A4mBHv8P6rhYacDCCAowwggH1oAMCAQICAQAw DQYJKoZIhvcNAQEEBQAwgYsxCzAJBgNVBAYTAlJVMQ8wDQYDVQQHEwZNb3Njb3cx FzAVBgNVBAoTDkdvbGRlbiBUZWxlY29tMQwwCgYDVQQLEwNST0wxHjAcBgNVBAMT FUdvbGRlbiBUZWxlY29tIEFCUyBDQTEkMCIGCSqGSIb3DQEJARYVY2VydEBnb2xk ZW50ZWxlY29tLnJ1MB4XDTAwMDEwNTE1MDY1MVoXDTEwMDExNTE1MDY1MVowgYsx CzAJBgNVBAYTAlJVMQ8wDQYDVQQHEwZNb3Njb3cxFzAVBgNVBAoTDkdvbGRlbiBU ZWxlY29tMQwwCgYDVQQLEwNST0wxHjAcBgNVBAMTFUdvbGRlbiBUZWxlY29tIEFC UyBDQTEkMCIGCSqGSIb3DQEJARYVY2VydEBnb2xkZW50ZWxlY29tLnJ1MIGfMA0G CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFel/Svli6ogoUEb6eLtEvNSjyalETSMP MIZXdmWIkWijvEUhDnNJVAE3knAt6dVYqxWq0vc6CbAGFZNqEyioGU48IECLzV0G toiYejF/c9PuyIKDejeV9/YZnNFaZAUOXhOjREdZURLISKhX4tAbQyvK0Qka9AAR MEy9DoqV8QIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAHQzgqFkoSMQr077UCr5C0l1 rxLA17TrocCmUC1/PLmN0LmUHD0d7TjjTQKJaJBHxcKIg6+FOY6LSSY4nAN79eXi nBz+jEUG7+NTU/jcEArI35yP7fi4Mwb96EYDmUkUGtcLNq3JBe/d1Zhmy9HnNBL1 Dn9thM2Q8RPYAJIU3JnGMIICqTCCAhICAQAwDQYJKoZIhvcNAQEEBQAwgZwxCzAJ BgNVBAYTAlJVMQ8wDQYDVQQIEwZNb3Njb3cxDzANBgNVBAcTBk1vc2NvdzEXMBUG A1UEChMOR29sZGVuIFRlbGVjb20xDDAKBgNVBAsTA1JPTDEeMBwGA1UEAxMVR29s ZGVuIFRlbGVjb20gQUJTIENBMSQwIgYJKoZIhvcNAQkBFhVjZXJ0QGdvbGRlbnRl bGVjb20ucnUwHhcNMTAwMTE1MTU0MDI2WhcNMjAwMjIyMTU0MDI2WjCBnDELMAkG A1UEBhMCUlUxDzANBgNVBAgTBk1vc2NvdzEPMA0GA1UEBxMGTW9zY293MRcwFQYD VQQKEw5Hb2xkZW4gVGVsZWNvbTEMMAoGA1UECxMDUk9MMR4wHAYDVQQDExVHb2xk ZW4gVGVsZWNvbSBBQlMgQ0ExJDAiBgkqhkiG9w0BCQEWFWNlcnRAZ29sZGVudGVs ZWNvbS5ydTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzxXpf0r5YuqIKFBG +ni7RLzUo8mpRE0jDzCGV3ZliJFoo7xFIQ5zSVQBN5JwLenVWKsVqtL3OgmwBhWT ahMoqBlOPCBAi81dBraImHoxf3PT7siCg3o3lff2GZzRWmQFDl4To0RHWVESyEio V+LQG0MrytEJGvQAETBMvQ6KlfECAwEAATANBgkqhkiG9w0BAQQFAAOBgQCMrS4T LIzxcpu8nwOq/xMcxW4Ctz/wjIoePWkmSLe+Tkb4zo7aTsvzn+ETaWb7qztUpyl0 QvlXn4vC2iCJloPpofPqSzF1UV3g5Zb93ReZu7E6kEyW0ag8R5XZKv0xuR3b3Le+ ZqolT8wQELd5Mmw5JPofZ+O2cGNvet8tYwOKFjCCAqUwggIOoAMCAQICAgboMA0G CSqGSIb3DQEBBAUAMIGcMQswCQYDVQQGEwJSVTEPMA0GA1UECBMGTW9zY293MQ8w DQYDVQQHEwZNb3Njb3cxFzAVBgNVBAoTDkdvbGRlbiBUZWxlY29tMQwwCgYDVQQL EwNST0wxHjAcBgNVBAMTFUdvbGRlbiBUZWxlY29tIEFCUyBDQTEkMCIGCSqGSIb3 DQEJARYVY2VydEBnb2xkZW50ZWxlY29tLnJ1MB4XDTExMDEyODEyMTcwOVoXDTEy MDIwMTAwMDAwMFowdjELMAkGA1UEBhMCUlUxDDAKBgNVBAgTA04vQTEXMBUGA1UE ChMOR29sZGVuIFRlbGVjb20xDDAKBgNVBAsTA0lTUDEWMBQGA1UEAxMNY3JheS5n bGFzLm5ldDEaMBgGCSqGSIb3DQEJARYLZWxpZUByb2wucnUwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBAPJAm8KG3ZCoJSvoGmLMPlGaMIpadu/EGSEYu+M/ybLp Cs8XmwB3876JVKKCbtGI6eqxOqvjedYXb+nKcyhz4Ztmm8RgAD7Z1WUItIpatejT 79EYOUWrDN713SLZsImMyP4B4EySl4LZfHFRU2iOwLB6WozGCYuULLqYS9MDPrnT AgMBAAGjGzAZMBcGCWCGSAGG+EIBDQQKFghDPS07Uz0tOzANBgkqhkiG9w0BAQQF AAOBgQDEttS70qYCA+MGBA3hOR88XiBcTmuBarJDwn/rj31vRjYZUgp9bbFwscRI Ic4lDnlyvunwNitl+341bDg7u6Ebu9hCMbciyu4EtrsDh77DlLzbmNcXbnhlvbFL K9GiPz3dNyvQMfmaA0twd62zJDOVJ1SmO04lLmu/pAx8GhBZkqEAMQA= """ # canonically ordered SET components pem_text_reordered = """\ MIIKcwYJKoZIhvcNAQcCoIIKZDCCCmACAQExADALBgkqhkiG9w0BBwGgggpIMIIC XjCCAcegAwIBAgIBADANBgkqhkiG9w0BAQQFADB1MQswCQYDVQQGEwJSVTEPMA0G A1UEBxMGTW9zY293MRcwFQYDVQQKEw5Tb3ZhbSBUZWxlcG9ydDEMMAoGA1UECxMD TklTMQ8wDQYDVQQDEwZBQlMgQ0ExHTAbBgkqhkiG9w0BCQEWDmNlcnRAb25saW5l LnJ1MB4XDTk5MDgxNTE5MDI1OFoXDTAwMDExMjE5MDI1OFowdTELMAkGA1UEBhMC UlUxDzANBgNVBAcTBk1vc2NvdzEXMBUGA1UEChMOU292YW0gVGVsZXBvcnQxDDAK BgNVBAsTA05JUzEPMA0GA1UEAxMGQUJTIENBMR0wGwYJKoZIhvcNAQkBFg5jZXJ0 QG9ubGluZS5ydTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAw0g1P0yQAZIi ml2XOCOxnCcuhHmAgj4Ei9M2ebrrGwUMONPzr1a8W7JcpnR3FeOjxEIxrzkHr6UA oj4l/oC7Rv28uIig+Okf+82ekhH6VgAQNr5LAzfN8J6dZLx2OXAmmLleAqHuisT7 I40vEFRoRmC5hiMlILE2rIlIKJn6cUkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBZ 7ELDfGUNb+fbpHl5W3d9JMXsdOgd96+HG+X1SPgeiRAMjkla8WFCSaQPIR4vCy0m tm5a2bWSji6+vP5FGbjOz5iMlHMrCtu0He7Eim2zpaGI06ZIY75Cn1h2r3+KS0/R h01TJUbmsfV1tZm6Wk3bayJ+/K8A4mBHv8P6rhYacDCCAowwggH1oAMCAQICAQAw DQYJKoZIhvcNAQEEBQAwgYsxCzAJBgNVBAYTAlJVMQ8wDQYDVQQHEwZNb3Njb3cx FzAVBgNVBAoTDkdvbGRlbiBUZWxlY29tMQwwCgYDVQQLEwNST0wxHjAcBgNVBAMT FUdvbGRlbiBUZWxlY29tIEFCUyBDQTEkMCIGCSqGSIb3DQEJARYVY2VydEBnb2xk ZW50ZWxlY29tLnJ1MB4XDTAwMDEwNTE1MDY1MVoXDTEwMDExNTE1MDY1MVowgYsx CzAJBgNVBAYTAlJVMQ8wDQYDVQQHEwZNb3Njb3cxFzAVBgNVBAoTDkdvbGRlbiBU ZWxlY29tMQwwCgYDVQQLEwNST0wxHjAcBgNVBAMTFUdvbGRlbiBUZWxlY29tIEFC UyBDQTEkMCIGCSqGSIb3DQEJARYVY2VydEBnb2xkZW50ZWxlY29tLnJ1MIGfMA0G CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFel/Svli6ogoUEb6eLtEvNSjyalETSMP MIZXdmWIkWijvEUhDnNJVAE3knAt6dVYqxWq0vc6CbAGFZNqEyioGU48IECLzV0G toiYejF/c9PuyIKDejeV9/YZnNFaZAUOXhOjREdZURLISKhX4tAbQyvK0Qka9AAR MEy9DoqV8QIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAHQzgqFkoSMQr077UCr5C0l1 rxLA17TrocCmUC1/PLmN0LmUHD0d7TjjTQKJaJBHxcKIg6+FOY6LSSY4nAN79eXi nBz+jEUG7+NTU/jcEArI35yP7fi4Mwb96EYDmUkUGtcLNq3JBe/d1Zhmy9HnNBL1 Dn9thM2Q8RPYAJIU3JnGMIICpTCCAg6gAwIBAgICBugwDQYJKoZIhvcNAQEEBQAw gZwxCzAJBgNVBAYTAlJVMQ8wDQYDVQQIEwZNb3Njb3cxDzANBgNVBAcTBk1vc2Nv dzEXMBUGA1UEChMOR29sZGVuIFRlbGVjb20xDDAKBgNVBAsTA1JPTDEeMBwGA1UE AxMVR29sZGVuIFRlbGVjb20gQUJTIENBMSQwIgYJKoZIhvcNAQkBFhVjZXJ0QGdv bGRlbnRlbGVjb20ucnUwHhcNMTEwMTI4MTIxNzA5WhcNMTIwMjAxMDAwMDAwWjB2 MQswCQYDVQQGEwJSVTEMMAoGA1UECBMDTi9BMRcwFQYDVQQKEw5Hb2xkZW4gVGVs ZWNvbTEMMAoGA1UECxMDSVNQMRYwFAYDVQQDEw1jcmF5LmdsYXMubmV0MRowGAYJ KoZIhvcNAQkBFgtlbGllQHJvbC5ydTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA8kCbwobdkKglK+gaYsw+UZowilp278QZIRi74z/JsukKzxebAHfzvolUooJu 0Yjp6rE6q+N51hdv6cpzKHPhm2abxGAAPtnVZQi0ilq16NPv0Rg5RasM3vXdItmw iYzI/gHgTJKXgtl8cVFTaI7AsHpajMYJi5QsuphL0wM+udMCAwEAAaMbMBkwFwYJ YIZIAYb4QgENBAoWCEM9LTtTPS07MA0GCSqGSIb3DQEBBAUAA4GBAMS21LvSpgID 4wYEDeE5HzxeIFxOa4FqskPCf+uPfW9GNhlSCn1tsXCxxEghziUOeXK+6fA2K2X7 fjVsODu7oRu72EIxtyLK7gS2uwOHvsOUvNuY1xdueGW9sUsr0aI/Pd03K9Ax+ZoD S3B3rbMkM5UnVKY7TiUua7+kDHwaEFmSMIICqTCCAhICAQAwDQYJKoZIhvcNAQEE BQAwgZwxCzAJBgNVBAYTAlJVMQ8wDQYDVQQIEwZNb3Njb3cxDzANBgNVBAcTBk1v c2NvdzEXMBUGA1UEChMOR29sZGVuIFRlbGVjb20xDDAKBgNVBAsTA1JPTDEeMBwG A1UEAxMVR29sZGVuIFRlbGVjb20gQUJTIENBMSQwIgYJKoZIhvcNAQkBFhVjZXJ0 QGdvbGRlbnRlbGVjb20ucnUwHhcNMTAwMTE1MTU0MDI2WhcNMjAwMjIyMTU0MDI2 WjCBnDELMAkGA1UEBhMCUlUxDzANBgNVBAgTBk1vc2NvdzEPMA0GA1UEBxMGTW9z Y293MRcwFQYDVQQKEw5Hb2xkZW4gVGVsZWNvbTEMMAoGA1UECxMDUk9MMR4wHAYD VQQDExVHb2xkZW4gVGVsZWNvbSBBQlMgQ0ExJDAiBgkqhkiG9w0BCQEWFWNlcnRA Z29sZGVudGVsZWNvbS5ydTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzxXp f0r5YuqIKFBG+ni7RLzUo8mpRE0jDzCGV3ZliJFoo7xFIQ5zSVQBN5JwLenVWKsV qtL3OgmwBhWTahMoqBlOPCBAi81dBraImHoxf3PT7siCg3o3lff2GZzRWmQFDl4T o0RHWVESyEioV+LQG0MrytEJGvQAETBMvQ6KlfECAwEAATANBgkqhkiG9w0BAQQF AAOBgQCMrS4TLIzxcpu8nwOq/xMcxW4Ctz/wjIoePWkmSLe+Tkb4zo7aTsvzn+ET aWb7qztUpyl0QvlXn4vC2iCJloPpofPqSzF1UV3g5Zb93ReZu7E6kEyW0ag8R5XZ Kv0xuR3b3Le+ZqolT8wQELd5Mmw5JPofZ+O2cGNvet8tYwOKFjEA """ def setUp(self): self.asn1Spec = rfc2315.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text_unordered) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate def testDerCodecDecodeOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text_reordered) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode( asn1Object, omitEmptyOptionals=False) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2437.py0000664006321400632140000000276213605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc2437 try: import unittest2 as unittest except ImportError: import unittest class RSAPrivateKeyTestCase(unittest.TestCase): pem_text = """\ MIIBPAIBAAJBAMfAjvBNDDYBCl1w3yNcagZkPhqd0q5KqeOTgKSLuJWfe5+VSeR5 Y1PcF3DyH8dvS3t8PIQjxJLoKS7HVRlsfhECAwEAAQJBAIr93/gxhIenXbD7MykF yvi7k8MtgkWoymICZwcX+c6RudFyuPPfQJ/sf6RmFZlRA9X9CQm5NwVG7+x1Yi6t KoECIQDmJUCWkPCiQYow6YxetpXFa0K6hTzOPmax7MNHVWNgmQIhAN4xOZ4JFT34 xVhK+8EudBCYRomJUHmOJfoQAxiIXVw5AiEAyB7ecc5on/5zhqKef4Eu7LKfHIdc 304diFuDVpTmTAkCIC2ZmKOQZaWkSowGR4isCfHl7oQHhFaOD8k0RA5i3hYxAiEA n8lDw3JT6NjvMnD6aM8KBsLyhazWSVVkaUSqmJzgCF0= """ def setUp(self): self.asn1Spec = rfc2437.RSAPrivateKey() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2459.py0000664006321400632140000001166613605660325021735 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc2459 try: import unittest2 as unittest except ImportError: import unittest class CertificateTestCase(unittest.TestCase): pem_text = """\ MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG 9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs 2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu """ def setUp(self): self.asn1Spec = rfc2459.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate def testDerCodecDecodeOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate class CertificateListTestCase(unittest.TestCase): pem_text = """\ MIIBVjCBwAIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJBVTETMBEGA1UE CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk MRUwEwYDVQQDEwxzbm1wbGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25t cGxhYnMuY29tFw0xMjA0MTExMzQwNTlaFw0xMjA1MTExMzQwNTlaoA4wDDAKBgNV HRQEAwIBATANBgkqhkiG9w0BAQUFAAOBgQC1D/wwnrcY/uFBHGc6SyoYss2kn+nY RTwzXmmldbNTCQ03x5vkWGGIaRJdN8QeCzbEi7gpgxgpxAx6Y5WkxkMQ1UPjNM5n DGVDOtR0dskFrrbHuNpWqWrDaBN0/ryZiWKjr9JRbrpkHgVY29I1gLooQ6IHuKHY vjnIhxTFoCb5vA== """ def setUp(self): self.asn1Spec = rfc2459.CertificateList() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate def testDerCodecDecodeOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate class DSAPrivateKeyTestCase(unittest.TestCase): pem_text = """\ MIIBugIBAAKBgQCN91+Cma8UPw09gjwP9WOJCdpv3mv3/qFqzgiODGZx0Q002iTl 1dq36m5TsWYFEcMCEyC3tFuoQ0mGq5zUUOmJvHCIPufs0g8Av0fhY77uFqneHHUi VQMCPCHX9vTCWskmDE21LJppU27bR4H2q+ysE30d6u3+84qrItsn4bjpcQIVAPR5 QrmooOXDn7fHJzshmxImGC4VAoGAXxKyEnlvzq93d4V6KLWX3H5Jk2JP771Ss1bT 6D/mSbLlvjjo7qsj6diul1axu6Wny31oPertzA2FeGEzkqvjSNmSxyYYMDB3kEcx ahntt37I1FgSlgdZHuhdtl1h1DBKXqCCneOZuNj+kW5ib14u5HDfFIbec2HJbvVs lJ/k83kCgYB4TD8vgHetXHxqsiZDoy5wOnQ3mmFAfl8ZdQsIfov6kEgArwPYUOVB JsX84f+MFjIOKXUV8dHZ8VRrGCLAbXcxKqLNWKlKHUnEsvt63pkaTy/RKHyQS+pn wontdTt9EtbF+CqIWnm2wpn3O+SbdtawzPOL1CcGB0jYABwbeQ81RwIUFKdyRYaa INow2I3/ks+0MxDabTY= """ def setUp(self): self.asn1Spec = rfc2459.DSAPrivateKey() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate def testDerCodecDecodeOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2511.py0000664006321400632140000000317713605660325021720 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc2511 try: import unittest2 as unittest except ImportError: import unittest class CertificateReqTestCase(unittest.TestCase): pem_text = """\ MIIBozCCAZ8wggEFAgUAwTnj2jCByoABAqURMA8xDTALBgNVBAMTBHVzZXKmgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ6ZQ2cYbn/lFsmBOlRltbRbFQUvvE0Q nbopOu1kC7Bmaaz7QTx8nxeiHi4m7uxCbGGxHNoGCt7EmdG8eZUBNAcHyGlXrJdm 0z3/uNEGiBHq+xB8FnFJCA5EIJ3RWFnlbu9otSITLxWK7c5+/NHmWM+yaeHD/f/h rp01c/8qXZfZAgMBAAGpEDAOBgNVHQ8BAf8EBAMCBeAwLzASBgkrBgEFBQcFAQEM BTExMTExMBkGCSsGAQUFBwUBAgwMc2VydmVyX21hZ2ljoYGTMA0GCSqGSIb3DQEB BQUAA4GBAEI3KNEvTq/n1kNVhNhPkovk1AZxyJrN1u1+7Gkc4PLjWwjLOjcEVWt4 AajUk/gkIJ6bbeO+fZlMjHfPSDKcD6AV2hN+n72QZwfzcw3icNvBG1el9EU4XfIm xfu5YVWi81/fw8QQ6X6YGHFQkomLd7jxakVyjxSng9BhO6GpjJNF """ def setUp(self): self.asn1Spec = rfc2511.CertReqMessages() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2560.py0000664006321400632140000000635613605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc2560 try: import unittest2 as unittest except ImportError: import unittest class OCSPRequestTestCase(unittest.TestCase): pem_text = """\ MGowaDBBMD8wPTAJBgUrDgMCGgUABBS3ZrMV9C5Dko03aH13cEZeppg3wgQUkqR1LKSevoFE63n8 isWVpesQdXMCBDXe9M+iIzAhMB8GCSsGAQUFBzABAgQSBBBjdJOiIW9EKJGELNNf/rdA """ def setUp(self): self.asn1Spec = rfc2560.OCSPRequest() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate class OCSPResponseTestCase(unittest.TestCase): pem_text = """\ MIIEvQoBAKCCBLYwggSyBgkrBgEFBQcwAQEEggSjMIIEnzCCAQ+hgYAwfjELMAkGA1UEBhMCQVUx EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEV MBMGA1UEAxMMc25tcGxhYnMuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHNubXBsYWJzLmNvbRgP MjAxMjA0MTExNDA5MjJaMFQwUjA9MAkGBSsOAwIaBQAEFLdmsxX0LkOSjTdofXdwRl6mmDfCBBSS pHUspJ6+gUTrefyKxZWl6xB1cwIENd70z4IAGA8yMDEyMDQxMTE0MDkyMlqhIzAhMB8GCSsGAQUF BzABAgQSBBBjdJOiIW9EKJGELNNf/rdAMA0GCSqGSIb3DQEBBQUAA4GBADk7oRiCy4ew1u0N52QL RFpW+tdb0NfkV2Xyu+HChKiTThZPr9ZXalIgkJ1w3BAnzhbB0JX/zq7Pf8yEz/OrQ4GGH7HyD3Vg PkMu+J6I3A2An+bUQo99AmCbZ5/tSHtDYQMQt3iNbv1fk0yvDmh7UdKuXUNSyJdHeg27dMNy4k8A oIIC9TCCAvEwggLtMIICVqADAgECAgEBMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAkFVMRMw EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFTAT BgNVBAMTDHNubXBsYWJzLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0Bzbm1wbGFicy5jb20wHhcN MTIwNDExMTMyNTM1WhcNMTMwNDExMTMyNTM1WjB+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29t ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRUwEwYDVQQDEwxzbm1w bGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25tcGxhYnMuY29tMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDDDU5HOnNV8I2CojxB8ilIWRHYQuaAjnjrETMOprouDHFXnwWqQo/I3m0b XYmocrh9kDefb+cgc7+eJKvAvBqrqXRnU38DmQU/zhypCftGGfP8xjuBZ1n23lR3hplN1yYA0J2X SgBaAg6e8OsKf1vcX8Es09rDo8mQpt4G2zR56wIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG +EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU8Ys2dpJFLMHl yY57D4BNmlqnEcYwHwYDVR0jBBgwFoAU8Ys2dpJFLMHlyY57D4BNmlqnEcYwDQYJKoZIhvcNAQEF BQADgYEAWR0uFJVlQId6hVpUbgXFTpywtNitNXFiYYkRRv77McSJqLCa/c1wnuLmqcFcuRUK0oN6 8ZJDP2HDDKe8MCZ8+sx+CF54eM8VCgN9uQ9XyE7x9XrXDd3Uw9RJVaWSIezkNKNeBE0lDM2jUjC4 HAESdf7nebz1wtqAOXE1jWF/y8g= """ def setUp(self): self.asn1Spec = rfc2560.OCSPResponse() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2631.py0000664006321400632140000000235213605660325021715 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc2631 try: import unittest2 as unittest except ImportError: import unittest class OtherInfoTestCase(unittest.TestCase): pem_text = "MB0wEwYLKoZIhvcNAQkQAwYEBAAAAAGiBgQEAAAAwA==" def setUp(self): self.asn1Spec = rfc2631.OtherInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate hex1 = univ.OctetString(hexValue='00000001') assert asn1Object['keyInfo']['counter'] == hex1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2634.py0000664006321400632140000002001413605660325021713 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc2634 try: import unittest2 as unittest except ImportError: import unittest class SignedMessageTestCase(unittest.TestCase): signed_message_pem_text = """\ MIIFLgYJKoZIhvcNAQcCoIIFHzCCBRsCAQExDTALBglghkgBZQMEAgIwUQYJKoZI hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL 3kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggIy MIICLgIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME AgKgggFXMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X DTE5MDUyOTE4MjMxOVowJQYLKoZIhvcNAQkQAgcxFgQUAbWZQYhLO5wtUgsOCGtT 4V3aNhUwLwYLKoZIhvcNAQkQAgQxIDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZI hvcNAQcBMDUGCyqGSIb3DQEJEAICMSYxJAIBAQYKKwYBBAGBrGABARMTQm9hZ3Vz IFByaXZhY3kgTWFyazA/BgkqhkiG9w0BCQQxMgQwtuQipP2CZx7U96rGbUT06LC5 jVFYccZW5/CaNvpcrOPiChDm2vI3m4k300z5mSZsME0GCyqGSIb3DQEJEAIBMT4w PAQgx08hD2QnVwj1DoeRELNtdZ0PffW4BQIvcwwVc/goU6OAAQEwFTATgRFhbGlj ZUBleGFtcGxlLmNvbTAKBggqhkjOPQQDAwRnMGUCMAFFVP2gYFLTbaxvV5J2ICNM Nk/K4pXbj5Zvj3dcCeC4+OUYyG3ZW5lOtKqaabEAXAIxALDg1WOouhkDfwuQdgBi mNTr0mjYeUWRe/15IsWNx+kuFcLDr71DFHvMFY5M3sdfMA== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc5652.cmsAttributesMap.keys(): sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 class SignedReceiptTestCase(unittest.TestCase): signed_receipt_pem_text = """\ MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyq GSIb3DQEJEAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkR CzbXWdD331uAUCL3MMFXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzm o18WwkFrEYH3EMsvpXEIGqsFTFN6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZy b2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H/oSgggJ3MIICczCCAfqgAwIBAgI JAKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDA JWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwN TI5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgN VBAMTA0JvYjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKo ZIzj0CAQYFK4EEACIDYgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXt IFAuIJcZVlkLn/xbywkcMLHK/O+w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM 2aYpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvh CAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW 55IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIapTAfBgNVH SMEGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV boS6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBws CMDfRweYz3Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6f j36zGCAYkwggGFAgEBMEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwD gYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsG CWCGSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQEwHAYJKoZ IhvcNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcNAQkEMSIEIGb9Hm2kCn M0CYNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIFMTIEMBZze HVja7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK BggqhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbo lropBdPJ6jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS 7hYRi6U0JKZmWbbuS8vFIgX7eIkd8= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] assert sd['encapContentInfo']['eContentType'] == rfc2634.id_ct_receipt receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc2634.Receipt()) assert not rest assert receipt.prettyPrint() assert der_encode(receipt) == sd['encapContentInfo']['eContent'] assert receipt['version'] == rfc2634.ESSVersion().subtype(value='v1') for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc5652.cmsAttributesMap.keys(): sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 def testOpenTypes(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() assert asn1Object['contentType'] == rfc5652.id_signedData sd = asn1Object['content'] assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3') assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys() assert sd['encapContentInfo']['eContentType'] == rfc2634.id_ct_receipt for sa in sd['signerInfos'][0]['signedAttrs']: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() if sa['attrType'] == rfc2634.id_aa_msgSigDigest: sa['attrValues'][0].prettyPrint()[:10] == '0x167378' # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot # automatically decode it receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']]) assert receipt['version'] == rfc2634.ESSVersion().subtype(value='v1') suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc2985.py0000664006321400632140000003462513605660325021741 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc2985 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc7292 try: import unittest2 as unittest except ImportError: import unittest class PKCS9AttrsTestCase(unittest.TestCase): pem_text = """\ MYIQjzAOBgNVBEExBwwFQWxpY2UwDwYIKwYBBQUHCQMxAxMBTTAQBgNVBAUxCRMH QjQ4LTAwNzAQBggrBgEFBQcJBDEEEwJVUzAQBggrBgEFBQcJBTEEEwJVUzARBgoq hkiG9w0BCRkEMQMCATAwFAYJKoZIhvcNAQkCMQcWBUFsaWNlMBgGCiqGSIb3DQEJ GQMxCgQIUTeqnHYky4AwHAYJKoZIhvcNAQkPMQ8wDTALBglghkgBZQMEAS0wHQYI KwYBBQUHCQExERgPMjAxOTA4MDMxMjAwMDBaMB0GCCsGAQUFBwkCMREMD0hlcm5k b24sIFZBLCBVUzApBgkqhkiG9w0BCRQxHB4aAEYAcgBpAGUAbgBkAGwAeQAgAE4A YQBtAGUwLwYJKoZIhvcNAQkIMSITIDEyMyBVbmtub3duIFdheSwgTm93aGVyZSwg VkEsIFVTMIGZBgoqhkiG9w0BCRkCMYGKMIGHMAsGCWCGSAFlAwQBLQR4VsJb7t4l IqjJCT54rqkbCJsBPE17YQJeEYvyA4M1aDIUU5GnCgEhctgMiDPWGMvaSziixdIg aU/0zvWvYCm8UwPvBBwMtm9X5NDvk9p4nXbGAT8E/OsV1SYWVvwRJwYak0yWWexM HSixw1Ljh2nb0fIbqwLOeMmIMIIEsQYKKoZIhvcNAQkZBTGCBKEwggSdBgkqhkiG 9w0BBwKgggSOMIIEigIBATENMAsGCWCGSAFlAwQCAjBRBgkqhkiG9w0BBwGgRARC Q29udGVudC1UeXBlOiB0ZXh0L3BsYWluDQoNCldhdHNvbiwgY29tZSBoZXJlIC0g SSB3YW50IHRvIHNlZSB5b3UuoIICfDCCAngwggH+oAMCAQICCQCls1QoG7BuOzAK BggqhkjOPQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcM B0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4XDTE5MDUyOTE0NDU0MVoXDTIw MDUyODE0NDU0MVowcDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQH EwdIZXJuZG9uMRAwDgYDVQQKEwdFeGFtcGxlMQ4wDAYDVQQDEwVBbGljZTEgMB4G CSqGSIb3DQEJARYRYWxpY2VAZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQA IgNiAAT4zZ8HL+xEDpXWkoWp5xFMTz4u4Ae1nF6zXCYlmsEGD5vPu5hl9hDEjd1U HRgJIPoy3fJcWWeZ8FHCirICtuMgFisNscG/aTwKyDYOFDuqz/C2jyEwqgWCRyxy ohuJXtmjgZQwgZEwCwYDVR0PBAQDAgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNl cnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYD VR0OBBYEFMS6Wg4+euM8gbD0Aqpouxbglg41MB8GA1UdIwQYMBaAFPI12zQE2qVV 8r1pA5mwYuziFQjBMAoGCCqGSM49BAMDA2gAMGUCMGO5H9E1uAveRGGaf48lN4po v2yH+hCAc5hOAuZKe/f40MKSF8q4w2ij+0euSaKFiAIxAL3gxp6sMitCmLQgOH6/ RBIC/2syJ97y0KVp9da0PDAvwxLugCHTKZPjjpSLPHHc9TGCAaEwggGdAgEBMEww PzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREw DwYDVQQKDAhCb2d1cyBDQQIJAKWzVCgbsG47MAsGCWCGSAFlAwQCAqCByDAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xOTA1MjkxODIz MTlaMD8GCSqGSIb3DQEJBDEyBDC25CKk/YJnHtT3qsZtRPTosLmNUVhxxlbn8Jo2 +lys4+IKEOba8jebiTfTTPmZJmwwTQYLKoZIhvcNAQkQAgExPjA8BCDHTyEPZCdX CPUOh5EQs211nQ999bgFAi9zDBVz+ChTo4ABATAVMBOBEWFsaWNlQGV4YW1wbGUu Y29tMAoGCCqGSM49BAMDBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzmo18WwkF rEYH3EMsvpXEIGqsFTFN6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZyb2xSX6Gr /IfCIm0angfOI39g7lAZDyivjh5H/oQwggnoBgtghkgBhvhCAwGBWDGCCdcwggnT AgEDMIIJjwYJKoZIhvcNAQcBoIIJgASCCXwwggl4MIIGCAYJKoZIhvcNAQcBoIIF +QSCBfUwggXxMIIF7QYLKoZIhvcNAQwKAQKgggT+MIIE+jAcBgoqhkiG9w0BDAED MA4ECO6rT/7SnK61AgIH0ASCBNhl7+ZgGmaQO8qy97gTAhXCjVM2/iV3LHWodlbY iHqpAJj42/Uye/3B7TNROXine1DMI9ZeetIDzYiA52i0sh7PhjBeuCIqFwiRJIv7 bIKYCgz6qSOIAgqr6XdQnpeFp97YqDgST/RGQel7obCNO115+SlelmBxwwSik60p AwslawMzunvvH9qafrIiTa2myQqpRj/ifxjESJNZxG1O2FiplAi36r3icotim3Sj zzRJU5+90SqnkogjtxODrQYkv6fqg3qGY/RuwAy+eT3V/z+UUoyL22w1T8qdSFsN WmMnAFCSGBuoHHoZ22ipItKVg09UzTCWe3CbUmEfjJuJDmw3Oo7sWVYLltxjCS86 XHWAauyFjmMr9aNsDiloGnFKSChslF6Ktj0F6ohOe+iReW5vi16EeEzbQiTjakpr eQZoeajC/N+XGoT6jKxbk5r1dtnEEJ+Q4wnvSjiGpr6frr4T+4pw301sptOjfO3f F23rKk7Advvi3k5xZobHcRmzDSfT9X5agtKlc4HCnHTz7XKHstXb1o1DSgTNVWQX phhFBm10gx6zfEHaLqyMtqXbWe2TuIHMwnBWiLnbhIBn+hbxK4MCfVz3cBZbApks Au/lXcVnakOJBcCtx/MMfZ3kcnI3Hs6W8rM2ASeDBLIQLVduOc6xlVSoYUQ24NNr 9usfigQkcSTJZPIO52vPyIIQ7zR7U8TiqonkKWU3QJJVarPgLEYMUhBfNHqiGfx/ d1Hf4MBoti8CMFUwsmOTv6d+cHYvQelqeFMXP0DE88gN/mkFBDAzXiXzAqMQcjJ+ pyW6l4o2iQFSvXKSKg/IKved/hGp7RngQohjg4KlbqeGuRYea8Xs4pH5ue5KTeOc HGNI3Qi/Lmr2rd+e1iuGxwwYZHve6Z+Lxnb20zW9I/2MFm+KsCiB4Z/+x84jR7BG 8l//lpuc2D/vxnKTxaaUAdUXM0Zwze7e+Gc2lMhVG5TJWR1KY51vN5J+apDYc8IR 0L0c2bbkom3WkPq/po/dPDuoaX61nKmztUHaL5r5QZzBBwKVyhdw9J0btnWAFPNK vzgy5U9iV4+6jXH5TCmlIreszwRPoqqEaYRIfmUpp2+zy91PpzjTs98tx/HIAbOM fT3WmuTahEnEHehABhwq+S4xwzoVIskLbrcOP6l7UYYR7GTUCjKxh7ru0rSwHrqG 9t33YdzJaFbz+8jb88xtf454Rvur66Cew/4GYX9u1Zef0DF9So1ay3IicpOf5emo VWIwg4bh7bELi78i/MbdWtNZQcXimykfeTsYH8Q4u+1uxHS5pwEWWwKiUnLQVpZP 2ut255TdgSIhEILwsaLVelRrx/lp14EpY355FOusXiju6g14aWfBnt5udvuTXxDQ ZHPPNNk+gwzgvvTey98T941hYUctjg0NApJiB66bfrlYB9mkc5ftg5zqhEasYH5C 4ajKKRNMM7zGlwSZvy8PPhnAeE3Q9LTnos0l4ygjQD/kMlvd7XSLW3GUzjyxtkG4 gQh6LGvnafAbgu7GpcapKEppN86sXEePHiQjj92n103+TxMYWwtaO4iAwkjqdEdt avEHcXRcpdqC0st6nUwPAPAC4LKJbZgLQnNG+wlWIiCMMD56IdfQ7r/zGIr13MxC kjNNUdISoWWE5GnQMYHbMBMGCSqGSIb3DQEJFTEGBAQBAAAAMFcGCSqGSIb3DQEJ FDFKHkgAMwBmADcAMQBhAGYANgA1AC0AMQA2ADgANwAtADQANAA0AGEALQA5AGYA NAA2AC0AYwA4AGIAZQAxADkANABjADMAZQA4AGUwawYJKwYBBAGCNxEBMV4eXABN AGkAYwByAG8AcwBvAGYAdAAgAEUAbgBoAGEAbgBjAGUAZAAgAEMAcgB5AHAAdABv AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIAIAB2ADEALgAwMIIDaAYJ KoZIhvcNAQcBoIIDWQSCA1UwggNRMIIDTQYLKoZIhvcNAQwKAQOgggMlMIIDIQYK KoZIhvcNAQkWAaCCAxEEggMNMIIDCTCCAfGgAwIBAgIQNu32hzqhCKdHATXzboyI ETANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlhbm9ueW1vdXMwIBcNMTYwNzE5 MjIwMDAxWhgPMjExNjA2MjUyMjAwMDFaMBQxEjAQBgNVBAMTCWFub255bW91czCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALy2sEJMGNdcDg6BI7mdFM5T lPzo5sKBzvUnagK5SKBJ11xMPN5toPTBzICB/XTWEB3AwpD0O+srSca+bsUAyedS 5V4BNp8qCyEu5RNRR8qPHheJ/guhLT96/gGI4jlrUyUhFntPkLKODxu+7KanMy6K dD+PVE8shXRUZTYe4PG64/c7z3wapnf4XoCXkJRzCY5f3MKz3Ul039kVnTlJcikd C7I9I9RflXLwXVl4nxUbeeRt6Z8WVWS4pCq+14v2aVPvP3mtVmAYHedRkvS04Hrx 4xx98D3NSSw6Z5OLkzqOcFw15fYmH2NLdhh34gSWJmaaCBAbuQ+1rx/42p7MvvsC AwEAAaNVMFMwFQYDVR0lBA4wDAYKKwYBBAGCNwoDBDAvBgNVHREEKDAmoCQGCisG AQQBgjcUAgOgFgwUYW5vbnltb3VzQHdpbmRvd3MteAAwCQYDVR0TBAIwADANBgkq hkiG9w0BAQUFAAOCAQEAuH7iqY0/MLozwFb39ILYAJDHE+HToZBQbHQP4YtienrU Stk60rIp0WH65lam7m/JhgAcItc/tV1L8mEnLrvvKcA+NeIL8sDOtM28azvgcOi0 P3roeLLLRCuiykUaKmUcZEDm9cDYKIpJf7QetWQ3uuGTk9iRzpH79x2ix35BnyWQ Rr3INZzmX/+9YRvPBXKYl/89F/w1ORYArpI9XtjfuPWaGQmM4f1WRHE2t3qRyKFF ri7QiZdpcSx5zvsRHSyjfUMoKs+b6upk+P01lIhg/ewwYngGab+fZhF15pTNN2hx 8PdNGcrGzrkNKCmJKrWCa2xczuMA+z8SCuC1tYTKmDEVMBMGCSqGSIb3DQEJFTEG BAQBAAAAMDswHzAHBgUrDgMCGgQUpWCP/fZR0TK5BwGuqvTd0+duiKcEFJTubF2k HktMK+isIjxOTk4yJTOOAgIH0A== """ def setUp(self): self.asn1Spec = rfc2985.AttributeSet() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate openTypesMap = { rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(), } openTypesMap.update(rfc5280.certificateAttributesMap) openTypesMap.update(rfc5652.cmsAttributesMap) for attr in asn1Object: assert attr['type'] in openTypesMap.keys() av, rest = der_decode(attr['values'][0], asn1Spec=openTypesMap[attr['type']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['values'][0] if attr['type'] == rfc2985.pkcs_9_at_userPKCS12: assert av['version'] == univ.Integer(3) assert av['authSafe']['contentType'] == rfc5652.id_data outdata, rest = der_decode(av['authSafe']['content'], asn1Spec=univ.OctetString()) assert not rest authsafe, rest = der_decode(outdata, asn1Spec=rfc7292.AuthenticatedSafe()) assert not rest for ci in authsafe: assert ci['contentType'] == rfc5652.id_data indata, rest = der_decode(ci['content'], asn1Spec=univ.OctetString()) assert not rest sc, rest = der_decode(indata, asn1Spec=rfc7292.SafeContents()) assert not rest for sb in sc: if sb['bagId'] in rfc7292.pkcs12BagTypeMap: bv, rest = der_decode(sb['bagValue'], asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']]) assert not rest for bagattr in sb['bagAttributes']: if bagattr['attrType'] in openTypesMap: inav, rest = der_decode(bagattr['attrValues'][0], asn1Spec=openTypesMap[bagattr['attrType']]) assert not rest if bagattr['attrType'] == rfc2985.pkcs_9_at_friendlyName: assert inav == "3f71af65-1687-444a-9f46-c8be194c3e8e" if bagattr['attrType'] == rfc2985.pkcs_9_at_localKeyId: assert inav == univ.OctetString(hexValue='01000000') if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU: ci, rest = der_decode(attr['values'][0], asn1Spec=rfc5652.ContentInfo()) assert not rest assert ci['contentType'] == rfc5652.id_signedData sd, rest = der_decode(ci['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd['version'] == 1 for si in sd['signerInfos']: assert si['version'] == 1 for siattr in si['signedAttrs']: if siattr['attrType'] in openTypesMap: siav, rest = der_decode(siattr['attrValues'][0], asn1Spec=openTypesMap[siattr['attrType']]) assert not rest if siattr['attrType'] == rfc2985.pkcs_9_at_contentType: assert siav == rfc5652.id_data if siattr['attrType'] == rfc2985.pkcs_9_at_messageDigest: assert siav.prettyPrint()[2:10] == 'b6e422a4' if siattr['attrType'] == rfc2985.pkcs_9_at_signingTime: assert siav['utcTime'] == '190529182319Z' for choices in sd['certificates']: for rdn in choices[0]['tbsCertificate']['subject']['rdnSequence']: if rdn[0]['type'] in openTypesMap: nv, rest = der_decode(rdn[0]['value'], asn1Spec=openTypesMap[rdn[0]['type']]) assert not rest if rdn[0]['type'] == rfc2985.pkcs_9_at_emailAddress: assert nv == 'alice@example.com' def testOpenTypes(self): openTypesMap = { rfc2985.pkcs_9_at_smimeCapabilities: rfc2985.SMIMECapabilities(), } openTypesMap.update(rfc5280.certificateAttributesMap) openTypesMap.update(rfc5652.cmsAttributesMap) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr in asn1Object: assert attr['type'] in openTypesMap.keys() if attr['type'] == rfc2985.pkcs_9_at_userPKCS12: assert attr['values'][0]['version'] == univ.Integer(3) assert attr['values'][0]['authSafe']['contentType'] == rfc5652.id_data authsafe, rest = der_decode(attr['values'][0]['authSafe']['content'], asn1Spec=rfc7292.AuthenticatedSafe()) assert not rest for ci in authsafe: assert ci['contentType'] == rfc5652.id_data indata, rest = der_decode(ci['content'], asn1Spec=univ.OctetString()) assert not rest sc, rest = der_decode(indata, asn1Spec=rfc7292.SafeContents(), decodeOpenTypes=True) assert not rest for sb in sc: if sb['bagId'] in rfc7292.pkcs12BagTypeMap: for bagattr in sb['bagAttributes']: if bagattr['attrType'] in openTypesMap: if bagattr['attrType'] == rfc2985.pkcs_9_at_friendlyName: assert bagattr['attrValues'][0] == "3f71af65-1687-444a-9f46-c8be194c3e8e" if bagattr['attrType'] == rfc2985.pkcs_9_at_localKeyId: assert bagattr['attrValues'][0] == univ.OctetString(hexValue='01000000') if attr['type'] == rfc2985.pkcs_9_at_pkcs7PDU: assert attr['values'][0]['contentType'] == rfc5652.id_signedData assert attr['values'][0]['content']['version'] == 1 for si in attr['values'][0]['content']['signerInfos']: assert si['version'] == 1 for siattr in si['signedAttrs']: if siattr['attrType'] in openTypesMap: if siattr['attrType'] == rfc2985.pkcs_9_at_contentType: assert siattr['attrValues'][0] == rfc5652.id_data if siattr['attrType'] == rfc2985.pkcs_9_at_messageDigest: assert siattr['attrValues'][0].prettyPrint()[2:10] == 'b6e422a4' if siattr['attrType'] == rfc2985.pkcs_9_at_signingTime: assert siattr['attrValues'][0]['utcTime'] == '190529182319Z' for choices in attr['values'][0]['content']['certificates']: for rdn in choices[0]['tbsCertificate']['subject']['rdnSequence']: if rdn[0]['type'] in openTypesMap: if rdn[0]['type'] == rfc2985.pkcs_9_at_emailAddress: assert rdn[0]['value'] == 'alice@example.com' suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc2986.py0000664006321400632140000000645613605660325021743 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import char from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc2986 from pyasn1_modules import rfc5280 try: import unittest2 as unittest except ImportError: import unittest class CertificationRequestTestCase(unittest.TestCase): pem_text = """\ MIICxjCCAa4CAQAwgYAxCzAJBgNVBAYTAlVTMR0wGwYDVQQDDBRmY3UuZmFrZS5h ZGRyZXNzLm9yZzEXMBUGA1UEBwwOUGxlYXNhbnQgR3JvdmUxHDAaBgNVBAoME0Zh a2UgQ29tcGFueSBVbml0ZWQxDTALBgNVBAgMBFV0YWgxDDAKBgNVBAsMA0VuZzCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALvnYesymhLKSm9Llix53BUA h99xMDBUYk0OB1VIdNQyjmFabHinM+lYUzVzrfcm1xtYB5QYKbsYuwZ4r5WI7qho CRJy6JwXqKpOe72ScCogxlGDr2QtKjtvyWrRwXBHX1/OqVSZ3hdz3njhKpmq6HgK 87vH26RCSmK8FqCgn+qePfpspA7GzBvYwXhXluQtG7r4yBMKNRTQlPst8Vcy+iK+ pI8hmQVrzGi8Hgbpr2L9EjPUOlAQEb8hxeKc7s5VhjN/RHMLVMX8YczZYt7mcDKr 3PMwOVmXL1DMCtnS50MA2AxcPWcbQBeGyMroP+DLhAt6y1/IT0H5sQruNQw4euMC AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQBQXYQPfH5Wy4o0ZFbKQOO1e3dHV8rl e8m9Z6qLgJO8rtW+OI+4FavJ6zjUvNVzd9JJxgwQ/1xprwrXh36nPcSyNLpGs7JT 6u7TGQ38QQAOmziLXzauMWGBeLuzWGmOKA1cs5HFGLSmbxF3+0IWpz4GlD86pU1+ WYyWgWHHAMA+kFYwBUR6CvPkmhshnZ8vrQavoOlcidCJ8o6IGA7N/Z0/NrgIDcoz YaruhoMrmRKHKNpfamhT0gvqEPBec+UB3uLElESIqaeqYc6eMtUQP3lqyghF6I0M fi6h7i9VVAZpslaKFfkNg12gLbbsCB1q36l5VXjHY/qe0FIUa9ogRrOi """ def setUp(self): self.asn1Spec = rfc2986.CertificationRequest() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate def testOpenTypes(self): openTypesMap = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc2986.CertificationRequest(), openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for rdn in asn1Object['certificationRequestInfo']['subject']['rdnSequence']: for atv in rdn: if atv['type'] == rfc5280.id_at_countryName: assert atv['value'] == char.PrintableString('US') else: assert len(atv['value']['utf8String']) > 2 spki_alg = asn1Object['certificationRequestInfo']['subjectPKInfo']['algorithm'] assert spki_alg['parameters'] == univ.Null("") sig_alg = asn1Object['signatureAlgorithm'] assert sig_alg['parameters'] == univ.Null("") suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3114.py0000664006321400632140000002711013605660325021711 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc3114 from pyasn1_modules import rfc5035 from pyasn1_modules import rfc5083 from pyasn1_modules import rfc5084 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5755 try: import unittest2 as unittest except ImportError: import unittest class SecurityLabelTestCase(unittest.TestCase): pem_text = """\ MIITHAYJKoZIhvcNAQcCoIITDTCCEwkCAQMxDTALBglghkgBZQMEAgIwggeUBgsq hkiG9w0BCRABF6CCB4MEggd/MIIHewIBADGCAk8wggJLAgEAMDMwJjEUMBIGA1UE CgwLZXhhbXBsZS5jb20xDjAMBgNVBAMMBUFsaWNlAgkAg/ULtwvVxA4wDQYJKoZI hvcNAQEBBQAEggIAdZphtN3x8a8kZoAFY15HYRD6JyPBueRUhLbTPoOH3pZ9xeDK +zVXGlahl1y1UOe+McEx2oD7cxAkhFuruNZMrCYEBCTZMwVhyEOZlBXdZEs8rZUH L3FFE5PJnygsSIO9DMxd1UuTFGTgCm5V5ZLFGmjeEGJRbsfTyo52S7iseJqIN3dl 743DbApu0+yuUoXKxqKdUFlEVxmhvc+Qbg/zfiwu8PTsYiUQDMBi4cdIlju8iLjj 389xQHNyndXHWD51is89GG8vpBe+IsN8mnbGtCcpqtJ/c65ErJhHTR7rSJSMEqQD 0LPOCKIY1q9FaSSJfMXJZk9t/rPxgUEVjfw7hAkKpgOAqoZRN+FpnFyBl0FnnXo8 kLp55tfVyNibtUpmdCPkOwt9b3jAtKtnvDQ2YqY1/llfEUnFOVDKwuC6MYwifm92 qNlAQA/T0+ocjs6gA9zOLx+wD1zqM13hMD/L+T2OHL/WgvGb62JLrNHXuPWA8RSh O4kIlPtARKXap2S3+MX/kpSUUrNa65Y5uK1jwFFclczG+CPCIBBn6iJiQT/vOX1I 97YUP4Qq6OGkjK064Bq6o8+e5+NmIOBcygYRv6wA7vGkmPLSWbnw99qD728bBh84 fC3EjItdusqGIwjzL0eSUWXJ5eu0Z3mYhJGN1pe0R/TEB5ibiJsMLpWAr3gwggUP BgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEGMBEEDE2HVyIurFKUEX8MEgIBEICCBOD+ L7PeC/BpmMOb9KlS+r+LD+49fi6FGBrs8aieGi7ezZQEiFYS38aYQzTYYCt3SbJQ TkX1fDsGZiaw/HRiNh7sJnxWATm+XNKGoq+Wls9RhSJ45Sw4GMqwpoxZjeT84Uoz OITk3l3fV+3XiGcCejHkp8DAKZFExd5rrjlpnnAOBX6w8NrXO4s2n0LrMhtBU4eB 2YKhGgs5Q6wQyXtU7rc7OOwTGvxWEONzSHJ01pyvqVQZAohsZPaWLULrM/kEGkrh G4jcaVjVPfULi7Uqo14imYhdCq5Ba4bwqI0Ot6mB27KD6LlOnVC/YmXCNIoYoWmq y1o3pSm9ovnLEO/dzxQjEJXYeWRje9M/sTxotM/5oZBpYMHqIwHTJbehXFgp8+oD jyTfayMYA3fTcTH3XbGPQfnYW2U9+ka/JhcSYybM8cuDNFd1I1LIQXoJRITXtkvP UbJqm+s6DtS5yvG9I8aQxlT365zphS4vbQaO74ujO8bE3dynrvTTV0c318TcHpN3 DY9PIt6mHXMIPDLEA4wes90zg6iah5XiQcLtfLaAdYwEEGlImGD8n0kOhSNgclSL Mklpj5mVOs8exli3qoXlVMRJcBptSwOe0QPcRY30spywS4zt1UDIQ0jaecGGVtUY j586nkubhAxwZkuQKWxgt6yYTpGNSKCdvd+ygfyGJRDbWdn6nck/EPnG1773KTHR hMrXrBPBpSlfyJ/ju3644CCFqCjFoTh4bmB63k9ejUEVkJIJuoeKeTBaUxbCIink K4htBkgchHP51RJp4q9jQbziD3aOhg13hO1GFQ4E/1DNIJxbEnURNp/ga8SqmnLY 8f5Pzwhm1mSzZf+obowbQ+epISrswWyjUKKO+uJfrAVN2TS/5+X6T3U6pBWWjH6+ xDngrAJwtIdKBo0iSEwJ2eir4X8TcrSy9l8RSOiTPtqS5dF3RWSWOzkcO72fHCf/ 42+DLgUVX8Oe5mUvp7QYiXXsXGezLJ8hPIrGuOEypafDv3TwFkBc2MIB0QUhk+GG 1ENY3jiNcyEbovF5Lzz+ubvechHSb1arBuEczJzN4riM2Dc3c+r8N/2Ft6eivK7H UuYX1uAcArhunZpA8yBGLF1m+DUXFtzWAUvfMKYPdfwGMckghF7YwLrTXd8ZhPIk HNO1KdwQKIRfgIlUPfTxRB7eNrG/Ma9a/IwrcI1QtkXU59uIZIw+7+FHZRWPsOjT u1Pdy+JtcSTG4dmS+DIwqpUzdu6MaBCVaOhXHwybvaSPTfMG/nR/NxF1FI8xgydn zXZs8HtFDL9iytKnvXHx+IIz8Rahp/PK8S80vPQNIeef/JgnIhtosID/A614LW1t B4cWdveYlD5U8T/XXInAtCY78Q9WJD+ecu87OJmlOdmjrFvitpQAo8+NGWxc7Wl7 LtgDuYel7oXFCVtI2npbA7R+K5/kzUvDCY6GTgzn1Gfamc1/Op6Ue17qd/emvhbI x+ng3swf8TJVnCNDIXucKVA4boXSlCEhCGzfoZZYGVvm1/hrypiBtpUIKWTxLnz4 AQJdZ5LGiCQJQU1wMyHsg6vWmNaJVhGHE6D/EnKsvJptFIkAx0wWkh35s48p7EbU 8QBg//5eNru6yvLRutfdBX7T4w681pCD+dOiom75C3UdahrfoFkNsZ2hB88+qNsE EPb/xuGu8ZzSPZhakhl2NS2ggglpMIICAjCCAYigAwIBAgIJAOiR1gaRT87yMAoG CCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwNTE0MDg1ODExWhcNMjEw NTEzMDg1ODExWjA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcM B0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMHYwEAYHKoZIzj0CAQYFK4EEACID YgAE8FF2VLHojmqlnawpQwjG6fWBQDPOy05hYq8oKcyg1PXH6kgoO8wQyKYVwsDH Evc1Vg6ErQm3LzdI8OQpYx3H386R2F/dT/PEmUSdcOIWsB4zrFsbzNwJGIGeZ33Z S+xGo1AwTjAdBgNVHQ4EFgQU8jXbNATapVXyvWkDmbBi7OIVCMEwHwYDVR0jBBgw FoAU8jXbNATapVXyvWkDmbBi7OIVCMEwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQD AwNoADBlAjBaUY2Nv03KolLNRJ2wSoNK8xlvzIWTFgIhsBWpD1SpJxRRv22kkoaw 9bBtmyctW+YCMQC3/KmjNtSFDDh1I+lbOufkFDSQpsMzcNAlwEAERQGgg6iXX+Nh A+bFqNC7FyF4WWQwggOHMIIDDqADAgECAgkApbNUKBuwbkYwCgYIKoZIzj0EAwMw PzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREw DwYDVQQKDAhCb2d1cyBDQTAeFw0xOTExMDIxODQyMThaFw0yMDExMDExODQyMTha MGYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjEQ MA4GA1UEChMHRXhhbXBsZTEMMAoGA1UECxMDUENBMRgwFgYDVQQDEw9wY2EuZXhh bXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ9/m9uACpsTl2frBuILHiw IJyfUEpKseYJ+JYL1AtIZU0YeJ9DA+32h0ZeNGJDtDClnbBEPpn3W/5+TzldcsTe QlAJB08gcVRjkQym9LtPq7rGubCeVWlRRE9M7F9znk6jggGtMIIBqTAdBgNVHQ4E FgQUJuolDwsyICik11oKjf8t3L1/VGUwbwYDVR0jBGgwZoAU8jXbNATapVXyvWkD mbBi7OIVCMGhQ6RBMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UE BwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0GCCQDokdYGkU/O8jAPBgNVHRMB Af8EBTADAQH/MAsGA1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0 aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1Ud IAQOMAwwCgYIKwYBBQUHDQIwCgYDVR02BAMCAQIwgZEGCCsGAQUFBwEVBIGEMIGB MFkGCyqGSIb3DQEJEAcDAwIF4DFGMESACyqGSIb3DQEJEAcEgTUwMwwXTEFXIERF UEFSVE1FTlQgVVNFIE9OTFkMGEhVTUFOIFJFU09VUkNFUyBVU0UgT05MWTARBgsq hkiG9w0BCRAHAgMCBPAwEQYLKoZIhvcNAQkQBwEDAgXgMAoGCCqGSM49BAMDA2cA MGQCMBlIP4FWrNzWXR8OgfcvCLGPG+110EdsmwznIF6ThT1vbJYvYoSbBXTZ9OCh /cCMMQIwJOySybHl/eLkNJh971DWF4mUQkt3WGBmZ+9Rg2cJTdat2ZjPKg101NuD tkUyjGxfMIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZI zj0EAwMwZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJu ZG9uMRAwDgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3Bj YS5leGFtcGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGS MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAO BgNVBAoTB0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1l bnQxDTALBgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5j b20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQg KpBispSxXxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQ QXc3zxnkcl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m71 1OqFDNGRSWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/ VGWhQ6RBMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVy bmRvbjERMA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTAD AQH/MAsGA1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0 ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAww CgYIKwYBBQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsq hkiG9w0BCRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09V UkNFUyBVU0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERl cGFydG1lbnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/ Hea3Hk8PtTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weB dBa5WEDIFFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2MYIB7jCCAeoCAQEwfjBmMQsw CQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNV BAoTB0V4YW1wbGUxDDAKBgNVBAsTA1BDQTEYMBYGA1UEAxMPcGNhLmV4YW1wbGUu Y29tAhRRzUhAYml5hDRfA5LZmZURvdp5nTALBglghkgBZQMEAgKggeIwGgYJKoZI hvcNAQkDMQ0GCyqGSIb3DQEJEAEXMBwGCSqGSIb3DQEJBTEPFw0xOTExMDgyMDA4 MzFaMD8GCSqGSIb3DQEJBDEyBDCd5WyvIB0VdXgPBWPtI152MIJLg5o68IRimCXx bVY0j3YyAKbi0egiZ/UunkyCfv0wZQYLKoZIhvcNAQkQAgIxVjFUAgEIBgsqhkiG 9w0BCRAHAzEtMCuACyqGSIb3DQEJEAcEgRwwGgwYSFVNQU4gUkVTT1VSQ0VTIFVT RSBPTkxZExNCb2FndXMgUHJpdmFjeSBNYXJrMAoGCCqGSM49BAMDBGcwZQIwWkD7 03QoNrKL5HJnuGJqvML1KlUXZDHnFpnJ+QMzXi8gocyfpRXWm6h0NjXieE0XAjEA uuDSOoaUIz+G9aemAE0ldpo1c0avNGa7BtynUTHmwosD6Sjfj0epAg9OnMedOjbr """ def testDerCodec(self): layers = { } layers.update(rfc5652.cmsContentTypesMap) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc5083.id_ct_authEnvelopedData: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc5083.id_ct_authEnvelopedData: lambda x: None } substrate = pem.readBase64fromText(self.pem_text) next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate if next_layer == rfc5652.id_signedData: attrs = asn1Object['signerInfos'][0]['signedAttrs'] certs = asn1Object['certificates'] substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) spid = rfc3114.id_tsp_TEST_Whirlpool catid = rfc3114.id_tsp_TEST_Whirlpool_Categories conf = rfc3114.Whirlpool_SecurityClassification(value='whirlpool-confidential') assert catid in rfc5755.securityCategoryMap.keys() assert rfc5755.id_at_clearance in rfc5280.certificateAttributesMap.keys() assert rfc5280.id_ce_subjectDirectoryAttributes in rfc5280.certificateExtensionsMap.keys() security_label_okay = False for attr in attrs: if attr['attrType'] == rfc5035.id_aa_securityLabel: esssl, rest = der_decode(attr['attrValues'][0], asn1Spec=rfc5035.ESSSecurityLabel()) assert not rest assert esssl.prettyPrint() assert der_encode(esssl) == attr['attrValues'][0] assert esssl['security-policy-identifier'] == spid assert esssl['security-classification'] == conf for cat in esssl['security-categories']: if cat['type'] == catid: scv, rest = der_decode(cat['value'], asn1Spec=rfc3114.SecurityCategoryValues()) assert not rest assert scv.prettyPrint() assert der_encode(scv) == cat['value'] for scv_str in scv: assert 'USE ONLY' in scv_str security_label_okay = True assert security_label_okay clearance_okay = False for cert_choice in certs: for extn in cert_choice['certificate']['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5755.id_at_clearance: av, rest = der_decode(attr['values'][0], asn1Spec=rfc5280.certificateAttributesMap[attr['type']]) assert av['policyId'] == spid for cat in av['securityCategories']: assert cat['type'] == catid scv, rest = der_decode(cat['value'], asn1Spec=rfc5755.securityCategoryMap[cat['type']]) assert not rest assert scv.prettyPrint() assert der_encode(scv) == cat['value'] for scv_str in scv: assert 'USE ONLY' in scv_str clearance_okay = True assert clearance_okay suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3161.py0000664006321400632140000000662013605660325021716 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc3161 try: import unittest2 as unittest except ImportError: import unittest class TSPQueryTestCase(unittest.TestCase): tsp_query_pem_text = """\ MFYCAQEwUTANBglghkgBZQMEAgMFAARAGu1DauxDZZv8F7l4EKIbS00U40mUKfBW5C0giEz0 t1zOHCvK4A8i8zxwUXFHv4pAJZE+uFhZ+v53HTg9rLjO5Q== """ def setUp(self): self.asn1Spec = rfc3161.TimeStampReq() def testDerCodec(self): substrate = pem.readBase64fromText(self.tsp_query_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class TSPResponseTestCase(unittest.TestCase): tsp_response_pem_text = """\ MIIFMTADAgEAMIIFKAYJKoZIhvcNAQcCoIIFGTCCBRUCAQMxCzAJBgUrDgMCGgUAMIIBowYL KoZIhvcNAQkQAQSgggGSBIIBjjCCAYoCAQEGBCoDBAEwUTANBglghkgBZQMEAgMFAARAGu1D auxDZZv8F7l4EKIbS00U40mUKfBW5C0giEz0t1zOHCvK4A8i8zxwUXFHv4pAJZE+uFhZ+v53 HTg9rLjO5QIDDwJEGA8yMDE5MDUxMDE4MzQxOFoBAf+gggERpIIBDTCCAQkxETAPBgNVBAoT CEZyZWUgVFNBMQwwCgYDVQQLEwNUU0ExdjB0BgNVBA0TbVRoaXMgY2VydGlmaWNhdGUgZGln aXRhbGx5IHNpZ25zIGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0cyBtYWRlIHVz aW5nIHRoZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAWBgNVBAMTD3d3dy5mcmVl dHNhLm9yZzEiMCAGCSqGSIb3DQEJARYTYnVzaWxlemFzQGdtYWlsLmNvbTESMBAGA1UEBxMJ V3VlcnpidXJnMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmF5ZXJuMYIDWjCCA1YCAQEwgaMw gZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cu ZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNV BAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERQIJAMHphhYNqOmC MAkGBSsOAwIaBQCggYwwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMBwGCSqGSIb3DQEJ BTEPFw0xOTA1MTAxODM0MThaMCMGCSqGSIb3DQEJBDEWBBSuLICty7PQHx0Ynk0a3rGcCRrf EjArBgsqhkiG9w0BCRACDDEcMBowGDAWBBSRbaPYYOzKguNLxZ0Xk+fpaIdfFDANBgkqhkiG 9w0BAQEFAASCAgBFDVbGQ3L5GcaUBMtBnMW7x3S57QowQhhrTewvncY+3Nc2i6tlM1UEdxIp 3m2iMqaH/N2xIm2sU/L/lIwaT1XIS4bJ2Nn8UPjZu/prJrVUFTMjJ5LWkG55x6c5A4pa2xxS N/kOV2e+6RHYlGvcDOvu2fzuz08hE+NjaHIPg3idU1cBsl0gTWZCTrxdXTLuuvHahxUAdQKm gTdGPjIiOR4GYpaVxEAgulaBQLZU5MhfBTASI1LkljhiFeDBQMhTUeZoA59/OxgnQR1Zpca4 ZuWuqnZImxziRQA1tX/6pjAo5eP1V+SLWYHeIO7ia/urGIK9AXd3jY3Ljq4h7R1E+RRKIseO 74mmtbJtCaiGL9H+6k164qC7U5fHBzKl3UboZtOUmNj10IJPUNyKQ5JPwCe6HEhbeXLRdh/8 bjdqy56hBHyG1NRBqiTXTvj9LOzsJGIF5GjwyCT0B2hpvzdTdzNtfQ27HUUYgnYg0fGEpNpi vyaW5qCh9S704IKB0m/fXlqiIfNVdqDr/aAHNww8CouZP2oFO61WXCspbFNPLubeqxd5P4o4 dJzD4PKsurILdX7SL8pRI+O2UtJLwNB1t3LBLKfTZuOWoSBFvQwbqBsDEchrZIDZXSXMbXd6 uuvuO3ZsRWuej+gso+nWi3CRnRc9Wb0++cq4s8YSLaYSj2pHMA== """ def setUp(self): self.asn1Spec = rfc3161.TimeStampResp() def testDerCodec(self): substrate = pem.readBase64fromText(self.tsp_response_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3274.py0000664006321400632140000000547113605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc3274 from pyasn1_modules import rfc5652 try: import unittest2 as unittest except ImportError: import unittest class CompressedDataTestCase(unittest.TestCase): compressed_data_pem_text = """\ MIIB7wYLKoZIhvcNAQkQAQmgggHeMIIB2gIBADANBgsqhkiG9w0BCRADCDCCAcQG CSqGSIb3DQEHAaCCAbUEggGxeJxVksGO1DAQRO/+ir4xK4VlNSAhcUPRrgRiLgw/ 0Il7Egu7bdntMOHraSezMJyixOWq19XpIwuxvP2xJvoEQld5lzw6Nub7Sw/vjx8/ dJDq4F2ZyYJj+FqZ4Pj0dOzA0sUxFUC4xBxQ2gNqcTzBGEPKVApZY1EQsKn6vCaJ U8Y0uxFOeowTwXllwSsc+tP5Qe9tOCCK8wjQ32zUcvcZSDMIJCOX4PQgMqQcF2c3 Dq5hoAzxAmgXVN+JSqfUo6+2YclMhrwLjlHaVRVutplsZYs8rvBL2WblqN7CTD4B MqAIjj8pd1ASUXMyNbXccWeDYd0sxlsGYIhVp3i1l6jgr3qtUeUehbIpQqnAoVSN 1IqKm7hZaI3EY2tLIR86RbD//ONCGb2HsPdnivvdqvrsZY51mlu+NjTjQhpKWz0p FvRlWw9ae7+fVgKKie0SeFpIZYemoyuG5HUS2QY6fTk9N6zz+dsuUyr9Xghs5Ddi 1LbZbVoNHDyFNv19jL7qiv9uuLK/XTD3Kqct1JS822vS8vWXpMzYBtal/083rMap XQ7u2qbaKFtZ7V96NH8ApkUFkg== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.compressed_data_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc3274.id_ct_compressedData cd, rest = der_decode(asn1Object['content'], asn1Spec=rfc3274.CompressedData()) assert not rest assert cd.prettyPrint() assert der_encode(cd) == asn1Object['content'] assert cd['compressionAlgorithm']['algorithm'] == rfc3274.id_alg_zlibCompress assert cd['encapContentInfo']['eContentType'] == rfc5652.id_data def testOpenTypes(self): substrate = pem.readBase64fromText(self.compressed_data_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc3274.id_ct_compressedData cd = asn1Object['content'] assert cd['compressionAlgorithm']['algorithm'] == rfc3274.id_alg_zlibCompress assert cd['encapContentInfo']['eContentType'] == rfc5652.id_data suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3279.py0000664006321400632140000003751413605660325021736 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc3279 try: import unittest2 as unittest except ImportError: import unittest class RSACertificateTestCase(unittest.TestCase): rsa_cert_pem_text = """\ MIIE8TCCA9mgAwIBAgIQbyXcFa/fXqMIVgw7ek/H+DANBgkqhkiG9w0BAQUFADBv MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow gYExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMScwJQYD VQQDEx5DT01PRE8gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDQQIuLcuORG/dRwRtUBJjTqb/B5opdO4f7u4jO DeMvPwaW8KIpUJmu2zuhV7B0UXHN7UKRTUH+qcjYaoZ3RLtZZpdQXrTULHBEz9o3 lUJpPDDEcbNS8CFNodi6OXwcnqMknfKDFpiqFnxDmxVbt640kf7UYiYYRpo/68H5 8ZBX66x6DYvbcjBqZtXgRqNw3GjZ/wRIiXfeten7Z21B6bw5vTLZYgLxsag9bjec 4i/i06Imi8a4VUOI4SM+pdIkOWpHqwDUobOpJf4NP6cdutNRwQuk2qw471VQJAVl RpM0Ty2NrcbUIRnSjsoFYXEHc0flihkSvQRNzk6cpUisuyb3AgMBAAGjggF0MIIB cDAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73gJMtUGjAdBgNVHQ4EFgQUC1jl i8ZMFTekQKkwqSG+RzZaVv8wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMB Af8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9j cmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LmNybDCBswYI KwYBBQUHAQEEgaYwgaMwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0 LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LnA3YzA5BggrBgEFBQcwAoYtaHR0 cDovL2NydC51c2VydHJ1c3QuY29tL0FkZFRydXN0VVROU0dDQ0EuY3J0MCUGCCsG AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBBQUA A4IBAQAHYJOZqs7Q00fQNzPeP2S35S6jJQzVMx0Njav2fkZ7WQaS44LE5/X289kF z0k0LTdf9CXH8PtrI3fx8UDXTLtJRTHdAChntylMdagfeTHJNjcPyjVPjPF+3vxG q79om3AjMC63xVx7ivsYE3lLkkKM3CyrbCK3KFOzGkrOG/soDrc6pNoN90AyT99v uwFQ/IfTdtn8+7aEA8rJNhj33Wzbu7qBHKat/ij5z7micV0ZBepKRtxzQe+JlEKx Q4hvNRevHmCDrHqMEHufyfaDbZ76iO4+3e6esL/garnQnweyCROa9aTlyFt5p0c1 M2jlVZ6qW8swC53HD79oRIGXi1FK """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.rsa_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.rsaEncryption spki_pk = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'].asOctets() pk, rest = der_decode(spki_pk, asn1Spec=rfc3279.RSAPublicKey()) assert not rest assert pk.prettyPrint() assert der_encode(pk) == spki_pk assert pk['publicExponent'] == 65537 assert asn1Object['tbsCertificate']['signature']['algorithm'] == rfc3279.sha1WithRSAEncryption assert asn1Object['signatureAlgorithm']['algorithm'] == rfc3279.sha1WithRSAEncryption def testOpenTypes(self): substrate = pem.readBase64fromText(self.rsa_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.rsaEncryption assert spki_a['parameters'] == univ.Null("") class ECCertificateTestCase(unittest.TestCase): ec_cert_pem_text = """\ MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBh MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVT MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBT ZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6g LGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv 68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0w EgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEE KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0f BDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv YmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/A buiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJ KoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/6 3qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoB UEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6 mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3 loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQd Ea8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.ec_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.id_ecPublicKey spki_a_p, rest = der_decode(spki_a['parameters'], asn1Spec=rfc3279.EcpkParameters()) assert not rest assert spki_a_p.prettyPrint() assert der_encode(spki_a_p) == spki_a['parameters'] assert spki_a_p['namedCurve'] == univ.ObjectIdentifier('1.3.132.0.34') def testOpenTypes(self): asn1Spec = rfc5280.Certificate() substrate = pem.readBase64fromText(self.ec_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.id_ecPublicKey assert spki_a['parameters']['namedCurve'] == univ.ObjectIdentifier('1.3.132.0.34') class DSACertificateTestCase(unittest.TestCase): dsa_cert_pem_text = """\ MIIDpjCCA0ygAwIBAgIUY8xt3l0B9nIPWSpjs0hDJUJZmCkwCwYJYIZIAWUDBAMC MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjER MA8GA1UEChMIQm9ndXMgQ0EwHhcNMTkxMDIwMjAxMjMwWhcNMjAxMDE5MjAxMjMw WjBwMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24x EDAOBgNVBAoTB0V4YW1wbGUxDjAMBgNVBAsTBUFsaWNlMSAwHgYJKoZIhvcNAQkB FhFhbGljZUBleGFtcGxlLmNvbTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCLpR53 xHfe+SiknAK/L9lm/ZO1109c9iYkriPIW/5MMlM+qc/tdRkKpG6ELIpfXTPtKCJm zqqVIyTmAJryyE8Xw0Ie2mzYPU5ULvKmllQkjTsWgPGgQBkciZ0AW9ggD9VwZilg 4qh3iSO7T97hVQFnpCh6vm8pOH6UP/5kpr9ZJQIVANzdbztBJlJfqCB1t4h/NvSu wCFvAoGAITP+jhYk9Rngd98l+5ccgauQ+cLEUBgNG2Wq56zBXQbLou6eKkQi7ecL NiRmExq3IU3LOj426wSxL72Kw6FPyOEv3edIFkJJEHL4Z+ZJeVe//dzya0ddOJ7k k6qNF2ic+viD/5Vm8yRyKiig2uHH/MgIesLdZnvbzvX+f/P0z50DgYQAAoGALAUl jkOi1PxjjFVvhGfK95yIsrfbfcIEKUBaTs9NR2rbGWUeP+93paoXwP39X9wrJx2M SWeHWhWKszNgoiyqYT0k4R9mem3WClotxOvB5fHfwIp2kQYvE7H0/TPdGhfUpHQG YpyLQgT6L80meSKMFnu4VXGzOANhWDxu3JxiADCjgZQwgZEwCwYDVR0PBAQDAgeA MEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVz dGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFO37wHcauyc03rDc6cDRRsHz gcK+MB8GA1UdIwQYMBaAFM1IZQGDsqYHWwb+I4EMxHPk0bU4MAsGCWCGSAFlAwQD AgNHADBEAiBBRbfMzLi7+SVyO8SM3xxwUsMf/k1B+Nkvf1kBTfCfGwIgSAx/6mI+ pNqdXqZZGESXy1MT1aBc4ynPGLFUr2r7cPY= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.dsa_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.id_dsa spki_a_p, rest = der_decode(spki_a['parameters'], asn1Spec=rfc3279.Dss_Parms()) assert not rest assert spki_a_p.prettyPrint() assert der_encode(spki_a_p) == spki_a['parameters'] q_value = 1260916123897116834511257683105158021801897369967 assert spki_a_p['q'] == q_value sig_value, rest = der_decode(asn1Object['signature'].asOctets(), asn1Spec=rfc3279.Dss_Sig_Value()) assert not rest assert sig_value.prettyPrint() assert der_encode(sig_value) == asn1Object['signature'].asOctets() assert sig_value['r'].hasValue() assert sig_value['s'].hasValue() def testOpenTypes(self): substrate = pem.readBase64fromText(self.dsa_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.id_dsa q_value = 1260916123897116834511257683105158021801897369967 assert spki_a['parameters']['q'] == q_value class KEACertificateTestCase(unittest.TestCase): kea_cert_pem_text = """\ MIICizCCAjOgAwIBAgIUY8xt3l0B9nIPWSpjs0hDJUJZmCgwCQYHKoZIzjgEAzA/ MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xETAP BgNVBAoTCEJvZ3VzIENBMB4XDTE5MTAyMDIwMDkyMVoXDTIwMTAxOTIwMDkyMVow cDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw DgYDVQQKEwdFeGFtcGxlMQ4wDAYDVQQDEwVBbGljZTEgMB4GCSqGSIb3DQEJARYR YWxpY2VAZXhhbXBsZS5jb20wgaAwFwYJYIZIAWUCAQEWBApc+PEn5ladbYizA4GE AAKBgB9Lc2QcoSW0E9/VnQ2xGBtpYh9MaDUBzIixbN8rhDwh0BBesD2TwHjzBpDM 2PJ6DD1ZbBcz2M3vJaIKoZ8hA2EUtbbHX1BSnVfAdeqr5St5gfnuxSdloUjLQlWO rOYfpFVEp6hJoKAZiYfiXz0fohNXn8+fiU5k214byxlCPlU0o4GUMIGRMAsGA1Ud DwQEAwIDCDBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3Qg YmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMB0GA1UdDgQWBBSE49bkPB9sQm27 Rs2jgAPMyY6UCDAfBgNVHSMEGDAWgBTNSGUBg7KmB1sG/iOBDMRz5NG1ODAJBgcq hkjOOAQDA0cAMEQCIE9PWhUbnJVdNQcVYSc36BMZ+23uk2ITLsgSXtkScF6TAiAf TPnJ5Wym0hv2fOpnPPsWTgqvLFYfX27GGTquuOd/6A== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): asn1Spec = rfc5280.Certificate() substrate = pem.readBase64fromText(self.kea_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.id_keyExchangeAlgorithm spki_a_p, rest = der_decode(spki_a['parameters'], asn1Spec=rfc3279.KEA_Parms_Id()) assert not rest assert spki_a_p.prettyPrint() assert der_encode(spki_a_p) == spki_a['parameters'] assert spki_a_p == univ.OctetString(hexValue='5cf8f127e6569d6d88b3') assert asn1Object['tbsCertificate']['signature']['algorithm'] == rfc3279.id_dsa_with_sha1 assert asn1Object['signatureAlgorithm']['algorithm'] == rfc3279.id_dsa_with_sha1 sig_value, rest = der_decode(asn1Object['signature'].asOctets(), asn1Spec=rfc3279.Dss_Sig_Value()) assert not rest assert sig_value.prettyPrint() assert der_encode(sig_value) == asn1Object['signature'].asOctets() assert sig_value['r'].hasValue() assert sig_value['s'].hasValue() def testOpenTypes(self): substrate = pem.readBase64fromText(self.kea_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.id_keyExchangeAlgorithm assert spki_a['parameters'] == univ.OctetString(hexValue='5cf8f127e6569d6d88b3') assert asn1Object['tbsCertificate']['signature']['algorithm'] == rfc3279.id_dsa_with_sha1 assert asn1Object['signatureAlgorithm']['algorithm'] == rfc3279.id_dsa_with_sha1 class DHCertificateTestCase(unittest.TestCase): dh_cert_pem_text = """\ MIIEtDCCBFqgAwIBAgIUY8xt3l0B9nIPWSpjs0hDJUJZmCkwCwYJYIZIAWUDBAMC MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjER MA8GA1UEChMIQm9ndXMgQ0EwHhcNMTkxMDIwMjAxMjMwWhcNMjAxMDE5MjAxMjMw WjBwMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24x EDAOBgNVBAoTB0V4YW1wbGUxDjAMBgNVBAsTBUFsaWNlMSAwHgYJKoZIhvcNAQkB FhFhbGljZUBleGFtcGxlLmNvbTCCAsQwggI5BgcqhkjOPgIBMIICLAKCAQEAt9x/ 0iwGww3k19h+wbODVK1yqjFzEY2pyfXthHcn+nEw+DpURJ+iOhYPr68E3XO5sB48 r5xTZhPN5+YejD3T8qhnDtiq4qrrSH7BOaEzqCDpHE2Bpoy3SodQ5Obaiu9Kx1ix BRk/oRZUH+F+ATZmF0rPKrZGZOnmsh0IZm3dlmRR9FRGn0aJlZKXveqp+hZ97/r0 cbSo6wdT47APfocgweZMvgWu1IQBs6FiunRgaeX3RyLr4fnkvCzUM7TmxpRJYtL6 myAp007QvtgQ0AdEwVfNl3jQ0IIW7TtpXVxDDQaKZZe9yYrY4GV3etlYk8a4cpjN rBxBCCTMASE4+iVtPQKCAQAg3m19vWc1TlHmkeqLwgvHN0Ufdyw5axWtc8qIJGZ1 MezhyLyD4RU0VFCSocJCCe2k2kS2P2vQERZZYcn/nCYuiswCjOCbnwKozfaTZ3Fc 1KOCtb4EEcuk/th5XNhWCYJJ7Hasym8zuPaqh5TLcsHXp0/lQUiOV2uVHnAt503A HY1v4PhlZ3G0CRZMenafU0Ky7a6zhrqFvWgtSdo+vN0S9xS/KJuTaWsYgOAt4r2I K1uwuWuvA5L1Qrdj8pDzMLkdlyHU1Jgjzk0rNQDTbUkZX9CAi/xKUGZysjWfOn1F HC1vJ1sbP9nTXpWRain1/6yatB2RxLTvWYyAq9IsL/8PAiEAkY8lGryvcZI/pxXt XwSaXEL2d77GSGICMGZa1wOJtdEDgYQAAoGALAUljkOi1PxjjFVvhGfK95yIsrfb fcIEKUBaTs9NR2rbGWUeP+93paoXwP39X9wrJx2MSWeHWhWKszNgoiyqYT0k4R9m em3WClotxOvB5fHfwIp2kQYvE7H0/TPdGhfUpHQGYpyLQgT6L80meSKMFnu4VXGz OANhWDxu3JxiADCjgZQwgZEwCwYDVR0PBAQDAgMIMEIGCWCGSAGG+EIBDQQ1FjNU aGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVycG9z ZS4wHQYDVR0OBBYEFO37wHcauyc03rDc6cDRRsHzgcK+MB8GA1UdIwQYMBaAFM1I ZQGDsqYHWwb+I4EMxHPk0bU4MAsGCWCGSAFlAwQDAgNHADBEAiB1LU0esRdHDvSj kqAm+3viU2a+hl66sLrK5lYBOYqGYAIgWG7bDxqFVP6/stHfdbeMovLejquEl9tr iPEBA+EDHjk= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.dh_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.dhpublicnumber spki_a_p, rest = der_decode(spki_a['parameters'], asn1Spec=rfc3279.DomainParameters()) assert not rest assert spki_a_p.prettyPrint() assert der_encode(spki_a_p) == spki_a['parameters'] q_value = 65838278260281264030127352144753816831178774189428428256716126077244217603537 assert spki_a_p['q'] == q_value def testOpenTypes(self): substrate = pem.readBase64fromText(self.dh_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc3279.dhpublicnumber q_value = 65838278260281264030127352144753816831178774189428428256716126077244217603537 assert spki_a['parameters']['q'] == q_value suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc3280.py0000664006321400632140000000566013605660325021723 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc3280 try: import unittest2 as unittest except ImportError: import unittest class CertificateTestCase(unittest.TestCase): pem_text = """\ MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG 9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs 2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu """ def setUp(self): self.asn1Spec = rfc3280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class CertificateListTestCase(unittest.TestCase): pem_text = """\ MIIBVjCBwAIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJBVTETMBEGA1UE CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk MRUwEwYDVQQDEwxzbm1wbGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25t cGxhYnMuY29tFw0xMjA0MTExMzQwNTlaFw0xMjA1MTExMzQwNTlaoA4wDDAKBgNV HRQEAwIBATANBgkqhkiG9w0BAQUFAAOBgQC1D/wwnrcY/uFBHGc6SyoYss2kn+nY RTwzXmmldbNTCQ03x5vkWGGIaRJdN8QeCzbEi7gpgxgpxAx6Y5WkxkMQ1UPjNM5n DGVDOtR0dskFrrbHuNpWqWrDaBN0/ryZiWKjr9JRbrpkHgVY29I1gLooQ6IHuKHY vjnIhxTFoCb5vA== """ def setUp(self): self.asn1Spec = rfc3280.CertificateList() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3281.py0000664006321400632140000000562613605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc3281 try: import unittest2 as unittest except ImportError: import unittest class AttributeCertificateTestCase(unittest.TestCase): pem_text = """\ MIIDBTCCAm4CAQEwgY+gUTBKpEgwRjEjMCEGA1UEAwwaQUNNRSBJbnRlcm1lZGlh dGUgRUNEU0EgQ0ExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlBQ01FIEx0ZC4CAx7N WqE6pDgwNjETMBEGA1UEAwwKQUNNRSBFQ0RTQTELMAkGA1UEBhMCRkkxEjAQBgNV BAoMCUFDTUUgTHRkLqA9MDukOTA3MRQwEgYDVQQDDAtleGFtcGxlLmNvbTELMAkG A1UEBhMCRkkxEjAQBgNVBAoMCUFDTUUgTHRkLjANBgkqhkiG9w0BAQsFAAIEC63K /jAiGA8yMDE2MDEwMTEyMDAwMFoYDzIwMTYwMzAxMTIwMDAwWjCB8jA8BggrBgEF BQcKATEwMC6GC3VybjpzZXJ2aWNlpBUwEzERMA8GA1UEAwwIdXNlcm5hbWUECHBh c3N3b3JkMDIGCCsGAQUFBwoCMSYwJIYLdXJuOnNlcnZpY2WkFTATMREwDwYDVQQD DAh1c2VybmFtZTA1BggrBgEFBQcKAzEpMCegGKQWMBQxEjAQBgNVBAMMCUFDTUUg THRkLjALDAlBQ01FIEx0ZC4wIAYIKwYBBQUHCgQxFDASMBAMBmdyb3VwMQwGZ3Jv dXAyMCUGA1UESDEeMA2hC4YJdXJuOnJvbGUxMA2hC4YJdXJuOnJvbGUyMGowHwYD VR0jBBgwFoAUgJCMhskAsEBzvklAX8yJBOXO500wCQYDVR04BAIFADA8BgNVHTcB Af8EMjAwMB2gCoYIdXJuOnRlc3SgD4INKi5leGFtcGxlLmNvbTAPoA2GC3Vybjph bm90aGVyMA0GCSqGSIb3DQEBCwUAA4GBACygfTs6TkPurZQTLufcE3B1H2707OXK sJlwRpuodR2oJbunSHZ94jcJHs5dfbzFs6vNfVLlBiDBRieX4p+4JcQ2P44bkgyi UTJu7g1b6C1liB3vO6yH5hOZicOAaKd+c/myuGb9uJ4n6y2oLNxnk/fDzpuZUe2h Q4eikPk4LQey """ def setUp(self): self.asn1Spec = rfc3281.AttributeCertificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['acinfo']['version'] == 1 attributeMap = { rfc3281.id_at_role: rfc3281.RoleSyntax(), rfc3281.id_aca_authenticationInfo: rfc3281.SvceAuthInfo(), rfc3281.id_aca_accessIdentity: rfc3281.SvceAuthInfo(), rfc3281.id_aca_chargingIdentity: rfc3281.IetfAttrSyntax(), rfc3281.id_aca_group: rfc3281.IetfAttrSyntax(), } count = 0 for attr in asn1Object['acinfo']['attributes']: assert attr['type'] in attributeMap av, rest = der_decode(attr['values'][0], asn1Spec=attributeMap[attr['type']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['values'][0] count += 1 assert count == 5 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3447.py0000664006321400632140000000542613605660325021730 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc3447 try: import unittest2 as unittest except ImportError: import unittest # openssl genrsa -primes 3 -f4 -out multiprime.key class MultiprimeRSAPrivateKeyTestCase(unittest.TestCase): pem_text = """\ MIIE2QIBAQKCAQEAn82EqwXasE2TFNSmZucB8LNza2mOWLHF3nxpxKXalPMDvezc 5Dq7Ytcv/k9jJL4j4jYfvR4yyZdU9iHLaD6hOINZ8E6hVpx/4c96ZUSOLzD2g+u+ jIuoNfG+zygSBGYCS6BLCAIsZ+2wUyxYpLJknHJld9/jy+aLmmyrilhH9dH5AUiV 3NeWht/68++dMXf4ZI/gV4bMSlWhggxkz2WJJpiQdCdJatGkwNDkHmLA9X0tC6OH SPE7qYdxG38cYS5F445SgnhDpiK7BodSqYLwgehaDjoOYdEgHVnOcpBCDI5zCJSL b1c/z8uhrB1xxlECR44wCLcKsIIYQxaEErRJ/wIDAQABAoIBAD+Ra5L0szeqxDVn GgKZJkZvvBwgU0WpAgMtDo3xQ/A4c2ab0IrhaiU5YJgTUGcPVArqaNm8J4vVrTBz 5QxEzbFDXwWe4cMoYh6bgB7ElKLlIUr8/kGZUfgc7kI29luEjcAIEAC2/RQHesVn DHkL5OzqZL+4fIwckAMh0tXdflsPgZ/jgIaKca4OqKu4KGnczm3UvqtlvwisAjkx zMyfZXOLn0vEwP2bfbhQrCVrP7n6a+CV+Kqm8NBWnbiS6x2rWemVVssNTbfXQztq wC6ZJZCLK7plciDBWvHcS6vxdcsS9DUxuqSV6o/stCGTl1D+9tDx8Od0Eunna2B2 wAoRHZECVgbNO1bqwfYpp5aFuySWoP+KZz8f/5ZkHjLwiNGpQcqVd4+7Ql2R4qgF NgSoQQOZFhKtiOeLVU0HYfp6doI4waSINZdF/fJDHD6fY3AMOc/IIMDHHIzbAlYG vKOocLXWj/2+gcyQ1XoAmrE70aIFUBLSvd7RCi8GI74zYWp5lCSvO850Z4GsWSZT 41iF13sTDDJPm3+BbzMvEu2GuACi/8/IpbUr24/FP9Cp1Rf7kwJWAgMxfoshbrNu ebQB5laHNnT+DYhrOFVRNiNDaD2bUNSetrFidosWtD4ueHxMGENwa4BbFJ9+UrdP fyxC6k7exM7khGjaNZczwTep1VpYtKjzP/bp9KcCVgYoj9s9HZ1FCAsNEPodjGfd AcPTQS9mIa7wzy19B7uvFQJXPURi/p4KKBMVQ99Pp8/r9lJzxxiEf8FyPr8N7lZM EUKkFkDrZQDhKpsrHWSNj6yRFlltAlYC7dYR8KLEWoOUATLosxQhwgypv+23r+d4 ZdPOdDv9n8Kmj+NFy/oISFfdXzlOU4RWQtMx3hEwAabwct7vjiJEej/kmiTqco02 17tt13VvvQ5ZXF73dDCCAQwwggEIAlYDfMpM1WNfxcLLOgkRZ+0S9OvIrEOi0ALV SquTdi/thhCuCsK3lMD4miN9te8j16YtqEFVWXC3a6DWwIJ6m/xZ50bBwPqM8RsI 6FWhZw4Dr5VqjYXUvwJWAvapRk9SydDYri/cAtGIkUJVlspkE1emALAaSw30vmfd hrgYLT6YGOmK3UmcNJ4NVeET275MXWF1ZOhkOGKTN6aj5wPhJaHBMnmUQrq7GwC6 /LfUkSsCVgMCDTV9gbFW8u6TcTVW85dBIeUGxZh1T2pbU3dkGO3IOxOhzJUplH4/ EeEs9dusHakg1ERXAg4Vo1YowPW8kuVbZ9faxeVrmuER5NcCuZzS5X/obGUw """ def setUp(self): self.asn1Spec = rfc3447.RSAPrivateKey() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3560.py0000664006321400632140000000506713605660325021725 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc3560 try: import unittest2 as unittest except ImportError: import unittest class OAEPDefautTestCase(unittest.TestCase): oaep_default_pem_text = "MAsGCSqGSIb3DQEBBw==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.oaep_default_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc3560.id_RSAES_OAEP assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) class OAEPSHA256TestCase(unittest.TestCase): oaep_sha256_pem_text = "MDwGCSqGSIb3DQEBBzAvoA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQA=" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.oaep_sha256_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc3560.id_RSAES_OAEP assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) class OAEPFullTestCase(unittest.TestCase): oaep_full_pem_text = "MFMGCSqGSIb3DQEBBzBGoA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiFTATBgkqhkiG9w0BAQkEBmZvb2Jhcg==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.oaep_full_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc3560.id_RSAES_OAEP assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3565.py0000664006321400632140000000431613605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc3565 try: import unittest2 as unittest except ImportError: import unittest class AESKeyWrapTestCase(unittest.TestCase): kw_alg_id_pem_text = "MAsGCWCGSAFlAwQBLQ==" def setUp(self): self.asn1Spec = rfc3565.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.kw_alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc3565.id_aes256_wrap assert der_encoder.encode(asn1Object) == substrate class AESCBCTestCase(unittest.TestCase): aes_alg_id_pem_text = "MB0GCWCGSAFlAwQBKgQQEImWuoUOPwM5mTu1h4oONw==" def setUp(self): self.asn1Spec = rfc3565.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.aes_alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc3565.id_aes256_CBC assert asn1Object[1].isValue assert der_encoder.encode(asn1Object) == substrate def testOpenTypes(self): substrate = pem.readBase64fromText(self.aes_alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc3565.id_aes256_CBC aes_iv = univ.OctetString(hexValue='108996ba850e3f0339993bb5878a0e37') assert asn1Object[1] == aes_iv assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc3709.py0000664006321400632140000002033713605660325021727 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc3709 try: import unittest2 as unittest except ImportError: import unittest class CertificateExtnWithUrlTestCase(unittest.TestCase): pem_text = """\ MIIC9zCCAn2gAwIBAgIJAKWzVCgbsG46MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkwNTE0MTAwMjAwWhcNMjAwNTEzMTAwMjAwWjBlMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZp Z2lsIFNlY3VyaXR5IExMQzEaMBgGA1UEAxMRbWFpbC52aWdpbHNlYy5jb20wdjAQ BgcqhkjOPQIBBgUrgQQAIgNiAATwUXZUseiOaqWdrClDCMbp9YFAM87LTmFirygp zKDU9cfqSCg7zBDIphXCwMcS9zVWDoStCbcvN0jw5CljHcffzpHYX91P88SZRJ1w 4hawHjOsWxvM3AkYgZ5nfdlL7EajggEdMIIBGTALBgNVHQ8EBAMCB4AwQgYJYIZI AYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9y IGFueSBwdXJwb3NlLjAdBgNVHQ4EFgQU8jXbNATapVXyvWkDmbBi7OIVCMEwHwYD VR0jBBgwFoAU8jXbNATapVXyvWkDmbBi7OIVCMEwgYUGCCsGAQUFBwEMBHkwd6J1 oHMwcTBvMG0WCWltYWdlL3BuZzAzMDEwDQYJYIZIAWUDBAIBBQAEIJtBNrMSSNo+ 6Rwqwctmcy0qf68ilRuKEmlf3GLwGiIkMCsWKWh0dHA6Ly93d3cudmlnaWxzZWMu Y29tL3ZpZ2lsc2VjX2xvZ28ucG5nMAoGCCqGSM49BAMDA2gAMGUCMGhfLH4kZaCD H43A8m8mHCUpYt9unT0qYu4TCMaRuOTYEuqj3qtuwyLcfAGuXKp/oAIxAIrPY+3y Pj22pmfmQi5w21UljqoTj/+lQLkU3wfy5BdVKBwI0GfEA+YL3ctSzPNqAA== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc3709.id_pe_logotype: s = extn['extnValue'] logotype, rest = der_decode(s, rfc3709.LogotypeExtn()) assert not rest assert logotype.prettyPrint() assert der_encode(logotype) == s ids = logotype['subjectLogo']['direct']['image'][0]['imageDetails'] assert ids['mediaType'] == "image/png" assert ids['logotypeURI'][0] == "http://www.vigilsec.com/vigilsec_logo.png" assert rfc3709.id_pe_logotype in extn_list def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] class CertificateExtnWithDataTestCase(unittest.TestCase): pem_text = """\ MIIJJDCCCAygAwIBAgIRAPIGo/5ScWbpAAAAAFwQBqkwDQYJKoZIhvcNAQELBQAw gbkxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxOCBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLTAr BgNVBAMTJEVudHJ1c3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gVk1DMTAeFw0x OTA4MzAxNDMyMzlaFw0yMDAyMjUxNTAyMzZaMIIBjTEOMAwGA1UEERMFMTAwMTcx CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlv cmsxGDAWBgNVBAkTDzI3MCBQYXJrIEF2ZW51ZTETMBEGCysGAQQBgjc8AgEDEwJV UzEZMBcGCysGAQQBgjc8AgECEwhEZWxhd2FyZTEfMB0GA1UEChMWSlBNb3JnYW4g Q2hhc2UgYW5kIENvLjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xNzA1 BgNVBAsTLkpQTUMgRmlyc3QgVmVyaWZpZWQgTWFyayBDZXJ0aWZpY2F0ZSBXb3Js ZHdpZGUxDzANBgNVBAUTBjY5MTAxMTEXMBUGCisGAQQBg55fAQQTBzIwMTUzODkx EjAQBgorBgEEAYOeXwEDEwJVUzEmMCQGCisGAQQBg55fAQITFmh0dHBzOi8vd3d3 LnVzcHRvLmdvdi8xHzAdBgNVBAMTFkpQTW9yZ2FuIENoYXNlIGFuZCBDby4wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNLY+etlX06q1MxA1VT/P20h1i eFGTzX4fqSQNG+ypmjNfLa8YXraO1v1hahenkRUWrVPW0Hq3zKNJcCDmosox6+tB 59u0b1xgN8y8D05AEC7qoVVdbaWKENMxCN4CDfST6d3YOqApjqEFAGZ71s39tRRG kmWGJb4jKXcUX8FWV8w/vjKrpipZ8JsX2tuOp2uxFLkmi+V7gvN8tpbHUipP5K7L 190VOBytSWPudXefnYG3UWRfwah7Fq1bKYT/cCwStUm8XlfA8nUumeVsAiyC6phs adn26MYiSddsBU08TGthmunLAO0+shaBy6jHYZxMa37S67vVlDpxbeF+TPVXAgMB AAGjggROMIIESjATBgorBgEEAdZ5AgQDAQH/BAIFADCCArAGCCsGAQUFBwEMBIIC ojCCAp6iggKaoIICljCCApIwggKOMIICihYNaW1hZ2Uvc3ZnK3htbDAzMDEwDQYJ YIZIAWUDBAIBBQAEIBnwW6ChGgWWIRn3qn/xGAOlhDflA3z5jhZcZTNDlxF5MIIC QhaCAj5kYXRhOmltYWdlL3N2Zyt4bWw7YmFzZTY0LEg0c0lBQUFBQUFBQUFJV1Iz V3JqTUJCR3I1dW5tR3F2Rml4NUpQODBObkZLRTVhbTRFSmhJYmVMazZpT1dhOXRa TWQyOXVrN2NsTG9SV25CMHNENGNPYVR0TGdmLzVYUWE5TVdkWlV3S1pDQnJ2YjFv YWp5aEoyNlZ6NW45OHZaNHBaemVOU1ZObGxYbXhnZUR2Vk93MU5abnRwdWFvRlNB b1YwNFBmMkVYNk5UVzA2ZUNsUE9YK3FRRXpON1dWR0RLRkFoTldwS0ErQVB3RTRK MzNiNXg5REtBYTdyTlV2cG40dFNwMndycWpPRElwRHd0THNyTTBmeVlCaVYyM0Nq bDNYeEs0N0RJTVlQRkdiM0ZXSTZKTHZpc1JqV1ZSL1B3TmxGRVh1OUpmTmJtQk1H RFlqZy9PMTlvVWVWclh0QWtJWTBEY0o0N2JKOXBTb01iclZwdGVNd3VmTDJjMml5 Ym9qVU5veVlUOFFnL1VxWWtCNW41VW5QQWZYU2pub0tPbEl1eW5oOVRJVTh1Z3JF YVMrVC9lRzZRWDh6OXl2YkdIZ0VLZjJ5S1h3dU9Sa2VsOGJQeFJoUHhtSnN0TDBT bi9qOUtXWU8yR3dsM2EremNhbmhOYTV0YzZORkdHcVVFUUVwVmY0R3lVNnhOMnRx WGgwWXQrM1BpcEhlK2l0cElRMGg0VHBoWnRrQ3plM0d6M2NjdllHbkp0cjZKVUNB QUE9MCIGA1UdEQQbMBmCF2V4Y2hhZGRldi5sYWJtb3JnYW4uY29tMBMGA1UdJQQM MAoGCCsGAQUFBwMfMA4GA1UdDwEB/wQEAwIHgDBmBggrBgEFBQcBAQRaMFgwIwYI KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDEGCCsGAQUFBzAChiVo dHRwOi8vYWlhLmVudHJ1c3QubmV0L3ZtYzEtY2hhaW4uY2VyMDIGA1UdHwQrMCkw J6AloCOGIWh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvdm1jMWNhLmNybDBPBgNVHSAE SDBGMDYGCmCGSAGG+mwKAQswKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRy dXN0Lm5ldC9ycGEwDAYKKwYBBAGDnl8BATAfBgNVHSMEGDAWgBSLtjl20DSQpj9i 4WTqPrz0fEahczAdBgNVHQ4EFgQUxAJ+yoDhzpPUzAPWKBYxg108dU0wCQYDVR0T BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnqdB/vcwxFcxAlyCK0W5HOthXUdXRg9a GwPDupqmLq2rKfyysZXonJJfr8jqO0f3l6TWTTJlXHljAwwXMtg3T3ngLyEzip5p g0zH7s5eXjmWRhOeuHt21o611bXDbUNFTF0IpbYBTgOwAz/+k3XLVehf8dW7Y0Lr VkzxJ6U82NxmqjaAnkm+H127x5/jPAr4LLD4gZfqFaHzw/ZLoS+fXFGs+dpuYE4s n+xe0msYMu8qWABiMGA+MCKl45Dp5di+c2fyXtKyQ3rKI8XXZ0nN4bXK7DZd+3E3 kbpmR6cDliloU808Bi/erMkrfUHRoZ2d586lkmwkLcoDkJ/yPD+Jhw== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc3709.id_pe_logotype: s = extn['extnValue'] logotype, rest = der_decode(s, rfc3709.LogotypeExtn()) assert not rest assert logotype.prettyPrint() assert der_encode(logotype) == s ids = logotype['subjectLogo']['direct']['image'][0]['imageDetails'] assert ids['mediaType'] == "image/svg+xml" assert ids['logotypeURI'][0][0:25] == "data:image/svg+xml;base64" assert rfc3709.id_pe_logotype in extn_list def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3770.py0000664006321400632140000000711013605660325021717 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.compat.octets import str2octs from pyasn1_modules import pem from pyasn1_modules import rfc5480 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc3770 try: import unittest2 as unittest except ImportError: import unittest class CertificateTestCase(unittest.TestCase): cert_pem_text = """\ MIICqzCCAjCgAwIBAgIJAKWzVCgbsG4/MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkwNzE5MTk0MjQ3WhcNMjAwNzE4MTk0MjQ3WjBjMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZp Z2lsIFNlY3VyaXR5IExMQzEYMBYGA1UEAxMPZWFwLmV4YW1wbGUuY29tMHYwEAYH KoZIzj0CAQYFK4EEACIDYgAEMMbnIp2BUbuyMgH9HhNHrh7VBy7ql2lBjGRSsefR Wa7+vCWs4uviW6On4eem5YoP9/UdO7DaIL+/J9/3DJHERI17oFxn+YWiE4JwXofy QwfSu3cncVNMqpiDjEkUGGvBo4HTMIHQMAsGA1UdDwQEAwIHgDBCBglghkgBhvhC AQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55 IHB1cnBvc2UuMB0GA1UdDgQWBBSDjPGr7M742rsE4oQGwBvGvllZ+zAfBgNVHSME GDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAeBggrBgEFBQcBDQQSMBAEB0V4YW1w bGUEBUJvZ3VzMB0GA1UdJQQWMBQGCCsGAQUFBwMOBggrBgEFBQcDDTAKBggqhkjO PQQDAwNpADBmAjEAmCPZnnlUQOKlcOIIOgFrRCkOqO0ESs+dobYwAc2rFCBtQyP7 C3N00xkX8WZZpiAZAjEAi1Z5+nGbJg5eJTc8fwudutN/HNwJEIS6mHds9kfcy26x DAlVlhox680Jxy5J8Pkx """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate sig_alg = asn1Object['tbsCertificate']['signature'] assert sig_alg['algorithm'] == rfc5480.ecdsa_with_SHA384 assert not sig_alg['parameters'].hasValue() spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_alg['algorithm'] == rfc5480.id_ecPublicKey assert spki_alg['parameters']['namedCurve'] == rfc5480.secp384r1 extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] if extn['extnID'] == rfc3770.id_pe_wlanSSID: assert str2octs('Example') in extnValue if extn['extnID'] == rfc5280.id_ce_extKeyUsage: assert rfc3770.id_kp_eapOverLAN in extnValue assert rfc3770.id_kp_eapOverPPP in extnValue assert rfc3770.id_pe_wlanSSID in extn_list assert rfc5280.id_ce_extKeyUsage in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc3779.py0000664006321400632140000001002013605660325021722 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc3779 try: import unittest2 as unittest except ImportError: import unittest class CertificateExtnTestCase(unittest.TestCase): pem_text = """\ MIIECjCCAvKgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAxMLcmlw ZS1uY2MtdGEwIBcNMTcxMTI4MTQzOTU1WhgPMjExNzExMjgxNDM5NTVaMBYxFDAS BgNVBAMTC3JpcGUtbmNjLXRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0URYSGqUz2myBsOzeW1jQ6NsxNvlLMyhWknvnl8NiBCs/T/S2XuNKQNZ+wBZ xIgPPV2pFBFeQAvoH/WK83HwA26V2siwm/MY2nKZ+Olw+wlpzlZ1p3Ipj2eNcKrm it8BwBC8xImzuCGaV0jkRB0GZ0hoH6Ml03umLprRsn6v0xOP0+l6Qc1ZHMFVFb38 5IQ7FQQTcVIxrdeMsoyJq9eMkE6DoclHhF/NlSllXubASQ9KUWqJ0+Ot3QCXr4LX ECMfkpkVR2TZT+v5v658bHVs6ZxRD1b6Uk1uQKAyHUbn/tXvP8lrjAibGzVsXDT2 L0x4Edx+QdixPgOji3gBMyL2VwIDAQABo4IBXjCCAVowHQYDVR0OBBYEFOhVKx/W 0aT35ATG2OVoDR68Fj/DMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG MIGxBggrBgEFBQcBCwSBpDCBoTA8BggrBgEFBQcwCoYwcnN5bmM6Ly9ycGtpLnJp cGUubmV0L3JlcG9zaXRvcnkvcmlwZS1uY2MtdGEubWZ0MDIGCCsGAQUFBzANhiZo dHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcw BYYhcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMAkEAgABMAMDAQAwCQQC AAIwAwMBADAhBggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAQACBQD/////MA0GCSqG SIb3DQEBCwUAA4IBAQAVgJjrZ3wFppC8Yk8D2xgzwSeWVT2vtYq96CQQsjaKb8nb eVz3DwcS3a7RIsevrNVGo43k3AGymg1ki+AWJjvHvJ+tSzCbn5+X6Z7AfYTf2g37 xINVDHru0PTQUargSMBAz/MBNpFG8KThtT7WbJrK4+f/lvx0m8QOlYm2a17iXS3A GQJ6RHcq9ADscqGdumxmMMDjwED26bGaYdmru1hNIpwF//jVM/eRjBFoPHKFlx0k Ld/yoCQNmx1kW+xANx4uyWxi/DYgSV7Oynq+C60OucW+d8tIhkblh8+YfrmukJds V+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks: s = extn['extnValue'] addr_blocks, rest = der_decoder.decode(s, rfc3779.IPAddrBlocks()) assert not rest assert addr_blocks.prettyPrint() assert der_encoder.encode(addr_blocks) == s if extn['extnID'] == rfc3779.id_pe_autonomousSysIds: s = extn['extnValue'] as_ids, rest = der_decoder.decode(s, rfc3779.ASIdentifiers()) assert not rest assert as_ids.prettyPrint() assert der_encoder.encode(as_ids) == s assert rfc3779.id_pe_ipAddrBlocks in extn_list assert rfc3779.id_pe_autonomousSysIds in extn_list def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc3779.id_pe_ipAddrBlocks or \ extn['extnID'] == rfc3779.id_pe_autonomousSysIds: extnValue, rest = der_decoder.decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encoder.encode(extnValue) == extn['extnValue'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc3852.py0000664006321400632140000001203613605660325021723 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc3852 from pyasn1_modules import rfc6402 try: import unittest2 as unittest except ImportError: import unittest class ContentInfoTestCase(unittest.TestCase): pem_text = """\ MIIEJQYJKoZIhvcNAQcCoIIEFjCCBBICAQMxCzAJBgUrDgMCGgUAMIIDAgYIKwYBBQUHDAKgggL0 BIIC8DCCAuwweDB2AgECBgorBgEEAYI3CgoBMWUwYwIBADADAgEBMVkwVwYJKwYBBAGCNxUUMUow SAIBBQwZcGl0dWNoYTEuZW1lYS5ocHFjb3JwLm5ldAwMRU1FQVxwaXR1Y2hhDBpDTUNSZXFHZW5l cmF0b3IudnNob3N0LmV4ZTCCAmqgggJmAgEBMIICXzCCAcgCAQAwADCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEA0jm7SSSm2wyEAzuNKtFZFJKo91SrJq9wQwEhEKHDavZwMQOm1rZ2PF8NWCEb PqrhToQ7rtiGLSZa4dF4bzgmBqQ9aoSfEX4jISt31Vy+skHidXjHHpbsjT24NPhrZgANivL7CxD6 Ft+s7qS1gL4HRm2twQkqSwOLrE/q2QeXl2UCAwEAAaCCAR0wGgYKKwYBBAGCNw0CAzEMFgo2LjIu OTIwMC4yMD4GCSqGSIb3DQEJDjExMC8wHQYDVR0OBBYEFMW2skn88gxhONWZQA4sWGBDb68yMA4G A1UdDwEB/wQEAwIHgDBXBgkrBgEEAYI3FRQxSjBIAgEFDBlwaXR1Y2hhMS5lbWVhLmhwcWNvcnAu bmV0DAxFTUVBXHBpdHVjaGEMGkNNQ1JlcUdlbmVyYXRvci52c2hvc3QuZXhlMGYGCisGAQQBgjcN AgIxWDBWAgECHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABv AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAwDQYJKoZIhvcNAQEFBQADgYEAJZlu mxjtCxSOQi27jsVdd3y8NSIlzNv0b3LqmzvAly6L+CstXcnuG2MPQqPH9R7tbJonGUniBQO9sQ7C KhYWj2gfhiEkSID82lV5chINVUFKoUlSiEhWr0tPGgvOaqdsKQcrHfzrsBbFkhDqrFSVy7Yivbnh qYszKrOjJKiiCPMwADAAMYH5MIH2AgEDgBTFtrJJ/PIMYTjVmUAOLFhgQ2+vMjAJBgUrDgMCGgUA oD4wFwYJKoZIhvcNAQkDMQoGCCsGAQUFBwwCMCMGCSqGSIb3DQEJBDEWBBTFTkK/OifaFjwqHiJu xM7qXcg/VzANBgkqhkiG9w0BAQEFAASBgKfC6jOi1Wgy4xxDCQVK9+e5tktL8wE/j2cb9JSqq+aU 5UxEgXEw7q7BoYZCAzcxMRriGzakXr8aXHcgkRJ7XcFvLPUjpmGg9SOZ2sGW4zQdWAwImN/i8loc xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn """ def setUp(self): self.asn1Spec = rfc3852.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) layers = { rfc3852.id_ct_contentInfo: rfc3852.ContentInfo(), rfc3852.id_signedData: rfc3852.SignedData(), rfc6402.id_cct_PKIData: rfc6402.PKIData() } getNextLayer = { rfc3852.id_ct_contentInfo: lambda x: x['contentType'], rfc3852.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc6402.id_cct_PKIData: lambda x: None } getNextSubstrate = { rfc3852.id_ct_contentInfo: lambda x: x['content'], rfc3852.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc6402.id_cct_PKIData: lambda x: None } alg_oids = ( univ.ObjectIdentifier('1.3.14.3.2.26'), univ.ObjectIdentifier('1.2.840.113549.1.1.1'), univ.ObjectIdentifier('1.2.840.113549.1.1.5'), univ.ObjectIdentifier('1.2.840.113549.1.1.11'), ) encoded_null = der_encode(univ.Null("")) next_layer = rfc3852.id_ct_contentInfo count = 0 while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate if next_layer == rfc3852.id_signedData: for d in asn1Object['digestAlgorithms']: assert d['algorithm'] in alg_oids assert d['parameters'] == encoded_null count += 1 for si in asn1Object['signerInfos']: assert si['digestAlgorithm']['algorithm'] in alg_oids assert si['digestAlgorithm']['parameters'] == encoded_null count += 1 assert si['signatureAlgorithm']['algorithm'] in alg_oids assert si['signatureAlgorithm']['parameters'] == encoded_null count += 1 if next_layer == rfc6402.id_cct_PKIData: for req in asn1Object['reqSequence']: cr = req['tcr']['certificationRequest'] assert cr['signatureAlgorithm']['algorithm'] in alg_oids assert cr['signatureAlgorithm']['parameters'] == encoded_null count += 1 cri_spki = cr['certificationRequestInfo']['subjectPublicKeyInfo'] assert cri_spki['algorithm']['algorithm'] in alg_oids assert cri_spki['algorithm']['parameters'] == encoded_null count += 1 substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) assert count == 5 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc4043.py0000664006321400632140000001116713605660325021720 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc4043 try: import unittest2 as unittest except ImportError: import unittest class PermIdCertTestCase(unittest.TestCase): cert_pem_text = """\ MIIDDTCCApOgAwIBAgIJAKWzVCgbsG5HMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMTEwMDA0MDIyWhcNMjAxMTA5MDA0MDIyWjBNMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 YW1wbGUxDTALBgNVBAMTBEdhaWwwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQBoktg /68xL+uEQaWBoHyOjw8EMLeMEng3R2H7yiEzTGoaMJgPOKvSfzB2P0paHYPL+B5y Gc0CK5EHRujMl9ljH+Wydpk57rKBLo1ZzpWUS6anLGIkWs1sOakcgGGr7hGjggFL MIIBRzAdBgNVHQ4EFgQU1pCNZuMzfEaJ9GGhH7RKy6Mvz+cwbwYDVR0jBGgwZoAU 8jXbNATapVXyvWkDmbBi7OIVCMGhQ6RBMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQI DAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0GCCQDokdYG kU/O8jAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjBCBglghkgBhvhCAQ0E NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 cnBvc2UuMFMGA1UdEQRMMEqgNgYIKwYBBQUHCAOgKjAoDBs4MjYyMDgtNDE3MDI4 LTU0ODE5NS0yMTUyMzMGCSsGAQQBgaxgMIEQZ2FpbEBleGFtcGxlLmNvbTAKBggq hkjOPQQDAwNoADBlAjBT+36Y/LPaGSu+61P7kR97M8jAjtH5DtUwrWR02ChshvYJ x0bpZq3PJaO0WlBgFicCMQCf+67wSvjxxtjI/OAg4t8NQIJW1LcehSXizlPDc772 /FC5OiUAxO+iFaSVMeDFsCo= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate perm_id_oid = rfc4043.id_on_permanentIdentifier assigner_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48') permanent_identifier_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName()) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): assert gn['otherName']['type-id'] == perm_id_oid onValue, rest = der_decode(gn['otherName']['value'], asn1Spec=rfc4043.PermanentIdentifier()) assert not rest assert onValue.prettyPrint() assert der_encode(onValue) == gn['otherName']['value'] assert onValue['assigner'] == assigner_oid permanent_identifier_found = True assert permanent_identifier_found def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate perm_id_oid = rfc4043.id_on_permanentIdentifier assigner_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48') permanent_identifier_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): on = gn['otherName'] assert on['type-id'] == perm_id_oid assert on['value']['assigner'] == assigner_oid permanent_identifier_found = True assert permanent_identifier_found suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc4055.py0000775006321400632140000001515013605660325021722 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc4055 try: import unittest2 as unittest except ImportError: import unittest class PSSDefautTestCase(unittest.TestCase): pss_default_pem_text = "MAsGCSqGSIb3DQEBCg==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.pss_default_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc4055.id_RSASSA_PSS assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.pss_default_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert not asn1Object['parameters'].hasValue() class PSSSHA512TestCase(unittest.TestCase): pss_sha512_pem_text = "MDwGCSqGSIb3DQEBCjAvoA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQA=" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.pss_sha512_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc4055.id_RSASSA_PSS assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.pss_sha512_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert asn1Object['parameters'].hasValue() assert asn1Object['parameters']['saltLength'] == 20 class OAEPDefautTestCase(unittest.TestCase): oaep_default_pem_text = "MAsGCSqGSIb3DQEBBw==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.oaep_default_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc4055.id_RSAES_OAEP assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.oaep_default_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert not asn1Object['parameters'].hasValue() class OAEPSHA256TestCase(unittest.TestCase): oaep_sha256_pem_text = "MDwGCSqGSIb3DQEBBzAvoA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQA=" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.oaep_sha256_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc4055.id_RSAES_OAEP assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.oaep_sha256_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert asn1Object['parameters'].hasValue() oaep_p = asn1Object['parameters'] assert oaep_p['hashFunc']['parameters'] == univ.Null("") assert oaep_p['maskGenFunc']['parameters']['parameters'] == univ.Null("") class OAEPFullTestCase(unittest.TestCase): oaep_full_pem_text = "MFMGCSqGSIb3DQEBBzBGoA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiFTATBgkqhkiG9w0BAQkEBmZvb2Jhcg==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.oaep_full_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc4055.id_RSAES_OAEP assert der_encoder.encode(asn1Object) == substrate assert substrate == der_encoder.encode(asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.oaep_full_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert asn1Object['parameters'].hasValue() oaep_p = asn1Object['parameters'] assert oaep_p['hashFunc']['parameters'] == univ.Null("") assert oaep_p['maskGenFunc']['parameters']['parameters'] == univ.Null("") assert oaep_p['pSourceFunc']['parameters'] == univ.OctetString(value='foobar') suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc4073.py0000664006321400632140000001463713605660325021730 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.compat.octets import str2octs from pyasn1_modules import pem from pyasn1_modules import rfc2634 from pyasn1_modules import rfc4073 from pyasn1_modules import rfc5652 try: import unittest2 as unittest except ImportError: import unittest class ContentCollectionTestCase(unittest.TestCase): pem_text = """\ MIIG/QYLKoZIhvcNAQkQAROgggbsMIIG6DCCAWcGCyqGSIb3DQEJEAEUoIIBVjCC AVIwgfEGCSqGSIb3DQEHAaCB4wSB4ENvbnRlbnQtVHlwZTogdGV4dC9wbGFpbgoK UkZDIDQwNzMsIHB1Ymxpc2hlZCBpbiBNYXkgMjAwNSwgZGVzY3JpYmVzIGEgY29u dmVudGlvbiBmb3IgdXNpbmcgdGhlCkNyeXB0b2dyYXBoaWMgTWVzc2FnZSBTeW50 YXggKENNUykgdG8gcHJvdGVjdCBhIGNvbnRlbnQgY29sbGVjdGlvbi4gIElmCmRl c2lyZWQsIGF0dHJpYnV0ZXMgY2FuIGJlIGFzc29jaWF0ZWQgd2l0aCB0aGUgY29u dGVudC4KMFwwMwYLKoZIhvcNAQkQAgQxJDAiDBVBYnN0cmFjdCBmb3IgUkZDIDQw NzMGCSqGSIb3DQEHATAlBgsqhkiG9w0BCRACBzEWBBSkLSXBiRWvbwnJKb4EGb1X FwCa3zCCBXkGCyqGSIb3DQEJEAEUoIIFaDCCBWQwggT9BgkqhkiG9w0BBwGgggTu BIIE6kNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbgoKVGhlIGZvbGxvd2luZyBBU04u MSBtb2R1bGUgZGVmaW5lcyB0aGUgc3RydWN0dXJlcyB0aGF0IGFyZSBuZWVkZWQg dG8KaW1wbGVtZW50IHRoZSBzcGVjaWZpY2F0aW9uIGluIFJGQyA0MDczLiAgSXQg aXMgZXhwZWN0ZWQgdG8gYmUgdXNlZCBpbgpjb25qdW5jdGlvbiB3aXRoIHRoZSBB U04uMSBtb2R1bGVzIGluIFJGQyA1NjUyIGFuZCBSRkMgMzI3NC4KCiAgIENvbnRl bnRDb2xsZWN0aW9uTW9kdWxlCiAgICAgeyBpc28oMSkgbWVtYmVyLWJvZHkoMikg dXMoODQwKSByc2Fkc2koMTEzNTQ5KSBwa2NzKDEpCiAgICAgICBwa2NzLTkoOSkg c21pbWUoMTYpIG1vZHVsZXMoMCkgMjYgfQoKICAgREVGSU5JVElPTlMgSU1QTElD SVQgVEFHUyA6Oj0KICAgQkVHSU4KCiAgIElNUE9SVFMKICAgICBBdHRyaWJ1dGUs IENvbnRlbnRJbmZvCiAgICAgICBGUk9NIENyeXB0b2dyYXBoaWNNZXNzYWdlU3lu dGF4MjAwNCAtLSBbQ01TXQogICAgICAgICB7IGlzbygxKSBtZW1iZXItYm9keSgy KSB1cyg4NDApIHJzYWRzaSgxMTM1NDkpCiAgICAgICAgICAgcGtjcygxKSBwa2Nz LTkoOSkgc21pbWUoMTYpIG1vZHVsZXMoMCkgY21zLTIwMDEoMTQpIH07CgoKICAg LS0gQ29udGVudCBDb2xsZWN0aW9uIENvbnRlbnQgVHlwZSBhbmQgT2JqZWN0IElk ZW50aWZpZXIKCiAgIGlkLWN0LWNvbnRlbnRDb2xsZWN0aW9uIE9CSkVDVCBJREVO VElGSUVSIDo6PSB7CiAgICAgICAgICAgaXNvKDEpIG1lbWJlci1ib2R5KDIpIHVz KDg0MCkgcnNhZHNpKDExMzU0OSkgcGtjcygxKQogICAgICAgICAgIHBrY3M5KDkp IHNtaW1lKDE2KSBjdCgxKSAxOSB9CgogICBDb250ZW50Q29sbGVjdGlvbiA6Oj0g U0VRVUVOQ0UgU0laRSAoMS4uTUFYKSBPRiBDb250ZW50SW5mbwoKICAgLS0gQ29u dGVudCBXaXRoIEF0dHJpYnV0ZXMgQ29udGVudCBUeXBlIGFuZCBPYmplY3QgSWRl bnRpZmllcgoKICAgaWQtY3QtY29udGVudFdpdGhBdHRycyBPQkpFQ1QgSURFTlRJ RklFUiA6Oj0gewogICAgICAgICAgIGlzbygxKSBtZW1iZXItYm9keSgyKSB1cyg4 NDApIHJzYWRzaSgxMTM1NDkpIHBrY3MoMSkKICAgICAgICAgICBwa2NzOSg5KSBz bWltZSgxNikgY3QoMSkgMjAgfQoKICAgQ29udGVudFdpdGhBdHRyaWJ1dGVzIDo6 PSBTRVFVRU5DRSB7CiAgICAgICBjb250ZW50ICAgICBDb250ZW50SW5mbywKICAg ICAgIGF0dHJzICAgICAgIFNFUVVFTkNFIFNJWkUgKDEuLk1BWCkgT0YgQXR0cmli dXRlIH0KCiAgIEVORAowYTA4BgsqhkiG9w0BCRACBDEpMCcMGkFTTi4xIE1vZHVs ZSBmcm9tIFJGQyA0MDczBgkqhkiG9w0BBwEwJQYLKoZIhvcNAQkQAgcxFgQUMbeK buWO3egPDL8Kf7tBhzjIKLw= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): def test_layer(substrate, content_type): asn1Object, rest = der_decode(substrate, asn1Spec=layers[content_type]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate if content_type == rfc4073.id_ct_contentWithAttrs: for attr in asn1Object['attrs']: assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() return asn1Object layers = rfc5652.cmsContentTypesMap getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc4073.id_ct_contentCollection: lambda x: x[0]['contentType'], rfc4073.id_ct_contentWithAttrs: lambda x: x['content']['contentType'], rfc5652.id_data: lambda x: None, } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc4073.id_ct_contentCollection: lambda x: x[0]['content'], rfc4073.id_ct_contentWithAttrs: lambda x: x['content']['content'], rfc5652.id_data: lambda x: None, } substrate = pem.readBase64fromText(self.pem_text) this_layer = rfc5652.id_ct_contentInfo while this_layer != rfc5652.id_data: if this_layer == rfc4073.id_ct_contentCollection: asn1Object = test_layer(substrate, this_layer) for ci in asn1Object: substrate = ci['content'] this_layer = ci['contentType'] while this_layer != rfc5652.id_data: asn1Object = test_layer(substrate, this_layer) substrate = getNextSubstrate[this_layer](asn1Object) this_layer = getNextLayer[this_layer](asn1Object) else: asn1Object = test_layer(substrate, this_layer) substrate = getNextSubstrate[this_layer](asn1Object) this_layer = getNextLayer[this_layer](asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc4073.id_ct_contentCollection for ci in asn1Object['content']: assert ci['contentType'] in rfc5652.cmsContentTypesMap.keys() assert ci['contentType'] == rfc4073.id_ct_contentWithAttrs next_ci = ci['content']['content'] assert next_ci['contentType'] in rfc5652.cmsContentTypesMap.keys() assert next_ci['contentType'] == rfc5652.id_data assert str2octs('Content-Type: text') in next_ci['content'] for attr in ci['content']['attrs']: assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() if attr['attrType'] == rfc2634.id_aa_contentHint: assert 'RFC 4073' in attr['attrValues'][0]['contentDescription'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful())pyasn1-modules-0.2.8/tests/test_rfc4108.py0000664006321400632140000001114113605660325021712 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc4108 try: import unittest2 as unittest except ImportError: import unittest class CMSFirmwareWrapperTestCase(unittest.TestCase): pem_text = """\ MIIEvAYJKoZIhvcNAQcCoIIErTCCBKkCAQExDTALBglghkgBZQMEAgEwggIVBgsq hkiG9w0BCRABEKCCAgQEggIA3ntqPr5kDpx+//pgWGfHCH/Ht4pbenGwXv80txyE Y0I2mT9BUGz8ILkbhD7Xz89pBS5KhEJpthxH8WREJtvS+wL4BqYLt23wjWoZy5Gt 5dPzWgaNlV/aQ5AdfAY9ljmnNYnK8D8r8ur7bQM4cKUdxry+QA0nqXHMAOSpx4Um 8impCc0BICXaFfL3zBrNxyPubbFO9ofbYOAWaNmmIAhzthXf12vDrLostIqmYrP4 LMRCjTr4LeYaVrAWfKtbUbByN6IuBef3Qt5cJaChr74udz3JvbYFsUvCpl64kpRq g2CT6R+xE4trO/pViJlI15dvJVz04BBYQ2jQsutJwChi97/DDcjIv03VBmrwRE0k RJNFP9vpDM8CxJIqcobC5Kuv8b0GqGfGl6ouuQKEVMfBcrupgjk3oc3KL1iVdSr1 +74amb1vDtTMWNm6vWRqh+Kk17NGEi2mNvYkkZUTIHNGH7OgiDclFU8dSMZd1fun /D9dmiFiErDB3Fzr4+8Qz0aKedNE/1uvM+dhu9qjuRdkDzZ4S7txTfk6y9pG9iyk aEeTV2kElKXblgi+Cf0Ut4f5he8rt6jveHdMo9X36YiUQVvevj2cgN7lFivEnFYV QY0xugpP7lvEFDfsi2+0ozgP8EKOLYaCUKpuvttlYJ+vdtUFEijizEZ4cx02RsXm EesxggJ6MIICdgIBA4AUnutnybladNRNLxY5ZoDoAbXLpJwwCwYJYIZIAWUDBAIB oIG8MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABEDArBgsqhkiG9w0BCRACJDEc MBoGCysGAQQBjb9BAQEqBgsrBgEEAY2/QQEBMDAvBgkqhkiG9w0BCQQxIgQgAJfv uasB4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9YwQAYLKoZIhvcNAQkQAikxMTAv MAsGCWCGSAFlAwQCAQQgAJfvuasB4P6WDLOkOyvj33YPgZW4olHbidzyh1EKP9Yw CwYJKoZIhvcNAQELBIIBgDivAlSLbMPPu+zV+pPcYpNp+A1mwVOytjMBzSo31kR/ qEu+hVrDknAOk9IdCaDvcz612CcfNT85/KzrYvWWxOP2woU/vZj253SnndALpfNN n3/crJjF6hKgkjUwoXebI7kuj5WCh2q5lkd6xUa+jkCw+CINcN43thtS66UsVI4d mv02EvsS2cxPY/508uaQZ6AYAacm667bgX8xEjbzACMOeMCuvKQXWAuh3DkNk+gV xizHDw7xZxXgMGMAnJglAeBtd3Si5ztILw9U2gKUqFn/nOgy+eW63JuU/q31/Hgg ZATjyBznSzneTZrw8/ePoSCj7E9vBeCTUkeFbVB2tJK1iYDMblp6HUuwgYuGKXy/ ZwKL3GvB11qg7ntdEyjdLq0xcVrht/K0d2dPo4iO4Ac7c1xbFMDAlWOt4FMPWh6O iTh55YvT7hAJjTbB5ebgMA9QJnAczQPFnaIePnlFrkETd3YyLK4yHwnoIGo1GiW/ dsnhVtIdkPtfJIvcYteYJg== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData inner, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert inner['encapContentInfo']['eContentType'] == rfc4108.id_ct_firmwarePackage assert inner['encapContentInfo']['eContent'] attribute_list = [ ] for attr in inner['signerInfos'][0]['signedAttrs']: attribute_list.append(attr['attrType']) if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: av, rest = der_decode(attr['attrValues'][0], asn1Spec=rfc4108.TargetHardwareIdentifiers()) assert len(av) == 2 for oid in av: assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint() assert rfc5652.id_contentType in attribute_list assert rfc5652.id_messageDigest in attribute_list assert rfc4108.id_aa_targetHardwareIDs in attribute_list assert rfc4108.id_aa_fwPkgMessageDigest in attribute_list def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd_eci = asn1Object['content']['encapContentInfo'] assert sd_eci['eContentType'] == rfc4108.id_ct_firmwarePackage assert sd_eci['eContent'].hasValue() for attr in asn1Object['content']['signerInfos'][0]['signedAttrs']: assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() if attr['attrType'] == rfc4108.id_aa_targetHardwareIDs: for oid in attr['attrValues'][0]: assert '1.3.6.1.4.1.221121.1.1.' in oid.prettyPrint() suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc4210.py0000664006321400632140000001734613605660325021721 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc4210 try: import unittest2 as unittest except ImportError: import unittest class PKIMessageTestCase(unittest.TestCase): pem_text = """\ MIITuTCCARECAQKkWTBXMQswCQYDVQQGEwJUUjEQMA4GA1UEChMHRS1HdXZlbjEUMBIGA1UECxML VHJ1c3RDZW50ZXIxIDAeBgNVBAMTF1JTQSBTZWN1cml0eSBDTVAgU2VydmVypC0wKzELMAkGA1UE BhMCVFIxHDAaBgNVBAMME1ZhbGltby1WZXR0b3ItMTdEZWOgERgPMjAxMjA1MDMxMTE2MTdaoQ8w DQYJKoZIhvcNAQEFBQCiIgQgZWVhMjg5MGU2ZGY5N2IyNzk5NWY2MWE0MzE2MzI1OWGkEgQQQ01Q VjJUMTIyMzM0NjI3MKUSBBCAAAABgAAAAYAAAAGAAAABphIEEDEzNjY0NDMwMjlSYW5kb22jghIZ MIISFaGCC84wggvKMIIFwDCCBKigAwIBAgIQfOVE05R616R6Nqgu3drXHzANBgkqhkiG9w0BAQUF ADBxMQswCQYDVQQGEwJUUjEoMCYGA1UEChMfRWxla3Ryb25payBCaWxnaSBHdXZlbmxpZ2kgQS5T LjE4MDYGA1UEAxMvZS1HdXZlbiBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2FnbGF5aWNp c2kwHhcNMDgxMTI0MTAwMzI0WhcNMTYxMjE0MTExNzI0WjBdMQswCQYDVQQGEwJUUjEoMCYGA1UE CgwfRWxla3Ryb25payBCaWxnaSBHdXZlbmxpZ2kgQS5TLjEkMCIGA1UEAwwbZS1HdXZlbiBNb2Jp bCBUZXN0VVRGLTgtU09OMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqaymRo5chRK EKrhjWQky1HOm6b/Jy4tSUuo4vq3O9U3G2osOU/hHb6fyMmznLpc6CaZ3qKYiuDMFRW8g1kNjEjV sFSvH0Yd4qgwP1+qqzhBSe+nCAnEbRUrz+nXJ4fKhmGaQ+ZSic+MeyoqDsf/zENKqdV7ea9l3Ilu Rj93bmTxas9aWPWQ/U/fpwkwRXaqaONlM5e4GWdgA7T1aq106NvH1z6LDNXcMYw4lSZkj/UjmM/0 NhVz+57Ib4a0bogTaBmm8a1E5NtzkcA7pgnZT8576T0UoiOpEo+NAELA1B0mRh1/82HK1/0xn1zt 1ym4XZRtn2r2l/wTeEwU79ALVQIDAQABo4ICZjCCAmIwfAYIKwYBBQUHAQEEcDBuMDIGCCsGAQUF BzABhiZodHRwOi8vdGVzdG9jc3AyLmUtZ3V2ZW4uY29tL29jc3AueHVkYTA4BggrBgEFBQcwAoYs aHR0cDovL3d3dy5lLWd1dmVuLmNvbS9kb2N1bWVudHMvVGVzdEtvay5jcnQwDgYDVR0PAQH/BAQD AgEGMA8GA1UdEwEB/wQFMAMBAf8wggElBgNVHSAEggEcMIIBGDCCARQGCWCGGAMAAQECATCCAQUw NgYIKwYBBQUHAgEWKmh0dHA6Ly93d3cuZS1ndXZlbi5jb20vZG9jdW1lbnRzL05FU1VFLnBkZjCB ygYIKwYBBQUHAgIwgb0egboAQgB1ACAAcwBlAHIAdABpAGYAaQBrAGEAIABpAGwAZQAgAGkAbABn AGkAbABpACAAcwBlAHIAdABpAGYAaQBrAGEAIAB1AHkAZwB1AGwAYQBtAGEAIABlAHMAYQBzAGwA YQByATEAbgExACAAbwBrAHUAbQBhAGsAIABpAOcAaQBuACAAYgBlAGwAaQByAHQAaQBsAGUAbgAg AGQAbwBrAPwAbQBhAG4BMQAgAGEA5wExAG4BMQB6AC4wWAYDVR0fBFEwTzBNoEugSYZHaHR0cDov L3Rlc3RzaWwuZS1ndXZlbi5jb20vRWxla3Ryb25pa0JpbGdpR3V2ZW5saWdpQVNSb290L0xhdGVz dENSTC5jcmwwHQYDVR0OBBYEFLMoTImEKeXbqNjbYZkKshQi2vwzMB8GA1UdIwQYMBaAFGCI4dY9 qCIkag0hwBgz5haCSNl0MA0GCSqGSIb3DQEBBQUAA4IBAQAWOsmvpoFB9sX2aq1/LjPDJ+A5Fpxm 0XkOGM9yD/FsLfWgyv2HqBY1cVM7mjJfJ1ezkS0ODdlU6TyN5ouvAi21V9CIk69I3eUYSDjPpGia qcCCvJoMF0QD7B70kj2zW7IJ7pF11cbvPLaatdzojsH9fVfKtxtn/ZLrXtKsyUW5vKHOeniU6BBB Gl/ZZkFNXNN4mrB+B+wDV9OmdMw+Mc8KPq463hJQRat5a9lrXMdNtMAJOkvsUUzOemAsITjXWlyg BULijBhi8ZmMp0W7p6oKENX3vH2HCPCGQU29WIrK4iUoscjz93fB6oa4FQpxY0k3JRnWvD5FqkRD FKJdq/q9MIIDzzCCAregAwIBAgIQa34pJYdDFNXx90OkMkKzIjANBgkqhkiG9w0BAQUFADBxMQsw CQYDVQQGEwJUUjEoMCYGA1UEChMfRWxla3Ryb25payBCaWxnaSBHdXZlbmxpZ2kgQS5TLjE4MDYG A1UEAxMvZS1HdXZlbiBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2FnbGF5aWNpc2kwHhcN MDYxMjE1MTUxMzU0WhcNMTYxMjE1MTExMzU0WjBxMQswCQYDVQQGEwJUUjEoMCYGA1UEChMfRWxl a3Ryb25payBCaWxnaSBHdXZlbmxpZ2kgQS5TLjE4MDYGA1UEAxMvZS1HdXZlbiBFbGVrdHJvbmlr IFNlcnRpZmlrYSBIaXptZXQgU2FnbGF5aWNpc2kwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCU/PTxSkcWPJMx4UO8L8ep9/JqRgAZ79EqYWgR4K2bNLgENpc5j0hO+QydgovFODzkEIBP RIBavMz9Cw2PONpSBmxd4K1A/5hGqoGEz8UCA2tIx4+Z2A9AQ2O3BYi9FWM+0D1brJDO+6yvX4m5 Rf3mLlso52NIVV705fIkmOExHjdAj/xB0/LICZMfwKn8F19Jae/SQv9cFnptbNRCq8hU5zLRngpR eT1PYrZVV0XLbzbDPwgzLXCzDxG1atdGd5JRTnD58qM1foC3+hGafuyissMQVGnBQFlsx7V6OdlD bsxUXegCl2li0RpRJXLqyqMdtEplaznKp8NnbddylfrPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB hjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFGCI4dY9qCIkag0hwBgz5haCSNl0MB0GA1Ud DgQWBBRgiOHWPagiJGoNIcAYM+YWgkjZdDANBgkqhkiG9w0BAQUFAAOCAQEAKftTVjgltZJxXwDs MumguOSlljOQjotVVpES1QYwo3a5RQVpKuS4KYDEdWLD4ITtDNOA/iGKYWCNyKsE1BCL66irknZw iR6p6P+q2Wf7fGYSwUBcSBwWBTA+0EgpvPL3/vRuVVCVgC8XHBr72jKKTg9Nwcj+1FwXGZTDpjX8 dzPhTXEWceQcDn2FRdNt6BQad9Hdq08lMHiyozsWniYZYuWpud91i8Pl698H9t0KqiJg6rPKc9kd z9QyC8E/cLIJgYhvfzXMxvmSjeSSFSqTHioqfpU3k8AWXuxqJUxbdQ8QrVaTXRByzEr1Ze0TYpDs oel1PjC9ouO8bC7cGrbCWzCCAi8wggGYAhBlEjJUo9asY2ISG4oHjcpzMA0GCSqGSIb3DQEBBQUA MFoxCzAJBgNVBAYTAlRSMRAwDgYDVQQKEwdFLUd1dmVuMRQwEgYDVQQLEwtUcnVzdENlbnRlcjEj MCEGA1UEAxMaRS1HdXZlblRFU1RDQUhTTSBTeXN0ZW0gQ0EwHhcNMDkxMTMwMjIxMzEzWhcNMTYx MTMwMTkxMTUxWjBXMQswCQYDVQQGEwJUUjEQMA4GA1UEChMHRS1HdXZlbjEUMBIGA1UECxMLVHJ1 c3RDZW50ZXIxIDAeBgNVBAMTF1JTQSBTZWN1cml0eSBDTVAgU2VydmVyMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDCaZeJerGULW+1UPSu9T0voPNgzPcihXX6G5Q45nS4RNCe+pOc226EtD51 wu6Eq2oARpZmCrKPn63EFmHEE04dRDr8MS2LHuZK8xslIx/AvPnV568795EPoAyhGIX9Na9ZHhnI zSPWmWfBd9bsQiLVF7C9dOvfW125mtywWXELewIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAAiIse/x aWwRWUM0CIzfnoXfrgyLdKVykK7dTPgoMJgAx229uN6VTPyk+E+lTKq9PhK+e/VJNNg9PjSFjKFd lfSDOi9ne1xOrb7cNTjw+sGf1mfNWyzizLXa7su7ISFN+GaClmAstH9vXsRxg1oh3pFMJv47I6iw gUQlwwg8WsY/MIIGPzCCBjsCAQAwAwIBADCCBi+gggYrMIIGJzCCBQ+gAwIBAgIRALGVtVAeoM1x gjgOX3alZ5MwDQYJKoZIhvcNAQEFBQAwXTELMAkGA1UEBhMCVFIxKDAmBgNVBAoMH0VsZWt0cm9u aWsgQmlsZ2kgR3V2ZW5saWdpIEEuUy4xJDAiBgNVBAMMG2UtR3V2ZW4gTW9iaWwgVGVzdFVURi04 LVNPTjAeFw0xMjA1MDMxMTE2MTdaFw0xMzA1MDMxMTE2MTdaMGoxCzAJBgNVBAYTAlRSMREwDwYD VQQKDAhGaXJlIExMVDEbMBkGA1UECwwScG9wQ29kZSAtIDEyMzQ1Njc4MRQwEgYDVQQFEws3NjU0 MzQ1Njc2NTEVMBMGA1UEAwwMQnVyYWsgWW9uZGVtMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQCpfSB7xcsHZR4E27yGHkzUJx1y2iknzX4gRM2acyPljRw/V5Lm7POrfWIX9UF2sxfYfRqxYmD0 +nw72nx8R/5AFQK0BfjHxIc5W1YekMHF8PSORo9rJqcX+qn+NBYwqcJl4EdObTcOtMWC6ws6n0uA oDvYYN0ujkua496sp+INiQIDAQABo4IDVzCCA1MwQgYIKwYBBQUHAQEENjA0MDIGCCsGAQUFBzAB hiZodHRwOi8vdGVzdG9jc3AyLmUtZ3V2ZW4uY29tL29jc3AueHVkYTAfBgNVHSMEGDAWgBSzKEyJ hCnl26jY22GZCrIUItr8MzCCAXIGA1UdIASCAWkwggFlMIGxBgZghhgDAAEwgaYwNgYIKwYBBQUH AgEWKmh0dHA6Ly93d3cuZS1ndXZlbi5jb20vZG9jdW1lbnRzL05FU1VFLnBkZjBsBggrBgEFBQcC AjBgGl5CdSBzZXJ0aWZpa2EsIDUwNzAgc2F5xLFsxLEgRWxla3Ryb25payDEsG16YSBLYW51bnVu YSBnw7ZyZSBuaXRlbGlrbGkgZWxla3Ryb25payBzZXJ0aWZpa2FkxLFyMIGuBglghhgDAAEBAQMw gaAwNwYIKwYBBQUHAgEWK2h0dHA6Ly93d3cuZS1ndXZlbi5jb20vZG9jdW1lbnRzL01LTkVTSS5w ZGYwZQYIKwYBBQUHAgIwWRpXQnUgc2VydGlmaWthLCBNS05FU0kga2Fwc2FtxLFuZGEgeWF5xLFu bGFubcSxxZ8gYmlyIG5pdGVsaWtsaSBlbGVrdHJvbmlrIHNlcnRpZmlrYWTEsXIuMA4GA1UdDwEB /wQEAwIGwDCBgwYIKwYBBQUHAQMEdzB1MAgGBgQAjkYBATBpBgtghhgBPQABp04BAQxaQnUgc2Vy dGlmaWthLCA1MDcwIHNheWlsaSBFbGVrdHJvbmlrIEltemEgS2FudW51bmEgZ8O2cmUgbml0ZWxp a2xpIGVsZWt0cm9uaWsgc2VydGlmaWthZGlyMEUGA1UdCQQ+MDwwFAYIKwYBBQUHCQIxCAQGQW5r YXJhMBIGCCsGAQUFBwkBMQYEBDE5NzkwEAYIKwYBBQUHCQQxBAQCVFIwGAYDVR0RBBEwD4ENZmly ZUBmaXJlLmNvbTBgBgNVHR8EWTBXMFWgU6BRhk9odHRwOi8vdGVzdHNpbC5lLWd1dmVuLmNvbS9F bGVrdHJvbmlrQmlsZ2lHdXZlbmxpZ2lBU01LTkVTSS1VVEYtOC9MYXRlc3RDUkwuY3JsMB0GA1Ud DgQWBBSLG9aIb1k2emFLCpM93kXJkWhzuTANBgkqhkiG9w0BAQUFAAOCAQEACoGCn4bzDWLzs799 rndpB971UD2wbwt8Hkw1MGZkkJVQeVF4IS8FacAyYk5vY8ONuTA/Wsh4x23v9WTCtO89HMTz81eU BclqZ2Gc2UeMq7Y4FQWR8PNCMdCsxVVhpRRE6jQAyyR9YEBHQYVLfy34e3+9G/h/BR73VGHZJdZI DDJYd+VWXmUD9kGk/mI35qYdzN3O28KI8sokqX0z2hvkpDKuP4jNXSCHcVkK23tX2x5m6m0LdqVn vnCx2LfBn1wf1u7q30p/GgMVX+mR3QHs7feGewEjlkxuEyLVVD+uBwWCT6zcad17oaAyXV5RV28L vH0WNg6pFUpwOP0l+nIOqqCBhAOBgQBAtTB5Qd18sTxEKhSzRiN2OycFPrqoqlZZTHBohe8bE2D4 Xc1ejkFWUEvQivkqJxCD6C7I37xgDaq8DZnaczIBxbPkY0QMdeL4MiEqlw/tlrJGrWoC5Twb0t/m JA5RSwQoMDYTj2WrwtM/nsP12T39or4JRZhlLSM43IaTwEBtQw== """ def setUp(self): self.asn1Spec = rfc4210.PKIMessage() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc4211.py0000664006321400632140000000344713605660325021717 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc4211 try: import unittest2 as unittest except ImportError: import unittest class CertificateReqTestCase(unittest.TestCase): pem_text = """\ MIIBozCCAZ8wggEFAgUAwTnj2jCByoABAqURMA8xDTALBgNVBAMTBHVzZXKmgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ6ZQ2cYbn/lFsmBOlRltbRbFQUvvE0Q nbopOu1kC7Bmaaz7QTx8nxeiHi4m7uxCbGGxHNoGCt7EmdG8eZUBNAcHyGlXrJdm 0z3/uNEGiBHq+xB8FnFJCA5EIJ3RWFnlbu9otSITLxWK7c5+/NHmWM+yaeHD/f/h rp01c/8qXZfZAgMBAAGpEDAOBgNVHQ8BAf8EBAMCBeAwLzASBgkrBgEFBQcFAQEM BTExMTExMBkGCSsGAQUFBwUBAgwMc2VydmVyX21hZ2ljoYGTMA0GCSqGSIb3DQEB BQUAA4GBAEI3KNEvTq/n1kNVhNhPkovk1AZxyJrN1u1+7Gkc4PLjWwjLOjcEVWt4 AajUk/gkIJ6bbeO+fZlMjHfPSDKcD6AV2hN+n72QZwfzcw3icNvBG1el9EU4XfIm xfu5YVWi81/fw8QQ6X6YGHFQkomLd7jxakVyjxSng9BhO6GpjJNF """ def setUp(self): self.asn1Spec = rfc4211.CertReqMessages() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for crm in asn1Object: assert crm['certReq']['certTemplate']['version'] == 2 count += 1 assert count == 1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc4334.py0000664006321400632140000000622113605660325021716 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.compat.octets import str2octs from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc4334 try: import unittest2 as unittest except ImportError: import unittest class CertificateTestCase(unittest.TestCase): cert_pem_text = """\ MIICqzCCAjCgAwIBAgIJAKWzVCgbsG4/MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkwNzE5MTk0MjQ3WhcNMjAwNzE4MTk0MjQ3WjBjMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZp Z2lsIFNlY3VyaXR5IExMQzEYMBYGA1UEAxMPZWFwLmV4YW1wbGUuY29tMHYwEAYH KoZIzj0CAQYFK4EEACIDYgAEMMbnIp2BUbuyMgH9HhNHrh7VBy7ql2lBjGRSsefR Wa7+vCWs4uviW6On4eem5YoP9/UdO7DaIL+/J9/3DJHERI17oFxn+YWiE4JwXofy QwfSu3cncVNMqpiDjEkUGGvBo4HTMIHQMAsGA1UdDwQEAwIHgDBCBglghkgBhvhC AQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55 IHB1cnBvc2UuMB0GA1UdDgQWBBSDjPGr7M742rsE4oQGwBvGvllZ+zAfBgNVHSME GDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAeBggrBgEFBQcBDQQSMBAEB0V4YW1w bGUEBUJvZ3VzMB0GA1UdJQQWMBQGCCsGAQUFBwMOBggrBgEFBQcDDTAKBggqhkjO PQQDAwNpADBmAjEAmCPZnnlUQOKlcOIIOgFrRCkOqO0ESs+dobYwAc2rFCBtQyP7 C3N00xkX8WZZpiAZAjEAi1Z5+nGbJg5eJTc8fwudutN/HNwJEIS6mHds9kfcy26x DAlVlhox680Jxy5J8Pkx """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] if extn['extnID'] == rfc4334.id_pe_wlanSSID: assert str2octs('Example') in extnValue if extn['extnID'] == rfc5280.id_ce_extKeyUsage: assert rfc4334.id_kp_eapOverLAN in extnValue assert rfc4334.id_kp_eapOverPPP in extnValue assert rfc4334.id_pe_wlanSSID in extn_list assert rfc5280.id_ce_extKeyUsage in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc4985.py0000664006321400632140000001047413605660325021737 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc4985 try: import unittest2 as unittest except ImportError: import unittest class XMPPCertificateTestCase(unittest.TestCase): xmpp_server_cert_pem_text = """\ MIIC6DCCAm+gAwIBAgIJAKWzVCgbsG5DMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMDI0MjMxNjA0WhcNMjAxMDIzMjMxNjA0WjBNMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xHzAdBgNVBAoTFkV4 YW1wbGUgUHJvZHVjdHMsIEluYy4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQZzQlk 03nJRPF6+w1NxFELmQ5vJTjTRz3eu03CRtahK4Wnwd4GwbDe8NVHAEG2qTzBXFDu p6RZugsBdf9GcEZHG42rThYYOzIYzVFnI7tQgA+nTWSWZN6eoU/EXcknhgijggEn MIIBIzAdBgNVHQ4EFgQUkQpUMYcbUesEn5buI03POFnktJgwHwYDVR0jBBgwFoAU 8jXbNATapVXyvWkDmbBi7OIVCMEwCwYDVR0PBAQDAgeAMIGPBgNVHREEgYcwgYSg KQYIKwYBBQUHCAegHRYbX3htcHAtY2xpZW50LmltLmV4YW1wbGUuY29toCkGCCsG AQUFBwgHoB0WG194bXBwLXNlcnZlci5pbS5leGFtcGxlLmNvbaAcBggrBgEFBQcI BaAQDA5pbS5leGFtcGxlLmNvbYIOaW0uZXhhbXBsZS5jb20wQgYJYIZIAYb4QgEN BDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9yIGFueSBw dXJwb3NlLjAKBggqhkjOPQQDAwNnADBkAjAEo4mhDGC6/R39HyNgzLseNAp36qBH yQJ/AWsBojN0av8akeVv9IuM45yqLKdiCzcCMDCjh1lFnCvurahwp5D1j9pAZMsg nOzhcMpnHs2U/eN0lHl/JNgnbftl6Dvnt59xdA== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName()) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): gn_on = gn['otherName'] if gn_on['type-id'] == rfc4985.id_on_dnsSRV: assert gn_on['type-id'] in rfc5280.anotherNameMap.keys() spec = rfc5280.anotherNameMap[gn['otherName']['type-id']] on, rest = der_decode(gn_on['value'], asn1Spec=spec) assert not rest assert on.prettyPrint() assert der_encode(on) == gn_on['value'] assert 'im.example.com' in on count += 1 assert count == 2 def testOpenTypes(self): substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): if gn['otherName']['type-id'] == rfc4985.id_on_dnsSRV: assert 'im.example.com' in gn['otherName']['value'] count += 1 assert count == 2 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5035.py0000664006321400632140000002013313605660325021713 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5035 try: import unittest2 as unittest except ImportError: import unittest class SignedMessageTestCase(unittest.TestCase): signed_message_pem_text = """\ MIIFzAYJKoZIhvcNAQcCoIIFvTCCBbkCAQExDTALBglghkgBZQMEAgIwUQYJKoZI hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL 3kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggLQ MIICzAIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME AgKgggH1MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X DTE5MDUyOTE4MjMxOVowJQYLKoZIhvcNAQkQAgcxFgQUAbWZQYhLO5wtUgsOCGtT 4V3aNhUwLwYLKoZIhvcNAQkQAgQxIDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZI hvcNAQcBMDUGCyqGSIb3DQEJEAICMSYxJAIBAQYKKwYBBAGBrGABARMTQm9hZ3Vz IFByaXZhY3kgTWFyazA/BgkqhkiG9w0BCQQxMgQwtuQipP2CZx7U96rGbUT06LC5 jVFYccZW5/CaNvpcrOPiChDm2vI3m4k300z5mSZsME0GCyqGSIb3DQEJEAIBMT4w PAQgx08hD2QnVwj1DoeRELNtdZ0PffW4BQIvcwwVc/goU6OAAQEwFTATgRFhbGlj ZUBleGFtcGxlLmNvbTCBmwYLKoZIhvcNAQkQAi8xgYswgYgwdjB0BCACcp04gyM2 dTDg+0ydCwlucr6Mg8Wd3J3c9V+iLHsnZzBQMEOkQTA/MQswCQYDVQQGEwJVUzEL MAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENB AgkApbNUKBuwbjswDjAMBgorBgEEAYGsYAEBMAoGCCqGSM49BAMDBGcwZQIxAO3K D9YjFTKE3p383VVw/ol79WTVoMea4H1+7xn+3E1XO4oyb7qwQz0KmsGfdqWptgIw T9yMtRLN5ZDU14y+Phzq9NKpSw/x5KyXoUKjCMc3Ru6dIW+CgcRQees+dhnvuD5U """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc5652.cmsAttributesMap.keys(): sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 class SignedReceiptTestCase(unittest.TestCase): signed_receipt_pem_text = """\ MIIE3gYJKoZIhvcNAQcCoIIEzzCCBMsCAQMxDTALBglghkgBZQMEAgEwga4GCyqGSIb3DQEJ EAEBoIGeBIGbMIGYAgEBBgkqhkiG9w0BBwEEIMdPIQ9kJ1cI9Q6HkRCzbXWdD331uAUCL3MM FXP4KFOjBGYwZAIwOLV5WCbYjy5HLHE69IqXQQHVDJQzmo18WwkFrEYH3EMsvpXEIGqsFTFN 6NV4VBe9AjA5fGOCP5IhI32YqmGfs+zDlqZyb2xSX6Gr/IfCIm0angfOI39g7lAZDyivjh5H /oSgggJ3MIICczCCAfqgAwIBAgIJAKWzVCgbsG48MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0Ew HhcNMTkwNTI5MTkyMDEzWhcNMjAwNTI4MTkyMDEzWjBsMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1wbGUxDDAKBgNVBAMTA0Jv YjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29tMHYwEAYHKoZIzj0CAQYFK4EEACID YgAEMaRiVS8WvN8Ycmpfq75jBbOMUukNfXAg6AL0JJBXtIFAuIJcZVlkLn/xbywkcMLHK/O+ w9RWUQa2Cjw+h8b/1Cl+gIpqLtE558bD5PfM2aYpJ/YE6yZ9nBfTQs7z1TH5o4GUMIGRMAsG A1UdDwQEAwIHgDBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUg dHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMB0GA1UdDgQWBBTKa2Zy3iybV3+YjuLDKtNmjsIa pTAfBgNVHSMEGDAWgBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNnADBkAjAV boS6OfEYQomLDi2RUkd71hzwwiQZztbxNbosahIzjR8ZQaHhjdjJlrP/T6aXBwsCMDfRweYz 3Ce4E4wPfoqQnvqpM7ZlfhstjQQGOsWAtIIfqW/l+TgCO8ux3XLV6fj36zGCAYkwggGFAgEB MEwwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREwDwYD VQQKDAhCb2d1cyBDQQIJAKWzVCgbsG48MAsGCWCGSAFlAwQCAaCBrjAaBgkqhkiG9w0BCQMx DQYLKoZIhvcNAQkQAQEwHAYJKoZIhvcNAQkFMQ8XDTE5MDUyOTE5MzU1NVowLwYJKoZIhvcN AQkEMSIEIGb9Hm2kCnM0CYNpZU4Uj7dN0AzOieIn9sDqZMcIcZrEMEEGCyqGSIb3DQEJEAIF MTIEMBZzeHVja7fQ62ywyh8rtKzBP1WJooMdZ+8c6pRqfIESYIU5bQnH99OPA51QCwdOdjAK BggqhkjOPQQDAgRoMGYCMQDZiT22xgab6RFMAPvN4fhWwzx017EzttD4VaYrpbolropBdPJ6 jIXiZQgCwxbGTCwCMQClaQ9K+L5LTeuW50ZKSIbmBZQ5dxjtnK3OlS7hYRi6U0JKZmWbbuS8 vFIgX7eIkd8= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc5035.Receipt()) assert not rest assert receipt.prettyPrint() assert der_encode(receipt) == sd['encapContentInfo']['eContent'] for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc5652.cmsAttributesMap.keys(): sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 def testOpenTypes(self): substrate = pem.readBase64fromText(self.signed_receipt_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() assert asn1Object['contentType'] == rfc5652.id_signedData sd = asn1Object['content'] assert sd['version'] == rfc5652.CMSVersion().subtype(value='v3') assert sd['encapContentInfo']['eContentType'] in rfc5652.cmsContentTypesMap.keys() assert sd['encapContentInfo']['eContentType'] == rfc5035.id_ct_receipt for sa in sd['signerInfos'][0]['signedAttrs']: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() if sa['attrType'] == rfc5035.id_aa_msgSigDigest: sa['attrValues'][0].prettyPrint()[:10] == '0x167378' # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot # automatically decode it receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[sd['encapContentInfo']['eContentType']]) assert receipt['version'] == 1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5083.py0000664006321400632140000000754013605660325021725 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2018, 2019 Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5083 from pyasn1_modules import rfc5035 try: import unittest2 as unittest except ImportError: import unittest class AuthEnvelopedDataTestCase(unittest.TestCase): pem_text = """\ MIICdQIBADGCAiekggIjBgsqhkiG9w0BCRANATCCAhICAQAEE3B0Zi1rbWM6MTM2MTQxMjIx MTIwDQYLKoZIhvcNAQkQAzAwCwYJYIZIAWUDBAEtMIIBsDCCAawCAQKAFJ7rZ8m5WnTUTS8W OWaA6AG1y6ScMA0GCSqGSIb3DQEBAQUABIIBgHfnHNqDbyyql2NqX6UQggelWMTjwzJJ1L2e rbsj1bIAGmpIsUijw+fX8VOS7v1C9ui2Md9NFgCfkmKLo8T/jELqrk7MpMu09G5zDgeXzJfQ DFc115wbrWAUU3XP7XIb6TNOc3xtq4UxA5V6jNUK2XyWKpjzOtM7gm0VWIJGVVlYu+u32LQc CjRFb87kvOY/WEnjxQpCW8g+4V747Ud97dYpMub7TLJiRNZkdHnq8xEGKlXjVHSgc10lhphe 1kFGeCpfJEsqjtN7YsVzf65ri9Z+3FJ1IO4cnMDbzGhyRXkS7a0k58/miJbSj88PvzKNSURw pu4YHMQQX/mjT2ey1SY4ihPMuxxgTdCa04L0UxaRr7xAucz3n2UWShelm3IIjnWRlYdXypnX vKvwCLoeh5mJwUl1JNFPCQkQ487cKRyobUyNgXQKT4ZDHCgXciwsX5nTsom87Ixp5vqSDJ+D hXA0r/Caiu1vnY5X9GLHSkqgXkgqgUuu0LfcsQERD8psfQQogbiuZDqJmYt1Iau/pkuGfmee qeiM3aeQ4NZf9AFZUVWBGArPNHrvVDA3BgkqhkiG9w0BBwEwGwYJYIZIAWUDBAEuMA4EDMr+ ur76ztut3sr4iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RM """ def setUp(self): self.asn1Spec = rfc5083.AuthEnvelopedData() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class AuthEnvelopedDataOpenTypesTestCase(unittest.TestCase): pem_text = """\ MIICvQYLKoZIhvcNAQkQARegggKsMIICqAIBADGCAiekggIjBgsqhkiG9w0BCRAN ATCCAhICAQAEE3B0Zi1rbWM6MTM2MTQxMjIxMTIwDQYLKoZIhvcNAQkQAzAwCwYJ YIZIAWUDBAEtMIIBsDCCAawCAQKAFJ7rZ8m5WnTUTS8WOWaA6AG1y6ScMA0GCSqG SIb3DQEBAQUABIIBgHfnHNqDbyyql2NqX6UQggelWMTjwzJJ1L2erbsj1bIAGmpI sUijw+fX8VOS7v1C9ui2Md9NFgCfkmKLo8T/jELqrk7MpMu09G5zDgeXzJfQDFc1 15wbrWAUU3XP7XIb6TNOc3xtq4UxA5V6jNUK2XyWKpjzOtM7gm0VWIJGVVlYu+u3 2LQcCjRFb87kvOY/WEnjxQpCW8g+4V747Ud97dYpMub7TLJiRNZkdHnq8xEGKlXj VHSgc10lhphe1kFGeCpfJEsqjtN7YsVzf65ri9Z+3FJ1IO4cnMDbzGhyRXkS7a0k 58/miJbSj88PvzKNSURwpu4YHMQQX/mjT2ey1SY4ihPMuxxgTdCa04L0UxaRr7xA ucz3n2UWShelm3IIjnWRlYdXypnXvKvwCLoeh5mJwUl1JNFPCQkQ487cKRyobUyN gXQKT4ZDHCgXciwsX5nTsom87Ixp5vqSDJ+DhXA0r/Caiu1vnY5X9GLHSkqgXkgq gUuu0LfcsQERD8psfQQogbiuZDqJmYt1Iau/pkuGfmeeqeiM3aeQ4NZf9AFZUVWB GArPNHrvVDA3BgkqhkiG9w0BBwEwGwYJYIZIAWUDBAEuMA4EDMr+ur76ztut3sr4 iIANmvLRbyFUf87+2bPvLQQMoOWSXMGE4BckY8RMojEwLwYLKoZIhvcNAQkQAgQx IDAeDBFXYXRzb24sIGNvbWUgaGVyZQYJKoZIhvcNAQcB """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData authenv = asn1Object['content'] assert authenv['version'] == 0 for attr in authenv['unauthAttrs']: assert attr['attrType'] in rfc5652.cmsAttributesMap if attr['attrType'] == rfc5035.id_aa_contentHint: assert 'Watson' in attr['attrValues'][0]['contentDescription'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5084.py0000664006321400632140000001217313605660325021724 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2018, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5083 from pyasn1_modules import rfc5084 from pyasn1_modules import rfc5652 try: import unittest2 as unittest except ImportError: import unittest class CCMParametersTestCase(unittest.TestCase): ccm_pem_text = "MBEEDE2HVyIurFKUEX8MEgIBBA==" def setUp(self): self.asn1Spec = rfc5084.CCMParameters() def testDerCodec(self): substrate = pem.readBase64fromText(self.ccm_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class GCMParametersTestCase(unittest.TestCase): gcm_pem_text = "MBEEDE2HVyIurFKUEX8MEgIBEA==" def setUp(self): self.asn1Spec = rfc5084.GCMParameters() def testDerCodec(self): substrate = pem.readBase64fromText(self.gcm_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class GCMOpenTypesTestCase(unittest.TestCase): rfc8591_pem_pext = """\ MIIHkAYLKoZIhvcNAQkQARegggd/MIIHewIBADGCAk8wggJLAgEAMDMwJjEUMBIGA1UECgwL ZXhhbXBsZS5jb20xDjAMBgNVBAMMBUFsaWNlAgkAg/ULtwvVxA4wDQYJKoZIhvcNAQEBBQAE ggIAdZphtN3x8a8kZoAFY15HYRD6JyPBueRUhLbTPoOH3pZ9xeDK+zVXGlahl1y1UOe+McEx 2oD7cxAkhFuruNZMrCYEBCTZMwVhyEOZlBXdZEs8rZUHL3FFE5PJnygsSIO9DMxd1UuTFGTg Cm5V5ZLFGmjeEGJRbsfTyo52S7iseJqIN3dl743DbApu0+yuUoXKxqKdUFlEVxmhvc+Qbg/z fiwu8PTsYiUQDMBi4cdIlju8iLjj389xQHNyndXHWD51is89GG8vpBe+IsN8mnbGtCcpqtJ/ c65ErJhHTR7rSJSMEqQD0LPOCKIY1q9FaSSJfMXJZk9t/rPxgUEVjfw7hAkKpgOAqoZRN+Fp nFyBl0FnnXo8kLp55tfVyNibtUpmdCPkOwt9b3jAtKtnvDQ2YqY1/llfEUnFOVDKwuC6MYwi fm92qNlAQA/T0+ocjs6gA9zOLx+wD1zqM13hMD/L+T2OHL/WgvGb62JLrNHXuPWA8RShO4kI lPtARKXap2S3+MX/kpSUUrNa65Y5uK1jwFFclczG+CPCIBBn6iJiQT/vOX1I97YUP4Qq6OGk jK064Bq6o8+e5+NmIOBcygYRv6wA7vGkmPLSWbnw99qD728bBh84fC3EjItdusqGIwjzL0eS UWXJ5eu0Z3mYhJGN1pe0R/TEB5ibiJsMLpWAr3gwggUPBgkqhkiG9w0BBwEwHgYJYIZIAWUD BAEGMBEEDE2HVyIurFKUEX8MEgIBEICCBOD+L7PeC/BpmMOb9KlS+r+LD+49fi6FGBrs8aie Gi7ezZQEiFYS38aYQzTYYCt3SbJQTkX1fDsGZiaw/HRiNh7sJnxWATm+XNKGoq+Wls9RhSJ4 5Sw4GMqwpoxZjeT84UozOITk3l3fV+3XiGcCejHkp8DAKZFExd5rrjlpnnAOBX6w8NrXO4s2 n0LrMhtBU4eB2YKhGgs5Q6wQyXtU7rc7OOwTGvxWEONzSHJ01pyvqVQZAohsZPaWLULrM/kE GkrhG4jcaVjVPfULi7Uqo14imYhdCq5Ba4bwqI0Ot6mB27KD6LlOnVC/YmXCNIoYoWmqy1o3 pSm9ovnLEO/dzxQjEJXYeWRje9M/sTxotM/5oZBpYMHqIwHTJbehXFgp8+oDjyTfayMYA3fT cTH3XbGPQfnYW2U9+ka/JhcSYybM8cuDNFd1I1LIQXoJRITXtkvPUbJqm+s6DtS5yvG9I8aQ xlT365zphS4vbQaO74ujO8bE3dynrvTTV0c318TcHpN3DY9PIt6mHXMIPDLEA4wes90zg6ia h5XiQcLtfLaAdYwEEGlImGD8n0kOhSNgclSLMklpj5mVOs8exli3qoXlVMRJcBptSwOe0QPc RY30spywS4zt1UDIQ0jaecGGVtUYj586nkubhAxwZkuQKWxgt6yYTpGNSKCdvd+ygfyGJRDb Wdn6nck/EPnG1773KTHRhMrXrBPBpSlfyJ/ju3644CCFqCjFoTh4bmB63k9ejUEVkJIJuoeK eTBaUxbCIinkK4htBkgchHP51RJp4q9jQbziD3aOhg13hO1GFQ4E/1DNIJxbEnURNp/ga8Sq mnLY8f5Pzwhm1mSzZf+obowbQ+epISrswWyjUKKO+uJfrAVN2TS/5+X6T3U6pBWWjH6+xDng rAJwtIdKBo0iSEwJ2eir4X8TcrSy9l8RSOiTPtqS5dF3RWSWOzkcO72fHCf/42+DLgUVX8Oe 5mUvp7QYiXXsXGezLJ8hPIrGuOEypafDv3TwFkBc2MIB0QUhk+GG1ENY3jiNcyEbovF5Lzz+ ubvechHSb1arBuEczJzN4riM2Dc3c+r8N/2Ft6eivK7HUuYX1uAcArhunZpA8yBGLF1m+DUX FtzWAUvfMKYPdfwGMckghF7YwLrTXd8ZhPIkHNO1KdwQKIRfgIlUPfTxRB7eNrG/Ma9a/Iwr cI1QtkXU59uIZIw+7+FHZRWPsOjTu1Pdy+JtcSTG4dmS+DIwqpUzdu6MaBCVaOhXHwybvaSP TfMG/nR/NxF1FI8xgydnzXZs8HtFDL9iytKnvXHx+IIz8Rahp/PK8S80vPQNIeef/JgnIhto sID/A614LW1tB4cWdveYlD5U8T/XXInAtCY78Q9WJD+ecu87OJmlOdmjrFvitpQAo8+NGWxc 7Wl7LtgDuYel7oXFCVtI2npbA7R+K5/kzUvDCY6GTgzn1Gfamc1/Op6Ue17qd/emvhbIx+ng 3swf8TJVnCNDIXucKVA4boXSlCEhCGzfoZZYGVvm1/hrypiBtpUIKWTxLnz4AQJdZ5LGiCQJ QU1wMyHsg6vWmNaJVhGHE6D/EnKsvJptFIkAx0wWkh35s48p7EbU8QBg//5eNru6yvLRutfd BX7T4w681pCD+dOiom75C3UdahrfoFkNsZ2hB88+qNsEEPb/xuGu8ZzSPZhakhl2NS0= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.rfc8591_pem_pext) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5083.id_ct_authEnvelopedData aed, rest = der_decode(asn1Object['content'], asn1Spec=rfc5083.AuthEnvelopedData(), decodeOpenTypes=True) assert not rest assert aed.prettyPrint() assert der_encode(aed) == asn1Object['content'] assert aed['version'] == 0 cea = aed['authEncryptedContentInfo']['contentEncryptionAlgorithm'] assert cea['algorithm'] == rfc5084.id_aes128_GCM assert cea['parameters']['aes-ICVlen'] == 16 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5208.py0000664006321400632140000000476713605660325021734 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5208 try: import unittest2 as unittest except ImportError: import unittest class PrivateKeyInfoTestCase(unittest.TestCase): pem_text = """\ MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEAx8CO8E0MNgEKXXDf I1xqBmQ+Gp3Srkqp45OApIu4lZ97n5VJ5HljU9wXcPIfx29Le3w8hCPEkugpLsdV GWx+EQIDAQABAkEAiv3f+DGEh6ddsPszKQXK+LuTwy2CRajKYgJnBxf5zpG50XK4 899An+x/pGYVmVED1f0JCbk3BUbv7HViLq0qgQIhAOYlQJaQ8KJBijDpjF62lcVr QrqFPM4+ZrHsw0dVY2CZAiEA3jE5ngkVPfjFWEr7wS50EJhGiYlQeY4l+hADGIhd XDkCIQDIHt5xzmif/nOGop5/gS7ssp8ch1zfTh2IW4NWlOZMCQIgLZmYo5BlpaRK jAZHiKwJ8eXuhAeEVo4PyTREDmLeFjECIQCfyUPDclPo2O8ycPpozwoGwvKFrNZJ VWRpRKqYnOAIXQ== """ def setUp(self): self.asn1Spec = rfc5208.PrivateKeyInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate class EncryptedPrivateKeyInfoInfoTestCase(unittest.TestCase): pem_text = """\ MIIBgTAbBgkqhkiG9w0BBQMwDgQIdtFgDWnipT8CAggABIIBYN0hkm2xqkTCt8dJ iZS8+HNiyHxy8g+rmWSXv/i+bTHFUReZA2GINtTRUkWpXqWcSHxNslgf7QdfgbVJ xQiUM+lLhwOFh85iAHR3xmPU1wfN9NvY9DiLSpM0DMhF3OvAMZD75zIhA0GSKu7w dUu7ey7H4fv7bez6RhEyLdKw9/Lf2KNStNOs4ow9CAtCoxeoMSniTt6CNhbvCkve 9vNHKiGavX1tS/YTog4wiiGzh2YxuW1RiQpTdhWiKyECgD8qQVg2tY5t3QRcXrzi OkStpkiAPAbiwS/gyHpsqiLo0al63SCxRefugbn1ucZyc5Ya59e3xNFQXCNhYl+Z Hl3hIl3cssdWZkJ455Z/bBE29ks1HtsL+bTfFi+kw/4yuMzoaB8C7rXScpGNI/8E pvTU2+wtuoOFcttJregtR94ZHu5wgdYqRydmFNG8PnvZT1mRMmQgUe/vp88FMmsZ dLsZjNQ= """ def setUp(self): self.asn1Spec = rfc5208.EncryptedPrivateKeyInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5280.py0000664006321400632140000002176113605660325021725 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 try: import unittest2 as unittest except ImportError: import unittest class CertificateTestCase(unittest.TestCase): pem_text = """\ MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG 9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs 2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class CertificateListTestCase(unittest.TestCase): pem_text = """\ MIIBVjCBwAIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJBVTETMBEGA1UE CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk MRUwEwYDVQQDEwxzbm1wbGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25t cGxhYnMuY29tFw0xMjA0MTExMzQwNTlaFw0xMjA1MTExMzQwNTlaoA4wDDAKBgNV HRQEAwIBATANBgkqhkiG9w0BAQUFAAOBgQC1D/wwnrcY/uFBHGc6SyoYss2kn+nY RTwzXmmldbNTCQ03x5vkWGGIaRJdN8QeCzbEi7gpgxgpxAx6Y5WkxkMQ1UPjNM5n DGVDOtR0dskFrrbHuNpWqWrDaBN0/ryZiWKjr9JRbrpkHgVY29I1gLooQ6IHuKHY vjnIhxTFoCb5vA== """ def setUp(self): self.asn1Spec = rfc5280.CertificateList() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate class CertificateOpenTypeTestCase(unittest.TestCase): pem_text = """\ MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG 9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs 2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) openTypesMap = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate sig_alg = asn1Object['tbsCertificate']['signature'] assert sig_alg['parameters'] == univ.Null("") spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_alg['parameters'] == univ.Null("") for rdn in asn1Object['tbsCertificate']['subject']['rdnSequence']: for atv in rdn: if atv['type'] == rfc5280.id_emailAddress: assert "valicert.com" in atv['value'] else: atv_ps = str(atv['value']['printableString']) assert "valicert" in atv_ps.lower() class CertificateListOpenTypeTestCase(unittest.TestCase): pem_text = """\ MIIBVjCBwAIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJBVTETMBEGA1UE CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk MRUwEwYDVQQDEwxzbm1wbGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25t cGxhYnMuY29tFw0xMjA0MTExMzQwNTlaFw0xMjA1MTExMzQwNTlaoA4wDDAKBgNV HRQEAwIBATANBgkqhkiG9w0BAQUFAAOBgQC1D/wwnrcY/uFBHGc6SyoYss2kn+nY RTwzXmmldbNTCQ03x5vkWGGIaRJdN8QeCzbEi7gpgxgpxAx6Y5WkxkMQ1UPjNM5n DGVDOtR0dskFrrbHuNpWqWrDaBN0/ryZiWKjr9JRbrpkHgVY29I1gLooQ6IHuKHY vjnIhxTFoCb5vA== """ def setUp(self): self.asn1Spec = rfc5280.CertificateList() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) openTypesMap = { univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate sig_alg = asn1Object['tbsCertList']['signature'] assert sig_alg['parameters'] == univ.Null("") for rdn in asn1Object['tbsCertList']['issuer']['rdnSequence']: for atv in rdn: if atv['type'] == rfc5280.id_emailAddress: assert "snmplabs.com" in atv['value'] elif atv['type'] == rfc5280.id_at_countryName: assert atv['value'] == 'AU' else: assert len(atv['value']['printableString']) > 9 crl_extn_count = 0 for extn in asn1Object['tbsCertList']['crlExtensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] crl_extn_count += 1 assert crl_extn_count == 1 def testExtensionsMap(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate cert_extn_count = 0 for extn in asn1Object['tbsCertList']['crlExtensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] cert_extn_count += 1 assert cert_extn_count == 1 class ORAddressOpenTypeTestCase(unittest.TestCase): oraddress_pem_text = """\ MEMwK2EEEwJHQmIKEwhHT0xEIDQwMKIHEwVVSy5BQ4MHU2FsZm9yZKYFEwNSLUQx FDASgAEBoQ0TC1N0ZXZlIEtpbGxl """ def setUp(self): self.asn1Spec = rfc5280.ORAddress() def testDecodeOpenTypes(self): substrate = pem.readBase64fromText(self.oraddress_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate ea0 = asn1Object['extension-attributes'][0] assert ea0['extension-attribute-type'] == rfc5280.common_name assert ea0['extension-attribute-value'] == "Steve Kille" suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5480.py0000775006321400632140000000634713605660325021735 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5480 try: import unittest2 as unittest except ImportError: import unittest class ECCertTestCase(unittest.TestCase): digicert_ec_cert_pem_text = """\ MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBh MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVT MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBT ZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6g LGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv 68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0w EgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEE KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0f BDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv YmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/A buiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJ KoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/6 3qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoB UEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6 mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3 loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQd Ea8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.digicert_ec_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate algid = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert algid['algorithm'] == rfc5480.id_ecPublicKey param, rest = der_decode(algid['parameters'], asn1Spec=rfc5480.ECParameters()) assert param.prettyPrint() assert param['namedCurve'] == rfc5480.secp384r1 def testOpenTypes(self): substrate = pem.readBase64fromText(self.digicert_ec_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_alg = asn1Object['tbsCertificate']['subjectPublicKeyInfo']['algorithm'] assert spki_alg['algorithm'] == rfc5480.id_ecPublicKey assert spki_alg['parameters']['namedCurve'] == rfc5480.secp384r1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5649.py0000664006321400632140000000330213605660325021725 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5649 try: import unittest2 as unittest except ImportError: import unittest class AESKeyWrapTestCase(unittest.TestCase): kw_alg_id_pem_text = "MAsGCWCGSAFlAwQBLQ==" def setUp(self): self.asn1Spec = rfc5649.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.kw_alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc5649.id_aes256_wrap assert der_encoder.encode(asn1Object) == substrate class AESKeyWrapWithPadTestCase(unittest.TestCase): kw_pad_alg_id_pem_text = "MAsGCWCGSAFlAwQBMA==" def setUp(self): self.asn1Spec = rfc5649.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.kw_pad_alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc5649.id_aes256_wrap_pad assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5652.py0000664006321400632140000001512113605660325021721 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1.type import char from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6402 try: import unittest2 as unittest except ImportError: import unittest class ContentInfoTestCase(unittest.TestCase): pem_text = """\ MIIEJQYJKoZIhvcNAQcCoIIEFjCCBBICAQMxCzAJBgUrDgMCGgUAMIIDAgYIKwYBBQUHDAKgggL0 BIIC8DCCAuwweDB2AgECBgorBgEEAYI3CgoBMWUwYwIBADADAgEBMVkwVwYJKwYBBAGCNxUUMUow SAIBBQwZcGl0dWNoYTEuZW1lYS5ocHFjb3JwLm5ldAwMRU1FQVxwaXR1Y2hhDBpDTUNSZXFHZW5l cmF0b3IudnNob3N0LmV4ZTCCAmqgggJmAgEBMIICXzCCAcgCAQAwADCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEA0jm7SSSm2wyEAzuNKtFZFJKo91SrJq9wQwEhEKHDavZwMQOm1rZ2PF8NWCEb PqrhToQ7rtiGLSZa4dF4bzgmBqQ9aoSfEX4jISt31Vy+skHidXjHHpbsjT24NPhrZgANivL7CxD6 Ft+s7qS1gL4HRm2twQkqSwOLrE/q2QeXl2UCAwEAAaCCAR0wGgYKKwYBBAGCNw0CAzEMFgo2LjIu OTIwMC4yMD4GCSqGSIb3DQEJDjExMC8wHQYDVR0OBBYEFMW2skn88gxhONWZQA4sWGBDb68yMA4G A1UdDwEB/wQEAwIHgDBXBgkrBgEEAYI3FRQxSjBIAgEFDBlwaXR1Y2hhMS5lbWVhLmhwcWNvcnAu bmV0DAxFTUVBXHBpdHVjaGEMGkNNQ1JlcUdlbmVyYXRvci52c2hvc3QuZXhlMGYGCisGAQQBgjcN AgIxWDBWAgECHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABv AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAwDQYJKoZIhvcNAQEFBQADgYEAJZlu mxjtCxSOQi27jsVdd3y8NSIlzNv0b3LqmzvAly6L+CstXcnuG2MPQqPH9R7tbJonGUniBQO9sQ7C KhYWj2gfhiEkSID82lV5chINVUFKoUlSiEhWr0tPGgvOaqdsKQcrHfzrsBbFkhDqrFSVy7Yivbnh qYszKrOjJKiiCPMwADAAMYH5MIH2AgEDgBTFtrJJ/PIMYTjVmUAOLFhgQ2+vMjAJBgUrDgMCGgUA oD4wFwYJKoZIhvcNAQkDMQoGCCsGAQUFBwwCMCMGCSqGSIb3DQEJBDEWBBTFTkK/OifaFjwqHiJu xM7qXcg/VzANBgkqhkiG9w0BAQEFAASBgKfC6jOi1Wgy4xxDCQVK9+e5tktL8wE/j2cb9JSqq+aU 5UxEgXEw7q7BoYZCAzcxMRriGzakXr8aXHcgkRJ7XcFvLPUjpmGg9SOZ2sGW4zQdWAwImN/i8loc xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) layers = { rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), rfc5652.id_signedData: rfc5652.SignedData(), rfc6402.id_cct_PKIData: rfc6402.PKIData() } getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc6402.id_cct_PKIData: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc6402.id_cct_PKIData: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decoder.decode( substrate, asn1Spec=layers[next_layer] ) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) def testOpenTypes(self): class ClientInformation(univ.Sequence): pass ClientInformation.componentType = namedtype.NamedTypes( namedtype.NamedType('clientId', univ.Integer()), namedtype.NamedType('MachineName', char.UTF8String()), namedtype.NamedType('UserName', char.UTF8String()), namedtype.NamedType('ProcessName', char.UTF8String()) ) class EnrollmentCSP(univ.Sequence): pass EnrollmentCSP.componentType = namedtype.NamedTypes( namedtype.NamedType('KeySpec', univ.Integer()), namedtype.NamedType('Name', char.BMPString()), namedtype.NamedType('Signature', univ.BitString()) ) openTypeMap = { # attributes univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): char.IA5String(), univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.2'): EnrollmentCSP(), univ.ObjectIdentifier('1.3.6.1.4.1.311.21.20'): ClientInformation(), # algorithm identifier parameters univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } openTypeMap.update(rfc5652.cmsAttributesMap) openTypeMap.update(rfc6402.cmcControlAttributesMap) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate eci = asn1Object['content']['encapContentInfo'] assert eci['eContentType'] in rfc5652.cmsContentTypesMap.keys() assert eci['eContentType'] == rfc6402.id_cct_PKIData pkid, rest = der_decoder.decode(eci['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']], openTypes=openTypeMap, decodeOpenTypes=True) assert not rest assert pkid.prettyPrint() assert der_encoder.encode(pkid) == eci['eContent'] for req in pkid['reqSequence']: cr = req['tcr']['certificationRequest'] sig_alg = cr['signatureAlgorithm'] assert sig_alg['algorithm'] in openTypeMap.keys() assert sig_alg['parameters'] == univ.Null("") cri = cr['certificationRequestInfo'] spki_alg = cri['subjectPublicKeyInfo']['algorithm'] assert spki_alg['algorithm'] in openTypeMap.keys() assert spki_alg['parameters'] == univ.Null("") attrs = cr['certificationRequestInfo']['attributes'] for attr in attrs: assert attr['attrType'] in openTypeMap.keys() if attr['attrType'] == univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): assert attr['attrValues'][0] == "6.2.9200.2" else: assert attr['attrValues'][0].hasValue() suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5751.py0000664006321400632140000001106313605660325021722 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5751 try: import unittest2 as unittest except ImportError: import unittest class SignedMessageTestCase(unittest.TestCase): pem_text = """\ MIIGigYJKoZIhvcNAQcCoIIGezCCBncCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0B BwGgHgQcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6AD AgECAgIAyDAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3 MDExMDQ5WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYw ggErBgcqhkjOOAQBMIIBHgKBgQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QI T/+U4XNIfgzW80RI0f6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJEIlZvep175 /PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXVOXYQxHi9/52whJc38uRRG7XkCZZc 835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJjjQFIkyqjn7Pm3ZS1lqTHYj OQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0dc9KCF5LPpD4beqc ySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGmE2HxF/wr3t 0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSmFoko ESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhry JKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi 9PKD5bijgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSME GDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTO EwHi/eOX/s0wHwYDVR0RBBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZI zjgEAwMwADAtAhRVDKQZH0IriXEiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3i EFJbQ169MYIDVDCCA1ACAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUr DgMCGqCCAuowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAjBgkqhkiG9w0BCQQx FgQUQGrsCFJ5um4WAi2eBinAIpaH3UgwOAYDKqszMTEEL1RoaXMgaXMgYSB0ZXN0 IEdlbmVyYWwgQVNOIEF0dHJpYnV0ZSwgbnVtYmVyIDEuMD4GCyqGSIb3DQEJEAIE MS8wLQwgQ29udGVudCBIaW50cyBEZXNjcmlwdGlvbiBCdWZmZXIGCSqGSIb3DQEH ATBKBgkqhkiG9w0BCQ8xPTA7MAcGBSoDBAUGMDAGBioDBAUGTQQmU21pbWUgQ2Fw YWJpbGl0aWVzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbwYLKoZIhvcNAQkQAgoxYDBe BgUqAwQFBgQrQ29udGVudCBSZWZlcmVuY2UgQ29udGVudCBJZGVudGlmaWVyIEJ1 ZmZlcgQoQ29udGVudCBSZWZlcmVuY2UgU2lnbmF0dXJlIFZhbHVlIEJ1ZmZlcjBz BgsqhkiG9w0BCRACCzFkoGIwWjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDVVTIEdv dmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQLEwNWREExEjAQBgNV BAMTCURhaXN5IFJTQQIEClVEMzCB/AYLKoZIhvcNAQkQAgMxgewwgekwgeYEBzU3 MzgyOTkYDzE5OTkwMzExMTA0NDMzWqGByTCBxqRhMF8xCzAJBgNVBAYTAlVTMRYw FAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhWREEgU2l0ZTEMMAoGA1UE CxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IERTQaRhMF8xCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhWREEgU2l0ZTEMMAoG A1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTAJBgcqhkjOOAQDBC8w LQIVALwzN2XE93BcF0kTqkyFyrtSkUhZAhRjlqIUi89X3rBIX2xk3YQESV8cyg== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): smimeCapMap = { univ.ObjectIdentifier('1.2.3.4.5.6.77'): univ.OctetString(), } smimeCapMap.update(rfc5751.smimeCapabilityMap) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData assert asn1Object['content']['version'] == 1 for si in asn1Object['content']['signerInfos']: assert si['version'] == 1 for attr in si['signedAttrs']: if attr['attrType'] == rfc5751.smimeCapabilities: for scap in attr['attrValues'][0]: if scap['capabilityID'] in smimeCapMap.keys(): scap_p, rest = der_decode(scap['parameters'], asn1Spec=smimeCapMap[scap['capabilityID']]) assert not rest assert der_encode(scap_p) == scap['parameters'] assert 'parameters' in scap_p.prettyPrint() if attr['attrType'] == rfc5751.id_aa_encrypKeyPref: ekp_issuer_serial = attr['attrValues'][0]['issuerAndSerialNumber'] assert ekp_issuer_serial['serialNumber'] == 173360179 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5755.py0000664006321400632140000001776613605660325021746 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.compat.octets import str2octs from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5755 from pyasn1_modules import rfc3114 try: import unittest2 as unittest except ImportError: import unittest class AttributeCertificateTestCase(unittest.TestCase): pem_text = """\ MIIDBTCCAm4CAQEwgY+gUTBKpEgwRjEjMCEGA1UEAwwaQUNNRSBJbnRlcm1lZGlh dGUgRUNEU0EgQ0ExCzAJBgNVBAYTAkZJMRIwEAYDVQQKDAlBQ01FIEx0ZC4CAx7N WqE6pDgwNjETMBEGA1UEAwwKQUNNRSBFQ0RTQTELMAkGA1UEBhMCRkkxEjAQBgNV BAoMCUFDTUUgTHRkLqA9MDukOTA3MRQwEgYDVQQDDAtleGFtcGxlLmNvbTELMAkG A1UEBhMCRkkxEjAQBgNVBAoMCUFDTUUgTHRkLjANBgkqhkiG9w0BAQsFAAIEC63K /jAiGA8yMDE2MDEwMTEyMDAwMFoYDzIwMTYwMzAxMTIwMDAwWjCB8jA8BggrBgEF BQcKATEwMC6GC3VybjpzZXJ2aWNlpBUwEzERMA8GA1UEAwwIdXNlcm5hbWUECHBh c3N3b3JkMDIGCCsGAQUFBwoCMSYwJIYLdXJuOnNlcnZpY2WkFTATMREwDwYDVQQD DAh1c2VybmFtZTA1BggrBgEFBQcKAzEpMCegGKQWMBQxEjAQBgNVBAMMCUFDTUUg THRkLjALDAlBQ01FIEx0ZC4wIAYIKwYBBQUHCgQxFDASMBAMBmdyb3VwMQwGZ3Jv dXAyMCUGA1UESDEeMA2hC4YJdXJuOnJvbGUxMA2hC4YJdXJuOnJvbGUyMGowHwYD VR0jBBgwFoAUgJCMhskAsEBzvklAX8yJBOXO500wCQYDVR04BAIFADA8BgNVHTcB Af8EMjAwMB2gCoYIdXJuOnRlc3SgD4INKi5leGFtcGxlLmNvbTAPoA2GC3Vybjph bm90aGVyMA0GCSqGSIb3DQEBCwUAA4GBACygfTs6TkPurZQTLufcE3B1H2707OXK sJlwRpuodR2oJbunSHZ94jcJHs5dfbzFs6vNfVLlBiDBRieX4p+4JcQ2P44bkgyi UTJu7g1b6C1liB3vO6yH5hOZicOAaKd+c/myuGb9uJ4n6y2oLNxnk/fDzpuZUe2h Q4eikPk4LQey """ def setUp(self): self.asn1Spec = rfc5755.AttributeCertificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['acinfo']['version'] == 1 count = 0 for attr in asn1Object['acinfo']['attributes']: assert attr['type'] in rfc5280.certificateAttributesMap.keys() av, rest = der_decode(attr['values'][0], asn1Spec=rfc5280.certificateAttributesMap[attr['type']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['values'][0] count += 1 assert count == 5 def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['acinfo']['version'] == 1 count = 0 for attr in asn1Object['acinfo']['attributes']: assert attr['type'] in rfc5280.certificateAttributesMap.keys() count += 1 if attr['type'] == rfc5755.id_aca_authenticationInfo: assert attr['values'][0]['authInfo'] == str2octs('password') assert count == 5 class CertificateWithClearanceTestCase(unittest.TestCase): cert_pem_text = """\ MIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZIzj0EAwMw ZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw DgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3BjYS5leGFt cGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGSMQswCQYD VQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoT B0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1lbnQxDTAL BgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5jb20wdjAQ BgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQgKpBispSx XxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQQXc3zxnk cl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m711OqFDNGR SWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/VGWhQ6RB MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjER MA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTADAQH/MAsG A1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5u b3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAwwCgYIKwYB BQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsqhkiG9w0B CRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09VUkNFUyBV U0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERlcGFydG1l bnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/Hea3Hk8P tTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weBdBa5WEDI FFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2 """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate clearance_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5755.id_at_clearance: assert attr['type'] in rfc5280.certificateAttributesMap.keys() av, rest = der_decode(attr['values'][0], asn1Spec=rfc5280.certificateAttributesMap[attr['type']]) assert av['policyId'] == rfc3114.id_tsp_TEST_Whirlpool for cat in av['securityCategories']: assert cat['type'] == rfc3114.id_tsp_TEST_Whirlpool_Categories assert cat['type'] in rfc5755.securityCategoryMap.keys() catv, rest = der_decode(cat['value'], asn1Spec=rfc5755.securityCategoryMap[cat['type']]) assert u'USE ONLY' in catv[0] clearance_found = True assert clearance_found def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate clearance_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], decodeOpenTypes=True) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5755.id_at_clearance: spid = rfc3114.id_tsp_TEST_Whirlpool catid = rfc3114.id_tsp_TEST_Whirlpool_Categories assert attr['values'][0]['policyId'] == spid for cat in attr['values'][0]['securityCategories']: assert cat['type'] == catid assert u'USE ONLY' in cat['value'][0] clearance_found = True assert clearance_found suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5913.py0000664006321400632140000001125213605660325021722 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5913 from pyasn1_modules import rfc5755 from pyasn1_modules import rfc3114 try: import unittest2 as unittest except ImportError: import unittest class ClearanceTestCase(unittest.TestCase): cert_pem_text = """\ MIIDhzCCAw6gAwIBAgIJAKWzVCgbsG5GMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMTAyMTg0MjE4WhcNMjAxMTAxMTg0MjE4WjBmMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 YW1wbGUxDDAKBgNVBAsTA1BDQTEYMBYGA1UEAxMPcGNhLmV4YW1wbGUuY29tMHYw EAYHKoZIzj0CAQYFK4EEACIDYgAEPf5vbgAqbE5dn6wbiCx4sCCcn1BKSrHmCfiW C9QLSGVNGHifQwPt9odGXjRiQ7QwpZ2wRD6Z91v+fk85XXLE3kJQCQdPIHFUY5EM pvS7T6u6xrmwnlVpUURPTOxfc55Oo4IBrTCCAakwHQYDVR0OBBYEFCbqJQ8LMiAo pNdaCo3/Ldy9f1RlMG8GA1UdIwRoMGaAFPI12zQE2qVV8r1pA5mwYuziFQjBoUOk QTA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24x ETAPBgNVBAoMCEJvZ3VzIENBggkA6JHWBpFPzvIwDwYDVR0TAQH/BAUwAwEB/zAL BgNVHQ8EBAMCAYYwQgYJYIZIAYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fu bm90IGJlIHRydXN0ZWQgZm9yIGFueSBwdXJwb3NlLjAVBgNVHSAEDjAMMAoGCCsG AQUFBw0CMAoGA1UdNgQDAgECMIGRBggrBgEFBQcBFQSBhDCBgTBZBgsqhkiG9w0B CRAHAwMCBeAxRjBEgAsqhkiG9w0BCRAHBIE1MDMMF0xBVyBERVBBUlRNRU5UIFVT RSBPTkxZDBhIVU1BTiBSRVNPVVJDRVMgVVNFIE9OTFkwEQYLKoZIhvcNAQkQBwID AgTwMBEGCyqGSIb3DQEJEAcBAwIF4DAKBggqhkjOPQQDAwNnADBkAjAZSD+BVqzc 1l0fDoH3LwixjxvtddBHbJsM5yBek4U9b2yWL2KEmwV02fTgof3AjDECMCTsksmx 5f3i5DSYfe9Q1heJlEJLd1hgZmfvUYNnCU3WrdmYzyoNdNTbg7ZFMoxsXw== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate cat_value_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5913.id_pe_clearanceConstraints: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for c in ev: if c['policyId'] == rfc3114.id_tsp_TEST_Whirlpool: for sc in c['securityCategories']: assert sc['type'] in rfc5755.securityCategoryMap.keys() scv, rest = der_decode(sc['value'], asn1Spec=rfc5755.securityCategoryMap[sc['type']]) for cat in scv: assert u'USE ONLY' in cat cat_value_found = True assert cat_value_found def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate cat_value_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5913.id_pe_clearanceConstraints: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], decodeOpenTypes=True) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for c in ev: if c['policyId'] == rfc3114.id_tsp_TEST_Whirlpool: for sc in c['securityCategories']: assert sc['type'] in rfc5755.securityCategoryMap.keys() for cat in sc['value']: assert u'USE ONLY' in cat cat_value_found = True assert cat_value_found suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc5914.py0000664006321400632140000000670513605660325021732 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5914 from pyasn1_modules import rfc5652 try: import unittest2 as unittest except ImportError: import unittest class TrustAnchorListTestCase(unittest.TestCase): trust_anchor_list_pem_text = """\ MIIGGQYLKoZIhvcNAQkQASKgggYIMIIGBKGCAvYwggLyoAMCAQICAgDJMA0GCSqG SIb3DQEBCwUAMBYxFDASBgNVBAMTC3JpcGUtbmNjLXRhMCAXDTE3MTEyODE0Mzk1 NVoYDzIxMTcxMTI4MTQzOTU1WjAWMRQwEgYDVQQDEwtyaXBlLW5jYy10YTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANFEWEhqlM9psgbDs3ltY0OjbMTb 5SzMoVpJ755fDYgQrP0/0tl7jSkDWfsAWcSIDz1dqRQRXkAL6B/1ivNx8ANuldrI sJvzGNpymfjpcPsJac5WdadyKY9njXCq5orfAcAQvMSJs7ghmldI5EQdBmdIaB+j JdN7pi6a0bJ+r9MTj9PpekHNWRzBVRW9/OSEOxUEE3FSMa3XjLKMiavXjJBOg6HJ R4RfzZUpZV7mwEkPSlFqidPjrd0Al6+C1xAjH5KZFUdk2U/r+b+ufGx1bOmcUQ9W +lJNbkCgMh1G5/7V7z/Ja4wImxs1bFw09i9MeBHcfkHYsT4Do4t4ATMi9lcCAwEA AaOCAV4wggFaMB0GA1UdDgQWBBToVSsf1tGk9+QExtjlaA0evBY/wzAPBgNVHRMB Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjCBsQYIKwYBBQUHAQsEgaQwgaEwPAYI KwYBBQUHMAqGMHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L3JpcGUt bmNjLXRhLm1mdDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25v dGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHMAWGIXJzeW5jOi8vcnBraS5yaXBlLm5l dC9yZXBvc2l0b3J5LzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF BwEHAQH/BBgwFjAJBAIAATADAwEAMAkEAgACMAMDAQAwIQYIKwYBBQUHAQgBAf8E EjAQoA4wDDAKAgEAAgUA/////zCCAgIwggGIoAMCAQICCQDokdYGkU/O8jAKBggq hkjOPQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcMB0hl cm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4XDTE5MDUxNDA4NTgxMVoXDTIxMDUx MzA4NTgxMVowPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdI ZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IA BPBRdlSx6I5qpZ2sKUMIxun1gUAzzstOYWKvKCnMoNT1x+pIKDvMEMimFcLAxxL3 NVYOhK0Jty83SPDkKWMdx9/Okdhf3U/zxJlEnXDiFrAeM6xbG8zcCRiBnmd92Uvs RqNQME4wHQYDVR0OBBYEFPI12zQE2qVV8r1pA5mwYuziFQjBMB8GA1UdIwQYMBaA FPI12zQE2qVV8r1pA5mwYuziFQjBMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwMD aAAwZQIwWlGNjb9NyqJSzUSdsEqDSvMZb8yFkxYCIbAVqQ9UqScUUb9tpJKGsPWw bZsnLVvmAjEAt/ypozbUhQw4dSPpWzrn5BQ0kKbDM3DQJcBABEUBoIOol1/jYQPm xajQuxcheFlkooIBADCB/TB2MBAGByqGSM49AgEGBSuBBAAiA2IABOIIQup32CTe oCxkpBPOQJwjcqkCCg43PyE2uI1TFPbVkZVL85YCjXEexNjLp59e76Dmf1qSEZZT b+vAyz+u/Vs/RyTnmgculr6oL7tXGK9xpL14Oh7oWzxrZBErzDQrjAQUo53mH/na OU/AbuiRy5Wl2jHiCp8MFURpZ2lDZXJ0IFRydXN0IEFuY2hvcjBSMEwxCzAJBgNV BAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0 IEVDQyBTZWN1cmUgU2VydmVyIENBggIFIIICZW4= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.trust_anchor_list_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5914.id_ct_trustAnchorList tal, rest = der_decode(asn1Object['content'], rfc5914.TrustAnchorList()) assert not rest assert tal.prettyPrint() assert der_encode(tal) == asn1Object['content'] assert sum (1 for _ in tal) == 3 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc5915.py0000664006321400632140000000264413605660325021731 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5915 from pyasn1_modules import rfc5480 try: import unittest2 as unittest except ImportError: import unittest class MUDCertTestCase(unittest.TestCase): private_key_pem_text = """\ MIGkAgEBBDDLjzGbbLrR3T13lrrVum7WC/4Ua4Femc1RhhNVe1Q5XsArQ33kn9kx 3lOUfOcG+qagBwYFK4EEACKhZANiAAT4zZ8HL+xEDpXWkoWp5xFMTz4u4Ae1nF6z XCYlmsEGD5vPu5hl9hDEjd1UHRgJIPoy3fJcWWeZ8FHCirICtuMgFisNscG/aTwK yDYOFDuqz/C2jyEwqgWCRyxyohuJXtk= """ def setUp(self): self.asn1Spec = rfc5915.ECPrivateKey() def testDerCodec(self): substrate = pem.readBase64fromText(self.private_key_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['parameters']['namedCurve'] == rfc5480.secp384r1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5916.py0000664006321400632140000001005013605660325021720 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5916 try: import unittest2 as unittest except ImportError: import unittest class DeviceCertTestCase(unittest.TestCase): cert_pem_text = """\ MIICpzCCAiygAwIBAgIJAKWzVCgbsG5FMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMDMxMTQwMDE1WhcNMjAxMDMwMTQwMDE1WjB4MQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 YW1wbGUxGjAYBgNVBAsTEURldmljZSBPcGVyYXRpb25zMRwwGgYDVQQDExNleDEy MzQ1LmV4YW1wbGUuY29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE7Lje3glS2qYl 5x6N9TOlD4CbnzfFeJQfbDaCa3vexEiwE0apuAP+4L5fqOsYeZC970iNW+z3PdUs GzkKDC2cCVy8nIxQ3mWhNQDvavT3iz5OGSwa1GjSXRFbGn2x9QjNo4G6MIG3MEIG CWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVk IGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFPTQN1kXEM5Rd4hNvQL5HyA+o2No MB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAsGA1UdDwQEAwIHgDAk BgNVHQkEHTAbMBkGCWCGSAFlAgEFRTEMBgorBgEEAYGsYDAYMAoGCCqGSM49BAMD A2kAMGYCMQCt6AceOEIwXFKFHIV8+wTK/vgs7ZYSA6jhXUpzNtzZw1xh9NxVUhmx pogu5Q9Vp28CMQC5YVF8dShC1tk9YImRftiVl8C6pbj//1K/+MwmR6nRk/WU+hKl +Qsc5Goi6At471s= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate found_dev_owner = False der_dev_own_oid = der_encode(univ.ObjectIdentifier('1.3.6.1.4.1.22112.48.24')) for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5916.id_deviceOwner: assert attr['values'][0] == der_dev_own_oid found_dev_owner = True assert found_dev_owner def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate found_dev_owner = False dev_own_oid = univ.ObjectIdentifier('1.3.6.1.4.1.22112.48.24') for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], decodeOpenTypes=True) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5916.id_deviceOwner: assert attr['values'][0] == dev_own_oid found_dev_owner = True assert found_dev_owner suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5917.py0000664006321400632140000001070013605660325021723 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5917 try: import unittest2 as unittest except ImportError: import unittest class ClearanceSponsorTestCase(unittest.TestCase): cert_pem_text = """\ MIID1DCCA1qgAwIBAgIUUc1IQGJpeYQ0XwOS2ZmVEb3aeZ0wCgYIKoZIzj0EAwMw ZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAw DgYDVQQKEwdFeGFtcGxlMQwwCgYDVQQLEwNQQ0ExGDAWBgNVBAMTD3BjYS5leGFt cGxlLmNvbTAeFw0xOTExMDUyMjIwNDZaFw0yMDExMDQyMjIwNDZaMIGSMQswCQYD VQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoT B0V4YW1wbGUxIjAgBgNVBAsTGUh1bWFuIFJlc291cmNlIERlcGFydG1lbnQxDTAL BgNVBAMTBEZyZWQxHzAdBgkqhkiG9w0BCQEWEGZyZWRAZXhhbXBsZS5jb20wdjAQ BgcqhkjOPQIBBgUrgQQAIgNiAAQObFslQ2EBP0xlDJ3sRnsNaqm/woQgKpBispSx XxK5bWUVpfnWsZnjLWhtDuPcu1BcBlM2g7gwL/aw8nUSIK3D8Ja9rTUQQXc3zxnk cl8+8znNXHMGByRjPUH87C+TOrqjggGaMIIBljAdBgNVHQ4EFgQU5m711OqFDNGR SWMOSzTXjpTLIFUwbwYDVR0jBGgwZoAUJuolDwsyICik11oKjf8t3L1/VGWhQ6RB MD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjER MA8GA1UECgwIQm9ndXMgQ0GCCQCls1QoG7BuRjAPBgNVHRMBAf8EBTADAQH/MAsG A1UdDwQEAwIBhjBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5u b3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMBUGA1UdIAQOMAwwCgYIKwYB BQUHDQIwCgYDVR02BAMCAQIwfwYDVR0JBHgwdjBJBgNVBDcxQjBABgsqhkiG9w0B CRAHAwMCBeAxLTArgAsqhkiG9w0BCRAHBIEcMBoMGEhVTUFOIFJFU09VUkNFUyBV U0UgT05MWTApBglghkgBZQIBBUQxHAwaSHVtYW4gUmVzb3VyY2VzIERlcGFydG1l bnQwCgYIKoZIzj0EAwMDaAAwZQIwVh/RypULFgPpAN0I7OvuMomRWnm/Hea3Hk8P tTRz2Zai8iYat7oeAmGVgMhSXy2jAjEAuJW4l/CFatBy4W/lZ7gS3weBdBa5WEDI FFMC7GjGtCeLtXYqWfBnRdK26dOaHLB2 """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate cs = rfc5917.DirectoryString() cs['utf8String'] = u'Human Resources Department' encoded_cs = der_encode(cs) clearance_sponsor_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5917.id_clearanceSponsor: assert attr['values'][0] == encoded_cs clearance_sponsor_found = True assert clearance_sponsor_found def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate clearance_sponsor_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectDirectoryAttributes: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']], decodeOpenTypes=True) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] for attr in ev: if attr['type'] == rfc5917.id_clearanceSponsor: hrd = u'Human Resources Department' assert attr['values'][0]['utf8String'] == hrd clearance_sponsor_found = True assert clearance_sponsor_found suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc5924.py0000664006321400632140000000513713605660325021731 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5924 try: import unittest2 as unittest except ImportError: import unittest class SIPDomainCertTestCase(unittest.TestCase): cert_pem_text = """\ MIICiTCCAg+gAwIBAgIJAKWzVCgbsG5EMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMDMwMjEwMDM0WhcNMjAxMDI5MjEwMDM0WjBsMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 YW1wbGUxEjAQBgNVBAsTCVNJUCBQcm94eTEYMBYGA1UEAxMPc2lwLmV4YW1wbGUu Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEcY3ckttSa6z3CfOFwZvPmZY8C9Ml D1XOydz00+Vqifh1lydhDuulHrJaQ+QgVjG1TzlTAssD9GeABit/M98DPS/IC3wi TsTMSyQ9/Oz4hKAw7x7lYEvufvycsZ7pJGRso4GpMIGmMEIGCWCGSAGG+EIBDQQ1 FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVy cG9zZS4wHQYDVR0OBBYEFEcJ8iFWmJOl3Hg/44UFgFWNbe7FMB8GA1UdIwQYMBaA FPI12zQE2qVV8r1pA5mwYuziFQjBMAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggr BgEFBQcDFDAKBggqhkjOPQQDAwNoADBlAjAXEPPNyXBUj40dzy+ZOqafuM3/6Fy6 bkgiIObcQImra96X10fe6qacanrbu4uU6d8CMQCQ+BCjCnOP4dBbNC3vB0WypxLo UwZ6TjS0Rfr+dRvlyilVjP+hPVwbyb7ZOSZR6zk= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate found_kp_sipDomain = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_extKeyUsage: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] assert rfc5924.id_kp_sipDomain in ev found_kp_sipDomain = True assert found_kp_sipDomain suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5934.py0000664006321400632140000003557413605660325021742 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Acknowledgement to Carl Wallace for the test messages. # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5934 try: import unittest2 as unittest except ImportError: import unittest class TAMPStatusResponseTestCase(unittest.TestCase): tsr_pem_text = """\ MIIU/QYJKoZIhvcNAQcCoIIU7jCCFOoCAQMxDTALBglghkgBZQMEAgEwgg/GBgpghkgBZQIB Ak0CoIIPtgSCD7Iwgg+uMAiDAAIEXXp3f6GCD50wgg+ZooIFFTCCBREwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDALMH2jTus/z881nG+uHQiB+xwQRX8q0DjB6rBw9if/tpM Or8/yNgoe0s2AcCsRSXD0g4Kj4UYZBA9GhNwKm+O19yNk7NBDzghza2rwj0qBdNXETcNzYxR +ZPjzEZJIY4UtM3LFD44zXIx7qsS8mXqNC5WXf/uY3XLbbqRNPye8/QtHL5QxELfWYj/arP6 qGw9y1ZxcQWWu5+A5YBFWWdBsOvDrWCkgHUGF5wO9EPgmQ4b+3/1s8yygYKx/TLBuL5BpGS1 YDpaUTCMzt5BLBlHXEkQZLl0qYdBr31uusG4ob9lMToEZ/m1u46SigBjuLHmjDhfg/9Q1Tui XWuyEMxjAgMBAAEEFEl0uwxeunr+AlTve6DGlcYJgHCWMIID0TBbMQswCQYDVQQGEwJVUzEY MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEW MBQGA1UEAxMNRG9EIFJvb3QgQ0EgMqCCA3AwggJYoAMCAQICAQUwDQYJKoZIhvcNAQEFBQAw WzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9E MQwwCgYDVQQLEwNQS0kxFjAUBgNVBAMTDURvRCBSb290IENBIDIwHhcNMDQxMjEzMTUwMDEw WhcNMjkxMjA1MTUwMDEwWjBbMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5t ZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0Eg MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAswfaNO6z/PzzWcb64dCIH7HBB FfyrQOMHqsHD2J/+2kw6vz/I2Ch7SzYBwKxFJcPSDgqPhRhkED0aE3Aqb47X3I2Ts0EPOCHN ravCPSoF01cRNw3NjFH5k+PMRkkhjhS0zcsUPjjNcjHuqxLyZeo0LlZd/+5jdcttupE0/J7z 9C0cvlDEQt9ZiP9qs/qobD3LVnFxBZa7n4DlgEVZZ0Gw68OtYKSAdQYXnA70Q+CZDhv7f/Wz zLKBgrH9MsG4vkGkZLVgOlpRMIzO3kEsGUdcSRBkuXSph0GvfW66wbihv2UxOgRn+bW7jpKK AGO4seaMOF+D/1DVO6Jda7IQzGMCAwEAAaM/MD0wHQYDVR0OBBYEFEl0uwxeunr+AlTve6DG lcYJgHCWMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IB AQCYkY0/ici79cBpcyk7Nay6swh2PXAJkumERCEBfRR2G+5RbB2NFTctezFp9JpEuK9GzDT6 I8sDJxnSgyF1K+fgG5km3IRAleio0sz2WFxm7z9KlxCCHboKot1bBiudp2RO6y4BNaS0PxOt VeTVc6hpmxHxmPIxHm9A1Ph4n46RoG9wBJBmqgYrzuF6krV94eDRluehOi3MsZ0fBUTth5nT TRpwOcEEDOV+2fGv1yAO8SJ6JaRzmcw/pAcnlqiile2CuRbTnguHwsHyiPVi32jfx7xpUe2x XNxUVCkPCTmarAPB2wxNrm8KehZJ8b+R0jiU0/aVLLdsyUK2jcqQjYXZooIFGDCCBRQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp7BRyiuhLcKPaEAOEpvunNg0qOlIWvzAV UoYFRyDPqqbNdcRkbu/xYCPLCmZArrTIaCoAUWhJN+lZMk2VvEMn6UCNOhDOFLxDGKH53szn hXZzXhgaI1u9Px/y7Y0ZzAPRQKSPpyACTCdaeTb2ozchjgBaBhbK01WWbzEpu3IOy+JIUfLU N6Q11m/uF7OxBqsLGYboI20xGyh4ZcXeYlK8wX3r7qBdVAT7sssrsiNUkYJM8L+6dEA7DARF gGdcxeuiV8MafwotvX+53MGZsMgH5AyGNpQ6JS/yfeaXPBuUtJdZBsk65AvZ6un8O3M0b/3n mOTzocKQXxz1Py7XGdN/AgMBAAEEFGyKlKJ3sYByHYF6Fqry3M5m7kXAMIID1DBbMQswCQYD VQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNV BAsTA1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0EgM6CCA3MwggJboAMCAQICAQEwDQYJKoZI hvcNAQELBQAwWzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoG A1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxFjAUBgNVBAMTDURvRCBSb290IENBIDMwHhcNMTIw MzIwMTg0NjQxWhcNMjkxMjMwMTg0NjQxWjBbMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5T LiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEWMBQGA1UEAxMNRG9E IFJvb3QgQ0EgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKnsFHKK6Etwo9oQ A4Sm+6c2DSo6Uha/MBVShgVHIM+qps11xGRu7/FgI8sKZkCutMhoKgBRaEk36VkyTZW8Qyfp QI06EM4UvEMYofnezOeFdnNeGBojW70/H/LtjRnMA9FApI+nIAJMJ1p5NvajNyGOAFoGFsrT VZZvMSm7cg7L4khR8tQ3pDXWb+4Xs7EGqwsZhugjbTEbKHhlxd5iUrzBfevuoF1UBPuyyyuy I1SRgkzwv7p0QDsMBEWAZ1zF66JXwxp/Ci29f7ncwZmwyAfkDIY2lDolL/J95pc8G5S0l1kG yTrkC9nq6fw7czRv/eeY5POhwpBfHPU/LtcZ038CAwEAAaNCMEAwHQYDVR0OBBYEFGyKlKJ3 sYByHYF6Fqry3M5m7kXAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG SIb3DQEBCwUAA4IBAQCfcaTAtpbSgEOgSOkfdgT5xTytZhhYY5vDtuhoioVaQmYStNLmi4h/ h/SY9ajGCckf8Cwf7IK49KVHOMEzK99Mfpq+Cwuxyw98UCgQz4qNoum6rIbX1LGTXyKPlgW0 Tgx1kX3T8ueUwpQUdk+PDKsQh1gyhQd1hhILXupTtArITISSH+voQYY8uvROQUrRbFhHQcOG WvLu6fKYJ4LqLjbW+AZegvGgUpNECbrSqRlaWKOoXSBtT2T4MIcbkBNIgc3KkMcNwdSYP47y DldoMxKOmQmx8OT2EPQ28km96qM4yFZBI4Oa36EbNXzrP0Gz9W9LOl6ub5N2mNLxmZ1FxI5y ooIFYDCCBVwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ3HcYEBAYYEH753gQ D/iEd3DvLW5VOxGmmVI/bfS9oZf6Nh5uREIRyFP+dYabXjcSiKJ92XEI1Ek1cc5Gz1vQWY5l H+tCPcoO3EyQ2FRpz144siBg3YNRLt/b1Vs4kVotz5oztG+WkOV2FGJDaYQQz1RB+TXqntRa l51eEFm94OTDWYnX3vJ5sIdrAsBZoSoAghVvaxERAFM0dD304cxWYqLkZegjsYMdWFMIsjMt lr7lfTOeEFonc1PdXZjiSxFTWJGP6nIR7LuU8g0PUK3yFrUaACQx5RW9FwaQqiSxrN0MUh7w i2qruPft32O0zpRov16W0ESW8fj0ejoKeRVTAgMBAAEEFKg8CZ1n9thHuqLQ/BhyVohAbZWV MIID0jBTMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEj MCEGA1UEAxMaVmFsaWQgRUUgQ2VydGlmaWNhdGUgVGVzdDGgggN5MIICYaADAgECAgEBMA0G CSqGSIb3DQEBCwUAMEAxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZUZXN0IENlcnRpZmljYXRl cyAyMDExMRAwDgYDVQQDEwdHb29kIENBMB4XDTEwMDEwMTA4MzAwMFoXDTMwMTIzMTA4MzAw MFowUzELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlRlc3QgQ2VydGlmaWNhdGVzIDIwMTExIzAh BgNVBAMTGlZhbGlkIEVFIENlcnRpZmljYXRlIFRlc3QxMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA2dx3GBAQGGBB++d4EA/4hHdw7y1uVTsRpplSP230vaGX+jYebkRCEchT /nWGm143EoiifdlxCNRJNXHORs9b0FmOZR/rQj3KDtxMkNhUac9eOLIgYN2DUS7f29VbOJFa Lc+aM7RvlpDldhRiQ2mEEM9UQfk16p7UWpedXhBZveDkw1mJ197yebCHawLAWaEqAIIVb2sR EQBTNHQ99OHMVmKi5GXoI7GDHVhTCLIzLZa+5X0znhBaJ3NT3V2Y4ksRU1iRj+pyEey7lPIN D1Ct8ha1GgAkMeUVvRcGkKoksazdDFIe8Itqq7j37d9jtM6UaL9eltBElvH49Ho6CnkVUwID AQABo2swaTAfBgNVHSMEGDAWgBRYAYQkG7wrUpRKPaUQchRR9a86yTAdBgNVHQ4EFgQUqDwJ nWf22Ee6otD8GHJWiEBtlZUwDgYDVR0PAQH/BAQDAgTwMBcGA1UdIAQQMA4wDAYKYIZIAWUD AgEwATANBgkqhkiG9w0BAQsFAAOCAQEAHlrZD69ipblSvLzsDGGIEwGqCg8NR6OeqbIXG/ij 2SzSjTi+O7LP1DGIz85p9I7HuXAFUcAGh8aVtPZq+jGeLcQXs+3lehlhGG6M0eQO2pttbI0G kO4s0XlY2ITNm0HTGOL+kcZfACcUZXsS+i+9qL80ji3PF0xYWzAPLmlmRSYmIZjT85CuKYda Tsa96Ch+D6CU5v9ctVxP3YphWQ4F0v/FacDTiUrRwuXI9MgIw/0qI0+EAFwsRC2DisI9Isc8 YPKKeOMbRmXamY/4Y8HUeqBwpnqnEJudrH++FPBEI4dYrBAV6POgvx4lyzarAmlarv/AbrBD ngieGTynMG6NwqFIMEYwRAYIKwYBBQUHARIBAf8ENTAzMA8GCmCGSAFlAgECTQMKAQEwDwYK YIZIAWUCAQJNAQoBATAPBgpghkgBZQIBAk0CCgEBAQEAoIIDfTCCA3kwggJhoAMCAQICAQEw DQYJKoZIhvcNAQELBQAwQDELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlRlc3QgQ2VydGlmaWNh dGVzIDIwMTExEDAOBgNVBAMTB0dvb2QgQ0EwHhcNMTAwMTAxMDgzMDAwWhcNMzAxMjMxMDgz MDAwWjBTMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEj MCEGA1UEAxMaVmFsaWQgRUUgQ2VydGlmaWNhdGUgVGVzdDEwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDZ3HcYEBAYYEH753gQD/iEd3DvLW5VOxGmmVI/bfS9oZf6Nh5uREIR yFP+dYabXjcSiKJ92XEI1Ek1cc5Gz1vQWY5lH+tCPcoO3EyQ2FRpz144siBg3YNRLt/b1Vs4 kVotz5oztG+WkOV2FGJDaYQQz1RB+TXqntRal51eEFm94OTDWYnX3vJ5sIdrAsBZoSoAghVv axERAFM0dD304cxWYqLkZegjsYMdWFMIsjMtlr7lfTOeEFonc1PdXZjiSxFTWJGP6nIR7LuU 8g0PUK3yFrUaACQx5RW9FwaQqiSxrN0MUh7wi2qruPft32O0zpRov16W0ESW8fj0ejoKeRVT AgMBAAGjazBpMB8GA1UdIwQYMBaAFFgBhCQbvCtSlEo9pRByFFH1rzrJMB0GA1UdDgQWBBSo PAmdZ/bYR7qi0PwYclaIQG2VlTAOBgNVHQ8BAf8EBAMCBPAwFwYDVR0gBBAwDjAMBgpghkgB ZQMCATABMA0GCSqGSIb3DQEBCwUAA4IBAQAeWtkPr2KluVK8vOwMYYgTAaoKDw1Ho56pshcb +KPZLNKNOL47ss/UMYjPzmn0jse5cAVRwAaHxpW09mr6MZ4txBez7eV6GWEYbozR5A7am21s jQaQ7izReVjYhM2bQdMY4v6Rxl8AJxRlexL6L72ovzSOLc8XTFhbMA8uaWZFJiYhmNPzkK4p h1pOxr3oKH4PoJTm/1y1XE/dimFZDgXS/8VpwNOJStHC5cj0yAjD/SojT4QAXCxELYOKwj0i xzxg8op44xtGZdqZj/hjwdR6oHCmeqcQm52sf74U8EQjh1isEBXo86C/HiXLNqsCaVqu/8Bu sEOeCJ4ZPKcwbo3CMYIBiTCCAYUCAQOAFKg8CZ1n9thHuqLQ/BhyVohAbZWVMAsGCWCGSAFl AwQCAaBMMBkGCSqGSIb3DQEJAzEMBgpghkgBZQIBAk0CMC8GCSqGSIb3DQEJBDEiBCAiPyBP FFwHJbHgGmoz+54OEJ/ppMyfSoZmbS/nkWfxxjALBgkqhkiG9w0BAQsEggEAHllTg+TMT2ll zVvrvRDwOwrzr6YIJSt96sLANqOXiqqnvrHDDWTdVMcRX/LccVbm9JP4sGSfGDdwbm3FqB+l kgSBlejFgjWfF/YVK5OpaVcPGg4DB3oAOwxtn0GVQtKgGkiGQF0r5389mTHYlQzS6BVDG2Oi sKIe4SBazrBGjnKANf9LEunpWPt15y6QCxiEKnJfPlAqiMuiIhHmXPIHi+d3sYkC+iu+5I68 2oeLdtBWCDcGh4+DdS6Qqzkpp14MpvzBMdfD3lKcI3NRmY+GmRYaGAiEalh83vggslF7N4SS iPxQyqz7LIQe9/5ynJV5/CPUDBL9QK2vSCOQaihWCg== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.tsr_pem_text) layers = { rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), rfc5652.id_signedData: rfc5652.SignedData(), rfc5934.id_ct_TAMP_statusResponse: rfc5934.TAMPStatusResponse() } getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc5934.id_ct_TAMP_statusResponse: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc5934.id_ct_TAMP_statusResponse: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.tsr_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate eci = asn1Object['content']['encapContentInfo'] assert eci['eContentType'] in rfc5652.cmsContentTypesMap.keys() assert eci['eContentType'] == rfc5934.id_ct_TAMP_statusResponse tsr, rest = der_decode(eci['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']], decodeOpenTypes=True) assert not rest assert tsr.prettyPrint() assert der_encode(tsr) == eci['eContent'] assert tsr['version'] == 2 assert tsr['query']['target'] == univ.Null("") assert tsr['query']['seqNum'] == 1568307071 assert tsr['usesApex'] == False count = 0 for tai in tsr['response']['verboseResponse']['taInfo']: count += 1 assert tai['taInfo']['version'] == 1 assert count == 3 class TrustAnchorUpdateTestCase(unittest.TestCase): tau_pem_text = """\ MIIGgwYJKoZIhvcNAQcCoIIGdDCCBnACAQMxDTALBglghkgBZQMEAgEwggFMBgpghkgBZQIB Ak0DoIIBPASCATgwggE0MAiDAAIEXXp3kDCCASaiggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDALMH2jTus/z881nG+uHQiB+xwQRX8q0DjB6rBw9if/tpMOr8/yNgoe0s2AcCs RSXD0g4Kj4UYZBA9GhNwKm+O19yNk7NBDzghza2rwj0qBdNXETcNzYxR+ZPjzEZJIY4UtM3L FD44zXIx7qsS8mXqNC5WXf/uY3XLbbqRNPye8/QtHL5QxELfWYj/arP6qGw9y1ZxcQWWu5+A 5YBFWWdBsOvDrWCkgHUGF5wO9EPgmQ4b+3/1s8yygYKx/TLBuL5BpGS1YDpaUTCMzt5BLBlH XEkQZLl0qYdBr31uusG4ob9lMToEZ/m1u46SigBjuLHmjDhfg/9Q1TuiXWuyEMxjAgMBAAGg ggN9MIIDeTCCAmGgAwIBAgIBATANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJVUzEfMB0G A1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEQMA4GA1UEAxMHR29vZCBDQTAeFw0xMDAx MDEwODMwMDBaFw0zMDEyMzEwODMwMDBaMFMxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZUZXN0 IENlcnRpZmljYXRlcyAyMDExMSMwIQYDVQQDExpWYWxpZCBFRSBDZXJ0aWZpY2F0ZSBUZXN0 MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANncdxgQEBhgQfvneBAP+IR3cO8t blU7EaaZUj9t9L2hl/o2Hm5EQhHIU/51hpteNxKIon3ZcQjUSTVxzkbPW9BZjmUf60I9yg7c TJDYVGnPXjiyIGDdg1Eu39vVWziRWi3PmjO0b5aQ5XYUYkNphBDPVEH5Neqe1FqXnV4QWb3g 5MNZidfe8nmwh2sCwFmhKgCCFW9rEREAUzR0PfThzFZiouRl6COxgx1YUwiyMy2WvuV9M54Q WidzU91dmOJLEVNYkY/qchHsu5TyDQ9QrfIWtRoAJDHlFb0XBpCqJLGs3QxSHvCLaqu49+3f Y7TOlGi/XpbQRJbx+PR6Ogp5FVMCAwEAAaNrMGkwHwYDVR0jBBgwFoAUWAGEJBu8K1KUSj2l EHIUUfWvOskwHQYDVR0OBBYEFKg8CZ1n9thHuqLQ/BhyVohAbZWVMA4GA1UdDwEB/wQEAwIE 8DAXBgNVHSAEEDAOMAwGCmCGSAFlAwIBMAEwDQYJKoZIhvcNAQELBQADggEBAB5a2Q+vYqW5 Ury87AxhiBMBqgoPDUejnqmyFxv4o9ks0o04vjuyz9QxiM/OafSOx7lwBVHABofGlbT2avox ni3EF7Pt5XoZYRhujNHkDtqbbWyNBpDuLNF5WNiEzZtB0xji/pHGXwAnFGV7Evovvai/NI4t zxdMWFswDy5pZkUmJiGY0/OQrimHWk7Gvegofg+glOb/XLVcT92KYVkOBdL/xWnA04lK0cLl yPTICMP9KiNPhABcLEQtg4rCPSLHPGDyinjjG0Zl2pmP+GPB1HqgcKZ6pxCbnax/vhTwRCOH WKwQFejzoL8eJcs2qwJpWq7/wG6wQ54Inhk8pzBujcIxggGJMIIBhQIBA4AUqDwJnWf22Ee6 otD8GHJWiEBtlZUwCwYJYIZIAWUDBAIBoEwwGQYJKoZIhvcNAQkDMQwGCmCGSAFlAgECTQMw LwYJKoZIhvcNAQkEMSIEINq+nldSoCoJuEe/lhrRhfx0ArygsPJ7mCMbOFrpr1dFMAsGCSqG SIb3DQEBCwSCAQBTeRE1DzwF2dnv2yJAOYOxNnAtTs72ZG8mv5Ad4M/9n1+MPiAykLcBslW8 7D1KjBdwB3oxIT4sjwGh0kxKLe4G+VuvQuPwtT8MqMl3hounnFOM5nMSj1TSbfHVPs3dhEyk Wu1gQ5g9gxLF3MpwEJGJKvhRtK17LGElJWvGPniRMChAJZJWoLjFBMe5JMzpqu2za50S1K3t YtkTOx/2FQdVApkTY1qMQooljDiuvSvOuSDXcyAA15uIypQJvfrBNqe6Ush+j7yS5UQyTm0o ZidB8vj4jIZT3S2gqWhtBLMUc11j+kWlXEZEigSL8WgCbAu7lqhItMwz2dy4C5aAWq8r""" def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.tau_pem_text) layers = { rfc5652.id_ct_contentInfo: rfc5652.ContentInfo(), rfc5652.id_signedData: rfc5652.SignedData(), rfc5934.id_ct_TAMP_update: rfc5934.TAMPUpdate() } getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc5934.id_ct_TAMP_update: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc5934.id_ct_TAMP_update: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) def testOpenTypes(self): substrate = pem.readBase64fromText(self.tau_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate eci = asn1Object['content']['encapContentInfo'] assert eci['eContentType'] in rfc5652.cmsContentTypesMap.keys() assert eci['eContentType'] == rfc5934.id_ct_TAMP_update tau, rest = der_decode(eci['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[eci['eContentType']], decodeOpenTypes=True) assert not rest assert tau.prettyPrint() assert der_encode(tau) == eci['eContent'] assert tau['version'] == 2 assert tau['msgRef']['target'] == univ.Null("") assert tau['msgRef']['seqNum'] == 1568307088 count = 0 for u in tau['updates']: count += 1 assert count == 1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5940.py0000664006321400632140000001311413605660325021721 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc2560 from pyasn1_modules import rfc5940 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5280 try: import unittest2 as unittest except ImportError: import unittest class CRLandOCSPResponseTestCase(unittest.TestCase): pem_text = """\ MIIHWQYJKoZIhvcNAQcCoIIHSjCCB0YCAQExDTALBglghkgBZQMEAgEwUwYJKoZI hvcNAQcBoEYERENvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91Lg0KoIIBaDCCAWQwggEKoAMCAQIC CQClWUKCJkwnGTAKBggqhkjOPQQDAjAkMRQwEgYDVQQKDAtleGFtcGxlLm9yZzEM MAoGA1UEAwwDQm9iMB4XDTE3MTIyMDIzMDc0OVoXDTE4MTIyMDIzMDc0OVowJDEU MBIGA1UECgwLZXhhbXBsZS5vcmcxDDAKBgNVBAMMA0JvYjBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIZP//xT8ah2ymmxfidIegeccVKuGxN+OTuvGq69EnQ8fUFD ov2KNw8Cup0DtzAfHaZOMFWUu2+Vy3H6SLbQo4OjJTAjMCEGA1UdEQEB/wQXMBWG E3NpcDpib2JAZXhhbXBsZS5vcmcwCgYIKoZIzj0EAwIDSAAwRQIhALIkjJJAKCI4 nsklf2TM/RBvuguWwRkHMDTVGxAvczlsAiAVjrFR8IW5vS4EzyePDVIua7b+Tzb3 THcQsVpPR53kDaGCBGQwggIbMIIBAwIBATANBgkqhkiG9w0BAQsFADBsMQswCQYD VQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGln aWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBS b290IENBFw0xOTA1MDIyMjE1NTRaFw0xOTA1MjMyMjE1NTRaMDEwLwIQDPWCOBgZ nlb4K9ZS7Sft6RcNMTgxMDI1MTYxMTM4WjAMMAoGA1UdFQQDCgEAoDAwLjAfBgNV HSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzALBgNVHRQEBAICAcQwDQYJKoZI hvcNAQELBQADggEBABPO3OA0OkQZ+RLVxz/cNx5uNVEO416oOePkN0A4DxFztf33 7caS4OyfS9Wyu1j5yUdWJVpAKXSQeN95MqHkpSpYDssuqbuYjv8ViJfseGBgtXTc zUzzNeNdY2uxMbCxuhmPkgacAo1lx9LkK2ScYHWVbfFRF1UQ/dcmavaZsEOBNuLW OxQYA9MqfVNAymHe7vPqwm/8IY2FbHe9HsiJZfGxNWMDP5lmJiXmpntTeDQ2Ujdi yXwGGKjyiSTFk2jVRutrGINufaoA/f7eCmIb4UDPbpMjVfD215dW8eBKouypCVoE vmCSSTacdiBI2yOluvMN0PzvPve0ECAE+D4em9ahggJBBggrBgEFBQcQAjCCAjMK AQCgggIsMIICKAYJKwYBBQUHMAEBBIICGTCCAhUwZqEgMB4xHDAJBgNVBAYTAlJV MA8GA1UEAx4IAFQAZQBzAHQYEzIwMTkwNTA5MTU1MDQ4LjI1OVowLTArMBIwBwYF Kw4DAhoEAQEEAQECAQGAABgTMjAxOTA1MDkxNTUwNDguMjYxWjAKBggqhkjOPQQD AgNJADBGAiEAujFVH+NvuTLYa8RW3pvWSUwZfjOW5H5171JI+/50BjcCIQDhwige wl+ts6TIvhU+CFoOipQBNKyKXKh7ngJkUtpZ86CCAVIwggFOMIIBSjCB8aADAgEC AgEBMAoGCCqGSM49BAMCMB4xHDAJBgNVBAYTAlJVMA8GA1UEAx4IAFQAZQBzAHQw HhcNMTkwMjAxMDUwMDAwWhcNMjIwMjAxMDUwMDAwWjAeMRwwCQYDVQQGEwJSVTAP BgNVBAMeCABUAGUAcwB0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEM0jxEYgg RxC/r87uV/h6iZ8BAdHT/6fxRuzG0PRMIlFBy38skFUXJJulKV9JW16YJqOkVsqv xwMM61z7p1vQ/qMgMB4wDwYDVR0TBAgwBgEB/wIBAzALBgNVHQ8EBAMCAAYwCgYI KoZIzj0EAwIDSAAwRQIhAIdpCt5g89ofSADXmBD3KXQGnTghwbAMeWrKXqTGww+x AiAl8NQgfUk4xMymZ3VtCLJ2MdczDps4Zh2KPOqAR5fZAjGCAQcwggEDAgEBMDEw JDEUMBIGA1UECgwLZXhhbXBsZS5vcmcxDDAKBgNVBAMMA0JvYgIJAKVZQoImTCcZ MAsGCWCGSAFlAwQCAaBpMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTE5MDEyNDIzNTI1NlowLwYJKoZIhvcNAQkEMSIEIO93j8lA1ebc JXb0elmbMSYZWp8aInra81+iLAUNjRlaMAoGCCqGSM49BAMCBEcwRQIhAPeI7URq tw//LB/6TAN0/Qh3/WHukXwxRbOJpnYVx0b6AiB3lK3FfwBhx4S5YSPMblS7goJl ttTMEpl2prH8bbwo1g== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert sd.prettyPrint() assert sd['encapContentInfo']['eContentType'] == rfc5652.id_data assert sd['encapContentInfo']['eContent'] v2 = rfc5280.Version(value='v2') assert sd['crls'][0]['crl']['tbsCertList']['version'] == v2 ocspr_oid = rfc5940.id_ri_ocsp_response assert sd['crls'][1]['other']['otherRevInfoFormat'] == ocspr_oid ocspr, rest = der_decode(sd['crls'][1]['other']['otherRevInfo'], asn1Spec=rfc5940.OCSPResponse()) assert ocspr.prettyPrint() success = rfc2560.OCSPResponseStatus(value='successful') assert ocspr['responseStatus'] == success def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd_eci = asn1Object['content']['encapContentInfo'] assert sd_eci['eContentType'] == rfc5652.id_data assert sd_eci['eContent'].hasValue() for ri in asn1Object['content']['crls']: if ri.getName() == 'crl': v2 = rfc5280.Version(value='v2') assert ri['crl']['tbsCertList']['version'] == v2 if ri.getName() == 'other': ori = ri['other'] ocspr_oid = rfc5940.id_ri_ocsp_response assert ori['otherRevInfoFormat'] == ocspr_oid ocspr_status = ori['otherRevInfo']['responseStatus'] success = rfc2560.OCSPResponseStatus(value='successful') assert ocspr_status == success suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5958.py0000664006321400632140000000525713605660325021743 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5958 from pyasn1_modules import rfc8410 try: import unittest2 as unittest except ImportError: import unittest class PrivateKeyTestCase(unittest.TestCase): priv_key_pem_text = """\ MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB Z9w7lshQhqowtrbLDFw4rXAxZuE= """ def setUp(self): self.asn1Spec = rfc5958.PrivateKeyInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.priv_key_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519 assert asn1Object['privateKey'].isValue assert asn1Object['privateKey'].prettyPrint()[0:10] == "0x0420d4ee" assert asn1Object['publicKey'].isValue assert asn1Object['publicKey'].prettyPrint()[0:10] == "1164575857" assert der_encode(asn1Object) == substrate class PrivateKeyOpenTypesTestCase(unittest.TestCase): asymmetric_key_pkg_pem_text = """\ MIGEBgpghkgBZQIBAk4FoHYwdDByAgEBMAUGAytlcAQiBCDU7nLb+RNYStW22PH3 afitOv58KMvx1Pvgl6iPRHVYQqAfMB0GCiqGSIb3DQEJCRQxDwwNQ3VyZGxlIENo YWlyc4EhABm/RAlphM3+hUG6wWfcO5bIUIaqMLa2ywxcOK1wMWbh """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testOpenTypes(self): substrate = pem.readBase64fromText(self.asymmetric_key_pkg_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert rfc5958.id_ct_KP_aKeyPackage in rfc5652.cmsContentTypesMap.keys() oneKey = asn1Object['content'][0] assert oneKey['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519 pkcs_9_at_friendlyName = univ.ObjectIdentifier('1.2.840.113549.1.9.9.20') assert oneKey['attributes'][0]['attrType'] == pkcs_9_at_friendlyName suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc5990.py0000775006321400632140000000547113605660325021740 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5990 try: import unittest2 as unittest except ImportError: import unittest class RSAKEMTestCase(unittest.TestCase): pem_text = """\ MEcGCyqGSIb3DQEJEAMOMDgwKQYHKIGMcQICBDAeMBkGCiuBBRCGSAksAQIwCwYJ YIZIAWUDBAIBAgEQMAsGCWCGSAFlAwQBBQ== """ def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['algorithm'] == rfc5990.id_rsa_kem rsa_kem_p, rest = der_decode(asn1Object['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[rfc5990.id_rsa_kem]) assert not rest assert rsa_kem_p.prettyPrint() assert der_encode(rsa_kem_p) == asn1Object['parameters'] assert rsa_kem_p['kem']['algorithm'] == rfc5990.id_kem_rsa kem_rsa_p, rest = der_decode(rsa_kem_p['kem']['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[rfc5990.id_kem_rsa]) assert not rest assert kem_rsa_p.prettyPrint() assert der_encode(kem_rsa_p) == rsa_kem_p['kem']['parameters'] assert kem_rsa_p['keyLength'] == 16 assert kem_rsa_p['keyDerivationFunction']['algorithm'] == rfc5990.id_kdf_kdf3 kdf_p, rest = der_decode(kem_rsa_p['keyDerivationFunction']['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[rfc5990.id_kdf_kdf3]) assert not rest assert kdf_p.prettyPrint() assert der_encode(kdf_p) == kem_rsa_p['keyDerivationFunction']['parameters'] def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['algorithm'] == rfc5990.id_rsa_kem assert asn1Object['parameters']['kem']['algorithm'] == rfc5990.id_kem_rsa assert asn1Object['parameters']['kem']['parameters']['keyLength'] == 16 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6010.py0000664006321400632140000000626613605660325021720 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc6010 try: import unittest2 as unittest except ImportError: import unittest class UnconstrainedCCCExtensionTestCase(unittest.TestCase): unconstrained_pem_text = "MB0GCCsGAQUFBwESBBEwDzANBgsqhkiG9w0BCRABAA==" def setUp(self): self.asn1Spec = rfc5280.Extension() def testDerCodec(self): substrate = pem.readBase64fromText(self.unconstrained_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['extnID'] == rfc6010.id_pe_cmsContentConstraints evalue, rest = der_decode(asn1Object['extnValue'], asn1Spec=rfc6010.CMSContentConstraints()) assert not rest assert evalue.prettyPrint() assert der_encode(evalue) == asn1Object['extnValue'] assert evalue[0]['contentType'] == rfc6010.id_ct_anyContentType class ConstrainedCCCExtensionTestCase(unittest.TestCase): constrained_pem_text = """\ MIG7BggrBgEFBQcBEgSBrjCBqzA0BgsqhkiG9w0BCRABEDAlMCMGCyqGSIb3DQEJ EAwBMRQMElZpZ2lsIFNlY3VyaXR5IExMQzAwBgpghkgBZQIBAk4CMCIwIAYLKoZI hvcNAQkQDAsxEQwPa3RhLmV4YW1wbGUuY29tMDEGCyqGSIb3DQEJEAEZMCIwIAYL KoZIhvcNAQkQDAsxEQwPa3RhLmV4YW1wbGUuY29tMA4GCSqGSIb3DQEHAQoBAQ== """ def setUp(self): self.asn1Spec = rfc5280.Extension() def testDerCodec(self): substrate = pem.readBase64fromText(self.constrained_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['extnID'] == rfc6010.id_pe_cmsContentConstraints evalue, rest = der_decode(asn1Object['extnValue'], asn1Spec=rfc6010.CMSContentConstraints()) assert not rest assert evalue.prettyPrint() assert der_encode(evalue) == asn1Object['extnValue'] constraint_count = 0 attribute_count = 0 cannot_count = 0 for ccc in evalue: constraint_count += 1 if ccc['canSource'] == 1: cannot_count += 1 if ccc['attrConstraints'].hasValue(): for attr in ccc['attrConstraints']: attribute_count += 1 assert constraint_count == 4 assert attribute_count == 3 assert cannot_count == 1 def testExtensionsMap(self): substrate = pem.readBase64fromText(self.constrained_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert asn1Object['extnID'] in rfc5280.certificateExtensionsMap.keys() suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc6019.py0000664006321400632140000000355413605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6019 try: import unittest2 as unittest except ImportError: import unittest class BinarySigningTimeTestCase(unittest.TestCase): pem_text = "MBUGCyqGSIb3DQEJEAIuMQYCBFy/hlQ=" def setUp(self): self.asn1Spec = rfc5652.Attribute() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['attrType'] == rfc6019.id_aa_binarySigningTime bintime, rest = der_decode(asn1Object['attrValues'][0], asn1Spec=rfc6019.BinaryTime()) assert bintime == 0x5cbf8654 def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['attrType'] in rfc5652.cmsAttributesMap.keys() assert asn1Object['attrValues'][0] == 0x5cbf8654 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6031.py0000664006321400632140000000650313605660325021715 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6031 try: import unittest2 as unittest except ImportError: import unittest class SymmetricKeyPkgTestCase(unittest.TestCase): key_pkg_pem_text = """\ MIG7BgsqhkiG9w0BCRABGaCBqzCBqKBEMCMGCyqGSIb3DQEJEAwBMRQMElZpZ2ls IFNlY3VyaXR5IExMQzAdBgsqhkiG9w0BCRAMAzEODAxQcmV0ZW5kIDA0OEEwYDBe MFYwGwYLKoZIhvcNAQkQDBsxDAwKZXhhbXBsZUlEMTAVBgsqhkiG9w0BCRAMCjEG DARIT1RQMCAGCyqGSIb3DQEJEAwLMREMD2t0YS5leGFtcGxlLmNvbQQEMTIzNA== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.key_pkg_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap asn1Spec = rfc5652.cmsContentTypesMap[asn1Object['contentType']] skp, rest = der_decode(asn1Object['content'], asn1Spec=asn1Spec) assert not rest assert skp.prettyPrint() assert der_encode(skp) == asn1Object['content'] for attr in skp['sKeyPkgAttrs']: assert attr['attrType'] in rfc6031.sKeyPkgAttributesMap.keys() for osk in skp['sKeys']: for attr in osk['sKeyAttrs']: assert attr['attrType'] in rfc6031.sKeyAttributesMap.keys() def testOpenTypes(self): substrate = pem.readBase64fromText(self.key_pkg_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap assert asn1Object['content'].hasValue() keypkg = asn1Object['content'] assert keypkg['version'] == rfc6031.KeyPkgVersion().subtype(value='v1') for attr in keypkg['sKeyPkgAttrs']: assert attr['attrType'] in rfc6031.sKeyPkgAttributesMap.keys() assert attr['attrValues'][0].prettyPrint()[:2] != '0x' # decodeOpenTypes=True did not decode if the value is shown in hex ... if attr['attrType'] == rfc6031.id_pskc_manufacturer: attr['attrValues'][0] == 'Vigil Security LLC' for osk in keypkg['sKeys']: for attr in osk['sKeyAttrs']: assert attr['attrType'] in rfc6031.sKeyAttributesMap.keys() assert attr['attrValues'][0].prettyPrint()[:2] != '0x' # decodeOpenTypes=True did not decode if the value is shown in hex ... if attr['attrType'] == rfc6031.id_pskc_issuer: attr['attrValues'][0] == 'kta.example.com' suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc6032.py0000664006321400632140000000651213605660325021716 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.compat.octets import str2octs from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6032 from pyasn1_modules import rfc3565 try: import unittest2 as unittest except ImportError: import unittest class EncryptedKeyPkgTestCase(unittest.TestCase): encrypted_key_pkg_pem_text = """\ MIIBBwYKYIZIAWUCAQJOAqCB+DCB9QIBAjCBzgYKYIZIAWUCAQJOAjAdBglghkgB ZQMEASoEEN6HFteHMZ3DyeO35xIwWQOAgaCKTs0D0HguNzMhsLgiwG/Kw8OwX+GF 9/cZ1YVNesUTW/VsbXJcbTmFmWyfqZsM4DLBegIbrUEHQZnQRq6/NO4ricQdHApD B/ip6RRqeN1yxMJLv1YN0zUOOIDBS2iMEjTLXZLWw3w22GN2JK7G+Lr4OH1NhMgU ILJyh/RePmPseMwxvcJs7liEfkiSNMtDfEcpjtzA9bDe95GjhQRsiSByoR8wHQYJ YIZIAWUCAQVCMRAEDnB0Zi1rZGMtODEyMzc0 """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc6032.id_ct_KP_encryptedKeyPkg content, rest = der_decode(asn1Object['content'], rfc6032.EncryptedKeyPackage()) assert not rest assert content.prettyPrint() assert der_encode(content) == asn1Object['content'] assert content.getName() == 'encrypted' eci = content['encrypted']['encryptedContentInfo'] assert eci['contentType'] == rfc6032.id_ct_KP_encryptedKeyPkg attrType = content['encrypted']['unprotectedAttrs'][0]['attrType'] assert attrType == rfc6032.id_aa_KP_contentDecryptKeyID attrVal0 = content['encrypted']['unprotectedAttrs'][0]['attrValues'][0] keyid, rest = der_decode(attrVal0, rfc6032.ContentDecryptKeyID()) assert not rest assert keyid.prettyPrint() assert der_encode(keyid) == attrVal0 assert keyid == b'ptf-kdc-812374' def testOpenTypes(self): substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap eci = asn1Object['content']['encrypted']['encryptedContentInfo'] assert eci['contentType'] in rfc5652.cmsContentTypesMap for attr in asn1Object['content']['encrypted']['unprotectedAttrs']: assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() assert attr['attrValues'][0].prettyPrint()[:2] != '0x' if attr['attrType'] == rfc6032.id_aa_KP_contentDecryptKeyID: assert attr['attrValues'][0] == str2octs('ptf-kdc-812374') suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc6120.py0000664006321400632140000001050213605660325021706 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc6120 try: import unittest2 as unittest except ImportError: import unittest class XMPPCertificateTestCase(unittest.TestCase): xmpp_server_cert_pem_text = """\ MIIC6DCCAm+gAwIBAgIJAKWzVCgbsG5DMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMDI0MjMxNjA0WhcNMjAxMDIzMjMxNjA0WjBNMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xHzAdBgNVBAoTFkV4 YW1wbGUgUHJvZHVjdHMsIEluYy4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQZzQlk 03nJRPF6+w1NxFELmQ5vJTjTRz3eu03CRtahK4Wnwd4GwbDe8NVHAEG2qTzBXFDu p6RZugsBdf9GcEZHG42rThYYOzIYzVFnI7tQgA+nTWSWZN6eoU/EXcknhgijggEn MIIBIzAdBgNVHQ4EFgQUkQpUMYcbUesEn5buI03POFnktJgwHwYDVR0jBBgwFoAU 8jXbNATapVXyvWkDmbBi7OIVCMEwCwYDVR0PBAQDAgeAMIGPBgNVHREEgYcwgYSg KQYIKwYBBQUHCAegHRYbX3htcHAtY2xpZW50LmltLmV4YW1wbGUuY29toCkGCCsG AQUFBwgHoB0WG194bXBwLXNlcnZlci5pbS5leGFtcGxlLmNvbaAcBggrBgEFBQcI BaAQDA5pbS5leGFtcGxlLmNvbYIOaW0uZXhhbXBsZS5jb20wQgYJYIZIAYb4QgEN BDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9yIGFueSBw dXJwb3NlLjAKBggqhkjOPQQDAwNnADBkAjAEo4mhDGC6/R39HyNgzLseNAp36qBH yQJ/AWsBojN0av8akeVv9IuM45yqLKdiCzcCMDCjh1lFnCvurahwp5D1j9pAZMsg nOzhcMpnHs2U/eN0lHl/JNgnbftl6Dvnt59xdA== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName()) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): gn_on = gn['otherName'] if gn_on['type-id'] == rfc6120.id_on_xmppAddr: assert gn_on['type-id'] in rfc5280.anotherNameMap.keys() spec = rfc5280.anotherNameMap[gn['otherName']['type-id']] on, rest = der_decode(gn_on['value'], asn1Spec=spec) assert not rest assert on.prettyPrint() assert der_encode(on) == gn_on['value'] assert on == u'im.example.com' count += 1 assert count == 1 def testOpenTypes(self): substrate = pem.readBase64fromText(self.xmpp_server_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): if gn['otherName']['type-id'] == rfc6120.id_on_xmppAddr: assert gn['otherName']['value'] == u'im.example.com' count += 1 assert count == 1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6187.py0000664006321400632140000000475413605660325021737 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc6187 try: import unittest2 as unittest except ImportError: import unittest class SSHClientCertificateTestCase(unittest.TestCase): cert_pem_text = """\ MIICkDCCAhegAwIBAgIJAKWzVCgbsG5BMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMDI0MTgyNjA3WhcNMjAxMDIzMTgyNjA3WjB0MQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4 YW1wbGUxEDAOBgNVBAMTB0NoYXJsaWUxIjAgBgkqhkiG9w0BCQEWE2NoYXJsaWVA ZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARfr1XPl5S0A/BwTOm4 /rO7mGVt2Tmfr3yvYnfN/ggMvyS3RiIXSsdzcAwzeqc907Jp7Dggab0PpaOKDOxD WoK0g6B8+kC/VMsU23mfShlb9et8qcR3A8gdU6g8uvSMahWjgakwgaYwCwYDVR0P BAQDAgeAMB0GA1UdDgQWBBQfwm5u0GoxiDcjhDt33UJYlvMPFTAfBgNVHSMEGDAW gBTyNds0BNqlVfK9aQOZsGLs4hUIwTATBgNVHSUEDDAKBggrBgEFBQcDFTBCBglg hkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBm b3IgYW55IHB1cnBvc2UuMAoGCCqGSM49BAMDA2cAMGQCMGEme38A3k8q4RGSEs2D ThQQOQz3TBJrIW8zr92S8e8BNPkRcQDR+C72TEhL/qoPCQIwGpGaC4ERiUypETkC voNP0ODFhhlpFo6lwVHd8Gu+6hShC2PKdAfs4QFDS9ZKgQeZ """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): ssh_eku_oids = [ rfc6187.id_kp_secureShellClient, rfc6187.id_kp_secureShellServer, ] substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_extKeyUsage: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.ExtKeyUsageSyntax()) for oid in extnValue: if oid in ssh_eku_oids: count += 1 assert count == 1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6210.py0000664006321400632140000000522713605660325021716 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6210 try: import unittest2 as unittest except ImportError: import unittest class AuthenticatedDataTestCase(unittest.TestCase): pem_text = """\ MIICRQYLKoZIhvcNAQkQAQKgggI0MIICMAIBADGBwDCBvQIBADAmMBIxEDAOBgNVBAMMB0 NhcmxSU0ECEEY0a8eAAFa8EdNuLs1dcdAwDQYJKoZIhvcNAQEBBQAEgYCH70EpEikY7deb 859YJRAWfFondQv1D4NFltw6C1ceheWnlAU0C2WEXr3LUBXZp1/PSte29FnJxu5bXCTn1g elMm6zNlZNWNd0KadVBcaxi1n8L52tVM5sWFGJPO5cStOyAka2ucuZM6iAnCSkn1Ju7fgU 5j2g3bZ/IM8nHTcygjAKBggrBgEFBQgBAqFPBgsqhkiG9w0BCRADDQRAAQIDBAUGBwgJCg sMDQ4PEBESEwQVFhcYGRobHB0eHyAhIiMEJSYnKCkqKywtLi8wMTIzBDU2Nzg5Ojs8PT4/ QDArBgkqhkiG9w0BBwGgHgQcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqKBxzAYBg kqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wOTEyMTAyMzI1MDBa MB8GCSqGSIb3DQEJBDESBBCWaa5hG1eeg+oQK2tJ3cD5MGwGCSqGSIb3DQEJNDFfMF0wTw YLKoZIhvcNAQkQAw0EQAECAwQFBgcICQoLDA0ODxAREhMEFRYXGBkaGxwdHh8gISIjBCUm JygpKissLS4vMDEyMwQ1Njc4OTo7PD0+P0CiCgYIKwYBBQUIAQIEFLjUxQ9PJFzFnWraxb EIbVbg2xql """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_ct_authData ad, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.AuthenticatedData()) assert not rest assert ad.prettyPrint() assert der_encode(ad) == asn1Object['content'] assert ad['version'] == 0 assert ad['digestAlgorithm']['algorithm'] == rfc6210.id_alg_MD5_XOR_EXPERIMENT mac_alg_p, rest = der_decode (ad['digestAlgorithm']['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[ad['digestAlgorithm']['algorithm']]) assert not rest assert mac_alg_p.prettyPrint() assert der_encode(mac_alg_p) == ad['digestAlgorithm']['parameters'] assert mac_alg_p.prettyPrint()[:10] == "0x01020304" suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6211.py0000664006321400632140000001127013605660325021712 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.type import univ from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6211 try: import unittest2 as unittest except ImportError: import unittest class SignedMessageTestCase(unittest.TestCase): signed_message_pem_text = """\ MIIEyAYJKoZIhvcNAQcCoIIEuTCCBLUCAQExDTALBglghkgBZQMEAgIwUQYJKoZI hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL 3kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggHM MIIByAIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME AgKggfIwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcN MTkwNTI5MTgyMzE5WjAoBgkqhkiG9w0BCTQxGzAZMAsGCWCGSAFlAwQCAqEKBggq hkjOPQQDAzA/BgkqhkiG9w0BCQQxMgQwtuQipP2CZx7U96rGbUT06LC5jVFYccZW 5/CaNvpcrOPiChDm2vI3m4k300z5mSZsME0GCyqGSIb3DQEJEAIBMT4wPAQgx08h D2QnVwj1DoeRELNtdZ0PffW4BQIvcwwVc/goU6OAAQEwFTATgRFhbGljZUBleGFt cGxlLmNvbTAKBggqhkjOPQQDAwRnMGUCMQChIMyN1nTN+LLQcYJuhWT297vSKMDK fIUedSwWYrcSnSa1pq2s3Wue+pNBfecEjYECMGrUNu1UpWdafEJulP9Vz76qOPMa 5V/AnTEV5zkmzRle8sffN+nQ+SGkoos5zpI1kA== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat in rfc6211.id_aa_cmsAlgorithmProtect: sav, rest = der_decode(sav0, asn1Spec=rfc6211.CMSAlgorithmProtection()) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 def testOpenTypes(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() assert asn1Object['contentType'] == rfc5652.id_signedData sd = asn1Object['content'] assert sd['version'] == rfc5652.CMSVersion().subtype(value='v1') ect = sd['encapContentInfo']['eContentType'] assert ect in rfc5652.cmsContentTypesMap.keys() assert ect == rfc5652.id_data for sa in sd['signerInfos'][0]['signedAttrs']: if sa['attrType'] == rfc6211.id_aa_cmsAlgorithmProtect: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() sav0 = sa['attrValues'][0] digest_oid = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.2') sig_oid = univ.ObjectIdentifier('1.2.840.10045.4.3.3') assert sav0['digestAlgorithm']['algorithm'] == digest_oid assert sav0['signatureAlgorithm']['algorithm'] == sig_oid suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6402.py0000775006321400632140000001435313605660325021724 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import char from pyasn1.type import namedtype from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6402 try: import unittest2 as unittest except ImportError: import unittest class BackwardCompatibilityTestCase(unittest.TestCase): pem_text = """\ MIIEJQYJKoZIhvcNAQcCoIIEFjCCBBICAQMxCzAJBgUrDgMCGgUAMIIDAgYIKwYBBQUHDAKgggL0 BIIC8DCCAuwweDB2AgECBgorBgEEAYI3CgoBMWUwYwIBADADAgEBMVkwVwYJKwYBBAGCNxUUMUow SAIBBQwZcGl0dWNoYTEuZW1lYS5ocHFjb3JwLm5ldAwMRU1FQVxwaXR1Y2hhDBpDTUNSZXFHZW5l cmF0b3IudnNob3N0LmV4ZTCCAmqgggJmAgEBMIICXzCCAcgCAQAwADCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEA0jm7SSSm2wyEAzuNKtFZFJKo91SrJq9wQwEhEKHDavZwMQOm1rZ2PF8NWCEb PqrhToQ7rtiGLSZa4dF4bzgmBqQ9aoSfEX4jISt31Vy+skHidXjHHpbsjT24NPhrZgANivL7CxD6 Ft+s7qS1gL4HRm2twQkqSwOLrE/q2QeXl2UCAwEAAaCCAR0wGgYKKwYBBAGCNw0CAzEMFgo2LjIu OTIwMC4yMD4GCSqGSIb3DQEJDjExMC8wHQYDVR0OBBYEFMW2skn88gxhONWZQA4sWGBDb68yMA4G A1UdDwEB/wQEAwIHgDBXBgkrBgEEAYI3FRQxSjBIAgEFDBlwaXR1Y2hhMS5lbWVhLmhwcWNvcnAu bmV0DAxFTUVBXHBpdHVjaGEMGkNNQ1JlcUdlbmVyYXRvci52c2hvc3QuZXhlMGYGCisGAQQBgjcN AgIxWDBWAgECHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABv AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAwDQYJKoZIhvcNAQEFBQADgYEAJZlu mxjtCxSOQi27jsVdd3y8NSIlzNv0b3LqmzvAly6L+CstXcnuG2MPQqPH9R7tbJonGUniBQO9sQ7C KhYWj2gfhiEkSID82lV5chINVUFKoUlSiEhWr0tPGgvOaqdsKQcrHfzrsBbFkhDqrFSVy7Yivbnh qYszKrOjJKiiCPMwADAAMYH5MIH2AgEDgBTFtrJJ/PIMYTjVmUAOLFhgQ2+vMjAJBgUrDgMCGgUA oD4wFwYJKoZIhvcNAQkDMQoGCCsGAQUFBwwCMCMGCSqGSIb3DQEJBDEWBBTFTkK/OifaFjwqHiJu xM7qXcg/VzANBgkqhkiG9w0BAQEFAASBgKfC6jOi1Wgy4xxDCQVK9+e5tktL8wE/j2cb9JSqq+aU 5UxEgXEw7q7BoYZCAzcxMRriGzakXr8aXHcgkRJ7XcFvLPUjpmGg9SOZ2sGW4zQdWAwImN/i8loc xicQmJP+VoMHo/ZpjFY9fYCjNZUArgKsEwK/s+p9yrVVeB1Nf8Mn """ def testDerCodec(self): layers = { } layers.update(rfc5652.cmsContentTypesMap) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc6402.id_cct_PKIData: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc6402.id_cct_PKIData: lambda x: None } substrate = pem.readBase64fromText(self.pem_text) next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) def testOpenTypes(self): class ClientInformation(univ.Sequence): pass ClientInformation.componentType = namedtype.NamedTypes( namedtype.NamedType('clientId', univ.Integer()), namedtype.NamedType('MachineName', char.UTF8String()), namedtype.NamedType('UserName', char.UTF8String()), namedtype.NamedType('ProcessName', char.UTF8String()) ) class EnrollmentCSP(univ.Sequence): pass EnrollmentCSP.componentType = namedtype.NamedTypes( namedtype.NamedType('KeySpec', univ.Integer()), namedtype.NamedType('Name', char.BMPString()), namedtype.NamedType('Signature', univ.BitString()) ) openTypeMap = { # attributes univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): char.IA5String(), univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.2'): EnrollmentCSP(), univ.ObjectIdentifier('1.3.6.1.4.1.311.21.20'): ClientInformation(), # algorithm identifier parameters univ.ObjectIdentifier('1.2.840.113549.1.1.1'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.5'): univ.Null(""), univ.ObjectIdentifier('1.2.840.113549.1.1.11'): univ.Null(""), } openTypeMap.update(rfc5652.cmsAttributesMap) openTypeMap.update(rfc6402.cmcControlAttributesMap) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate eci = asn1Object['content']['encapContentInfo'] assert eci['eContentType'] == rfc6402.id_cct_PKIData substrate = eci['eContent'] asn1Object, rest = der_decode(substrate, asn1Spec=rfc6402.PKIData(), openTypes=openTypeMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for req in asn1Object['reqSequence']: cr = req['tcr']['certificationRequest'] sig_alg = cr['signatureAlgorithm'] assert sig_alg['algorithm'] in openTypeMap.keys() assert sig_alg['parameters'] == univ.Null("") cri = cr['certificationRequestInfo'] spki_alg = cri['subjectPublicKeyInfo']['algorithm'] assert spki_alg['algorithm'] in openTypeMap.keys() assert spki_alg['parameters'] == univ.Null("") attrs = cr['certificationRequestInfo']['attributes'] for attr in attrs: assert attr['attrType'] in openTypeMap.keys() if attr['attrType'] == univ.ObjectIdentifier('1.3.6.1.4.1.311.13.2.3'): assert attr['attrValues'][0] == "6.2.9200.2" else: assert attr['attrValues'][0].hasValue() suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc6482.py0000664006321400632140000001177213605660325021733 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6482 try: import unittest2 as unittest except ImportError: import unittest class RPKIROATestCase(unittest.TestCase): roa_pem_text = """\ MIIGvwYJKoZIhvcNAQcCoIIGsDCCBqwCAQMxDTALBglghkgBZQMEAgEwKgYLKoZIhvcNAQkQ ARigGwQZMBcCAwDj+zAQMA4EAgABMAgwBgMEAJMcLaCCBLwwggS4MIIDoKADAgECAgIGGDAN BgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2ZDZmYmZhOTc1M2RiOGQ4NDY0MzNkYjUzNTFk OWE5ZWMwN2M5NmJkMB4XDTE5MDgyMDAwNDkyOVoXDTIwMDcwMTAwMDAwMFowMzExMC8GA1UE AxMoNUI4M0REODdERTlBQzdDNkUzNEI4NzdERjUwMUEyQjEyMzBBODFCNDCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAJcnDgSUtiQeelGQsTx2Ou5cgmfq6KPSEgMz/XyZrRzj wcqUQ/DyMYHyRJK8umKZjfMu+rItoPSkE26Wi9PcSnfuY+SyS9chTAtNOGMES6MbtHjNTmBF Xar5CFGM8teLIRHlCcScesgSR7q2eKgQ+cLiLTZnol0Mpmuf2NIs+V63Y4Hn/T7QOoudg9nU tmsh31hUN4jIENEXFvNDovkray25rl9aqFfW+dtkoNtdJjp367nNXCdp3GdE/3z0SIqT8wnh F67tgR22mwzex3umteQBwmM+iR28vuHL4E5jwRKBoiEgGPYqq7gbfkcoFtR3AV6QGKSK2aJU mUi+9VheS78CAwEAAaOCAdQwggHQMB0GA1UdDgQWBBRbg92H3prHxuNLh331AaKxIwqBtDAf BgNVHSMEGDAWgBRtb7+pdT242EZDPbU1HZqewHyWvTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMFAGA1UdHwRJMEcwRaBDoEGGP3JzeW5jOi8vY2EucmcubmV0L3Jwa2kvUkduZXQtT1Uv YlctX3FYVTl1TmhHUXoyMU5SMmFuc0I4bHIwLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYlctX3FY VTl1TmhHUXoyMU5SMmFuc0I4bHIwLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgYoGCCsGAQUFBwEL BH4wfDBLBggrBgEFBQcwC4Y/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9XNFBk aDk2YXg4YmpTNGQ5OVFHaXNTTUtnYlEucm9hMC0GCCsGAQUFBzANhiFodHRwczovL2NhLnJn Lm5ldC9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHC0w DQYJKoZIhvcNAQELBQADggEBAKhhoJ3XtHejvG6XkFaCTxJci10gOgNvvPFWqz+CfOX2LmB0 N3QhYjLiAZbfYSOxNReyL4bWDK/tpZgVA2VHuS8GB8fI8+nauQUiP38orVXKAbcUUxo7UkEM HxQ5T61FtXrEZx8hgKTlsfof0G2Q+baSJzNV2MIUgHmSszL4Mx/fHUXv8b7l/5mZQbdv3cZ9 SbODHD0iOVAzK3fmHeuA4roSOk4mBQDWNRY1Ok+xH/HMDQdoOVtbfy57TZI2W7O2uxfElKvx fBeEc9TOaWqDz0xvmJ6bdZnmWRuvqW1475mhxi0s/I4eE2ZdaCinvrgrglBp/jpZi1jitY14 dx+A1PMxggGqMIIBpgIBA4AUW4Pdh96ax8bjS4d99QGisSMKgbQwCwYJYIZIAWUDBAIBoGsw GgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEYMBwGCSqGSIb3DQEJBTEPFw0xOTA4MjAwMDQ5 MjlaMC8GCSqGSIb3DQEJBDEiBCCfuHnOmhF2iBF3JXMOnoZCJzmE+Tcf8b+zObvDUpUddzAN BgkqhkiG9w0BAQEFAASCAQBDlJIMKCqWsFV/tQj/XvpSJUxJybG+zwjrUKm4yTKv8QEGOzOD aIL6irSOhhXeax6Lw0P2J7x+L3jGW1we1qWslumEDTr9kTE+kN/6rZuptUhwdrXcu3p9G6gJ mAUQtzqe2jRN1T3eSBfz1CNU3C7+jSHXOc+4Tea5mKiVddsjotYHXX0PbSCS/ZZ1yzdeES0o KWhXhW9ogS0bwtXWVTrciSekaRpp2n/pqcVEDxWg/5NpPiDlPNrRL/9eTEHFp940RAUfhbBh pbC2J02N0KgxUJxIJnGnpZ7rXKpG4jMiTVry7XB9bnFxCvZGBdjQW1Hagrfpl2TiVxQFvJWl IzU1 """ def testDerCodec(self): substrate = pem.readBase64fromText(self.roa_pem_text) layers = { } layers.update(rfc5652.cmsContentTypesMap) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc6482.id_ct_routeOriginAuthz: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc6482.id_ct_routeOriginAuthz: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) assert asn1Object['version'] == 0 assert asn1Object['asID'] == 58363 def testOpenTypes(self): substrate = pem.readBase64fromText(self.roa_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate oid = asn1Object['content']['encapContentInfo']['eContentType'] substrate = asn1Object['content']['encapContentInfo']['eContent'] assert oid in rfc5652.cmsContentTypesMap.keys() asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.cmsContentTypesMap[oid], decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['version'] == 0 assert asn1Object['asID'] == 58363 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6486.py0000664006321400632140000001252213605660325021731 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6486 try: import unittest2 as unittest except ImportError: import unittest class SignedManifestTestCase(unittest.TestCase): manifest_pem_text = """\ MIIHVAYJKoZIhvcNAQcCoIIHRTCCB0ECAQMxDTALBglghkgBZQMEAgEwgYwGCyqGSIb3DQEJ EAEaoH0EezB5AgIK5xgPMjAxMjEwMjMyMjI2MDNaGA8yMDEyMTAyNTIyMjYwM1oGCWCGSAFl AwQCATBGMEQWH1pYU0dCREJrTDgyVEZHSHVFNFZPWXRKUC1FNC5jcmwDIQCzTdC3GsuONsRq RFnYf8+AJ2NnCIgmnc3O8PyfGvn18aCCBO4wggTqMIID0qADAgECAgIK5zANBgkqhkiG9w0B AQsFADATMREwDwYDVQQDEwhBOTE5OTg4NTAeFw0xMjEwMjMyMjI2MDNaFw0xMjEwMjUyMjI2 MDNaMBgxFjAUBgNVBAMTDTUwODcxOTdjLTIwZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDEl4R4LiCs6zyR/IAeaRCfz0O0mXXAUKt8bmG6DXzaDYNG8dnBjbrsM1L05sb4 2Ti4TyE1UXtwFFEwatsFQ2uRBn9gsKmDGOjW8TH1AYObmZW+hZlEN7OLSz2bmPLtxIMwiCq/ vqmBJlMWPyCSym4iPnjzwWbJechqHSiTMOYGICF1QSW5xjJDAhRfeZG3nRY7TqfW8R2KJXeN cKSYSGNKzv79B8GCswmwU8J8kcuryIiqb7WtcK2B6VBsROIQHGXM0UV4Zbnvv9m9Fl0SjvZJ XyrzRjGzV2C00hM0f4jAplD9nJhAJ7nOTe8OnadrFABRga+Ge1HooeDQJGmTekLXAgMBAAGj ggJBMIICPTAdBgNVHQ4EFgQUbcbOyNBHkRXXDaMq51jC7vOSHFUwHwYDVR0jBBgwFoAUZXSG BDBkL82TFGHuE4VOYtJP+E4wDgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJy c3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5ODg1LzY1RkQ0 M0FBNUJFRjExREZBQjYxQjNFNzU1QUZFN0NGL1pYU0dCREJrTDgyVEZHSHVFNFZPWXRKUC1F NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMu bmV0L3JlcG9zaXRvcnkvQTNDMzhBMjRENjAzMTFEQ0FCMDhGMzE5NzlCREJFMzkvWlhTR0JE QmtMODJURkdIdUU0Vk9ZdEpQLUU0LmNlcjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGQ BggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcwC4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9t ZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTg4NS82NUZENDNBQTVCRUYxMURGQUI2MUIzRTc1NUFG RTdDRi9aWFNHQkRCa0w4MlRGR0h1RTRWT1l0SlAtRTQubWZ0MBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsF AAOCAQEAyBl1J+ql1O3d6JiaQEG2UAjDSKHSMVau++QcB6/yd4RuWv2KpQxk1cp+awf4Ttoh GYakbUZQl7lJaXzbluG5siRSv6AowEWxf99iLhDx+pE1htklRfmmTE9oFpKnITAYZAUjarNC sYGCZ00vSwRu27OdpSQbZQ7WdyDAhyHS0Sun0pkImVSqPO11gqyKV9ZCwCJUa5U/zsWDMNrj MSZl1I3VoPs2rx997rLoiQiMqwGeoqfl7snpsL9OR/CazPmepuq3SyZNWcCrUGcGRhRdGScj Tm2EHne1GiRHapn46HWQ3am8jumEKv5u0gLT4Mi9CyZwkDyhotGTJZmdAmN7zzGCAaowggGm AgEDgBRtxs7I0EeRFdcNoyrnWMLu85IcVTALBglghkgBZQMEAgGgazAaBgkqhkiG9w0BCQMx DQYLKoZIhvcNAQkQARowHAYJKoZIhvcNAQkFMQ8XDTEyMTAyMzIyMjYwNFowLwYJKoZIhvcN AQkEMSIEIIu2XV8dT+rqQy5Cbpm3Tv5I1dwkLK8n2GesMGOr6/pEMA0GCSqGSIb3DQEBAQUA BIIBAFsd0zkl4dIHrqZts441T+w/5/ekymDLFwftk6W+Mi35Htjvm2IHOthnKHQsK5h6dnEh 6DfNfc6tACmzLnM+UG7ve+uAhfpA+CUJIoVhpQvDH7Ntql0cD1X3d9ng484jpkVoHhbUIYNR TyxvV4DV5EBbLYpx2HYf6wWa8TCobxUXNtw53OVA24ceavS+KvuDa0JQPFpbYUCS0UPMt/Im mtKrWTmRUr8sYWdIQn+SStUh8iAR5rmSVr+Pe7aFbe2ju2FPf08gnIjH/SdCrJuFK8q7Z5MT C9ijmXiajracUe+7eCluqgXRE8yRtnscWoA/9fVFz1lPwgEeNHLoaK7Sqew= """ def testDerCodec(self): substrate = pem.readBase64fromText(self.manifest_pem_text) layers = { } layers.update(rfc5652.cmsContentTypesMap) getNextLayer = { rfc5652.id_ct_contentInfo: lambda x: x['contentType'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContentType'], rfc6486.id_ct_rpkiManifest: lambda x: None } getNextSubstrate = { rfc5652.id_ct_contentInfo: lambda x: x['content'], rfc5652.id_signedData: lambda x: x['encapContentInfo']['eContent'], rfc6486.id_ct_rpkiManifest: lambda x: None } next_layer = rfc5652.id_ct_contentInfo while next_layer: asn1Object, rest = der_decode(substrate, asn1Spec=layers[next_layer]) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate substrate = getNextSubstrate[next_layer](asn1Object) next_layer = getNextLayer[next_layer](asn1Object) assert asn1Object['version'] == 0 for f in asn1Object['fileList']: assert f['file'] == 'ZXSGBDBkL82TFGHuE4VOYtJP-E4.crl' def testOpenTypes(self): substrate = pem.readBase64fromText(self.manifest_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.ContentInfo(), decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate oid = asn1Object['content']['encapContentInfo']['eContentType'] substrate = asn1Object['content']['encapContentInfo']['eContent'] assert oid in rfc5652.cmsContentTypesMap.keys() asn1Object, rest = der_decode(substrate, asn1Spec=rfc5652.cmsContentTypesMap[oid], decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['version'] == 0 for f in asn1Object['fileList']: assert f['file'] == 'ZXSGBDBkL82TFGHuE4VOYtJP-E4.crl' suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6487.py0000664006321400632140000001504013605660325021730 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc6487 try: import unittest2 as unittest except ImportError: import unittest class CertificateWithManifestTestCase(unittest.TestCase): rpki_cert_pem_text = """\ MIIGCTCCBPGgAwIBAgICKJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkwREM1QkUx MTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2MTU5RTc2RjgwHhcN MTkwODA2MDQwMzIyWhcNMjAxMDMxMDAwMDAwWjBGMREwDwYDVQQDEwhBOTFEMTY5MTExMC8G A1UEBRMoREMwNEFGMTk4Qzk3RjI1ODJGMTVBRERFRUU3QzY4MjYxMUNBREE1MTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMksR6bPbZFpxlXID/2dhYFuS11agb6ACDUFJpII 41uw65tFIPT+Y4laccnYRcWPWMTvHLyj0ggU+bc2zJCTYfmGD/GW/Q3WW0A3niBCdXDfkrp2 DXvSTASJ5+wtVb+AE74C4Mr3UiMOXhJre1rRd5Lq7o6+TEKbVkmUrmTlbsz2Vs2F4//t5sCr WjAVP9D5jUBGH2MInbleBP1Bwf+kIxD16OKftRb/vGLzk1UhLsbq22GGE0vZ2hnJP3CbyXkN dLBraErzvyCnqYF7/yA0JL0KWRDwr7a9y37s8O3xOxhA/dL8hLZXllzJmoxvxHmq8D+5CjHv 2/EmH8ODGm2aAzcCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBTcBK8ZjJfyWC8Vrd7ufGgmEcra UTAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAOBgNVHQ8BAf8EBAMCAQYwDwYD VR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0 L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4 Qjg1MlpwaXRLcGk1aFdlZHZnLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJz eW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5 NTIxQTRGNEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQ S0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUHMAWGU3JzeW5jOi8v cnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxRDE2OTEvNTBDNjkyOTI5RDI0 MTFFNzg2MUEyMjZCQzRGOUFFMDIvMH4GCCsGAQUFBzAKhnJyc3luYzovL3Jwa2kuYXBuaWMu bmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxNjkxLzUwQzY5MjkyOUQyNDExRTc4NjFBMjI2 QkM0RjlBRTAyLzNBU3ZHWXlYOGxndkZhM2U3bnhvSmhISzJsRS5tZnQwMwYIKwYBBQUHMA2G J2h0dHBzOi8vcnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB /wQcMBowGAQCAAEwEgMEAdQI5gMEAdQI/gMEAdRcZjANBgkqhkiG9w0BAQsFAAOCAQEAGvJ+ s7VgIZk8LDSz6uvsyX80KzZgaqMF7sMsqln0eo5KiGGBHjwvZuiDf46xbNseWW2nwAHmjLda osCbcTGVu0JzFYBdkimgyHiq2l8yEchh5BUXr8x4CQIxwGEZEOlEp5mRa/AfHVEfDeMm7mob eiCfyTC8q8KH9Tb/rY192kBe+n9MuRyn7TkimV5eYMdwWMyT/VSBCQzzfJ0r+S9o0rBYWH9k HDFd3u1ztO8WGjH/LOehoO30xsm52kbxZjc4SJWubgBgxTMIWyjPHbKqCF44NwYev/6eFcOC +KTEQ/hydcURm3YtX7EZLDtksWB2me576J8opeLsbNeNgzfJpg== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): access_methods = [ rfc6487.id_ad_rpkiManifest, rfc6487.id_ad_signedObject, ] substrate = pem.readBase64fromText(self.rpki_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectInfoAccessSyntax()) for ad in extnValue: if ad['accessMethod'] in access_methods: uri = ad['accessLocation']['uniformResourceIdentifier'] assert 'rpki.apnic.net' in uri count += 1 assert count == 1 class CertificateWithSignedObjectTestCase(unittest.TestCase): rpki_cert_pem_text = """\ MIIEuDCCA6CgAwIBAgICBhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNmQ2 ZmJmYTk3NTNkYjhkODQ2NDMzZGI1MzUxZDlhOWVjMDdjOTZiZDAeFw0xOTA4MjAw MDQ5MjlaFw0yMDA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVCODNERDg3REU5QUM3 QzZFMzRCODc3REY1MDFBMkIxMjMwQTgxQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCXJw4ElLYkHnpRkLE8djruXIJn6uij0hIDM/18ma0c48HKlEPw 8jGB8kSSvLpimY3zLvqyLaD0pBNulovT3Ep37mPkskvXIUwLTThjBEujG7R4zU5g RV2q+QhRjPLXiyER5QnEnHrIEke6tnioEPnC4i02Z6JdDKZrn9jSLPlet2OB5/0+ 0DqLnYPZ1LZrId9YVDeIyBDRFxbzQ6L5K2stua5fWqhX1vnbZKDbXSY6d+u5zVwn adxnRP989EiKk/MJ4Reu7YEdtpsM3sd7prXkAcJjPokdvL7hy+BOY8ESgaIhIBj2 Kqu4G35HKBbUdwFekBikitmiVJlIvvVYXku/AgMBAAGjggHUMIIB0DAdBgNVHQ4E FgQUW4Pdh96ax8bjS4d99QGisSMKgbQwHwYDVR0jBBgwFoAUbW+/qXU9uNhGQz21 NR2ansB8lr0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQBgNVHR8ESTBHMEWg Q6BBhj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL2JXLV9xWFU5dU5o R1F6MjFOUjJhbnNCOGxyMC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAC hkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JXLV9x WFU5dU5oR1F6MjFOUjJhbnNCOGxyMC5jZXIwDgYDVR0PAQH/BAQDAgeAMIGKBggr BgEFBQcBCwR+MHwwSwYIKwYBBQUHMAuGP3JzeW5jOi8vY2EucmcubmV0L3Jwa2kv UkduZXQtT1UvVzRQZGg5NmF4OGJqUzRkOTlRR2lzU01LZ2JRLnJvYTAtBggrBgEF BQcwDYYhaHR0cHM6Ly9jYS5yZy5uZXQvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAkxwtMA0GCSqGSIb3DQEBCwUAA4IBAQCoYaCd 17R3o7xul5BWgk8SXItdIDoDb7zxVqs/gnzl9i5gdDd0IWIy4gGW32EjsTUXsi+G 1gyv7aWYFQNlR7kvBgfHyPPp2rkFIj9/KK1VygG3FFMaO1JBDB8UOU+tRbV6xGcf IYCk5bH6H9BtkPm2kiczVdjCFIB5krMy+DMf3x1F7/G+5f+ZmUG3b93GfUmzgxw9 IjlQMyt35h3rgOK6EjpOJgUA1jUWNTpPsR/xzA0HaDlbW38ue02SNluztrsXxJSr 8XwXhHPUzmlqg89Mb5iem3WZ5lkbr6lteO+ZocYtLPyOHhNmXWgop764K4JQaf46 WYtY4rWNeHcfgNTz """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): access_methods = [ rfc6487.id_ad_rpkiManifest, rfc6487.id_ad_signedObject, ] substrate = pem.readBase64fromText(self.rpki_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_pe_subjectInfoAccess: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectInfoAccessSyntax()) for ad in extnValue: if ad['accessMethod'] in access_methods: uri = ad['accessLocation']['uniformResourceIdentifier'] assert 'ca.rg.net' in uri count += 1 assert count == 1 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6664.py0000664006321400632140000000767213605660325021741 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5480 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5751 from pyasn1_modules import rfc6664 try: import unittest2 as unittest except ImportError: import unittest class SMIMECapabilitiesTestCase(unittest.TestCase): smime_capabilities_pem_text = """\ MIICOjAJBgUrDgMCGgUAMA0GCWCGSAFlAwQCBAUAMA0GCWCGSAFlAwQCAQUAMA0G CWCGSAFlAwQCAgUAMA0GCWCGSAFlAwQCAwUAMBUGCSqGSIb3DQEBATAIAgIEAAIC EAAwFQYJKoZIhvcNAQEHMAgCAgQAAgIQADAVBgkqhkiG9w0BAQowCAICBAACAhAA MBUGByqGSM44BAGgCjAIAgIEAAICDAAwggEvBgcqhkjOPgIBoYIBIjCCAR4CgYEA i6Ued8R33vkopJwCvy/ZZv2TtddPXPYmJK4jyFv+TDJTPqnP7XUZCqRuhCyKX10z 7SgiZs6qlSMk5gCa8shPF8NCHtps2D1OVC7yppZUJI07FoDxoEAZHImdAFvYIA/V cGYpYOKod4kju0/e4VUBZ6Qoer5vKTh+lD/+ZKa/WSUCFQDc3W87QSZSX6ggdbeI fzb0rsAhbwKBgCEz/o4WJPUZ4HffJfuXHIGrkPnCxFAYDRtlqueswV0Gy6LunipE Iu3nCzYkZhMatyFNyzo+NusEsS+9isOhT8jhL93nSBZCSRBy+GfmSXlXv/3c8mtH XTie5JOqjRdonPr4g/+VZvMkcioooNrhx/zICHrC3WZ72871/n/z9M+dMCMGByqG SM49AgEwGAYIKoZIzj0DAQcGBSuBBAAiBgUrgQQAIzAhBgUrgQQBDTAYBggqhkjO PQMBBwYFK4EEACIGBSuBBAAjMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAA== """ def setUp(self): self.asn1Spec = rfc5751.SMIMECapabilities() def testDerCodec(self): substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for cap in asn1Object: if cap['capabilityID'] in rfc5751.smimeCapabilityMap.keys(): substrate = cap['parameters'] cap_p, rest = der_decode (substrate, asn1Spec=rfc5751.smimeCapabilityMap[cap['capabilityID']]) assert not rest assert cap_p.prettyPrint() assert der_encode(cap_p) == substrate count += 1 assert count == 8 def testOpenTypes(self): substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate parameterValue = { rfc6664.rsaEncryption: lambda x: x['maxKeySize'], rfc6664.id_RSAES_OAEP: lambda x: x['maxKeySize'], rfc6664.id_RSASSA_PSS: lambda x: x['minKeySize'], rfc6664.id_dsa: lambda x: x['keySizes']['maxKeySize'], rfc6664.dhpublicnumber: lambda x: x['keyParams']['q'] % 1023, rfc6664.id_ecPublicKey: lambda x: x[0]['namedCurve'], rfc6664.id_ecMQV: lambda x: x[1]['namedCurve'], } expectedValue = { rfc6664.rsaEncryption: 4096, rfc6664.id_RSAES_OAEP: 4096, rfc6664.id_RSASSA_PSS: 1024, rfc6664.id_dsa: 3072, rfc6664.dhpublicnumber: 257, rfc6664.id_ecPublicKey: rfc5480.secp256r1, rfc6664.id_ecMQV: rfc5480.secp384r1, } count = 0 for cap in asn1Object: if cap['capabilityID'] in parameterValue.keys(): pValue = parameterValue[cap['capabilityID']](cap['parameters']) eValue = expectedValue[cap['capabilityID']] assert pValue == eValue count += 1 assert count == 7 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6955.py0000664006321400632140000000743213605660325021736 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5480 from pyasn1_modules import rfc6402 from pyasn1_modules import rfc6955 try: import unittest2 as unittest except ImportError: import unittest class CertificationRequestTestCase(unittest.TestCase): pem_text = """\ MIIDPDCCArsCAQAwTjELMAkGA1UEBhMCVVMxETAPBgNVBAoTCFhFVEkgSW5jMRAw DgYDVQQLEwdUZXN0aW5nMRowGAYDVQQDExFQS0lYIEV4YW1wbGUgVXNlcjCCAkEw ggG2BgcqhkjOPgIBMIIBqQKBgQCUhOBFbH9pUWI+VoB8aOfFqZ6edHSU7ZCMHcTh ShSC9dKUDBnjuRC7EbnlpfuOIVFjAoaqBrghNrZ/Nt/R1mhbeXwdWhR1H2qTdZPO u5dyivAPI51H9tSzx/D05vYrwjLhiWe+fgau+NABa4sq9QLXtqhjlIOwGzF9Uhre 5QOFJwKBgCamMixaK9QzK1zcBodTP5AGYVA4PtK5fYEcEhDFDFPUZNGOMAcIjN0/ Ci8s1ht/V4bQ2rtuNioY6NO8cDF6SLZOGG7dHyIG6z/q1EFp2ZveR5V6cpHSCX9J XDsDM1HI8Tma/wTVbn6UPQO49jEVJkiVqFzeR4i0aToAp4ae2tHNAiEA6HL6lvAR QPXy3P07XXiUsYUB5Wk3IfclubpxSvxgMPsCYQCjkQHAqG6kTaBW/Gz+H6ewzQ+U hwwlvpd2jevlpAldq4PNgAs1Z38MjqcxmDKFOUCdEZjY3rh/hpuvjWc9tna0YS8h 4UsOaP9TPofd2HFWaEfc9yBjSzxfeHGD5nCe4pIwGgMVABzVOg0Xgm0KgXWBRhCO PtsJ5Jg0AgE3A4GEAAKBgBNjoYUEjEaoiOv0XqiTdK79rp6WJxJlxEwHBj4Y/pS4 qHlIvS40tkfKBDCh7DP9GgstnlDJeA+uauy1a2q+slzasp94LLl34nkrJb8uC1lK k0v4s+yBNK6XR1LgqCmY7NGwyitveovbTo2lFX5+rzNiCZ4PEUSMwY2iEZ5T77Lo oCEwHwYJKoZIhvcNAQkOMRIwEDAOBgNVHQ8BAf8EBAMCAwgwDAYIKwYBBQUHBgMF AANtADBqMFIwSDELMAkGA1UEBhMCVVMxETAPBgNVBAoTCFhFVEkgSW5jMRAwDgYD VQQLEwdUZXN0aW5nMRQwEgYDVQQDEwtSb290IERTQSBDQQIGANo5tuLLBBQtBXf+ Xo9l9a+tyVybAsCoiClhYw== """ def setUp(self): self.asn1Spec = rfc6402.CertificationRequest() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['certificationRequestInfo']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc5480.dhpublicnumber assert spki_a['algorithm'] in rfc5280.algorithmIdentifierMap.keys() params, rest = der_decode(spki_a['parameters'], asn1Spec=rfc6955.DomainParameters()) assert not rest assert params.prettyPrint() assert der_encode(params) == spki_a['parameters'] assert params['validationParms']['pgenCounter'] == 55 sig_a = asn1Object['signatureAlgorithm'] assert sig_a['algorithm'] == rfc6955.id_dhPop_static_sha1_hmac_sha1 assert sig_a['algorithm'] in rfc5280.algorithmIdentifierMap.keys() assert sig_a['parameters'] == der_encode(univ.Null("")) def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate spki_a = asn1Object['certificationRequestInfo']['subjectPublicKeyInfo']['algorithm'] assert spki_a['algorithm'] == rfc5480.dhpublicnumber assert spki_a['parameters']['validationParms']['pgenCounter'] == 55 sig_a = asn1Object['signatureAlgorithm'] assert sig_a['algorithm'] == rfc6955.id_dhPop_static_sha1_hmac_sha1 assert sig_a['parameters'] == univ.Null("") suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc6960.py0000664006321400632140000001504713605660325021733 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc4055 from pyasn1_modules import rfc6960 try: import unittest2 as unittest except ImportError: import unittest class OCSPRequestTestCase(unittest.TestCase): ocsp_req_pem_text = """\ MGowaDBBMD8wPTAJBgUrDgMCGgUABBS3ZrMV9C5Dko03aH13cEZeppg3wgQUkqR1LKSevoFE63n8 isWVpesQdXMCBDXe9M+iIzAhMB8GCSsGAQUFBzABAgQSBBBjdJOiIW9EKJGELNNf/rdA """ def setUp(self): self.asn1Spec = rfc6960.OCSPRequest() def testDerCodec(self): substrate = pem.readBase64fromText(self.ocsp_req_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['tbsRequest']['version'] == 0 count = 0 for extn in asn1Object['tbsRequest']['requestExtensions']: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] count += 1 assert count == 1 def testOpenTypes(self): substrate = pem.readBase64fromText(self.ocsp_req_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['tbsRequest']['version'] == 0 for req in asn1Object['tbsRequest']['requestList']: ha = req['reqCert']['hashAlgorithm'] assert ha['algorithm'] == rfc4055.id_sha1 assert ha['parameters'] == univ.Null("") class OCSPResponseTestCase(unittest.TestCase): ocsp_resp_pem_text = """\ MIIEvQoBAKCCBLYwggSyBgkrBgEFBQcwAQEEggSjMIIEnzCCAQ+hgYAwfjELMAkGA1UEBhMCQVUx EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEV MBMGA1UEAxMMc25tcGxhYnMuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHNubXBsYWJzLmNvbRgP MjAxMjA0MTExNDA5MjJaMFQwUjA9MAkGBSsOAwIaBQAEFLdmsxX0LkOSjTdofXdwRl6mmDfCBBSS pHUspJ6+gUTrefyKxZWl6xB1cwIENd70z4IAGA8yMDEyMDQxMTE0MDkyMlqhIzAhMB8GCSsGAQUF BzABAgQSBBBjdJOiIW9EKJGELNNf/rdAMA0GCSqGSIb3DQEBBQUAA4GBADk7oRiCy4ew1u0N52QL RFpW+tdb0NfkV2Xyu+HChKiTThZPr9ZXalIgkJ1w3BAnzhbB0JX/zq7Pf8yEz/OrQ4GGH7HyD3Vg PkMu+J6I3A2An+bUQo99AmCbZ5/tSHtDYQMQt3iNbv1fk0yvDmh7UdKuXUNSyJdHeg27dMNy4k8A oIIC9TCCAvEwggLtMIICVqADAgECAgEBMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAkFVMRMw EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFTAT BgNVBAMTDHNubXBsYWJzLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0Bzbm1wbGFicy5jb20wHhcN MTIwNDExMTMyNTM1WhcNMTMwNDExMTMyNTM1WjB+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29t ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRUwEwYDVQQDEwxzbm1w bGFicy5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ac25tcGxhYnMuY29tMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDDDU5HOnNV8I2CojxB8ilIWRHYQuaAjnjrETMOprouDHFXnwWqQo/I3m0b XYmocrh9kDefb+cgc7+eJKvAvBqrqXRnU38DmQU/zhypCftGGfP8xjuBZ1n23lR3hplN1yYA0J2X SgBaAg6e8OsKf1vcX8Es09rDo8mQpt4G2zR56wIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG +EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU8Ys2dpJFLMHl yY57D4BNmlqnEcYwHwYDVR0jBBgwFoAU8Ys2dpJFLMHlyY57D4BNmlqnEcYwDQYJKoZIhvcNAQEF BQADgYEAWR0uFJVlQId6hVpUbgXFTpywtNitNXFiYYkRRv77McSJqLCa/c1wnuLmqcFcuRUK0oN6 8ZJDP2HDDKe8MCZ8+sx+CF54eM8VCgN9uQ9XyE7x9XrXDd3Uw9RJVaWSIezkNKNeBE0lDM2jUjC4 HAESdf7nebz1wtqAOXE1jWF/y8g= """ def setUp(self): self.asn1Spec = rfc6960.OCSPResponse() def testDerCodec(self): substrate = pem.readBase64fromText(self.ocsp_resp_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['responseStatus'] == 0 rb = asn1Object['responseBytes'] assert rb['responseType'] in rfc6960.ocspResponseMap.keys() resp, rest = der_decode(rb['response'], asn1Spec=rfc6960.ocspResponseMap[rb['responseType']]) assert not rest assert resp.prettyPrint() assert der_encode(resp) == rb['response'] resp['tbsResponseData']['version'] == 0 count = 0 for extn in resp['tbsResponseData']['responseExtensions']: assert extn['extnID'] in rfc5280.certificateExtensionsMap.keys() ev, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert der_encode(ev) == extn['extnValue'] count += 1 assert count == 1 def testOpenTypes(self): substrate = pem.readBase64fromText(self.ocsp_resp_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['responseStatus'] == 0 rb = asn1Object['responseBytes'] assert rb['responseType'] in rfc6960.ocspResponseMap.keys() resp, rest = der_decode(rb['response'], asn1Spec=rfc6960.ocspResponseMap[rb['responseType']], decodeOpenTypes=True) assert not rest assert resp.prettyPrint() assert der_encode(resp) == rb['response'] resp['tbsResponseData']['version'] == 0 for rdn in resp['tbsResponseData']['responderID']['byName']['rdnSequence']: for attr in rdn: if attr['type'] == rfc5280.id_emailAddress: assert attr['value'] == 'info@snmplabs.com' for r in resp['tbsResponseData']['responses']: ha = r['certID']['hashAlgorithm'] assert ha['algorithm'] == rfc4055.id_sha1 assert ha['parameters'] == univ.Null("") suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7030.py0000664006321400632140000000542713605660325021721 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc7030 from pyasn1.type import univ try: import unittest2 as unittest except ImportError: import unittest class CSRAttrsTestCase(unittest.TestCase): pem_text = """\ MEEGCSqGSIb3DQEJBzASBgcqhkjOPQIBMQcGBSuBBAAiMBYGCSqGSIb3DQEJDjEJ BgcrBgEBAQEWBggqhkjOPQQDAw== """ the_oids = (univ.ObjectIdentifier('1.2.840.113549.1.9.7'), univ.ObjectIdentifier('1.2.840.10045.4.3.3'), ) the_attrTypes = (univ.ObjectIdentifier('1.2.840.10045.2.1'), univ.ObjectIdentifier('1.2.840.113549.1.9.14'), ) the_attrVals = ('1.3.132.0.34', '1.3.6.1.1.1.1.22', ) def setUp(self): self.asn1Spec = rfc7030.CsrAttrs() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr_or_oid in asn1Object: if attr_or_oid.getName() == 'oid': assert attr_or_oid['oid'] in self.the_oids if attr_or_oid.getName() == 'attribute': assert attr_or_oid['attribute']['attrType'] in self.the_attrTypes def testOpenTypes(self): openTypesMap = { } openTypesMap.update(rfc5652.cmsAttributesMap) for at in self.the_attrTypes: openTypesMap.update({ at: univ.ObjectIdentifier(), }) substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr_or_oid in asn1Object: if attr_or_oid.getName() == 'attribute': valString = attr_or_oid['attribute']['attrValues'][0].prettyPrint() if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[0]: assert valString == self.the_attrVals[0] if attr_or_oid['attribute']['attrType'] == self.the_attrTypes[1]: assert valString == self.the_attrVals[1] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc7191.py0000664006321400632140000003306313605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc7191 try: import unittest2 as unittest except ImportError: import unittest class ReceiptRequestTestCase(unittest.TestCase): message1_pem_text = """\ MIIGfAYJKoZIhvcNAQcCoIIGbTCCBmkCAQMxDTALBglghkgBZQMEAgIwgb4GCyqGSIb3DQEJ EAEZoIGuBIGrMIGooEQwIwYLKoZIhvcNAQkQDAExFAwSVmlnaWwgU2VjdXJpdHkgTExDMB0G CyqGSIb3DQEJEAwDMQ4MDFByZXRlbmQgMDQ4QTBgMF4wVjAbBgsqhkiG9w0BCRAMGzEMDApl eGFtcGxlSUQxMBUGCyqGSIb3DQEJEAwKMQYMBEhPVFAwIAYLKoZIhvcNAQkQDAsxEQwPa3Rh LmV4YW1wbGUuY29tBAQxMjM0oIIChzCCAoMwggIKoAMCAQICCQCls1QoG7BuPTAKBggqhkjO PQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24xETAP BgNVBAoMCEJvZ3VzIENBMB4XDTE5MDYxMjE0MzEwNFoXDTIwMDYxMTE0MzEwNFowfDELMAkG A1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRswGQYDVQQKExJWaWdp bCBTZWN1cml0eSBMTEMxFzAVBgNVBAsTDktleSBNYW5hZ2VtZW50MRgwFgYDVQQDEw9rdGEu ZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASX9l7E3VS3GAEiiRrVozgCBQfL F67IhOxtbQviD/ojhHSQmflLyfRJ8e7+nbWlOLstRc7lgmq+OQVaSlStkzVk/BO1wE5BgUyF xje+sieUtPRXVqfoVZCJJsgiSbo181ejgZQwgZEwCwYDVR0PBAQDAgeAMEIGCWCGSAGG+EIB DQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0cnVzdGVkIGZvciBhbnkgcHVycG9z ZS4wHQYDVR0OBBYEFG2bXP0Dr7W51YvxZJ8aVuC1rU0PMB8GA1UdIwQYMBaAFPI12zQE2qVV 8r1pA5mwYuziFQjBMAoGCCqGSM49BAMDA2cAMGQCMAZ4lqTtdbaDLFfHywaQYwOWBkL3d0wH EsNZTW1qQKy/oY3tXc0O6cbJZ5JJb9wk8QIwblXm8+JjdEJHsNjSv4rcJZou4vkMT7PzEme2 BbMkwOWeIdhmy1vszd8TQgvdb36XMYIDBzCCAwMCAQOAFG2bXP0Dr7W51YvxZJ8aVuC1rU0P MAsGCWCGSAFlAwQCAqCCAmUwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEZMBwGCSqGSIb3 DQEJBTEPFw0xOTA2MTIxOTM1NTFaMCUGCyqGSIb3DQEJEAIHMRYEFCe4nFY7FiJRnReHHHm/ rIht3/g9MD8GCSqGSIb3DQEJBDEyBDA3gzQlzfvylOn9Rf59kMSa1K2IyOBA5Eoeiyp83Bmj KasomGorn9htte1iFPbxPRUwggG/BglghkgBZQIBBUExggGwMIIBrAQUJ7icVjsWIlGdF4cc eb+siG3f+D0wggGSoIH+MH8GCWCGSAFlAgEQAARyMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQI EwJWQTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMFQWxp Y2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHsGCWCGSAFlAgEQAARuMGwx CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMH RXhhbXBsZTEMMAoGA1UEAxMDQm9iMR4wHAYJKoZIhvcNAQkBFg9ib2JAZXhhbXBsZS5jb20w gY4wgYsGCWCGSAFlAgEQAAR+MHwxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UE BxMHSGVybmRvbjEbMBkGA1UEChMSVmlnaWwgU2VjdXJpdHkgTExDMRcwFQYDVQQLEw5LZXkg TWFuYWdlbWVudDEYMBYGA1UEAxMPa3RhLmV4YW1wbGUuY29tMAoGCCqGSM49BAMDBGYwZAIw Z7DXliUb8FDKs+BadyCY+IJobPnQ6UoLldMj3pKEowONPifqrbWBJJ5cQQNgW6YuAjBbjSlY goRV+bq4fdgOOj25JFqa80xnXGtQqjm/7NSII5SbdJk+DT7KCkSbkElkbgQ= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.message1_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq: sav, rest = der_decode(sav0, asn1Spec=rfc7191.KeyPkgIdentifierAndReceiptReq()) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert sav['pkgID'] == package_id def testOpenTypes(self): substrate = pem.readBase64fromText(self.message1_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData v3 = rfc5652.CMSVersion().subtype(value='v3') assert asn1Object['content']['version'] == v3 for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']: if sa['attrType'] == rfc7191.id_aa_KP_keyPkgIdAndReceiptReq: package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert sa['attrValues'][0]['pkgID'] == package_id class ReceiptTestCase(unittest.TestCase): message2_pem_text = """\ MIIEdAYJKoZIhvcNAQcCoIIEZTCCBGECAQMxDTALBglghkgBZQMEAgIwgawGCmCGSAFlAgEC TgOggZ0EgZowgZcEFCe4nFY7FiJRnReHHHm/rIht3/g9MH8GCWCGSAFlAgEQAARyMHAxCzAJ BgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhh bXBsZTEOMAwGA1UEAxMFQWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29t oIICfDCCAngwggH+oAMCAQICCQCls1QoG7BuOzAKBggqhkjOPQQDAzA/MQswCQYDVQQGEwJV UzELMAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4X DTE5MDUyOTE0NDU0MVoXDTIwMDUyODE0NDU0MVowcDELMAkGA1UEBhMCVVMxCzAJBgNVBAgT AlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAwDgYDVQQKEwdFeGFtcGxlMQ4wDAYDVQQDEwVBbGlj ZTEgMB4GCSqGSIb3DQEJARYRYWxpY2VAZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQA IgNiAAT4zZ8HL+xEDpXWkoWp5xFMTz4u4Ae1nF6zXCYlmsEGD5vPu5hl9hDEjd1UHRgJIPoy 3fJcWWeZ8FHCirICtuMgFisNscG/aTwKyDYOFDuqz/C2jyEwqgWCRyxyohuJXtmjgZQwgZEw CwYDVR0PBAQDAgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBi ZSB0cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFMS6Wg4+euM8gbD0Aqpouxbg lg41MB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAoGCCqGSM49BAMDA2gAMGUC MGO5H9E1uAveRGGaf48lN4pov2yH+hCAc5hOAuZKe/f40MKSF8q4w2ij+0euSaKFiAIxAL3g xp6sMitCmLQgOH6/RBIC/2syJ97y0KVp9da0PDAvwxLugCHTKZPjjpSLPHHc9TGCARwwggEY AgEDgBTEuloOPnrjPIGw9AKqaLsW4JYONTALBglghkgBZQMEAgKgejAZBgkqhkiG9w0BCQMx DAYKYIZIAWUCAQJOAzAcBgkqhkiG9w0BCQUxDxcNMTkwNjEzMTYxNjA4WjA/BgkqhkiG9w0B CQQxMgQwQSWYpq4jwhMkmS0as0JL3gjYxKLgDfzP2ndTNsAY0m9p8Igp8ZcK4+5n9fXJ43vU MAoGCCqGSM49BAMDBGgwZgIxAMfq2EJ5pSl9tGOEVJEgZitc266ljrOg5GDjkd2d089qw1A3 bUcOYuCdivgxVuhlAgIxAPR9JavxziwCbVyBUWOAiKKYfglTgG3AwNmrKDj0NtXUQ9qDmGAc 6L+EAY2P5OVB8Q== """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.message2_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] oid = sd['encapContentInfo']['eContentType'] assert oid == rfc7191.id_ct_KP_keyPackageReceipt receipt, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc7191.KeyPackageReceipt()) assert not rest assert receipt.prettyPrint() assert der_encode(receipt) == sd['encapContentInfo']['eContent'] package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert receipt['receiptOf']['pkgID'] == package_id def testOpenTypes(self): substrate = pem.readBase64fromText(self.message2_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData v3 = rfc5652.CMSVersion().subtype(value='v3') assert asn1Object['content']['version'] == v3 for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() if sa['attrType'] == rfc5652.id_messageDigest: assert '0x412598a6ae2' in sa['attrValues'][0].prettyPrint() ct_oid = asn1Object['content']['encapContentInfo']['eContentType'] assert ct_oid in rfc5652.cmsContentTypesMap assert ct_oid == rfc7191.id_ct_KP_keyPackageReceipt # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot # automatically decode it sd_eci = asn1Object['content']['encapContentInfo'] receipt, rest = der_decode(sd_eci['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[sd_eci['eContentType']]) package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert receipt['receiptOf']['pkgID'] == package_id class ErrorTestCase(unittest.TestCase): message3_pem_text = """\ MIIEbwYJKoZIhvcNAQcCoIIEYDCCBFwCAQMxDTALBglghkgBZQMEAgIwga0GCmCGSAFlAgEC TgaggZ4EgZswgZigFgQUJ7icVjsWIlGdF4cceb+siG3f+D0wewYJYIZIAWUCARAABG4wbDEL MAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMRAwDgYDVQQKEwdF eGFtcGxlMQwwCgYDVQQDEwNCb2IxHjAcBgkqhkiG9w0BCQEWD2JvYkBleGFtcGxlLmNvbQoB CqCCAncwggJzMIIB+qADAgECAgkApbNUKBuwbjwwCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMC VVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAe Fw0xOTA1MjkxOTIwMTNaFw0yMDA1MjgxOTIwMTNaMGwxCzAJBgNVBAYTAlVTMQswCQYDVQQI EwJWQTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEMMAoGA1UEAxMDQm9i MR4wHAYJKoZIhvcNAQkBFg9ib2JAZXhhbXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNi AAQxpGJVLxa83xhyal+rvmMFs4xS6Q19cCDoAvQkkFe0gUC4glxlWWQuf/FvLCRwwscr877D 1FZRBrYKPD6Hxv/UKX6Aimou0TnnxsPk98zZpikn9gTrJn2cF9NCzvPVMfmjgZQwgZEwCwYD VR0PBAQDAgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0 cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFMprZnLeLJtXf5iO4sMq02aOwhql MB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAoGCCqGSM49BAMDA2cAMGQCMBVu hLo58RhCiYsOLZFSR3vWHPDCJBnO1vE1uixqEjONHxlBoeGN2MmWs/9PppcHCwIwN9HB5jPc J7gTjA9+ipCe+qkztmV+Gy2NBAY6xYC0gh+pb+X5OAI7y7HdctXp+PfrMYIBGzCCARcCAQOA FMprZnLeLJtXf5iO4sMq02aOwhqlMAsGCWCGSAFlAwQCAqB6MBkGCSqGSIb3DQEJAzEMBgpg hkgBZQIBAk4GMBwGCSqGSIb3DQEJBTEPFw0xOTA2MTMxNjE2MDhaMD8GCSqGSIb3DQEJBDEy BDCgXFTUc3ZInjt+MWYkYmXYERk4FgErEZNILlWgVl7Z9pImgLObIpdrGqGPt06/VkwwCgYI KoZIzj0EAwMEZzBlAjEAsjJ3iWRUteMKBVsjaYeN6TG9NITRTOpRVkSVq55DcnhwS9g9lu8D iNF8uKtW/lk0AjA7z2q40N0lamXkSU7ECasiWOYV1X4cWGiQwMZDKknBPDqXqB6Es6p4J+qe 0V6+BtY= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.message3_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] oid = sd['encapContentInfo']['eContentType'] assert oid == rfc7191.id_ct_KP_keyPackageError kpe, rest = der_decode(sd['encapContentInfo']['eContent'], asn1Spec=rfc7191.KeyPackageError()) assert not rest assert kpe.prettyPrint() assert der_encode(kpe) == sd['encapContentInfo']['eContent'] package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert kpe['errorOf']['pkgID'] == package_id assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10) def testOpenTypes(self): substrate = pem.readBase64fromText(self.message3_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData v3 = rfc5652.CMSVersion().subtype(value='v3') assert asn1Object['content']['version'] == v3 for sa in asn1Object['content']['signerInfos'][0]['signedAttrs']: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() if sa['attrType'] == rfc5652.id_messageDigest: assert '0xa05c54d4737' in sa['attrValues'][0].prettyPrint() ct_oid = asn1Object['content']['encapContentInfo']['eContentType'] assert ct_oid in rfc5652.cmsContentTypesMap.keys() assert ct_oid == rfc7191.id_ct_KP_keyPackageError # Since receipt is inside an OCTET STRING, decodeOpenTypes=True cannot # automatically decode it sd_eci = asn1Object['content']['encapContentInfo'] kpe, rest = der_decode(sd_eci['eContent'], asn1Spec=rfc5652.cmsContentTypesMap[sd_eci['eContentType']]) package_id_pem_text = "J7icVjsWIlGdF4cceb+siG3f+D0=" package_id = pem.readBase64fromText(package_id_pem_text) assert kpe['errorOf']['pkgID'] == package_id assert kpe['errorCode'] == rfc7191.EnumeratedErrorCode(value=10) suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7229.py0000664006321400632140000000675713605660325021742 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc7229 try: import unittest2 as unittest except ImportError: import unittest class CertificatePolicyTestCase(unittest.TestCase): pem_text = """\ MIIDJDCCAqqgAwIBAgIJAKWzVCgbsG5AMAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkxMDEzMTkwNTUzWhcNMjAxMDEyMTkwNTUzWjBTMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xJTAjBgNVBAoTHFRF U1QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNi AATwUXZUseiOaqWdrClDCMbp9YFAM87LTmFirygpzKDU9cfqSCg7zBDIphXCwMcS 9zVWDoStCbcvN0jw5CljHcffzpHYX91P88SZRJ1w4hawHjOsWxvM3AkYgZ5nfdlL 7EajggFcMIIBWDAdBgNVHQ4EFgQU8jXbNATapVXyvWkDmbBi7OIVCMEwbwYDVR0j BGgwZoAU8jXbNATapVXyvWkDmbBi7OIVCMGhQ6RBMD8xCzAJBgNVBAYTAlVTMQsw CQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0GC CQDokdYGkU/O8jAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjBCBglghkgB hvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3Ig YW55IHB1cnBvc2UuMCEGA1UdIAQaMBgwCgYIKwYBBQUHDQEwCgYIKwYBBQUHDQIw CgYDVR02BAMCAQIwNQYDVR0hBC4wLDAUBggrBgEFBQcNAQYIKwYBBQUHDQcwFAYI KwYBBQUHDQIGCCsGAQUFBw0IMAoGCCqGSM49BAMDA2gAMGUCMHaWskjS7MKQCMcn zEKFOV3LWK8pL57vrECJd8ywKdwBJUNw9HhvSKkfUwL6rjlLpQIxAL2QO3CNoZRP PZs8K3IjUA5+U73pA8lpaTOPscLY22WL9pAGmyVUyEJ8lM7E+r4iDg== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): test_oids = [ rfc7229.id_TEST_certPolicyOne, rfc7229.id_TEST_certPolicyTwo, rfc7229.id_TEST_certPolicyThree, rfc7229.id_TEST_certPolicyFour, rfc7229.id_TEST_certPolicyFive, rfc7229.id_TEST_certPolicySix, rfc7229.id_TEST_certPolicySeven, rfc7229.id_TEST_certPolicyEight, ] substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate count = 0 for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): s = extn['extnValue'] ev, rest = der_decode(s, rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert ev.prettyPrint() assert s == der_encode(ev) if extn['extnID'] == rfc5280.id_ce_certificatePolicies: for pol in ev: if pol['policyIdentifier'] in test_oids: count += 1 if extn['extnID'] == rfc5280.id_ce_policyMappings: for pmap in ev: if pmap['issuerDomainPolicy'] in test_oids: count += 1 if pmap['subjectDomainPolicy'] in test_oids: count += 1 assert count == 6 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7292.py0000664006321400632140000001737113605660325021734 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc7292 try: import unittest2 as unittest except ImportError: import unittest class PKCS12TestCase(unittest.TestCase): pfx_pem_text = """\ MIIJ0wIBAzCCCY8GCSqGSIb3DQEHAaCCCYAEggl8MIIJeDCCBggGCSqGSIb3DQEHAaCCBfkE ggX1MIIF8TCCBe0GCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAjuq0/+ 0pyutQICB9AEggTYZe/mYBpmkDvKsve4EwIVwo1TNv4ldyx1qHZW2Ih6qQCY+Nv1Mnv9we0z UTl4p3tQzCPWXnrSA82IgOdotLIez4YwXrgiKhcIkSSL+2yCmAoM+qkjiAIKq+l3UJ6Xhafe 2Kg4Ek/0RkHpe6GwjTtdefkpXpZgccMEopOtKQMLJWsDM7p77x/amn6yIk2tpskKqUY/4n8Y xEiTWcRtTthYqZQIt+q94nKLYpt0o880SVOfvdEqp5KII7cTg60GJL+n6oN6hmP0bsAMvnk9 1f8/lFKMi9tsNU/KnUhbDVpjJwBQkhgbqBx6GdtoqSLSlYNPVM0wlntwm1JhH4ybiQ5sNzqO 7FlWC5bcYwkvOlx1gGrshY5jK/WjbA4paBpxSkgobJReirY9BeqITnvokXlub4tehHhM20Ik 42pKa3kGaHmowvzflxqE+oysW5Oa9XbZxBCfkOMJ70o4hqa+n66+E/uKcN9NbKbTo3zt3xdt 6ypOwHb74t5OcWaGx3EZsw0n0/V+WoLSpXOBwpx08+1yh7LV29aNQ0oEzVVkF6YYRQZtdIMe s3xB2i6sjLal21ntk7iBzMJwVoi524SAZ/oW8SuDAn1c93AWWwKZLALv5V3FZ2pDiQXArcfz DH2d5HJyNx7OlvKzNgEngwSyEC1XbjnOsZVUqGFENuDTa/brH4oEJHEkyWTyDudrz8iCEO80 e1PE4qqJ5CllN0CSVWqz4CxGDFIQXzR6ohn8f3dR3+DAaLYvAjBVMLJjk7+nfnB2L0HpanhT Fz9AxPPIDf5pBQQwM14l8wKjEHIyfqclupeKNokBUr1ykioPyCr3nf4Rqe0Z4EKIY4OCpW6n hrkWHmvF7OKR+bnuSk3jnBxjSN0Ivy5q9q3fntYrhscMGGR73umfi8Z29tM1vSP9jBZvirAo geGf/sfOI0ewRvJf/5abnNg/78Zyk8WmlAHVFzNGcM3u3vhnNpTIVRuUyVkdSmOdbzeSfmqQ 2HPCEdC9HNm25KJt1pD6v6aP3Tw7qGl+tZyps7VB2i+a+UGcwQcClcoXcPSdG7Z1gBTzSr84 MuVPYlePuo1x+UwppSK3rM8ET6KqhGmESH5lKadvs8vdT6c407PfLcfxyAGzjH091prk2oRJ xB3oQAYcKvkuMcM6FSLJC263Dj+pe1GGEexk1AoysYe67tK0sB66hvbd92HcyWhW8/vI2/PM bX+OeEb7q+ugnsP+BmF/btWXn9AxfUqNWstyInKTn+XpqFViMIOG4e2xC4u/IvzG3VrTWUHF 4pspH3k7GB/EOLvtbsR0uacBFlsColJy0FaWT9rrdueU3YEiIRCC8LGi1XpUa8f5adeBKWN+ eRTrrF4o7uoNeGlnwZ7ebnb7k18Q0GRzzzTZPoMM4L703svfE/eNYWFHLY4NDQKSYgeum365 WAfZpHOX7YOc6oRGrGB+QuGoyikTTDO8xpcEmb8vDz4ZwHhN0PS056LNJeMoI0A/5DJb3e10 i1txlM48sbZBuIEIeixr52nwG4LuxqXGqShKaTfOrFxHjx4kI4/dp9dN/k8TGFsLWjuIgMJI 6nRHbWrxB3F0XKXagtLLep1MDwDwAuCyiW2YC0JzRvsJViIgjDA+eiHX0O6/8xiK9dzMQpIz TVHSEqFlhORp0DGB2zATBgkqhkiG9w0BCRUxBgQEAQAAADBXBgkqhkiG9w0BCRQxSh5IADMA ZgA3ADEAYQBmADYANQAtADEANgA4ADcALQA0ADQANABhAC0AOQBmADQANgAtAGMAOABiAGUA MQA5ADQAYwAzAGUAOABlMGsGCSsGAQQBgjcRATFeHlwATQBpAGMAcgBvAHMAbwBmAHQAIABF AG4AaABhAG4AYwBlAGQAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8AdgBp AGQAZQByACAAdgAxAC4AMDCCA2gGCSqGSIb3DQEHAaCCA1kEggNVMIIDUTCCA00GCyqGSIb3 DQEMCgEDoIIDJTCCAyEGCiqGSIb3DQEJFgGgggMRBIIDDTCCAwkwggHxoAMCAQICEDbt9oc6 oQinRwE1826MiBEwDQYJKoZIhvcNAQEFBQAwFDESMBAGA1UEAxMJYW5vbnltb3VzMCAXDTE2 MDcxOTIyMDAwMVoYDzIxMTYwNjI1MjIwMDAxWjAUMRIwEAYDVQQDEwlhbm9ueW1vdXMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8trBCTBjXXA4OgSO5nRTOU5T86ObCgc71 J2oCuUigSddcTDzebaD0wcyAgf101hAdwMKQ9DvrK0nGvm7FAMnnUuVeATafKgshLuUTUUfK jx4Xif4LoS0/ev4BiOI5a1MlIRZ7T5Cyjg8bvuympzMuinQ/j1RPLIV0VGU2HuDxuuP3O898 GqZ3+F6Al5CUcwmOX9zCs91JdN/ZFZ05SXIpHQuyPSPUX5Vy8F1ZeJ8VG3nkbemfFlVkuKQq vteL9mlT7z95rVZgGB3nUZL0tOB68eMcffA9zUksOmeTi5M6jnBcNeX2Jh9jS3YYd+IEliZm mggQG7kPta8f+NqezL77AgMBAAGjVTBTMBUGA1UdJQQOMAwGCisGAQQBgjcKAwQwLwYDVR0R BCgwJqAkBgorBgEEAYI3FAIDoBYMFGFub255bW91c0B3aW5kb3dzLXgAMAkGA1UdEwQCMAAw DQYJKoZIhvcNAQEFBQADggEBALh+4qmNPzC6M8BW9/SC2ACQxxPh06GQUGx0D+GLYnp61ErZ OtKyKdFh+uZWpu5vyYYAHCLXP7VdS/JhJy677ynAPjXiC/LAzrTNvGs74HDotD966Hiyy0Qr ospFGiplHGRA5vXA2CiKSX+0HrVkN7rhk5PYkc6R+/cdosd+QZ8lkEa9yDWc5l//vWEbzwVy mJf/PRf8NTkWAK6SPV7Y37j1mhkJjOH9VkRxNrd6kcihRa4u0ImXaXEsec77ER0so31DKCrP m+rqZPj9NZSIYP3sMGJ4Bmm/n2YRdeaUzTdocfD3TRnKxs65DSgpiSq1gmtsXM7jAPs/Egrg tbWEypgxFTATBgkqhkiG9w0BCRUxBgQEAQAAADA7MB8wBwYFKw4DAhoEFKVgj/32UdEyuQcB rqr03dPnboinBBSU7mxdpB5LTCvorCI8Tk5OMiUzjgICB9A= """ def setUp(self): self.asn1Spec = rfc7292.PFX() def testDerCodec(self): substrate = pem.readBase64fromText(self.pfx_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['version'] == univ.Integer(3) oid = asn1Object['macData']['mac']['digestAlgorithm']['algorithm'] assert oid == univ.ObjectIdentifier('1.3.14.3.2.26') md_hex = asn1Object['macData']['mac']['digest'].prettyPrint() assert md_hex == '0xa5608ffdf651d132b90701aeaaf4ddd3e76e88a7' assert asn1Object['authSafe']['contentType'] == rfc5652.id_data data, rest = der_decode(asn1Object['authSafe']['content'], asn1Spec=univ.OctetString()) assert not rest authsafe, rest = der_decode(data, asn1Spec=rfc7292.AuthenticatedSafe()) assert not rest assert authsafe.prettyPrint() assert der_encode(authsafe) == data for ci in authsafe: assert ci['contentType'] == rfc5652.id_data data, rest = der_decode(ci['content'], asn1Spec=univ.OctetString()) assert not rest sc, rest = der_decode(data, asn1Spec=rfc7292.SafeContents()) assert not rest assert sc.prettyPrint() assert der_encode(sc) == data for sb in sc: if sb['bagId'] in rfc7292.pkcs12BagTypeMap: bv, rest = der_decode(sb['bagValue'], asn1Spec=rfc7292.pkcs12BagTypeMap[sb['bagId']]) assert not rest assert bv.prettyPrint() assert der_encode(bv) == sb['bagValue'] for attr in sb['bagAttributes']: if attr['attrType'] in rfc5652.cmsAttributesMap: av, rest = der_decode(attr['attrValues'][0], asn1Spec=rfc5652.cmsAttributesMap[attr['attrType']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['attrValues'][0] def testOpenTypes(self): substrate = pem.readBase64fromText(self.pfx_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True ) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate digest_alg = asn1Object['macData']['mac']['digestAlgorithm'] assert not digest_alg['parameters'].hasValue() authsafe, rest = der_decode(asn1Object['authSafe']['content'], asn1Spec=rfc7292.AuthenticatedSafe(), decodeOpenTypes=True ) assert not rest assert authsafe.prettyPrint() assert der_encode(authsafe) == asn1Object['authSafe']['content'] for ci in authsafe: assert ci['contentType'] == rfc5652.id_data sc, rest = der_decode(ci['content'], asn1Spec=rfc7292.SafeContents(), decodeOpenTypes=True ) assert not rest assert sc.prettyPrint() assert der_encode(sc) == ci['content'] for sb in sc: if sb['bagId'] == rfc7292.id_pkcs8ShroudedKeyBag: bv = sb['bagValue'] enc_alg = bv['encryptionAlgorithm']['algorithm'] assert enc_alg == rfc7292.pbeWithSHAAnd3_KeyTripleDES_CBC enc_alg_param = bv['encryptionAlgorithm']['parameters'] assert enc_alg_param['iterations'] == 2000 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc7296.py0000664006321400632140000002012013605660325021722 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc7296 from pyasn1.type.univ import noValue try: import unittest2 as unittest except ImportError: import unittest class CertBundleTestCase(unittest.TestCase): cert_bundle_pem_text = """\ MIITfqCCA8kwggPFMIICraADAgECAhACrFwmagtAm48LefKuRiV3MA0GCSqGSIb3 DQEBBQUAMGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAX BgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNVBAMTIkRpZ2lDZXJ0IEhpZ2gg QXNzdXJhbmNlIEVWIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAw MDAwWjBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYD VQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFz c3VyYW5jZSBFViBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxszlc+b71LvlLS0ypt/lgT/JzSVJtnEqw9WUNGeiChywX2mmQLHEt7KP0Jik qUFZOtPclNY823Q4pErMTSWC90qlUxI47vNJbXGRfmO2q6Zfw6SE+E9iUb74xezb OJLjBuUIkQzEKEFV+8taiRV+ceg1v01yCT2+OjhQW3cxG42zxyRFmqesbQAUWgS3 uhPrUQqYQUEiTmVhh4FBUKZ5XIneGUpX1S7mXRxTLH6YzRoGFqRoc9A0BBNcoXHT WnxV215k4TeHMFYE5RG0KYAS8Xk5iKICEXwnZreIt3jyygqoOKsKZMK/Zl2VhMGh JR6HXRpQCyASzEG7bgtROLhLywIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYD VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUsT7DaQP4v0cB1JgmGggC72NkK8MwHwYD VR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQEFBQADggEB ABwaBpfc15yfPIhmBghXIdshR/gqZ6q/GDJ2QBBXwYrzetkRZY41+p78RbWe2Uwx S7iR6EMsjrN4ztvjU3lx1uUhlAHaVYeaJGT2imbM3pw3zag0sWmbI8ieeCIrcEPj VUcxYRnvWMWFL04w9qAxFiPI5+JlFjPLvxoboD34yl6LMYtgCIktDAZcUrfE+QqY 0RVfnxK+fDZjOL1EpH/kJisKxJdpDemM4sAQV7jIdhKRVfJIadi8KgJbD0TUIDHb 9LpwJl2QYJ68SxcJL7TLHkNoyQcnwdJc9+ohuWgSnDycv578gFybY83sR6olJ2eg N/MAgn1U16n46S4To3foH0qgggS6MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf 4msdgzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGln aUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJE aWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAw MFoXDTI4MTAyMjEyMDAwMFowdTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lD ZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGln aUNlcnQgU0hBMiBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAA h/FnKIaFjI5j2ryxQDji0/XspQUYuD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9o m9KxjxKws9LniB8f7zh3VFNfgHk/LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzi kIKHaq7q12TWmFXo/a8aUGxUvBHy/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIcl ho3YIeSwTQyJ3DkmF93215SF2AQhcJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6 Ku8hI3UarS2bhjWMnHe1c63YlC3k8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOC AUkwggFFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYB BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8 hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNl RVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxo dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNK YApl0yHU+PjWDzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkq hkiG9w0BAQsFAAOCAQEAnbbQkIbhhgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18 CK3mtlC4ohpNiAexKSHc59rGPCHg4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9X R3WhfVUgLkc3UHKMf4Ib0mKPLQNa2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNo PLpSgVh5oywM395t6zHyuqB8bPEs1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6M o8wNXrM9zwR4jxQUezKcxwCmXMS1oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti 6G8MdOu42vi/hw15UJGQmxg7kVkn8TUoE6smftX3eqCCB9wwggfYMIIGwKADAgEC AhABW9pmX8RLdRe2iCweq9TcMA0GCSqGSIb3DQEBCwUAMHUxCzAJBgNVBAYTAlVT MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j b20xNDAyBgNVBAMTK0RpZ2lDZXJ0IFNIQTIgRXh0ZW5kZWQgVmFsaWRhdGlvbiBT ZXJ2ZXIgQ0EwHhcNMTgwODE0MDAwMDAwWhcNMjAwODE4MTIwMDAwWjCB3DEdMBsG A1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCVVMx GTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxEDAOBgNVBAUTBzMwMTQyNjcxCzAJ BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9z ZTEVMBMGA1UEChMMUGF5UGFsLCBJbmMuMRQwEgYDVQQLEwtDRE4gU3VwcG9ydDEX MBUGA1UEAxMOd3d3LnBheXBhbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDOofrgGYvXjVHH1WKEgxO51/bNk8Vw0WlZAyu0iwAUULZ3mrI8+xOw gE5VGghgoQY9QNIA0mdFPrEmRRQAZXitszlL5s8oks4+tFzBHHtJp2D9BixRKxAR Afo6c54tufaJUrQyIMwr2mpfbPox3palkK7RmHdimcOqtUjjQyS/WcHxMkyX3wa9 e1JoEB9ofJGupNnC90uGgxilWLvOtn/27w56p2AYkKoSGgXsNRGE5ySxns23sZOo tgSeTRe16K7X5JuzPcGtZGMRxlkVagZsrp8rNsf4aq0wKkBjkvVzSvJTaDJSDqEt hV+ZoGSFYpwaHArVir0sJ63E/aq2Tb97AgMBAAGjggP6MIID9jAfBgNVHSMEGDAW gBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQUuzrmqCkAmIQyec538AFt Xwp5Y7kwgaUGA1UdEQSBnTCBmoIOd3d3LnBheXBhbC5jb22CEmhpc3RvcnkucGF5 cGFsLmNvbYIMdC5wYXlwYWwuY29tggxjLnBheXBhbC5jb22CDWM2LnBheXBhbC5j b22CFGRldmVsb3Blci5wYXlwYWwuY29tggxwLnBheXBhbC5jb22CFXd3dy5wYXlw YWxvYmplY3RzLmNvbYIOY21zLnBheXBhbC5jb20wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSg MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIu Y3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBz Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHww ejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUF BzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0 ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+Bgor BgEEAdZ5AgQCBIIBbgSCAWoBaAB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3 zQ7IDdwQAAABZTquQ3wAAAQDAEgwRgIhAMvZlCpgP2+v8gH82y3PQoMNVUVQNBjG 4DZy7qRFBo0JAiEAkzEfNkc2/B+88VR3QjutnaF1Qpj0QkSodPGAtB377UUAdQBW FAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWU6rkPZAAAEAwBGMEQC IHAvzbsYhbMy5jUazj6X3mDMjjyryN5BMwbDIFv58T9nAiBxzUIRTfj+Kevp0mmO Oe9q6K/klOU2klRuVmcs7Gzw8AB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW ZDaOHtGFAAABZTquRGgAAAQDAEcwRQIhAMvzcJw5loOfVnDNFEr4+c4y/usA2pU5 M7vhHND680tHAiASqPd7KXNaNTJsBJ9IfBN6J2XwGJjxccRy9fJc9+UgYjANBgkq hkiG9w0BAQsFAAOCAQEAoeuef8cXLigvTQs4lbtbyp4UOIzspiMmHztqB95OS0ER /u7995SO0C0mQjvyPeiptQ5Yh+/OVCqV6p2ZpBmSc+mn5tzjP3LaVxoyjwghja03 mNBXPmdkEIG+V78Ov5iIm6vxGH1xSjHssV8iXpWo3gJ+xH3krtY1Atkg243JgwNC I3xgp01VMLAmvIvvTqmIKeEd88Ukc6kHcZsEjxwtNivWx2nl1cyDu9B1wJK0D5Mu IBXgbFKmqUhWlEXRimphvONOJGd71qT94bT/+bhq28oGleH1leTvqft0fj+e/a7e Hx1u3fYAxNWjNAImIxpGUyUwSVo29w/CYYc2cS69y6GB7TCB6jCBqQIBATALBgcq hkjOOAQDBQAwLjELMAkGA1UEBhMCdXMxDDAKBgNVBAoTA3N1bjERMA8GA1UEAxMI aGFuZmVpeXUXDTA1MDEwNzIwMDkxMFoXDTA2MDEwNzIwMDkxMFowSTAjAgMBCTIX DTA1MDEwNzIwMDkxMFowDTALBgNVHRUEBAoCAQQwIgICMDkXDTA1MDEwNzIwMDkx MFowDTALBgNVHRUEBAoCAQEwCwYHKoZIzjgEAwUAAy8AMCwCFFbxw8qxTDJqc8H9 O1QIkzwkkvJfAhRF5zFU8mFsrKmnE50ERySS8vA6AKGCAh8wggIbMIIBAwIBATAN BgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQg SW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2Vy dCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBFw0xOTA1MDIyMjE1NTRaFw0xOTA1 MjMyMjE1NTRaMDEwLwIQDPWCOBgZnlb4K9ZS7Sft6RcNMTgxMDI1MTYxMTM4WjAM MAoGA1UdFQQDCgEAoDAwLjAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2Qr wzALBgNVHRQEBAICAcQwDQYJKoZIhvcNAQELBQADggEBABPO3OA0OkQZ+RLVxz/c Nx5uNVEO416oOePkN0A4DxFztf337caS4OyfS9Wyu1j5yUdWJVpAKXSQeN95MqHk pSpYDssuqbuYjv8ViJfseGBgtXTczUzzNeNdY2uxMbCxuhmPkgacAo1lx9LkK2Sc YHWVbfFRF1UQ/dcmavaZsEOBNuLWOxQYA9MqfVNAymHe7vPqwm/8IY2FbHe9HsiJ ZfGxNWMDP5lmJiXmpntTeDQ2UjdiyXwGGKjyiSTFk2jVRutrGINufaoA/f7eCmIb 4UDPbpMjVfD215dW8eBKouypCVoEvmCSSTacdiBI2yOluvMN0PzvPve0ECAE+D4e m9Y= """ def setUp(self): self.asn1Spec = rfc7296.CertificateBundle() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_bundle_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate cert_count = 0 crl_count = 0 unk_count = 0 for item in asn1Object: if item.getName() == 'cert': cert_count += 1 elif item.getName() == 'crl': crl_count += 1 else: unk_count += 1 assert cert_count == 3 assert crl_count == 2 assert unk_count == 0 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc7508.py0000664006321400632140000001311013605660325021717 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.type import univ from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc7508 try: import unittest2 as unittest except ImportError: import unittest class SignedMessageTestCase(unittest.TestCase): signed_message_pem_text = """\ MIIE/AYJKoZIhvcNAQcCoIIE7TCCBOkCAQExDTALBglghkgBZQMEAgIwUQYJKoZI hvcNAQcBoEQEQkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbg0KDQpXYXRzb24sIGNv bWUgaGVyZSAtIEkgd2FudCB0byBzZWUgeW91LqCCAnwwggJ4MIIB/qADAgECAgkA pbNUKBuwbjswCgYIKoZIzj0EAwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1Mjkx NDQ1NDFaFw0yMDA1MjgxNDQ1NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJW QTEQMA4GA1UEBxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMF QWxpY2UxIDAeBgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZI zj0CAQYFK4EEACIDYgAE+M2fBy/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+b z7uYZfYQxI3dVB0YCSD6Mt3yXFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/w to8hMKoFgkcscqIbiV7Zo4GUMIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0E NRYzVGhpcyBjZXJ0aWZpY2F0ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1 cnBvc2UuMB0GA1UdDgQWBBTEuloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAW gBTyNds0BNqlVfK9aQOZsGLs4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL 3kRhmn+PJTeKaL9sh/oQgHOYTgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94Mae rDIrQpi0IDh+v0QSAv9rMife8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUxggIA MIIB/AIBATBMMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0ECCQCls1QoG7BuOzALBglghkgBZQME AgKgggElMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X DTE5MDUyOTE4MjMxOVowKAYJKoZIhvcNAQk0MRswGTALBglghkgBZQMEAgKhCgYI KoZIzj0EAwMwMQYLKoZIhvcNAQkQAjcxIjEgCgEBMBswGRoERnJvbQwRYWxpY2VA ZXhhbXBsZS5jb20wPwYJKoZIhvcNAQkEMTIEMLbkIqT9gmce1Peqxm1E9OiwuY1R WHHGVufwmjb6XKzj4goQ5tryN5uJN9NM+ZkmbDBNBgsqhkiG9w0BCRACATE+MDwE IMdPIQ9kJ1cI9Q6HkRCzbXWdD331uAUCL3MMFXP4KFOjgAEBMBUwE4ERYWxpY2VA ZXhhbXBsZS5jb20wCgYIKoZIzj0EAwMEZzBlAjEAuZ8SebvwMRvLPn9+s3VHFUNU bEtkkWCao1uNm5TOzphK0NbxzOsD854aC5ReKPSDAjAm1U0siLQw5p4qzGwyxDw9 5AI5J8Mvy+icNubmfsd4ofvxdaECdhr4rvsSMwbOsFk= """ def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate secure_header_field_attr_found = False assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode (asn1Object['content'], asn1Spec=rfc5652.SignedData()) for sa in sd['signerInfos'][0]['signedAttrs']: sat = sa['attrType'] sav0 = sa['attrValues'][0] if sat == rfc7508.id_aa_secureHeaderFieldsIdentifier: assert sat in rfc5652.cmsAttributesMap.keys() sav, rest = der_decode(sav0, asn1Spec=rfc5652.cmsAttributesMap[sat]) assert not rest assert sav.prettyPrint() assert der_encode(sav) == sav0 from_field = rfc7508.HeaderFieldName('From') alice_email = rfc7508.HeaderFieldValue('alice@example.com') for shf in sav['secHeaderFields']: if shf['field-Name'] == from_field: assert shf['field-Value'] == alice_email secure_header_field_attr_found = True assert secure_header_field_attr_found def testOpenTypes(self): substrate = pem.readBase64fromText(self.signed_message_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] in rfc5652.cmsContentTypesMap.keys() assert asn1Object['contentType'] == rfc5652.id_signedData sd = asn1Object['content'] assert sd['version'] == rfc5652.CMSVersion().subtype(value='v1') ect = sd['encapContentInfo']['eContentType'] assert ect in rfc5652.cmsContentTypesMap.keys() assert ect == rfc5652.id_data for sa in sd['signerInfos'][0]['signedAttrs']: if sa['attrType'] == rfc7508.id_aa_secureHeaderFieldsIdentifier: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() secure_header_field_attr_found = False for sa in sd['signerInfos'][0]['signedAttrs']: if sa['attrType'] == rfc7508.id_aa_secureHeaderFieldsIdentifier: assert sa['attrType'] in rfc5652.cmsAttributesMap.keys() from_field = rfc7508.HeaderFieldName('From') alice_email = rfc7508.HeaderFieldValue('alice@example.com') for shf in sa['attrValues'][0]['secHeaderFields']: if shf['field-Name'] == from_field: assert shf['field-Value'] == alice_email secure_header_field_attr_found = True assert secure_header_field_attr_found suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7585.py0000664006321400632140000001146613605660325021740 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc7585 try: import unittest2 as unittest except ImportError: import unittest class NAIRealmCertTestCase(unittest.TestCase): cert_pem_text = """\ MIIEZzCCA0+gAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTE5MTExMTE4 MDQyMVoXDTIwMDExMDE4MDQyMVowezELMAkGA1UEBhMCRlIxDzANBgNVBAgMBlJh ZGl1czEUMBIGA1UECgwLRXhhbXBsZSBJbmMxIzAhBgNVBAMMGkV4YW1wbGUgU2Vy dmVyIENlcnRpZmljYXRlMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9y ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM9HqbuyWpsTMKo739Dm DwmQo2HUkNdQYbvsB+e7ILsw8fWa2qnsF1CoRr/1bcZqXUR1To/QbHse7xSMZH9t F7rdlDMc7QtgdwVfn8TiL3hCg5LSE8iaBzfJUjrts/V5WOByP1DwJVM7W3Va/5dN oOiceVeC7ThghMlwIx/wN5cy78a8fPYV2FvPR6e+U2HG35zaIv2PizYcliF/QmZG gnw4Q9dYC1Lw/ogVBZBALlv+/MuGheb/xIuL8lu1PFZ0YbW65WLD9Cx4wvytAke7 tKlhL/Kd4OBSeOY3OYmpxbc1gEUmFoLTlZesY2NP9Jyl5mGsIHtPdvVkh/tSBy8o VLUCAwEAAaOB3TCB2jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK BggrBgEFBQcDATA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vd3d3LmV4YW1wbGUu Y29tL2V4YW1wbGVfY2EuY3JsMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYb aHR0cDovL3d3dy5leGFtcGxlLm9yZy9vY3NwMDoGA1UdEQQzMDGCEnJhZGl1cy5l eGFtcGxlLm9yZ6AbBggrBgEFBQcICKAPDA0qLmV4YW1wbGUuY29tMA0GCSqGSIb3 DQEBCwUAA4IBAQBOhtH2Jpi0b0MZ8FBKTqDl44rIHL1rHG2mW/YYmRI4jZo8kFhA yWm/T8ZpdaotJgRqbQbeXvTXIg4/JNFheyLG4yLOzS1esdMAYDD5EN9/dXE++jND /wrfPU+QtTgzAjkgFDKuqO7gr1/vSizxLYTWLKBPRHhiQo7GGlEC6/CPb38x4mfQ 5Y9DsKCp6BEZu+LByCho/HMDzcIPCdtXRX7Fs8rtX4/zRpVIdm6D+vebuo6CwRKp mIljfssCvZjb9YIxSVDmA/6Lapqsfsfo922kb+MTXvPrq2ynPx8LrPDrxKc8maYc Jiw8B0yjkokwojxyRGftMT8uxNjWQVsMDbxl """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate nai_realm_oid = rfc7585.id_on_naiRealm nai_realm_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName()) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): assert gn['otherName']['type-id'] == nai_realm_oid onValue, rest = der_decode(gn['otherName']['value'], asn1Spec=rfc7585.NAIRealm()) assert not rest assert onValue.prettyPrint() assert der_encode(onValue) == gn['otherName']['value'] assert 'example' in onValue nai_realm_found = True assert nai_realm_found def testOpenTypes(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate nai_realm_oid = rfc7585.id_on_naiRealm nai_realm_found = False for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] == rfc5280.id_ce_subjectAltName: extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.SubjectAltName(), decodeOpenTypes=True) assert not rest assert extnValue.prettyPrint() assert der_encode(extnValue) == extn['extnValue'] for gn in extnValue: if gn['otherName'].hasValue(): assert gn['otherName']['type-id'] == nai_realm_oid assert 'example' in gn['otherName']['value'] nai_realm_found = True assert nai_realm_found suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7633.py0000664006321400632140000000631413605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc7633 try: import unittest2 as unittest except ImportError: import unittest class TLSFeaturesExtnTestCase(unittest.TestCase): pem_text = """\ MIIEbTCCBBOgAwIBAgIRAO5f2N8q74GBATjTMXQCjlgwCgYIKoZIzj0EAwIwgZYx CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQD EzNDT01PRE8gRUNDIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2 ZXIgQ0EwHhcNMTYwMTE1MDAwMDAwWhcNMTgwMTE0MjM1OTU5WjCBwjELMAkGA1UE BhMCUlUxDzANBgNVBBETBjExNzY0NzEUMBIGA1UECBMLTW9zY293IENpdHkxDzAN BgNVBAcTBk1vc2NvdzE4MDYGA1UECRMvQWthZGVtaWthIEthcGljeSBzdHJlZXQs IGhvdXNlIDQsIGFwYXJ0bWVudCAxNjYxGDAWBgNVBAoTD0FuZHJleSBDaHVyYW5v djETMBEGA1UECxMKSW5zdGFudFNTTDESMBAGA1UEAxMJYWRtc2VsLmVjMHYwEAYH KoZIzj0CAQYFK4EEACIDYgAEwrPPzgBO1vDNmV0UVvYSBnys9B7LVkGLiIBbKYf2 nNFRuJKo1gzNurI8pv4CbvqjkCX4Je/aSeYFHSCR9y82+zTwYQuJFt5LIL5f+Syp xZ7aLH56bOiQ+QhCtIvWP4YWo4IB9TCCAfEwHwYDVR0jBBgwFoAUdr4iSO4/PvZG A9mHGNBlfiKcC+EwHQYDVR0OBBYEFHTFQqV+H5a7+RVL+70Z6zqCbqq9MA4GA1Ud DwEB/wQEAwIFgDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBQBgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUFBwIB Fh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0f BFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPRUNDT3Jn YW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYBBQUH AQEEfzB9MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01P RE9FQ0NPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQG CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wEQYIKwYBBQUHARgE BTADAgEFMCMGA1UdEQQcMBqCCWFkbXNlbC5lY4INd3d3LmFkbXNlbC5lYzAKBggq hkjOPQQDAgNIADBFAiAi6TXl76FTKPP1AhqtEjU5BjAj9Ju7CSKChHZSmzxeXQIh AOQSxhs011emVxyBIXT0ZGbmBY8LFRh6eGIOCAJbkM5T """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc7633.id_pe_tlsfeature: s = extn['extnValue'] features, rest = der_decode(s, rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert features.prettyPrint() assert s == der_encode(features) assert len(features) == 1 assert features[0] == 5 assert rfc7633.id_pe_tlsfeature in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7773.py0000664006321400632140000001370213605660325021732 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc7773 try: import unittest2 as unittest except ImportError: import unittest class AuthenticationContextExtnTestCase(unittest.TestCase): pem_text = """\ MIIMUjCCCzqgAwIBAgIQevDaX+wRYAlpUgjTYjCCRjANBgkqhkiG9w0BAQsFADCBuDELMAkGA1UE BhMCU0UxNTAzBgNVBAoTLERldiBURVNUIENBIG9yZyBBQiAoTk9UIEEgUkVBTCBPUkdBTklaQVRJ T04pMSAwHgYDVQQLExdDZW50cmFsIFNpZ25pbmcgU2VydmljZTEVMBMGA1UEBRMMQTEyMzQ1Ni03 ODkwMTkwNwYDVQQDEzBDZW50cmFsIFNpZ25pbmcgQ0EwMDEgLSBFSUQgMi4wIERldiBURVNUIFNl cnZpY2UwHhcNMTkxMDA5MDc0ODI2WhcNMjAxMDA5MDc0ODI2WjBgMRUwEwYDVQQFEwwxODg4MDMw OTkzNjgxCzAJBgNVBAYTAlNFMQ0wCwYDVQQqEwRBZ2RhMRcwFQYDVQQDEw5BZ2RhIEFuZGVyc3Nv bjESMBAGA1UEBBMJQW5kZXJzc29uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl1H 7vveI/EUaF9z6EiL/AmTHDbpLAKoWh9JJjpRlb8lU0TseYOzZp6ySiAO8St2a/HxxhrNuAAELUwZ 3oICkmxM/NeYgI7EEaLVPUwBAWfGZrRWb/+h8C6SrivWc73M/LI1A0B9tcEpUuh0CHTSVIBZsH+L IDyKW6n3T8YeI7+0CX391I/j3iyEBNFcfDaHaFChzkPxgPg6Xh1D1JWs+mUj1rOoTLxsyusWiIQk IkjDgFNUCpS1+NUvkTU1uFewvluxjOzRVqzYZWesOL+V/lGnyVPw4o1INEKYpOurYii2TXElTmXO iQdIG20S96uFH6vFFJ2cPwgYjWpory/K+QIDAQABo4IIrTCCCKkwCwYDVR0PBAQDAgZAMB0GA1Ud DgQWBBQo71oFnxX2kapLl3ZoYOylnJo01TATBgNVHSAEDDAKMAgGBgQAizABATBLBgNVHR8ERDBC MECgPqA8hjpodHRwczovL2VpZDJjc2lnLmtvbmtpLnNlL3B1Ymxpc2gvY3JsLzE4MTRiMGFiYzEx NGM3YmEuY3JsMIIH6wYHKoVwgUkFAQSCB94wggfaMIIH1gwraHR0cDovL2lkLmVsZWduYW1uZGVu LnNlL2F1dGgtY29udC8xLjAvc2FjaQyCB6U8c2FjaTpTQU1MQXV0aENvbnRleHQgeG1sbnM6c2Fj aT0iaHR0cDovL2lkLmVsZWduYW1uZGVuLnNlL2F1dGgtY29udC8xLjAvc2FjaSI+PHNhY2k6QXV0 aENvbnRleHRJbmZvIElkZW50aXR5UHJvdmlkZXI9Imh0dHA6Ly9kZXYudGVzdC5zd2VkZW5jb25u ZWN0LnNlL2lkcCIgQXV0aGVudGljYXRpb25JbnN0YW50PSIyMDE5LTEwLTA5VDA3OjU4OjI2LjAw MFoiIFNlcnZpY2VJRD0iRmVkU2lnbmluZyIgQXV0aG5Db250ZXh0Q2xhc3NSZWY9Imh0dHA6Ly9p ZC5lbGVnbmFtbmRlbi5zZS9sb2EvMS4wL2xvYTMtc2lnbWVzc2FnZSIgQXNzZXJ0aW9uUmVmPSJf ZGM5MjM0Y2Y3Zjc5OWQwMDlmMjUwNWVhMzVlMWU0NmUiLz48c2FjaTpJZEF0dHJpYnV0ZXM+PHNh Y2k6QXR0cmlidXRlTWFwcGluZyBUeXBlPSJyZG4iIFJlZj0iMi41LjQuNSI+PHNhbWw6QXR0cmli dXRlIEZyaWVuZGx5TmFtZT0iU3dlZGlzaCBQZXJzb25udW1tZXIiIE5hbWU9InVybjpvaWQ6MS4y Ljc1Mi4yOS40LjEzIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNz ZXJ0aW9uIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4 cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3 dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPjE4ODgwMzA5OTM2ODwvc2FtbDpBdHRy aWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FjaTpBdHRyaWJ1dGVNYXBwaW5nPjxzYWNp OkF0dHJpYnV0ZU1hcHBpbmcgVHlwZT0icmRuIiBSZWY9IjIuNS40LjQyIj48c2FtbDpBdHRyaWJ1 dGUgRnJpZW5kbHlOYW1lPSJHaXZlbiBOYW1lIiBOYW1lPSJ1cm46b2lkOjIuNS40LjQyIiB4bWxu czpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpBdHRy aWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5v cmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxT Y2hlbWEtaW5zdGFuY2UiPkFnZGE8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0 ZT48L3NhY2k6QXR0cmlidXRlTWFwcGluZz48c2FjaTpBdHRyaWJ1dGVNYXBwaW5nIFR5cGU9InJk biIgUmVmPSIyLjUuNC4zIj48c2FtbDpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJEaXNwbGF5IE5h bWUiIE5hbWU9InVybjpvaWQ6Mi4xNi44NDAuMS4xMTM3MzAuMy4xLjI0MSIgeG1sbnM6c2FtbD0i dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6QXR0cmlidXRlVmFs dWUgeHNpOnR5cGU9InhzOnN0cmluZyIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEv WE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWlu c3RhbmNlIj5BZ2RhIEFuZGVyc3Nvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmli dXRlPjwvc2FjaTpBdHRyaWJ1dGVNYXBwaW5nPjxzYWNpOkF0dHJpYnV0ZU1hcHBpbmcgVHlwZT0i cmRuIiBSZWY9IjIuNS40LjQiPjxzYW1sOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9IlN1cm5hbWUi IE5hbWU9InVybjpvaWQ6Mi41LjQuNCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNB TUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmlu ZyIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9 Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIj5BbmRlcnNzb248L3Nh bWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhY2k6QXR0cmlidXRlTWFwcGlu Zz48L3NhY2k6SWRBdHRyaWJ1dGVzPjwvc2FjaTpTQU1MQXV0aENvbnRleHQ+MAkGA1UdEwQCMAAw HwYDVR0jBBgwFoAUqKv0QPwAYcLfcD/Vy1A2deHtiqcwDQYJKoZIhvcNAQELBQADggEBAETlZOIL NknxlMiYHCxoYypyzYuza2l3M4+YWakT0vFPgXpCk+l0dNst7h9nWvKKHCboSj+YP5dUCSsuUXhb 7xTei/F2nj7q1oCPuVJGThZqhWgF/JkqOy34hHEM5VniJiQu2W9TjzRMSOSFzRlQsHcOuXzdTkhr CQpD1TWxYL9sCy4YoCdE4edfgBGBMujxoijl3/xJ5uI1FjhlSPVP88p8Wsi8i7GdMYuxqjZMwrt2 PHIPgop3BNN9/BzW0cmdyNvFgcD9qR8Rv5aFBYuQbyg6fST8JdAOrbMrCST6v2U41OOXH5MC/kL6 tAGXsYdcuQpglUngmo/FV4Z9qjIDkYQ= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc7773.id_ce_authContext: s = extn['extnValue'] acs, rest = der_decode(s, asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert acs.prettyPrint() assert s == der_encode(acs) assert u'id.elegnamnden.se' in acs[0]['contextType'] assert u'AuthContextInfo IdentityProvider' in acs[0]['contextInfo'] assert rfc7773.id_ce_authContext in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7894.py0000664006321400632140000000631113605660325021734 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc6402 from pyasn1_modules import rfc7894 try: import unittest2 as unittest except ImportError: import unittest class AlternativeChallengePasswordTestCase(unittest.TestCase): otp_pem_text = """\ MIICsjCCAZwCAQAwJDELMAkGA1UEBhMCVVMxFTATBgNVBAMTDDRUUzJWMk5MWEE2 WjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKmF0oUj5+1rBB+pUO8X 7FPxer+1BhWOa54RTSucJmBaLx0H95qNaBCcctNDl1kcmIro/a0zMcEvj5Do29vQ lStJdTeJ/B3X4qzOGShupxJcAhCreRZjN6Yz3T9z0zJ8OPnRvJOzcSiIzlubc9lK Cpq4U0UsCLLfymOgL9NH4lZi96J+PFuJr0J+rTY38076U2jcPqNq5/L/d6NV9Sz2 IVOvCK1kqP/nElJVibIQZvj9YESLUKyVAfTNxLj3+IpioOOv2dT3kB9wdi4plAVi UFEUvED1okRrI29+LdPV1UXglOCksyJIIw+DgDtutDE5Co6QkTNURFEdKIV9Sg13 zEECAwEAAaBLMBkGCyqGSIb3DQEJEAI4MQoTCDkwNTAzODQ2MC4GCSqGSIb3DQEJ DjEhMB8wHQYDVR0OBBYEFBj12LVowM16Ed0D+AmoElKNYP/kMAsGCSqGSIb3DQEB CwOCAQEAZZdDWKejs3UVfgZI3R9cMWGijmscVeZrjwFVkn7MI9pEDZ2aS1QaRYjY 1cu9j3i+LQp9LWPIW/ztYk11e/OcZp3fo8pZ+MT66n7YTWfDXNkqqA5xmI84DMEx /cqenyzOBZWqpZGx7eyM9BtnrdeJ0r2qSc7LYU25FbIQFJJf8IvgMAXWMs50fvs2 Gzns447x952se2ReQ3vYhXdHvYYcgAZfSJZvK+nCmhzzqowv5p15Y5S+IHpBSXTO a1qhNW4cjdicQZUeQ2R5kiuwZ+8vHaq9jKxAEk0hBeqG6RQaxvNOBQhHtTLNGw/C NmaF8Y2Sl/MgvC5tjs0Ck0/r3lsoLQ== """ def setUp(self): self.asn1Spec = rfc6402.CertificationRequest() def testDerCodec(self): substrate = pem.readBase64fromText(self.otp_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['certificationRequestInfo']['version'] == 0 for attr in asn1Object['certificationRequestInfo']['attributes']: assert attr['attrType'] in rfc6402.cmcControlAttributesMap.keys() av, rest = der_decode(attr['attrValues'][0], rfc6402.cmcControlAttributesMap[attr['attrType']]) assert not rest assert der_encode(av) == attr['attrValues'][0] if attr['attrType'] == rfc7894.id_aa_otpChallenge: assert av['printableString'] == '90503846' def testOpenTypes(self): substrate = pem.readBase64fromText(self.otp_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr in asn1Object['certificationRequestInfo']['attributes']: assert attr['attrType'] in rfc6402.cmcControlAttributesMap.keys() if attr['attrType'] == rfc7894.id_aa_otpChallenge: assert attr['attrValues'][0]['printableString'] == '90503846' suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful())pyasn1-modules-0.2.8/tests/test_rfc7906.py0000664006321400632140000002047313605660325021733 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc2985 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc7906 try: import unittest2 as unittest except ImportError: import unittest class AttributeSetTestCase(unittest.TestCase): attr_set_pem_text = """\ MYIRmDAQBglghkgBZQIBDQcxA4IBATAQBglghkgBZQIBDQ0xAwoBUzAQBglghkgB ZQIBDQ4xAwoBAjAQBglghkgBZQIBDQ8xAwoBATARBglghkgBZQIBBUIxBAQCeQYw EgYJYIZIAWUCAQ0LMQUwAwoBATAVBglghkgBZQIBDQUxCDAGAgReAA//MBUGCyqG SIb3DQEJEAIuMQYCBF1qowYwGQYJYIZIAWUCAQVHMQwGCisGAQQBgaxgME0wGgYJ YIZIAWUCAQ0BMQ0wCwYJYIZIAWUDBAEtMBoGCWCGSAFlAgENDDENBgsqhkiG9w0B CRABGTAaBglghkgBZQIBDRUxDTALBglghkgBZQMEAS0wGwYJYIZIAWUCAQ0GMQ4w DAIEXQAAAAIEXwAP/zAdBgsqhkiG9w0BCRACKDEOMAwGCisGAQQBgaxgMDAwLQYJ YIZIAWUCAQVGMSAwHoYcaHR0cDovL3JlcG8uZXhhbXBsZS5jb20vcGtpLzAvBglg hkgBZQIBDQMxIjAgExFCb2d1cyBTaG9ydCBUaXRsZYEFQm9ndXOFATCHAU0wNAYJ YIZIAWUCAQVIMScwJRMRQm9ndXMgU2hvcnQgVGl0bGUTEEZha2UgU2hvcnQgVGl0 bGUwOAYIKwYBBQUHAQsxLDAqMCgGCCsGAQUFBzAFhhxodHRwOi8vcmVwby5leGFt cGxlLmNvbS9wa2kvMEEGCyqGSIb3DQEJEAIEMTIwMAwjVGhlc2UgUkZDIDc5MDYg YXR0cmlidXRlcyBhcmUgYm9ndXMGCSqGSIb3DQEHATCBggYLKoZIhvcNAQkQAgIx czFxAgEBBgorBgEEAYGsYAEBMUwwJIAKYIZIAWUCAQgDA4EWMBQGCisGAQQBgaxg MEkxBgIBMAIBSTAkgApghkgBZQIBCAMEgRYwFAYKKwYBBAGBrGAwRTEGAgEwAgFF ExJCb2d1cyBQcml2YWN5IE1hcmswgYQGCWCGSAFlAgENFjF3MHUwMAYKYIZIAWUC AQJOAjAiMCAGCyqGSIb3DQEJEAwLMREMD2t0YS5leGFtcGxlLmNvbTAxBgsqhkiG 9w0BCRABGTAiMCAGCyqGSIb3DQEJEAwLMREMD2t0YS5leGFtcGxlLmNvbTAOBgkq hkiG9w0BBwEKAQEwgaAGCWCGSAFlAgENEDGBkjCBj6EMBgorBgEEAYGsYDAwoH8G CWCGSAFlAgEQAARyMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UE BxMHSGVybmRvbjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMFQWxpY2UxIDAe BgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMIIBvwYJYIZIAWUCAQVBMYIB sDCCAawEFO1lDTbJmd4voc2GDuaMzYO+XJSmMIIBkqCB/jB/BglghkgBZQIBEAAE cjBwMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24x EDAOBgNVBAoTB0V4YW1wbGUxDjAMBgNVBAMTBUFsaWNlMSAwHgYJKoZIhvcNAQkB FhFhbGljZUBleGFtcGxlLmNvbTB7BglghkgBZQIBEAAEbjBsMQswCQYDVQQGEwJV UzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xEDAOBgNVBAoTB0V4YW1w bGUxDDAKBgNVBAMTA0JvYjEeMBwGCSqGSIb3DQEJARYPYm9iQGV4YW1wbGUuY29t MIGOMIGLBglghkgBZQIBEAAEfjB8MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkEx EDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZpZ2lsIFNlY3VyaXR5IExMQzEX MBUGA1UECxMOS2V5IE1hbmFnZW1lbnQxGDAWBgNVBAMTD2t0YS5leGFtcGxlLmNv bTCCAoUGA1UEJDGCAnwwggJ4MIIB/qADAgECAgkApbNUKBuwbjswCgYIKoZIzj0E AwMwPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9u MREwDwYDVQQKDAhCb2d1cyBDQTAeFw0xOTA1MjkxNDQ1NDFaFw0yMDA1MjgxNDQ1 NDFaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTEQMA4GA1UEBxMHSGVybmRv bjEQMA4GA1UEChMHRXhhbXBsZTEOMAwGA1UEAxMFQWxpY2UxIDAeBgkqhkiG9w0B CQEWEWFsaWNlQGV4YW1wbGUuY29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE+M2f By/sRA6V1pKFqecRTE8+LuAHtZxes1wmJZrBBg+bz7uYZfYQxI3dVB0YCSD6Mt3y XFlnmfBRwoqyArbjIBYrDbHBv2k8Csg2DhQ7qs/wto8hMKoFgkcscqIbiV7Zo4GU MIGRMAsGA1UdDwQEAwIHgDBCBglghkgBhvhCAQ0ENRYzVGhpcyBjZXJ0aWZpY2F0 ZSBjYW5ub3QgYmUgdHJ1c3RlZCBmb3IgYW55IHB1cnBvc2UuMB0GA1UdDgQWBBTE uloOPnrjPIGw9AKqaLsW4JYONTAfBgNVHSMEGDAWgBTyNds0BNqlVfK9aQOZsGLs 4hUIwTAKBggqhkjOPQQDAwNoADBlAjBjuR/RNbgL3kRhmn+PJTeKaL9sh/oQgHOY TgLmSnv3+NDCkhfKuMNoo/tHrkmihYgCMQC94MaerDIrQpi0IDh+v0QSAv9rMife 8tClafXWtDwwL8MS7oAh0ymT446Uizxx3PUwggSaBgNVBEYxggSRMIIEjTCCAgIw ggGIoAMCAQICCQDokdYGkU/O8jAKBggqhkjOPQQDAzA/MQswCQYDVQQGEwJVUzEL MAkGA1UECAwCVkExEDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENB MB4XDTE5MDUxNDA4NTgxMVoXDTIxMDUxMzA4NTgxMVowPzELMAkGA1UEBhMCVVMx CzAJBgNVBAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBD QTB2MBAGByqGSM49AgEGBSuBBAAiA2IABPBRdlSx6I5qpZ2sKUMIxun1gUAzzstO YWKvKCnMoNT1x+pIKDvMEMimFcLAxxL3NVYOhK0Jty83SPDkKWMdx9/Okdhf3U/z xJlEnXDiFrAeM6xbG8zcCRiBnmd92UvsRqNQME4wHQYDVR0OBBYEFPI12zQE2qVV 8r1pA5mwYuziFQjBMB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAwG A1UdEwQFMAMBAf8wCgYIKoZIzj0EAwMDaAAwZQIwWlGNjb9NyqJSzUSdsEqDSvMZ b8yFkxYCIbAVqQ9UqScUUb9tpJKGsPWwbZsnLVvmAjEAt/ypozbUhQw4dSPpWzrn 5BQ0kKbDM3DQJcBABEUBoIOol1/jYQPmxajQuxcheFlkMIICgzCCAgqgAwIBAgIJ AKWzVCgbsG49MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJW QTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwNjEy MTQzMTA0WhcNMjAwNjExMTQzMTA0WjB8MQswCQYDVQQGEwJVUzELMAkGA1UECBMC VkExEDAOBgNVBAcTB0hlcm5kb24xGzAZBgNVBAoTElZpZ2lsIFNlY3VyaXR5IExM QzEXMBUGA1UECxMOS2V5IE1hbmFnZW1lbnQxGDAWBgNVBAMTD2t0YS5leGFtcGxl LmNvbTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJf2XsTdVLcYASKJGtWjOAIFB8sX rsiE7G1tC+IP+iOEdJCZ+UvJ9Enx7v6dtaU4uy1FzuWCar45BVpKVK2TNWT8E7XA TkGBTIXGN76yJ5S09FdWp+hVkIkmyCJJujXzV6OBlDCBkTALBgNVHQ8EBAMCB4Aw QgYJYIZIAYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0 ZWQgZm9yIGFueSBwdXJwb3NlLjAdBgNVHQ4EFgQUbZtc/QOvtbnVi/FknxpW4LWt TQ8wHwYDVR0jBBgwFoAU8jXbNATapVXyvWkDmbBi7OIVCMEwCgYIKoZIzj0EAwMD ZwAwZAIwBniWpO11toMsV8fLBpBjA5YGQvd3TAcSw1lNbWpArL+hje1dzQ7pxsln kklv3CTxAjBuVebz4mN0Qkew2NK/itwlmi7i+QxPs/MSZ7YFsyTA5Z4h2GbLW+zN 3xNCC91vfpcwggSgBglghkgBZQIBDRQxggSRMYIEjTCCAgIwggGIoAMCAQICCQDo kdYGkU/O8jAKBggqhkjOPQQDAzA/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCVkEx EDAOBgNVBAcMB0hlcm5kb24xETAPBgNVBAoMCEJvZ3VzIENBMB4XDTE5MDUxNDA4 NTgxMVoXDTIxMDUxMzA4NTgxMVowPzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlZB MRAwDgYDVQQHDAdIZXJuZG9uMREwDwYDVQQKDAhCb2d1cyBDQTB2MBAGByqGSM49 AgEGBSuBBAAiA2IABPBRdlSx6I5qpZ2sKUMIxun1gUAzzstOYWKvKCnMoNT1x+pI KDvMEMimFcLAxxL3NVYOhK0Jty83SPDkKWMdx9/Okdhf3U/zxJlEnXDiFrAeM6xb G8zcCRiBnmd92UvsRqNQME4wHQYDVR0OBBYEFPI12zQE2qVV8r1pA5mwYuziFQjB MB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMAwGA1UdEwQFMAMBAf8w CgYIKoZIzj0EAwMDaAAwZQIwWlGNjb9NyqJSzUSdsEqDSvMZb8yFkxYCIbAVqQ9U qScUUb9tpJKGsPWwbZsnLVvmAjEAt/ypozbUhQw4dSPpWzrn5BQ0kKbDM3DQJcBA BEUBoIOol1/jYQPmxajQuxcheFlkMIICgzCCAgqgAwIBAgIJAKWzVCgbsG49MAoG CCqGSM49BAMDMD8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwH SGVybmRvbjERMA8GA1UECgwIQm9ndXMgQ0EwHhcNMTkwNjEyMTQzMTA0WhcNMjAw NjExMTQzMTA0WjB8MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcT B0hlcm5kb24xGzAZBgNVBAoTElZpZ2lsIFNlY3VyaXR5IExMQzEXMBUGA1UECxMO S2V5IE1hbmFnZW1lbnQxGDAWBgNVBAMTD2t0YS5leGFtcGxlLmNvbTB2MBAGByqG SM49AgEGBSuBBAAiA2IABJf2XsTdVLcYASKJGtWjOAIFB8sXrsiE7G1tC+IP+iOE dJCZ+UvJ9Enx7v6dtaU4uy1FzuWCar45BVpKVK2TNWT8E7XATkGBTIXGN76yJ5S0 9FdWp+hVkIkmyCJJujXzV6OBlDCBkTALBgNVHQ8EBAMCB4AwQgYJYIZIAYb4QgEN BDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9yIGFueSBw dXJwb3NlLjAdBgNVHQ4EFgQUbZtc/QOvtbnVi/FknxpW4LWtTQ8wHwYDVR0jBBgw FoAU8jXbNATapVXyvWkDmbBi7OIVCMEwCgYIKoZIzj0EAwMDZwAwZAIwBniWpO11 toMsV8fLBpBjA5YGQvd3TAcSw1lNbWpArL+hje1dzQ7pxslnkklv3CTxAjBuVebz 4mN0Qkew2NK/itwlmi7i+QxPs/MSZ7YFsyTA5Z4h2GbLW+zN3xNCC91vfpc= """ def setUp(self): self.asn1Spec = rfc2985.AttributeSet() def testDerCodec(self): substrate = pem.readBase64fromText(self.attr_set_pem_text) asn1Object, rest = der_decode (substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr in asn1Object: assert attr['type'] in rfc5652.cmsAttributesMap.keys() av, rest = der_decode(attr['values'][0], asn1Spec=rfc5652.cmsAttributesMap[attr['type']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['values'][0] if attr['type'] == rfc7906.id_aa_KP_contentDecryptKeyID: assert av == univ.OctetString(hexValue='7906') def testOpenTypes(self): openTypesMap = { } openTypesMap.update(rfc5280.certificateAttributesMap) openTypesMap.update(rfc5652.cmsAttributesMap) substrate = pem.readBase64fromText(self.attr_set_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, openTypes=openTypesMap, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr in asn1Object: if attr['type'] == rfc7906.id_aa_KP_contentDecryptKeyID: assert attr['values'][0] == univ.OctetString(hexValue='7906') suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc7914.py0000664006321400632140000000601613605660325021727 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc5958 from pyasn1_modules import rfc7914 from pyasn1_modules import rfc8018 try: import unittest2 as unittest except ImportError: import unittest # From RFC 7914, Section 13 class MultiprimeRSAPrivateKeyTestCase(unittest.TestCase): pem_text = """\ MIHiME0GCSqGSIb3DQEFDTBAMB8GCSsGAQQB2kcECzASBAVNb3VzZQIDEAAAAgEI AgEBMB0GCWCGSAFlAwQBKgQQyYmguHMsOwzGMPoyObk/JgSBkJb47EWd5iAqJlyy +ni5ftd6gZgOPaLQClL7mEZc2KQay0VhjZm/7MbBUNbqOAXNM6OGebXxVp6sHUAL iBGY/Dls7B1TsWeGObE0sS1MXEpuREuloZjcsNVcNXWPlLdZtkSH6uwWzR0PyG/Z +ZXfNodZtd/voKlvLOw5B3opGIFaLkbtLZQwMiGtl42AS89lZg== """ def setUp(self): self.asn1Spec = rfc5958.EncryptedPrivateKeyInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate ea = asn1Object['encryptionAlgorithm'] assert ea['algorithm'] == rfc8018.id_PBES2 assert ea['algorithm'] in rfc5280.algorithmIdentifierMap.keys() params, rest = der_decode(ea['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[ea['algorithm']]) assert not rest assert params.prettyPrint() assert der_encode(params) == ea['parameters'] kdf = params['keyDerivationFunc'] assert kdf['algorithm'] == rfc7914.id_scrypt assert kdf['algorithm'] in rfc5280.algorithmIdentifierMap.keys() kdfp, rest = der_decode(kdf['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[kdf['algorithm']]) assert not rest assert kdfp.prettyPrint() assert der_encode(kdfp) == kdf['parameters'] assert kdfp['costParameter'] == 1048576 def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate ea = asn1Object['encryptionAlgorithm'] assert ea['algorithm'] == rfc8018.id_PBES2 params = asn1Object['encryptionAlgorithm']['parameters'] assert params['keyDerivationFunc']['algorithm'] == rfc7914.id_scrypt kdfp = params['keyDerivationFunc']['parameters'] assert kdfp['costParameter'] == 1048576 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8017.py0000664006321400632140000001160713605660325021724 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8017 from pyasn1_modules import rfc2985 try: import unittest2 as unittest except ImportError: import unittest class SMIMECapabilitiesTestCase(unittest.TestCase): smime_capabilities_pem_text = """\ MIIBAzA8BgkqhkiG9w0BAQcwL6APMA0GCWCGSAFlAwQCAgUAoRwwGgYJKoZIhvcN AQEIMA0GCWCGSAFlAwQCAgUAMDwGCSqGSIb3DQEBCjAvoA8wDQYJYIZIAWUDBAIC BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQAwDQYJKoZIhvcNAQECBQAw DQYJKoZIhvcNAQEEBQAwDQYJKoZIhvcNAQEFBQAwDQYJKoZIhvcNAQEOBQAwDQYJ KoZIhvcNAQELBQAwDQYJKoZIhvcNAQEMBQAwDQYJKoZIhvcNAQENBQAwDQYJKoZI hvcNAQEPBQAwDQYJKoZIhvcNAQEQBQA= """ def setUp(self): self.asn1Spec = rfc2985.SMIMECapabilities() def testDerCodec(self): substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for cap in asn1Object: assert cap['algorithm'] in rfc5280.algorithmIdentifierMap.keys() if cap['parameters'].hasValue(): p, rest = der_decode(cap['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[cap['algorithm']]) assert not rest if not p == univ.Null(""): assert p.prettyPrint() assert der_encode(p) == cap['parameters'] if cap['algorithm'] == rfc8017.id_RSAES_OAEP: assert p['hashFunc']['algorithm'] == rfc8017.id_sha384 assert p['maskGenFunc']['algorithm'] == rfc8017.id_mgf1 def OpenTypesCodec(self): substrate = pem.readBase64fromText(self.smime_capabilities_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for cap in asn1Object: if cap['algorithm'] == rfc8017.id_RSAES_OAEP: p = cap['parameters'] assert p['hashFunc']['algorithm'] == rfc8017.id_sha384 assert p['maskGenFunc']['algorithm'] == rfc8017.id_mgf1 class MultiprimeRSAPrivateKeyTestCase(unittest.TestCase): pem_text = """\ MIIE2QIBAQKCAQEAn82EqwXasE2TFNSmZucB8LNza2mOWLHF3nxpxKXalPMDvezc 5Dq7Ytcv/k9jJL4j4jYfvR4yyZdU9iHLaD6hOINZ8E6hVpx/4c96ZUSOLzD2g+u+ jIuoNfG+zygSBGYCS6BLCAIsZ+2wUyxYpLJknHJld9/jy+aLmmyrilhH9dH5AUiV 3NeWht/68++dMXf4ZI/gV4bMSlWhggxkz2WJJpiQdCdJatGkwNDkHmLA9X0tC6OH SPE7qYdxG38cYS5F445SgnhDpiK7BodSqYLwgehaDjoOYdEgHVnOcpBCDI5zCJSL b1c/z8uhrB1xxlECR44wCLcKsIIYQxaEErRJ/wIDAQABAoIBAD+Ra5L0szeqxDVn GgKZJkZvvBwgU0WpAgMtDo3xQ/A4c2ab0IrhaiU5YJgTUGcPVArqaNm8J4vVrTBz 5QxEzbFDXwWe4cMoYh6bgB7ElKLlIUr8/kGZUfgc7kI29luEjcAIEAC2/RQHesVn DHkL5OzqZL+4fIwckAMh0tXdflsPgZ/jgIaKca4OqKu4KGnczm3UvqtlvwisAjkx zMyfZXOLn0vEwP2bfbhQrCVrP7n6a+CV+Kqm8NBWnbiS6x2rWemVVssNTbfXQztq wC6ZJZCLK7plciDBWvHcS6vxdcsS9DUxuqSV6o/stCGTl1D+9tDx8Od0Eunna2B2 wAoRHZECVgbNO1bqwfYpp5aFuySWoP+KZz8f/5ZkHjLwiNGpQcqVd4+7Ql2R4qgF NgSoQQOZFhKtiOeLVU0HYfp6doI4waSINZdF/fJDHD6fY3AMOc/IIMDHHIzbAlYG vKOocLXWj/2+gcyQ1XoAmrE70aIFUBLSvd7RCi8GI74zYWp5lCSvO850Z4GsWSZT 41iF13sTDDJPm3+BbzMvEu2GuACi/8/IpbUr24/FP9Cp1Rf7kwJWAgMxfoshbrNu ebQB5laHNnT+DYhrOFVRNiNDaD2bUNSetrFidosWtD4ueHxMGENwa4BbFJ9+UrdP fyxC6k7exM7khGjaNZczwTep1VpYtKjzP/bp9KcCVgYoj9s9HZ1FCAsNEPodjGfd AcPTQS9mIa7wzy19B7uvFQJXPURi/p4KKBMVQ99Pp8/r9lJzxxiEf8FyPr8N7lZM EUKkFkDrZQDhKpsrHWSNj6yRFlltAlYC7dYR8KLEWoOUATLosxQhwgypv+23r+d4 ZdPOdDv9n8Kmj+NFy/oISFfdXzlOU4RWQtMx3hEwAabwct7vjiJEej/kmiTqco02 17tt13VvvQ5ZXF73dDCCAQwwggEIAlYDfMpM1WNfxcLLOgkRZ+0S9OvIrEOi0ALV SquTdi/thhCuCsK3lMD4miN9te8j16YtqEFVWXC3a6DWwIJ6m/xZ50bBwPqM8RsI 6FWhZw4Dr5VqjYXUvwJWAvapRk9SydDYri/cAtGIkUJVlspkE1emALAaSw30vmfd hrgYLT6YGOmK3UmcNJ4NVeET275MXWF1ZOhkOGKTN6aj5wPhJaHBMnmUQrq7GwC6 /LfUkSsCVgMCDTV9gbFW8u6TcTVW85dBIeUGxZh1T2pbU3dkGO3IOxOhzJUplH4/ EeEs9dusHakg1ERXAg4Vo1YowPW8kuVbZ9faxeVrmuER5NcCuZzS5X/obGUw """ def setUp(self): self.asn1Spec = rfc8017.RSAPrivateKey() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8018.py0000664006321400632140000000334413605660325021724 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc8018 try: import unittest2 as unittest except ImportError: import unittest class PWRITestCase(unittest.TestCase): rfc3211_ex1_pem_text = """\ o1MCAQCgGgYJKoZIhvcNAQUMMA0ECBI0Vnh4VjQSAgEFMCAGCyqGSIb3DQEJEAMJMBEGBSsO AwIHBAjv5ZjvIbM9bQQQuBslZe43PKbe3KJqF4sMEA== """ def setUp(self): self.asn1Spec = rfc5652.RecipientInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.rfc3211_ex1_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate alg_oid = asn1Object['pwri']['keyDerivationAlgorithm']['algorithm'] assert alg_oid == rfc8018.id_PBKDF2 def testOpenTypes(self): substrate = pem.readBase64fromText(self.rfc3211_ex1_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate icount = asn1Object['pwri']['keyDerivationAlgorithm']['parameters']['iterationCount'] assert icount == 5 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc8103.py0000664006321400632140000000276713605660325021727 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8103 try: import unittest2 as unittest except ImportError: import unittest class CAEADChaCha20Poly1305TestCase(unittest.TestCase): alg_id_pem_text = "MBsGCyqGSIb3DQEJEAMSBAzK/rq++s7brd7K+Ig=" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object[0] == rfc8103.id_alg_AEADChaCha20Poly1305 param, rest = der_decoder.decode(asn1Object[1], rfc8103.AEADChaCha20Poly1305Nonce()) assert not rest assert param.prettyPrint() assert param == rfc8103.AEADChaCha20Poly1305Nonce(value='\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88') assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8209.py0000664006321400632140000000423513605660325021726 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8209 try: import unittest2 as unittest except ImportError: import unittest class CertificateTestCase(unittest.TestCase): cert_pem_text = """\ MIIBiDCCAS+gAwIBAgIEAk3WfDAKBggqhkjOPQQDAjAaMRgwFgYDVQQDDA9ST1VU RVItMDAwMEZCRjAwHhcNMTcwMTAxMDUwMDAwWhcNMTgwNzAxMDUwMDAwWjAaMRgw FgYDVQQDDA9ST1VURVItMDAwMEZCRjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC AARzkbq7kqDLO+EOWbGev/shTgSpHgy6GxOafTjZD3flWqBbjmlWeOD6FpBLVdnU 9cDfxYiV7lC8T3XSBaJb02/1o2MwYTALBgNVHQ8EBAMCB4AwHQYDVR0OBBYEFKtN kQ9VyucaIV7zyv46zEW17sFUMBMGA1UdJQQMMAoGCCsGAQUFBwMeMB4GCCsGAQUF BwEIAQH/BA8wDaAHMAUCAwD78KECBQAwCgYIKoZIzj0EAwIDRwAwRAIgB7e0al+k 8cxoNjkDpIPsfIAC0vYInUay7Cp75pKzb7ECIACRBUqh9bAYnSck6LQi/dEc8D2x OCRdZCk1KI3uDDgp """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] if extn['extnID'] == rfc5280.id_ce_extKeyUsage: assert rfc8209.id_kp_bgpsec_router in extnValue assert rfc5280.id_ce_extKeyUsage in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': unittest.TextTestRunner(verbosity=2).run(suite) pyasn1-modules-0.2.8/tests/test_rfc8226.py0000664006321400632140000000715713605660325021733 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8226 try: import unittest2 as unittest except ImportError: import unittest class JWTClaimConstraintsTestCase(unittest.TestCase): jwtcc_pem_text = "MD2gBzAFFgNmb2+hMjAwMBkWA2ZvbzASDARmb28xDARmb28yDARmb28zMBMWA2JhcjAMDARiYXIxDARiYXIy" def setUp(self): self.asn1Spec = rfc8226.JWTClaimConstraints() def testDerCodec(self): substrate = pem.readBase64fromText(self.jwtcc_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate class TNAuthorizationListTestCase(unittest.TestCase): tnal_pem_text = "MCugBxYFYm9ndXOhEjAQFgo1NzE1NTUxMjEyAgIDFKIMFgo3MDM1NTUxMjEy" def setUp(self): self.asn1Spec = rfc8226.TNAuthorizationList() def testDerCodec(self): substrate = pem.readBase64fromText(self.tnal_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate class CertificateOpenTypesTestCase(unittest.TestCase): cert_pem_text = """\ MIICkTCCAhegAwIBAgIJAKWzVCgbsG4+MAoGCCqGSM49BAMDMD8xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJWQTEQMA4GA1UEBwwHSGVybmRvbjERMA8GA1UECgwIQm9n dXMgQ0EwHhcNMTkwNzE4MTUwNzQ5WhcNMjAwNzE3MTUwNzQ5WjBxMQswCQYDVQQG EwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xKDAmBgNVBAoTH0Zh a2UgVGVsZXBob25lIFNlcnZpY2UgUHJvdmlkZXIxGTAXBgNVBAMTEGZha2UuZXhh bXBsZS5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARLyLhnsvrS9WBY29tmN2LI CF/wuX4ohhUy3sxO0ynCplHHojpDg+tghGzusf0aLtMDu1II915O8YK5XVL+KZJD C82jybxWIKjjzX2qc5/O06joUttdEDzkTaD0kgbcXl6jgawwgakwCwYDVR0PBAQD AgeAMEIGCWCGSAGG+EIBDQQ1FjNUaGlzIGNlcnRpZmljYXRlIGNhbm5vdCBiZSB0 cnVzdGVkIGZvciBhbnkgcHVycG9zZS4wHQYDVR0OBBYEFHOI3GpDt9dWsTAZxhcj 96uyL2aIMB8GA1UdIwQYMBaAFPI12zQE2qVV8r1pA5mwYuziFQjBMBYGCCsGAQUF BwEaBAowCKAGFgRmYWtlMAoGCCqGSM49BAMDA2gAMGUCMQCy+qFhT7X1i18jcyIa Jkgz/tumrPsaBA2RihkooTEr4GbqC650Z4Cwt7+x2xZq37sCMFSM6fRueLyV5StG yEFWA6G95b/HbtPMTjLpPKtrOjhofc4LyVCDYhFhKzpvHh1qeA== """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.cert_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decoder.decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encoder.encode(extnValue) == extn['extnValue'] if extn['extnID'] == rfc8226.id_pe_TNAuthList: assert extnValue[0]['spc'] == 'fake' assert rfc8226.id_pe_TNAuthList in extn_list suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8358.py0000664006321400632140000002625713605660325021743 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc8358 try: import unittest2 as unittest except ImportError: import unittest class P7STestCase(unittest.TestCase): pem_text_list = ( """\ MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDTALBglghkgBZQMEAgEwDQYLKoZIhvcNAQkQ ARugggZ0MIIGcDCCBVigAwIBAgIRANa58hQvZ26svTWQaGtqo/YwDQYJKoZIhvcNAQELBQAw gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT B1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8g UlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE1MDIx MjAwMDAwMFoXDTIwMDIxMjIzNTk1OVowgZUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJn aW5pYTEPMA0GA1UEBxMGUmVzdG9uMRMwEQYDVQQKEwpJRVRGIFRydXN0MRkwFwYDVQQLExBT ZWNyZXRhcmlhdCBXZXN0MQ0wCwYDVQQDEwRJRVRGMSMwIQYJKoZIhvcNAQkBFhRpZXRmLWFj dGlvbkBpZXRmLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMUkKtMPP1RA FU6sxMezYJKCt4rw30RDieB8/P67TMhA6j8Um4a2Xo+CP9Ce1oMri2bwaaQPYWB4ciEL32za 0NUE0B0iCjZZl36hon6wW6mJw1NGD/AFxnKWzhkSWG6BHMoeOAzu/ye8sHu4Jp5nazpGptK7 30SjTS3JJFU9pHwQY6JlcmwVv0j2rsT3gj92Cbj5S+U5wCSE6+mZbCC+VPFeeI1kFITwyaIm uK9kSYHr15OXua/jrYNrHNRfqtexGKSgnUT96KkTh9TVvkMETB1WJS4WuEIP6GITvwVTp0lA qS3oNO4SM4tgFVdYqppcvZBg52kHY9y7IdR156c99zzZDBfWBduqjs/AXa0uol0EJd7qFLUs xEJ96XN3tPgR/Cwq18ec29pZQH6kO81Kato/RsQrj6A05TFx/J0MYE0R1MZqvIDUu55vlicb wT2lpXMiz1szKuvjTZRR9H/IgbKPNpt/kDUSgXLYwuKBm+nBoJXgybEyJ+A4arb60d9Uiusu UA8/h6s1rDMuTnIYMbIii4Y+KgevBWPawqk0xioilEMJ0RBaBVrDreuFlK8aYh+Jo2piruBA QnB9ZaPmEM1HPNArJxqL6XcUJTkFxNSksOATDFV5sEoBWYIe6qv2nV2r/HWDAEaa4WH2h3o/ kASarXk3SxPXmfjOOr1XgpKjAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSCr2yM+MX+lmF8 6B89K3FIXsSLwDAdBgNVHQ4EFgQU7Olc92Oy6nkCvpv6jCj6qN8YPtUwDgYDVR0PAQH/BAQD AgeAMAwGA1UdEwEB/wQCMAAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEF BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJ aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25h bmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNl Y3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w HwYDVR0RBBgwFoEUaWV0Zi1hY3Rpb25AaWV0Zi5vcmcwDQYJKoZIhvcNAQELBQADggEBAGPm QUKHxkEQ9vk69vIP68anHc8UsTv5powtLSXLqUw3rAoKAdoWkKjb7ZByHCuFiNk1BvTnhQPh LAZm5dI8dYWKp3zgWVxsCXOQv2K4XbaQpIk8KKdLycHWsOq2OD4xBdhfTQqDj9EidhxaLf4B bRUePOuWVvwNqHI6OQ9FbRllUsTsSH3XK7z9Ru/0Ub07uEzmWyrIpeFRLJUg9EqQj25pw8j7 N9ym8ItpfEQvK4Nrzt9KnGwFDaNOUjYAvejig9iUNdOXEQKVzbq8fC25HrXPQisq8u2jrP38 cRqzwgGHZ1bJrQa8+LPBfADZ4ZHeqlEe6IqZhS/wDSuDNCIZHtkxggKqMIICpgIBA4AU7Olc 92Oy6nkCvpv6jCj6qN8YPtUwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 DQEJEAEbMBwGCSqGSIb3DQEJBTEPFw0xOTA2MDkxNjU3NTdaMC8GCSqGSIb3DQEJBDEiBCDx ACvH9u26K1BdX+IPp6vguUAtA9k0lp9JMNunvXTuQzANBgkqhkiG9w0BAQEFAASCAgBY8kFl SxQIvU4n6LaVoAV6ibHrlCqOp9KrUc9DmwXtDifsgoGfhDHb6i5k9BSHmerjTGF6mLlquPUV Z2EHSUuVpk8rX//ki6vngq91+f+ufrzEpvO6BLc2aO/zOat0W3U2hiq3zJSLMYMNZhX484Nq 9+ImsU0S5f32ZpEXH0lFINUaZFo0eRAOZywqNuY57stjWBxTI6MA00S0+eMuWlmkMy0C2LL9 BQvWW01/ri2UDEprAiKo2sXLcScgHimEVYHuWsrnP+sJ3XVWRsWGRW2i5qIalu2ZGmmIU/vg bdBzQnAjCoS2xC5Kwv+cqtUiiyLI0nnuu1aKKi4hivmt1n+hSIWWgGNwTFn3S4+mYDDNSH0u ocOr0uDFVv/SH9QPQuGh9rpSz3cd3hlA4R63Rylm46Tt6DnXiovu0mDoos68UQjIAPXWj1ES Peeubp+wSbuqN8Rh+koZU+HK7YpsR2bB4hL0GIwMA9lQjGSCxPCt1ViRL6zAWECzQC1YgLyc +f1Fe8pkaWUbZz+18H/rJoKsXiNWH8yhfAyk+JGTxc4qxWJ/BuF0vzSyuVEffuxIHrOMZTpO +xfAaJVDqFjxT5yKj3dCfy6XSDZq39AeX/w26/WfH+0ALRiViAAaMHSldbawVR/W3isecDWF tlU4NSJMLi/tTohe0QN1fjOaFryAvw== """, """\ MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDTALBglghkgBZQMEAgEwDQYLKoZIhvcNAQkQ ARygggZ0MIIGcDCCBVigAwIBAgIRANa58hQvZ26svTWQaGtqo/YwDQYJKoZIhvcNAQELBQAw gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT B1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8g UlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE1MDIx MjAwMDAwMFoXDTIwMDIxMjIzNTk1OVowgZUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJn aW5pYTEPMA0GA1UEBxMGUmVzdG9uMRMwEQYDVQQKEwpJRVRGIFRydXN0MRkwFwYDVQQLExBT ZWNyZXRhcmlhdCBXZXN0MQ0wCwYDVQQDEwRJRVRGMSMwIQYJKoZIhvcNAQkBFhRpZXRmLWFj dGlvbkBpZXRmLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMUkKtMPP1RA FU6sxMezYJKCt4rw30RDieB8/P67TMhA6j8Um4a2Xo+CP9Ce1oMri2bwaaQPYWB4ciEL32za 0NUE0B0iCjZZl36hon6wW6mJw1NGD/AFxnKWzhkSWG6BHMoeOAzu/ye8sHu4Jp5nazpGptK7 30SjTS3JJFU9pHwQY6JlcmwVv0j2rsT3gj92Cbj5S+U5wCSE6+mZbCC+VPFeeI1kFITwyaIm uK9kSYHr15OXua/jrYNrHNRfqtexGKSgnUT96KkTh9TVvkMETB1WJS4WuEIP6GITvwVTp0lA qS3oNO4SM4tgFVdYqppcvZBg52kHY9y7IdR156c99zzZDBfWBduqjs/AXa0uol0EJd7qFLUs xEJ96XN3tPgR/Cwq18ec29pZQH6kO81Kato/RsQrj6A05TFx/J0MYE0R1MZqvIDUu55vlicb wT2lpXMiz1szKuvjTZRR9H/IgbKPNpt/kDUSgXLYwuKBm+nBoJXgybEyJ+A4arb60d9Uiusu UA8/h6s1rDMuTnIYMbIii4Y+KgevBWPawqk0xioilEMJ0RBaBVrDreuFlK8aYh+Jo2piruBA QnB9ZaPmEM1HPNArJxqL6XcUJTkFxNSksOATDFV5sEoBWYIe6qv2nV2r/HWDAEaa4WH2h3o/ kASarXk3SxPXmfjOOr1XgpKjAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSCr2yM+MX+lmF8 6B89K3FIXsSLwDAdBgNVHQ4EFgQU7Olc92Oy6nkCvpv6jCj6qN8YPtUwDgYDVR0PAQH/BAQD AgeAMAwGA1UdEwEB/wQCMAAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEF BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJ aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25h bmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNl Y3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w HwYDVR0RBBgwFoEUaWV0Zi1hY3Rpb25AaWV0Zi5vcmcwDQYJKoZIhvcNAQELBQADggEBAGPm QUKHxkEQ9vk69vIP68anHc8UsTv5powtLSXLqUw3rAoKAdoWkKjb7ZByHCuFiNk1BvTnhQPh LAZm5dI8dYWKp3zgWVxsCXOQv2K4XbaQpIk8KKdLycHWsOq2OD4xBdhfTQqDj9EidhxaLf4B bRUePOuWVvwNqHI6OQ9FbRllUsTsSH3XK7z9Ru/0Ub07uEzmWyrIpeFRLJUg9EqQj25pw8j7 N9ym8ItpfEQvK4Nrzt9KnGwFDaNOUjYAvejig9iUNdOXEQKVzbq8fC25HrXPQisq8u2jrP38 cRqzwgGHZ1bJrQa8+LPBfADZ4ZHeqlEe6IqZhS/wDSuDNCIZHtkxggKqMIICpgIBA4AU7Olc 92Oy6nkCvpv6jCj6qN8YPtUwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 DQEJEAEcMBwGCSqGSIb3DQEJBTEPFw0xOTA2MDkxNjU3NTdaMC8GCSqGSIb3DQEJBDEiBCBg ifxBsUb2E8RicFvqZB+NJEs1FOG4hFFU1bPqV2UwGzANBgkqhkiG9w0BAQEFAASCAgCApFAS 4+cYrnkMebrANXw7/TGn6Qx01p9fuOugQb6lcfE5CysIKGLJJogs0BXwHK4jTeJRdt/lutuz bACg1bakABxuCiLWMu3pKCKS94qAgElYgWru+pAxPhuslz5MwAU0qFW3KnaNq3f5wXlVQ+h2 l9spSiLhAQ+vLTLfotn6tCmUfjaaYsoNIUGg6b/2vH75QGYaXDq9YGoCrrkDbaRS4eDenSL5 S2fBTZ5VMJE/1VQY1D5CWqt2CTfzRkNkU7mkarPy6SPvguDlqKJJnFaZJmeIYbGOpDt6KxWc DLFD9+J6CH492QwlHxDtM94nK1oIaqdu9TTV94t0ToGezElOZZuVA2DVkov5DzrYQLI5GjMw 7iHXW1ewCaGF38DdOopqBYp7jcCCZpruKBWDq/uz40MzSBrffYTP/dg4//8Awvt/JomvTUoH E18Pt/G2cqdw0NqOE7YEcFpsLGfikTWmGhnrcYUkt8odDDAv/vqZRt8DLkB56waQeQw0TLit 2M3gbTSHJ1KFsBM/kqHanVapGtnClkY7hYh8DVpgJymJpupkNFs8lDNbN4C42DhQ6Oz9P2qu 8a/ybEb5gMZ3fsVLvvp6LhbJfqIvYgZO2uKXeKg3eLASD5nVY/Tuhnn2plhx+weKULGys0Ov zPKZ+N96KLerIBr3FmGByqhr3jNrBw== """, """\ MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDTALBglghkgBZQMEAgEwDQYLKoZIhvcNAQkQ AR2gggZ0MIIGcDCCBVigAwIBAgIRANa58hQvZ26svTWQaGtqo/YwDQYJKoZIhvcNAQELBQAw gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT B1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8g UlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE1MDIx MjAwMDAwMFoXDTIwMDIxMjIzNTk1OVowgZUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJn aW5pYTEPMA0GA1UEBxMGUmVzdG9uMRMwEQYDVQQKEwpJRVRGIFRydXN0MRkwFwYDVQQLExBT ZWNyZXRhcmlhdCBXZXN0MQ0wCwYDVQQDEwRJRVRGMSMwIQYJKoZIhvcNAQkBFhRpZXRmLWFj dGlvbkBpZXRmLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMUkKtMPP1RA FU6sxMezYJKCt4rw30RDieB8/P67TMhA6j8Um4a2Xo+CP9Ce1oMri2bwaaQPYWB4ciEL32za 0NUE0B0iCjZZl36hon6wW6mJw1NGD/AFxnKWzhkSWG6BHMoeOAzu/ye8sHu4Jp5nazpGptK7 30SjTS3JJFU9pHwQY6JlcmwVv0j2rsT3gj92Cbj5S+U5wCSE6+mZbCC+VPFeeI1kFITwyaIm uK9kSYHr15OXua/jrYNrHNRfqtexGKSgnUT96KkTh9TVvkMETB1WJS4WuEIP6GITvwVTp0lA qS3oNO4SM4tgFVdYqppcvZBg52kHY9y7IdR156c99zzZDBfWBduqjs/AXa0uol0EJd7qFLUs xEJ96XN3tPgR/Cwq18ec29pZQH6kO81Kato/RsQrj6A05TFx/J0MYE0R1MZqvIDUu55vlicb wT2lpXMiz1szKuvjTZRR9H/IgbKPNpt/kDUSgXLYwuKBm+nBoJXgybEyJ+A4arb60d9Uiusu UA8/h6s1rDMuTnIYMbIii4Y+KgevBWPawqk0xioilEMJ0RBaBVrDreuFlK8aYh+Jo2piruBA QnB9ZaPmEM1HPNArJxqL6XcUJTkFxNSksOATDFV5sEoBWYIe6qv2nV2r/HWDAEaa4WH2h3o/ kASarXk3SxPXmfjOOr1XgpKjAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSCr2yM+MX+lmF8 6B89K3FIXsSLwDAdBgNVHQ4EFgQU7Olc92Oy6nkCvpv6jCj6qN8YPtUwDgYDVR0PAQH/BAQD AgeAMAwGA1UdEwEB/wQCMAAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEF BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJ aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25h bmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRw Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNl Y3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w HwYDVR0RBBgwFoEUaWV0Zi1hY3Rpb25AaWV0Zi5vcmcwDQYJKoZIhvcNAQELBQADggEBAGPm QUKHxkEQ9vk69vIP68anHc8UsTv5powtLSXLqUw3rAoKAdoWkKjb7ZByHCuFiNk1BvTnhQPh LAZm5dI8dYWKp3zgWVxsCXOQv2K4XbaQpIk8KKdLycHWsOq2OD4xBdhfTQqDj9EidhxaLf4B bRUePOuWVvwNqHI6OQ9FbRllUsTsSH3XK7z9Ru/0Ub07uEzmWyrIpeFRLJUg9EqQj25pw8j7 N9ym8ItpfEQvK4Nrzt9KnGwFDaNOUjYAvejig9iUNdOXEQKVzbq8fC25HrXPQisq8u2jrP38 cRqzwgGHZ1bJrQa8+LPBfADZ4ZHeqlEe6IqZhS/wDSuDNCIZHtkxggKqMIICpgIBA4AU7Olc 92Oy6nkCvpv6jCj6qN8YPtUwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 DQEJEAEdMBwGCSqGSIb3DQEJBTEPFw0xOTA3MTQwMTMyMTdaMC8GCSqGSIb3DQEJBDEiBCAJ zK6u0RRfrSQ2ebn+GOxnbovlG3Raul/1zOOGmTaIPzANBgkqhkiG9w0BAQEFAASCAgBlKYNd euVzPDqEa13k4nQthmyJUUqjWlAVolgohXioYok8Z5BkKmkp8ANLbvkJl0hV1Al1hutTRNeF a5ZeWyS6nAWyPFKfRSNqwWLMIi1dX+rO7Vhf15Lz944ZYsqO+O2f7rjWUJmi8/uJKD7cFDiW uKkPMgvqyIMnnC3ya/sC1vU+0Feqr5JcIMs2AHQeNVe8hzN4T9Pthyax7gqbxTkg3Gyt7Mwy WLZeK84oJmkl9ANeVgzq+P/cmqUaqtfkBFDSxaTag/eoYM3QfHNisr/jHCazqCh88VMgwhvk cl6NS9hdH+aOWqQ3FE1c7VJNoQRDT7ztyKCrRJFPc4wZL8tsGkKp1lP4WcaStcbUJ65AdWPb 3CZonLY4UOBotAUpG/PObMCmWBEpr8MN0Q+kuEO2oAe9kBoFsv7MtNfyHE4CuOANRqGLRgOL 72hN8Cy0sGWYUy+2chH3i50cT8XkDV5Rz2Z5xW3SfyAuW53j2WKLFsKkZjfkZBopSJM20V4E 8pPnQQ/ByFwYPyS/xJZc24vsRxgogbrf11JU8hKVkfSsq3JXxUxe5w+Sh1XGTmO5tXDKFfyi S+VljWVifzXaR3pmTEQPhXH4nBa4K/HYytxofDP3EMli+imil2fFBbBedZkb5CIQ/Ly3soHZ dZlmZDkyeXJLpkNjRAsG6V82raZd9g== """, ) def setUp(self): self.asn1Spec = rfc5652.ContentInfo() def testDerCodec(self): oids = [ ] for pem_text in self.pem_text_list: substrate = pem.readBase64fromText(pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['contentType'] == rfc5652.id_signedData sd, rest = der_decode(asn1Object['content'], asn1Spec=rfc5652.SignedData()) assert not rest assert sd.prettyPrint() assert der_encode(sd) == asn1Object['content'] oids.append(sd['encapContentInfo']['eContentType']) assert rfc8358.id_ct_asciiTextWithCRLF in oids assert rfc8358.id_ct_pdf in oids assert rfc8358.id_ct_xml in oids suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8360.py0000664006321400632140000006715413605660325021735 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8360 try: import unittest2 as unittest except ImportError: import unittest class CertExtnsTestCase(unittest.TestCase): extns_pem_text = """\ MIJM7TCCRkUGCCsGAQUFBwEcBIJGNzCCRjMwgkXJBAIAATCCRcEDAgACMAoDAgAF AwQFBRwAMAoDBAMFHCgDAgEEMAoDAwINdAMDAg14AwMCDYwwCgMDAw2oAwMDDbAD AwIN8AMEAhcTMAMEAxcTOAMEAxdTQAMEBBdTcAMEBRdp4DAMAwQDF2poAwQDF2pw AwQEF2zQAwMAF20DBAMXbwAwDAMEBBdvEAMEBhdvADAMAwQEF29QAwQHF28AMAwD BAYXb8ADBAMXb/ADBAUX74ADBAMX+egwDAMEARf8QgMEABf8RDAMAwQAF/xHAwQA F/xIMAwDBAAX/EsDBAAX/EwDBAAX/E8DAwIYhAMEARjrFgMCABkwCwMDARtuAwQC G24QMAkDAgAfAwMAH84wDAMEAx/PCAMEAx/PMDAKAwQCH888AwIFADAJAwIAJQMD ACVuMAkDAwQlcAMCASQDBAIr4XADBAIr+6ADAwMtCAMEBS0rQAMEBS044AMEBi1B QAMDAS1CAwQHLUuAAwMELVADAwUtgAMEAi36GDAKAwIBLgMEBi6VgDAKAwQELpXQ AwIALgMDATEMAwMBMjwDAwAydzAJAwIAMwMDADNOAwMAM1AwCQMDATNSAwICMAME BTSQQAMCADUwCgMDAjYkAwMANiYDAgA5AwQCPQ7gMAoDAgE+AwQGPggAMAwDBAU+ CGADBAU+DEAwDAMEBz4MgAMEBT4YQDAMAwQHPhiAAwQGPj2AMAsDAwE+PgMEBT5E ADAMAwQGPkRAAwQFPkTAMAoDAwA+RQMDAT5wMAsDAwA+cwMEBT51ADALAwQGPnVA AwMAPoYwCwMEBz6HgAMDAD6KAwQGPowAMAwDBAc+jIADBAU+rQAwDAMEBj6tQAME Bj7BAAMEBT7BgDALAwQGPsHAAwMBPugwCwMDAD7rAwQFPvAAAwQFPvBAMAwDBAc+ 8IADBAc+8QAwDAMEBT7xoAMEBz77AAMDAj78MAwDBAE/jSIDBAE/jSQDBAQ/jgAD BAVAEMADBAVAHAADBAdAKwADBAZAQUADBAZAicADBAJA7+wDBAVA/SADBAZBEoAD BARBEtADBAVBJ0ADBAZBY4ADBAVCT2ADBARCVEADBAZCdoADBAVCzUADBAVC1GAD BAJC+MwwDAMEBUMWIAMEAkMWOAMEAEOePgMEBUPRgAMEBERGwAMEBkUGAAMEBEVe QAMEBEVecAMEBUWsYAMEBkXCQDAJAwIATQMDAk3YMAwDBAVN3CADBAdQQwAwDAME BFBDkAMEBVBHADAMAwQEUEcwAwQFUEhAMAwDBARQSHADBAVQS4AwDAMEBlBLwAME BFBWADAMAwQFUFYgAwQGUFcAMAsDBAVQV2ADAwNQUDALAwQEUFgQAwMAUF4wDAME BFBfEAMEBlDwgDALAwQEUPDQAwMBUPQwCwMEBFD2EAMDA1DwMAwDBARQ+BADBAZQ +AAwDAMEBFD4UAMEBlD5ADAMAwQEUPlQAwQFUPoAMAsDBARQ+jADAwJRADALAwQG UQRAAwMBUQgwDAMEB1EKgAMEBVEVQDAMAwQEURVwAwQGURYAMAwDBAVRFmADBARR F8AwDAMEBVEX4AMEBlEaADAMAwQEURpQAwQFUR1AMAsDBARRHXADAwJRQDALAwMD UUgDBAVRW8AwCwMEBFFb8AMDBlGAMAsDAwBRwQMEB1JlADALAwQGUmXAAwMHUgAw DAMEB1KAgAMEB1KBADALAwMBUoIDBAZSlwAwCwMEBVKXYAMDAlKYMAsDAwFSngME B1LJADALAwMBUsoDBANTjxAwCwMEBVOPIAMDAlQgMAsDAwBUJQMEBVTNQDALAwQH VM2AAwMAVOgwDAMEB1TpgAMEBVf3gDAMAwQDV/eoAwQFV/9AMAwDBAdX/4ADBARZ 0OAwCwMDAFnRAwQEWe8gMAwDBAZZ70ADBAVb4QAwDAMEAVvhIgMEAlvrADALAwQB W+sGAwMBXMgwCwMDAlzMAwQFXbNAAwQDXbNoAwQCXbN4MAwDBAdds4ADBABeGhow DAMEAl4aHAMEAF4aHjAMAwQFXhogAwQCXhooAwQAXhotMAwDBAReGjADBABeGkIw DAMEAl4aRAMEAF4aSDAMAwQBXhpKAwQCXhpQMAwDBAFeGlYDBAJeZwAwDAMEA15n CAMEBF6+wAMEBF6+8DAMAwQHXr+AAwQGX6OAMAsDBARfo9ADAwBfqDAMAwQFX6kg AwQCX7W4MAoDBAZftcADAgVAAwQFYAmAAwQEYH2QAwMAYoADAwNlOAMEAmfhyAME AmfniAMEAmfxbAMEAmf7pAMEAmf8WAMEA2glIAMEAmiZVAMEAWjoJAMEBmjpQAME Amjz2AMEAmj0CDAMAwQBa5aiAwQCa5awAwQEa6GgAwQFa7WAAwQAa79EMAkDAgBt AwMCbegwCwMEBG3sEAMDAm3wMAkDAwBt9QMCAWwwCwMDAHHLAwQGccuAAwMBdMoD BAJ9PkgDAwCAAAMDAIAHAwMAgBAwCgMDAIAnAwMBgCgDAwCALTAKAwMAgEEDAwSA QAMDAYBWAwMAgF0DAwCAYgMEB4B0gAMDAIB8AwMAgH8DAwGAgjAKAwMAgIsDAwCA jgMDAICoAwMAgLADAwGAsgMDAIDHAwMAgMwDAwCA1gMDAIDoAwMAgOoDAwCA8AMD AIDzAwMAgPYwCgMDAIELAwMBgQwDAwCBEAMDAIEUAwMBgRoDAwCBHwMDAIFDMAoD AwCBRQMDAIFGAwMAgUkDAwCBWDAKAwMBgWYDAwCBaAMDAIF9AwMAgYEDAwCBhAMD AYGOAwMAgakDAwCBrzAKAwMAgbEDAwCBsjAKAwMAgbUDAwGBuAMDAIG7AwMBgcID AwCBxwMDAIHOAwMAgdADAwGB1gMDAIHZMAoDAwCB6QMDAIHqMAoDAwSB8AMDAIHy AwMAgfcDAwCCAAMDAYIYAwMAghwDAwCCIAMDAIIlAwMAgiswCgMDAII7AwMAgjwD AwGCQgMDAIJJAwMAgksDAwGCTjAKAwMBglIDAwCCVAMDAYJYAwMBglwDAwCCYgMD AIJkAwMAgmgDAwCCcAMDAIJzAwMAgngDAwCCfQMDAIKFAwMAgogwCgMDAYKKAwMB gpQDAwCCnwMDAIKhAwQHgqSAAwMAgrQDAwCCtzAKAwMAgrkDAwCCugMDAIK8AwMA gr4DAwGCwAMDAILGAwMAgswDAwCCzgMDAYLQAwMAgt8wCgMDAILhAwMAgvQDAwCC 9gMEA4L4MDAMAwQBgvg6AwQGgvgAMAwDBAKC+EQDBAKC+GgDAwCC+wMDAIL/AwMA gwEDAwCDYQMDAINjAwMAg2YDAwCDbzAKAwMBg3IDAwGDdAMDAIOCAwMAg5gDAwGD mjAKAwMAg58DAwCDoDAKAwMCg6QDAwCDpgMDAIOpMAoDAwCDrQMDAYOwAwMAg7QD AwCDvAMDAIPNAwMAg88DAwCD0wMDAIPcAwMAg+AwCgMDAIPjAwMAg+QDAwCD5wMD AIPqAwMAg+0DAwCD9gMDAIP7AwMAg/4wCgMDBoRAAwMAhE4DAwCEkjAKAwMAhJUD AwCElgMDAISZAwMAhJswCgMDAISlAwMBhKgDAwCEqwMDAISwAwMAhLQwCgMDAIS5 AwMChLgwCgMDAITDAwMAhMQDAwCExwMDAITjMAoDAwCE5QMDA4TgAwMAhPQDAwCE /AMDAoYAAwMAhhEDAwCGEwMDAIYVAwMAhhkwCgMDAIYbAwMAhhwDAwCGHjAKAwMB hiIDAwGGJAMDAIYvAwMAhjYwCgMDAYY6AwMBhjwDAwCGTAMDAIZRAwMAhlMwCgMD AYZaAwMAhm4DAwCGdwMDAIaCAwMAhooDAwGGjjAKAwMAhpEDAwKGkAMDAIaXAwMA hpswCgMDAIadAwMAhp4DAwCGqQMDAIarAwMAhrAwCgMDAIa3AwMAhrgDAwCGvAMD AIa/AwMAhssDAwCGzjAKAwMChtQDAwCG1jAKAwMAhtsDAwCG3jAKAwMAhuEDAwKG 4AMDAIbvMAoDAwCG9QMDA4bwAwMAhvkDAwCG/wMEAodUNAMEAodUlAMDAIdaAwMA h8QDBAeIjwAwCwMEBIiQEAMDAIiQAwMAiJQwCgMDAIibAwMBiJwDBAeInoAwCgMD AIijAwMAiKQwCgMDAIipAwMAiKoDAwGIrAMDAIjHAwMAiMkDAwCIzgMDAIjhAwMB iOYDAwCI8wMDAIj/AwMAiREwCgMDAIkhAwMAiSIwCgMDAIkrAwMAiSwDAwCJLwMD AIkyMAoDAwCJNwMDAIk4AwMAiTowCgMDAok8AwMAiT4wCgMDAIlJAwMAiUoDAwCJ XQMDAIlgAwMAiWUDAwCJaQMDAIlsAwMBiXgDAwCJgQMDAImFAwMAiYoDAwCJnAMD AImjAwMAia4DAwCJvzAKAwMAicEDAwKJwAMDAYnMAwMAidADAwCJ1TAKAwMAidkD AwCJ2jAKAwMAid0DAwCJ4AMDAIniAwMAifgDAwGJ+gMDAIn9MAoDAwCKAwMDAIoE AwMAigYDAwCKDjAKAwMAihUDAwCKFjAKAwMAiiUDAwCKJgMDAYooAwMAijADAwGK PgMDAIpCAwMAikYDAwCKUQMDAIpgAwMAimQwCgMDAYpmAwMAimgDAwCKagMDAIp8 AwQDioCIMAoDAwCKgwMDAIqEAwMAioYwCgMDAIq7AwMGioADAwCKwzAKAwMBisYD AwGKyAMDAIrLMAoDAwCKzQMDAIrOMAoDAwCK1wMDAIrYMAoDAwCK3QMDAIrkMAoD AwCK5wMDAYroMAoDAwKK9AMDAIr2AwMCivgDAwCK/TAKAwMAiwEDAwCLBDAKAwMB iwYDAwCLCDAKAwMBiwoDAwGLGDAKAwMAixsDAwCLHgMDAIstAwMAiy8DAwCLMgMD AIs2AwMAizowCwMDAIs/AwQHi0AAAwMAi0IDAwGLSgMDAItPAwMAi1MwCgMDAItZ AwMAi1wwCgMDBYtgAwMAi2IDAwCLZDAKAwMAi2kDAwCLeDAKAwMBi3oDAwCLfAMD AIuAAwMAi4UDBAWLisADAwCLjQMDAIuPAwMAi5EDAwCLlQMDAIuZMAoDAwKLnAMD AIueAwMAi6ADAwCLojAKAwMCi6QDAwCLpgMDAIuuAwMBi7IDAwCLuAMDAIu/AwMA i94wCgMDAIxNAwMAjE4wCgMDAoxUAwMAjFYwCgMDAIxdAwMAjF4DAwCMYQMDAIxp AwMBjJYDAwCMpAMDAIymAwMAjLUDAwCMywMDAIznMAkDAgCNAwMBjVQwCgMDAI1X AwMBjWQDAwCNaQMDAI1sAwMAjXEDAwCNcwMDAI19AwMAjYIwCgMDAY2GAwMAjYow CgMDAI2PAwMAjZQDAwCNowMEB42kgDAKAwMAjakDAwCNrDAKAwMAja8DAwCNsAMD AI3AAwQAjcEUAwQCjcFsAwQBjcHWAwMAjcIDAwCNxAMDAY3IAwMAjcsDAwCN0DAL AwMBjeIDBAON4oADBACN4oswCwMEBI3ikAMDAI3kAwMAjecDAwCN7QMDAI3xAwMB jfQwCgMDAI35AwMAjfoDAwGN/AMDAI3/AwQDjlsIAwQDjlt4AwQDjluYAwQHjpoA AwQDjuogAwMAjvcDAwCPKQMDAI8vMAoDAwGPMgMDAY80AwMAj0EwCwMEB49cgAMD AY9cAwMAj2EDAwCPYzAKAwMAj3UDAwCPdgMDAI95AwMAj34wCgMDAI+BAwMAj4ID AwCPoTAKAwMAj6MDAwCPpAMDAI+nAwMAj6kwCgMDBI+wAwMAj7QDAwCPxAMDAI/N AwMAj9IDAwCP2QMDAY/gMAoDAwCP6QMDAI/qAwMAj+0DAwCP7wMDAI/1AwMAj/wD AwCQAgMDAJAEAwMBkBQDAwCQGAMDAJAbAwMAkCADAwCQKTAKAwMAkCsDAwCQLAME ApAwPAMDAJA2AwMBkDgwCgMDAJA/AwMBkEADAwCQTAMDAJBSMAsDAwKQVAMEB5BW AAMDAJBXAwMAkF8DAwCQYgMDAJB3AwMAkHoDAwCQfAMDAJB/AwMAkJEDAwGQpAMD AJCtMAoDAwSQsAMDAZC0AwMAkMEDAwCQyAMDAJDMAwMAkM4DBAaQ0AAwCwMEB5DQ gAMDAZDQAwMAkPgwCQMCAJEDAwCSADAKAwMBkgIDAwCSBAMDAJITAwMAkhUDAwCS MAMDAJIyAwMAkjQwCgMDAJI7AwMAkjwDAwGSQgMDAJJGAwQBkkdeAwMAkkgDAwCS SwMDAJJNAwMBklADAwCSVwMEA5JY6AMDAJJaAwMAkmEwCgMDApJkAwMAkm4DAwCS cDAKAwMAkncDAwCSeAMDAJJ8AwMAkoUDAwCSiAMDAJKMAwMBkp4wCgMDAJKhAwMA kqIDAwCSqQMDAZKsMAoDAwCSrwMDAZKwAwMAkrMDAwCSuQMDAJK8MAoDAwCSvwMD AJLCMAoDAwGS0gMDAZLUAwMAktgwCgMDAJLbAwMAktwDAwCS4DAKAwMAkuMDAwCS 5AMDAJLqAwMAkvEwCgMDAJL3AwMBkvgDAwCS+zAJAwMAkv0DAgCSAwMAkwcwCgMD ApMMAwMAkw4wCgMDAJMbAwMAkx4DAwGTIAMDAZMsAwMAkzQDAwCTNgMDAJM8MAoD AwCTQwMDAJNEAwMAk0swCgMDAJNNAwMAk04wCgMDAZNSAwMAk1QwCgMDAZNWAwMB k1gDAwCTWzAKAwMAk10DAwCTYDAKAwMBk2IDAwCTZAMDAJNmMAoDAwCTbwMDAJNw AwMAk3cDAwGTegMDAJN9AwMAk38DBAeTh4ADAwGTjjAKAwMAk5MDAwCTmAMDAJOc MAoDAwCToQMDApOgAwMAk6cwCgMDAJOrAwMBk6wDAwCTrwMDAZO0AwMAk7gDAwCT ugMDAZO8AwMAk8EDAwGTxAMDAJPJAwMAk8wDAwCT0jAKAwMAk9UDAwOT0AMDAJPc MAoDAwKT5AMDAZPsAwMAk/MwCgMDAZP6AwMAk/wDAwGUAgMDAJQGAwMAlDYDAwCU OAMEAJQ7cwMDAJQ8AwMAlD8DBAKUQDgDAwCURQMDAJRHAwQFlEzgAwMAlE8wCgMD AJRRAwMClFADAwCUWAMDAZRuMAoDAwGUdgMDApR4MAoDAwCUhwMDAJSIAwMAlIoD AwCUjAMDAJSPAwMAlJQDAwCUlwMDAJSgAwMAlKkDAwCUsAMDAJS1AwMAlLkDAwCU uzAKAwMClMQDAwCUxgMDAJTIMAoDAwCU+wMDAZT8AwMAlQADAwCVAwMDAJUbAwMA lTEDAwCVOwMDAJU+AwMAlVEDAwCVWgMDAJVtAwMAlX4wCgMDApWEAwMAlYYwCgMD AJWLAwMAlYwwCgMDAZWSAwMAlZQwCgMDAJWZAwMBlZwDAwCVqgMDAJWsMAoDAwCV sQMDAZXEMAoDAwOVyAMDAZXoMAwDBAOV6ggDBAeV6gAwCgMDAJXrAwMDlfAwCgMD AJX5AwMClfgDAwGV/gMDAJZqAwQClmvIAwMAlnADAwCWgAMEApaBCAMDAJaEAwMA lowwCgMDAJaRAwMAlpIDAwCWrwMDAJayAwMBlswwCgMDAJbVAwMAltYDAwCW2QMD AJbjAwMBluwDAwCW8QMDAJb0AwMAlvsDAwCW/jAJAwIAlwMDAJdkMAsDAwGXagME BZdqgDAMAwQGl2rAAwQEl2rgAwMAl3MDAwCXeAMDAJd/AwMAl4EDAwCXhTAKAwMA l4cDAwCXiAMDAZecAwMAl6oDAwCXrTAKAwMAl68DAwGXsAMDAJe0MAoDAwGXtgMD AJe4AwMAl7sDAwCXvTAKAwMAl9MDAwCX1DAJAwMDl9gDAgOQAwMAmEIDAwCYRwMD AJhJMAoDAwCYTQMDAJhOAwMAmFEwCgMDA5hYAwMAmFowCgMDAJhdAwMAmGADAwCY aQMDAZhyAwMAmIYDAwCYjwMDAJiWAwMAmJgDAwCZAQMDAJkFAwMAmQ8DAwCZEQMD AJkTAwMAmVgwCgMDAplcAwMAmWIDAwCZZDAKAwMCmWwDAwCZbgMDAJlwMAsDAwOa CAMEBJoIIAMEBpoIQAMDAZoOAwMAmiADAwCbBAMDAJstMAoDAwGbNgMDAJs4AwMA m0IDAwCbSQMDAJtpMAoDAwCbgwMDAZuEAwMBm4gDBAabikADAwCbjAMDAJuRAwMA m54DAwCbuQMDAJvAAwMAm8YDAwCbygMDAJvMAwMAm88wCgMDAJvRAwMAm9IDAwCb 3zAKAwMAm+MDAwCb5AMDAJvnAwMAm/UwCgMDAJv5AwMAm/oDAwCb/QMEBZv+IAMD AJwKAwMAnA4wCgMDAJwRAwMAnBIDAwCcGQMDAJwcAwMAnCMDAwCcKwMDAZwwMAoD AwCcMwMDAJw0AwMAnDYDAwCcOgMDAJw9AwMAnEMDAwCcUwMDAJxqMAoDAwGccgMD AJx0AwMAnHYDAwCchQMDAJyHAwMAnJQDAwCcljAKAwMAnRcDAwGdHDAKAwMAnVMD AwCdVAMDAJ1YAwMAnV4DAwGdYAMDAJ1jAwQDnXjgMAsDBAKdeOwDAwCdeAMDAZ18 AwMAnYEDAwCdiAMDAJ2KAwMAnYwDAwCdkDAKAwMAnZ0DAwWdgDAKAwMAnaEDAwCd pDAKAwMAnacDAwGdqDAKAwMAnasDAwGdrAMDAJ2xAwMBnbQDAwCdugMDAJ2+AwMA ncEDAwCdyAMDAJ3LAwMAneQDAwCd5wMDAZ3sAwMAnfMDAwCd9wMDAJ35AwMCniQw CgMDAJ4pAwMCnigDAwGeLjAKAwMAnjEDAwCeMgMDAJ46AwMAnjwDAwCeQAMDAZ5C AwMAnksDAwCeWgMDAJ5cAwMAnl4DAwCeYwMDAJ5mAwMAnmkwCgMDAJ5tAwMAnm4D AwCecAMDAJ53AwMCnnwDAwCegQMDAJ6DAwMAnoUDBASejBADBAaejEADAwCejwME BJ6SgDAKAwMCnpQDAwCelgMDAJ6YAwMAnpwDAwCeojAKAwMBnqYDAwGeqDAKAwMC nqwDAwGetDAKAwMBnr4DAwGexAMDAJ7YAwMAntoDAwCe3AMDAJ7fMAoDAwCe4QMD Ap7gMAoDAwGe5gMDAJ7qMAoDAwOe+AMDAJ76MAoDAwCe/wMDAJ8AMAoDAwCfBwMD AJ8IAwMAnwwDAwCfDwMDAJ8UAwMBnxYDAwCfGTAKAwMAnx0DAwWfAAMDAJ8iAwMA nyYDAwCfLgMDAZ8yAwMAnzoDAwCfPAMDAJ9FAwMAn0gDAwCfUQMDAJ9UAwMAn1YD AwGfXAMDAJ9fAwMBn2QwCgMDAJ9nAwMAn2gDAwCfawMDAJ9tAwMAn3IDBAOfdcAw DAMEAZ91ygMEBJ91wAMDAJ96AwMAn4IDAwCfhgMEBZ+HgAMDAJ+QMAoDAwGfkgMD AZ+UMAoDAwCflwMDAJ+YAwMAn5oDAwCfnAMDAJ+gAwMAn6IwCgMDAJ+nAwMAn6gD AwGfqgMDAJ+tMAoDAwCfswMDAJ+0AwMAn74wCgMDAJ/BAwMCn8ADAwCfxQMDAJ/I AwMAn80DAwCf0gMDAJ/VAwMBn9gDAwCf2wMDAJ/gAwMAn+gDAwGf7AMDAJ/vAwMA n/EDBAOf8ggDBAaf8kADBASf8uADAwGf9DAJAwMAn/0DAgWAMAoDAwCgBQMDAKAG AwMBoAgDBAKgE1wDBAKgE7QDBAOgFGADBAKgFGwDBASgFJADBAGgFNYDBACgFOUD BAGgFPgDAwCgJgMDAKAoMAoDAwKgLAMDBqAAMAoDAwGgQgMDAKBEAwMBoEYDAwCg SwMDAKBOAwMAoFADAwCgVQMDAKBcMAoDAwCgYQMDAKBkMAoDAwCgZwMDAKBoAwMA oHIDAwCgtAMEBKDKEAMDAaDSMAoDAwCg1QMDAKDWMAoDAwOg2AMDAaDcAwMAoOQD BAag50ADBACg7hUDBAKg7iQDBAKg7jQDBAGg7jwDBAKg7mADBASg7nAwCgMDAaEC AwMBoQQDAwGhCAMDAKEMAwMAoREDAwChFAMDAKEXAwMAoRsDAwChHgMDAKElMAoD AwChKQMDAKEqAwMAoTAwCgMDAqE0AwMAoTYDAwChOwMDAKE+AwMAoUMwCgMDAaFG AwMAoUoDAwChTAMDAKFOMAoDAwChUwMDAKFcMAoDAwOhaAMDAKFqMAoDAwGhbgMD AKFwAwMAoXQDAwChhgMDAKGTAwMAoZwDAwChngMDAKHKAwMAodoDAwCh5jAKAwMA ofsDAwCh/AMDAKILAwQDogzIAwMAog0DAwCiFQMDAKIXMAoDAwCiGQMDAKIaAwMA oiYDAwCiVgMDAKKFAwQHoo6AAwQBotiKAwQCotn4AwQDotpYAwQCotqwAwQDotzw MAwDBAOi3lgDBACi3loDBAKi9DQDBAKi9cwDBAKi+MQDBAKi+tgDBAOi+yADBAKi /8QDAwCjAQMDAKMDAwMAowUDAwCjCQMDAKMiMAoDAwGjPgMDAaN0AwMAo3cwCgMD AqOcAwMEo6ADAwCj8jAJAwICpAMDAKQoAwMApDAwCgMDAKQ7AwMBpDwDAwCkUQME B6RdgDAKAwMBpH4DAwSkgAMDAKSxAwMApNcDAwClTgMEBKVU0AMDAKVyAwMApcAD AwCl2gMDAKXeAwMDpggDBAemMYADAwCmVwMDAKdRMAsDBAGnVkIDAwOnUAMDAKdi AwQHp2SAAwMAp28DBAWnoAADAwCnqAMDAKesAwMAp8sDAwCn6QMDAKgBAwMAqIsD BAeolQADBAGolfgDAwCouwMEAaj1xAMDBakgAwQHqZQAAwQEqgpwAwQHqhGAMAwD BACqJcsDBACqJc4DAwCqPAMEB6plgAMEB6pmgAMEB6qFAAMDAarsAwMAqv8wCgMD BKsQAwMBqyADBAesUIADBAOsZ1gDBAOs8QAwDAMEA6zxKAMEA6zxMAMEA6zxQAME AqzxVAMEBKz/AAMEBKz/YAMEA6z/iAMEBKz/wAMEBKz/4AMEA6z/+AMEBq3UwAME Aq3WyAMEA63qgAMEBK30kAMEBq35AAMEA63/kAMEBq6MAAMEB69ugDAKAwIEsAME A7BvMDAMAwQAsG85AwQEsHOgMAwDBAOwc7gDBAewegAwCgMEBrB6wAMCALAwCgMC AbIDBASy7kAwCgMEBbLuYAMCALIDAwC06jAKAwIAuQMEArkIYDAMAwQDuQhoAwQC uRTYMAwDBAW5FOADBAO5HkAwDAMEArkeTAMEAbkm0DAMAwQCuSbUAwQCuVrwMAwD BAO5WvgDBAO5ZCAwDAMEArlkLAMEALlpBjAMAwQDuWkIAwQFuZIAMAwDBAK5kiQD BAK5qWgwDAMEBLmpcAMEBLmrwDAMAwQCuavUAwQCubAwMAwDBAO5sDgDBAS5soAw CgMEArmylAMCAbgwCgMCArwDBAe8gwAwCwMDAryEAwQEvNGAMAwDBAO80ZgDBAa8 1gAwCgMEBLzWUAMCALwwDAMEAsAFHAMEAMAFHgMEAMAFJAMEAMAFMgMEAMAFOzAM AwQAwAU9AwQAwAU+AwQAwAVhAwQAwAWOAwQAwAWRAwQAwAWiAwQAwAXvAwQAwAX+ AwQAwAwBAwQAwAwvAwQAwAw2AwQBwAxIAwQAwAxNAwQAwAxRAwQAwAxgAwQAwAxj MAwDBAbADMADBADADMIwDAMEAMAM2QMEAMAM2jAMAwQAwAznAwQAwAzoAwQAwAzr AwQAwAz3AwMAwA8wDAMEAMAQewMEAMAQpjAMAwQAwBC3AwQAwBDKAwQAwBLDMAwD BALAGhwDBATAGiAwDAMEAMAaaQMEAcAabDAMAwQAwBpvAwQAwBqAMAwDBADAGoUD BAPAGoAwDAMEAcAamgMEAcAawAMEAMAa5wMEAMAa6gMEAsAa7DAMAwQCwBx8AwQC wByAAwQAwB8OAwQAwB8XAwQBwB8aAwQAwB8fAwQAwB8oAwQAwB8+AwQAwB9mMAwD BAHAH6YDBALAH6gDBADAH9MDBADAH+cDBADAH/wwDAMEAMAhDwMEAMAhEAMEAMAh JDAMAwQAwCFXAwQEwCFgMAwDBADAIXEDBADAIXIwDAMEAcAhdgMEB8AhAAMEAcAh gjAMAwQAwCGPAwQBwCGQMAwDBADAIZMDBADAIaYwDAMEAMAhqQMEAsAhqDAMAwQE wCGwAwQAwCG2MAwDBAbAIcADBAPAIeAwDAMEAMAh6QMEBMAh4AMEAMAh/gMEAMAi EwMEAMAiMgMEAMAiawMEAMAidAMEAMAiszALAwMAwCMDBALAIxAwDAMEAMAjPwME AMAjSAMEAMAjWgMEAMAjXgMEAMAjbDAMAwQBwCOCAwQBwCOEAwQAwCOKAwQAwCOS MAwDBADAI5UDBAHAI5gDBADAI6wwDAMEAMAjtwMEAMAjwDAMAwQAwCPFAwQAwCPG MAwDBADAI80DBATAI8ADBADAI+UwDAMEBMAj8AMEAMAj9AMEAcAj9jAKAwMCwCQD AwDAJjAMAwQAwChFAwQAwChQAwQAwCjkMAwDBADAKWcDBADAKYgwDAMEAsApjAME AcApkAMEAMApkzAMAwQAwCmVAwQAwCmgAwQAwCnSAwQAwCnYAwQAwCnaAwQAwCnj AwQAwCoBMAwDBAHAKioDBATAKiADBADAKjUwDAMEAMAqPwMEAcAqQAMEAMAqVwME AMAqYQMEAMAqZAMEAMAqZjAMAwQAwCpxAwQAwCqEAwQAwCqPMAwDBALAKrQDBAHA KsgDBADAKv0wDAMEAcArogMEAsArqDAMAwQGwCvAAwQAwCvEAwQAwCvSAwQAwCvU AwQAwCvqMAsDAwLALAMEAsAsQDAMAwQAwCxHAwQAwCxaMAwDBATALPADBALALPgw DAMEAsAv9AMEAcAv+AMEAMAwHwMEAMAwawMEAMAwkQMEAMAw4AMEAMAw5wMDAMAx AwQEwDMAMAsDAwLANAMEAMA0MgMEAMA0mDAMAwQAwDSfAwQBwDSgMAwDBADANN0D BAXANMAwDAMEAMA0/QMEAMA0/jAMAwQAwDVnAwQAwDVoMAwDBADANh8DBADANjQw DAMEAcA2NgMEAMA2UAMEAMA2aAMEAMA2cTAMAwQAwDZzAwQAwDZ4AwQAwDZ6MAwD BADANn0DBADANoADBADANoQDBADANoswDAMEAMA2jQMEAcA23AMEAMA24QMEAcA2 9AMEAMA2/gMEAMA3VAMEAMA3WQMEAMA3ZQMEAMA3aQMEAMA3bQMEAMA3cwMEAMA3 gQMEAMA3hAMEAMA3vAMEAMA3wQMEAMA3xQMEAMA31AMEAMA39DAMAwQCwDocAwQC wDogMAwDBADAOikDBAHAOlgDBADAOsUDBADAOtowDAMEAcA64gMEAcA65AMEAMBA HAMEAcBALAMEAsBAZAMEAMBAfQMEAMBAyjAMAwQAwEEzAwQAwEFGMAwDBALAQVwD BADAQV4DBADAQWAwDAMEAMBBgwMEAMBBhAMEAMBBizAMAwQEwEGQAwQAwEGSAwQA wEGZMAwDBADAQbcDBAHAQcQwDAMEAMBB2wMEAMBB5AMDAMBCMAwDBADAQwMDBADA QwQDBADAQycDBADAQysDBADAQy8DBADAQzIDBADAQzQDBADAQzcDBADAQzoDBADA Q0wDBADAQ08DBADAQ1cDBADAQ14wDAMEAsBDZAMEAMBDaAMEAMBDhwMEAMBDpwME AMBDqjAMAwQAwEO9AwQAwEPQAwQAwEPaAwQBwEPcAwQAwEPfAwQAwEP5MAsDAwLA RAMEAsBEEAMEAMBEFzAMAwQAwEQfAwQCwEQwMAwDBALAREwDBALARGgwDAMEAMBE lwMEAcBEmDAMAwQAwESlAwQAwESqAwQAwESuAwQAwESwAwQAwES2AwQAwES6AwQA wETRMAwDBADARNMDBADARNgDBADARN0DBADAROADBADAROYwDAMEAcBE+gMEAMBE /AMEAMBE/jALAwMBwEYDBAPARnAwDAMEAMBGhQMEAMBGhgMEAMBGiDAMAwQCwEaM AwQFwEaAAwQDwEbAAwQAwEbyAwMAwEcwDAMEAMBJEwMEAMBJFDAMAwQBwEkiAwQA wEksAwQAwEniAwQAwEnlMAwDBAHATAYDBALATCAwDAMEAMBMewMEAMBMhDAMAwQB wEyGAwQAwEysAwQAwEywMAwDBADATPEDBADATPgDBADATQsDBAHATXIDBALATXgw DAMEAsBNhAMEAMBNigMEAcBNjAMEAcBQFDAMAwQAwFAfAwQAwFAqAwQAwFAuAwQA wFAzAwQAwFE7MAwDBADAUT0DBADAUT4DBADAUW0DBADAUXkDBADAUXsDBADAUaAw DAMEAcBRtgMEAMBRuAMEAMBRwgMEAMBR5gMEAMBR6gMEAMBSeQMEAMBSfAMEAMBS fwMEAMBSmTAMAwQAwFKdAwQAwFKeAwQAwFLWAwQBwFLcAwQAwFLxMAsDAwDAUwME AMBTZAMEAMBTZgMEAMBToAMEAMBTpQMEAMBTyAMEAMBTygMEAMBT2AMEAMBT3zAM AwQAwFPlAwQAwFPmAwQAwFQFAwQAwFQNAwQAwFQPAwQAwFQbAwQAwFQeAwQBwFQg AwQAwFQ+MAwDBADAVEsDBADAVFQDBADAVFcwDAMEAcBUWgMEAsBUYDAMAwQAwFRl AwQBwFRsMAwDBADAVH8DBADAVJwDBADAVKYDBADAVK0wDAMEBMBUsAMEBMBUwAME AMBU1AMEAcBU3DAMAwQBwFTiAwQBwFTkMAwDBADAVPUDBAPAVPADBADAVgsDBADA Vg4DBADAVhIDBADAVhkDBADAVhsDBADAVlkwDAMEAMBWfQMEB8BWAAMEAMBWhjAM AwQAwFaJAwQAwFaKAwQAwFajAwQBwFamAwQAwFapAwQAwFb+AwMAwFcDBADAWAED BADAWAQwDAMEAMBYCQMEAMBYCgMEAMBYETAMAwQAwFgXAwQAwFgYMAwDBADAWFMD BADAWFQDBADAWFYwDAMEAMBYYQMEAMBYYgMEAMBYbAMEAMBYdgMEAMBYewMEAMBY gAMEAMBYggMEAMBYhQMEAMBYxAMEAMBYzAMEAcBY7jAMAwQBwFj6AwQAwFj+AwMA wFkDBAHAW4wDBADAW7EDBADAW7oDBADAW70DBADAW78DBADAW8cDBADAW8kDBADA W9MwDAMEAcBb1gMEAcBb6DAMAwQCwFvsAwQDwFvwAwQAwFxWAwQAwFxeMAwDBAPA XGgDBADAXGoDBAHAXGwDBADAXHQwDAMEAMBcfQMEAsBciDAMAwQAwFyNAwQBwFyY MAwDBADAXJsDBADAXJwDBADAXNgDAwDAXQMEAMBeGAMEAMBeHDAMAwQAwF45AwQA wF46MAwDBADAXkMDBADAXkQDBADAXkwDBADAXk4wDAMEAMBebwMEAcBedDAMAwQC wF6cAwQCwF6gAwQAwF6sMAwDBADAXq8DBAPAXsADBADAXtQDBADAXt0DBADAXuID BADAXukDBADAXusDBADAXu8DAwDAYgMEAMBkEjAMAwQAwGQXAwQBwGQYAwQAwGQ0 AwQAwGQ9AwQAwGQ/AwQAwGROAwQCwGRgMAwDBAHAZGYDBAHAZIQwDAMEAMBkhwME AMBkjAMEAMBkkAMEAMBkmgMEAMBlAQMEAMBlBAMEAMBlCAMEAMBlCwMEAMBlHAME AMBlIgMEAMBlSzAMAwQAwGVRAwQAwGVaMAwDBADAZW8DBADAZXIDBADAZXYDBADA ZYkwDAMEAMBloQMEAMBlqAMEAMBlqgMEAMBlsDAMAwQAwGWzAwQAwGW0AwQAwGXA MAwDBADAZcUDBADAZcYDBADAZfwDBADAZgEwDAMEAcBmBgMEAMBmCDAMAwQAwGYR AwQBwGZQAwQAwGZZAwQAwGZfMAwDBAHAZpIDBAHAZrADBADAZtYDBAHAZuAwDAME AMBm4wMEAcBm5AMEAMBnAgMEAMBnBwMEAMBnDgMEAMBnFAMEAMBnFzAMAwQAwGcb AwQAwGcoMAwDBADAZ1UDBADAZ3QwDAMEAMBniQMEAsBniAMEAMBnkwMEAMBoFwME AcBoHDAMAwQAwGgjAwQBwGgkAwQAwGgpAwQAwGgwAwQAwGg1MAwDBADAaDcDBADA aDoDBADAaEgDBADAaE0DBADAaFIDBADAaIwDBADAaI4DBADAaJMDBAHAaJowDAME AMBopwMEAMBoqAMEAMBo7gMEAMBo9QMEAMBo+AMEAMBo+wMEAMBpSwMDAMBqAwQA wGsCAwQBwGsEMAwDBADAawsDBAHAawwwDAMEAMBrMwMEAMBrZAMEAMBrbgMEAMBr cjAMAwQBwGt6AwQBwGuAAwQAwGuEAwQAwGuoAwQAwGuuMAwDBADAa7EDBADAa7ID BADAa7swDAMEA8BryAMEAcBr6DAMAwQAwGvrAwQAwGvsMAwDBADAbBcDBAHAbDAw DAMEAMBsMwMEAMBsXAMEAcBsZDAMAwQAwGxrAwQAwGxsMAwDBAHAbHIDBAHAbHgw DAMEAMBsfQMEAMBsfjAMAwQHwGyAAwQAwGyuMAwDBADAbMMDBADAbNYDBADAbOoD BADAbO4wCwMDAMBtAwQAwG0sMAwDBAHAbS4DBADAbUowDAMEAsBtTAMEAsBtWDAM AwQBwG1eAwQAwG1iMAwDBALAbWQDBADAbWYwDAMEAMBtaQMEA8BtcDAMAwQAwG15 AwQBwG3wMAsDBADAbfMDAwHAbAMEAMBvIQMEAMBvJwMEAMBvLDAMAwQAwG8vAwQA wG8wAwQAwG9YAwQAwG9lMAwDBADAb2cDBADAb2gDBAHAb3wDBADAb38DBADAb/ww DAMEAcBwHgMEAMBwIAMEAMBwLQMEAMBwMQMEAMBwPTAMAwQBwHBGAwQEwHBAMAwD BAHAcGIDBADAcGQDBADAcMwDBADAcM4DBADAcNAwDAMEAMBw1QMEAMBw1gMEAMBw 9wMEAMBw/jAKAwMAwHEDAwDAdgMDAMB5MAwDBADAegEDBADAeoIwDAMEAMB6jQME AMB6kjAMAwQAwHqXAwQAwHqqAwQAwHrWMAwDBAPAetgDBADAeuowDAMEAcB67gME AMB68gMEAMB6/jAMAwQAwHwZAwQAwHwcAwQAwHwgAwQAwHwnAwQAwHwuAwQAwHxw MAwDBADAfHMDBADAfHQDBADAfJswDAMEAcB8qgMEAsB82AMEAMB86zAMAwQAwHzt AwQBwHz0MAwDBADAfPcDBADAfPgwDAMEAcB8+gMEAMB8/gMDAMB9MAwDBADAfgED BADAfkAwDAMEAMCBAQMEAcCBPAMEAMCBUAMEAMCBVwMEAMCBYgMDAMCCAwQAwIMU MAwDBADAgxkDBADAgxoDBADAg08DBADAg1kDBADAg2ADBADAg2wDBADAg4QwDAME AMCECQMEAsCECAMEAMCEIgMEAMCENQMEAMCENwMEAMCEYwMEAMCE7wMEAcCE9AME AMCE/AMEAMCFDwMEAMCFHAMEAMCFIAMEAMCFJDAMAwQAwIU1AwQDwIUwAwQAwIU6 AwQAwIVAAwQCwIVsAwQAwIV5AwQAwIWDAwQAwIX0AwMAwIYwDAMEAMCHBwMEAcCH JAMEAMCHLjAMAwQAwIczAwQBwIc0AwQAwIc/AwQAwIdCAwQAwIdEAwQAwIdSAwQA wIdkAwQAwIeBAwQAwIeFAwQAwIePMAwDBADAh5EDBADAh6gDBADAh68DBADAh7sD BADAh9sDBADAh+EwDAMEAMCH5wMEAMCH6jAMAwQAwIf9AwQAwIf+AwQAwIgHAwQA wIgJAwQBwIgSAwQAwIgXMAwDBADAiB0DBAXAiAADBAHAiCgDBADAiDEwDAMEAMCI MwMEAMCINAMEAMCIPTAMAwQAwIhHAwQAwIhmMAwDBAHAiJoDBADAiJwwDAMEAMCK AQMEAMCKCAMEAMCKVjAMAwQAwIppAwQBwIp0MAwDBADAipsDBADAip4DBADAircD BADAisADBADAiswwDAMEAsCK5AMEAMCK6AMEAMCK+AMEAMCLTgMEAcCMAgMEBsCQ ADAMAwQBwJBKAwQBwJBMAwQHwJEAAwQCwJHgAwQAwJJ1AwQAwJJ3MAwDBADAknsD BADAkn4DBADAkoQwDAMEAcCShgMEAcCSjAMEAMCSmDAMAwQAwJKjAwQAwJKqMAwD BALAkqwDBADAkrYDBADAkrkDBADAkrsDBADAksEDBADAkswwDAMEAMCS4wMEAMCS 5DAMAwQAwJLpAwQAwJLqAwQBwJLuAwQAwJLyAwQAwJMXAwQAwJMiAwQAwJMkAwQA wJMqAwQCwJNMAwQAwJONAwQAwJOWAwQAwJObAwQAwJPUMAwDBADAk9cDBAHAk9gD BADAk9sDBADAk+QDBADAk/cDBADAk/swDAMEAMCUIQMEAMCUXAMEAMCUZwMEAcCU pjAMAwQAwJSxAwQAwJS6MAwDBAbAlMADBADAlMIwDAMEAcCUxgMEAMCU2AMEAMCU 3AMEAMCVAwMEAMCVBQMEAMCVDwMEAMCVEwMEAMCVGzAMAwQAwJUdAwQBwJUgAwQA wJUjAwQAwJUpAwQAwJU5MAwDBADAlTsDBADAlTwwDAMEAMCVTQMEBMCVQAMEAMCV YgMEAMCVZAMEAMCVZgMEAcCVbjAMAwQAwJV1AwQBwJV4AwQAwJV+AwQAwJXjAwQA wJXoAwQAwJXuAwQAwJYUMAwDBAHAljoDBADAlkgwDAMEAMCWSwMEAMCWTDAMAwQB wJZOAwQAwJZUAwQAwJZZAwQAwJZcAwQAwJZeAwQAwJZoAwQAwJZqAwQAwJZ8AwQA wJaMAwQAwJaSMAwDBADAlrEDBADAlrgwDAMEAsCWvAMEAMCWvjAMAwQGwJbAAwQA wJbGMAwDBADAlssDBAHAlswDBAHAltADBADAlt8wDAMEAMCW4wMEAcCW6AMEAMCW 7gMEAMCW+AMEAMCW/AMEAMCW/gMEAMCYBgMEAMCYDgMEAMCYEQMEAcCYGgMEAMCY KgMEAMCYLDAMAwQAwJgvAwQCwJgwAwQAwJg2MAwDBADAmD0DBAbAmAADBADAmEQD BADAmFIDBADAmGIwDAMEAMCYbwMEAMCYcAMEAMCYegMEAMCYfAMEAMCYjQMEAMCY lwMEAMCYnAMEAcCYpgMEAMCYrgMEAsCYuAMEAMCY8QMEAMCY9DAMAwQAwJj9AwQA wJj+AwQBwJkCAwQAwJkNAwQBwJkSAwQAwJlZAwQAwJl0AwQAwJl/AwQAwJmZAwQA wJmmAwQAwJmoAwQAwJmrMAwDBADAma0DBADAmbYDBAHAmbwDBADAmcIDBADAmdUw DAMEAMCbAQMEAMCbBgMEAMCchAMEAMCcogMEAMCcpwMEAMCc0gMEAMCc1QMEAMCc 2QMEAMCc4wMEAMCc7wMEAMCc+DAMAwQAwJ0BAwQCwJ0AMAwDBAPAnQgDBAHAnRAD BADAnYEwDAMEAMCdpQMEAMCdrAMEAMCdrgMEAMCdsAMEAMCduQMEAMCduwMEAMCd vQMEAcCfJgMEAMCfRgMEAMCfSQMEAMCfTQMEAcCfVAMEAMCfWgMEAMCfXzAMAwQA wJ9jAwQDwJ9gAwQAwJ9pAwQBwJ9sAwQAwJ92MAwDBADAn3kDBADAn3oDBADAoAoD BADAoA8wDAMEAMCgFQMEA8CgEAMEAMCgGwMEAMCgIQMEAMCgJQMEAMCgQQMEAMCg QzAMAwQAwKBfAwQAwKBgAwQAwKBqMAwDBADAoG0DBADAoG4DBADAoHsDBADAoH4D BAHAoI4DBADAoJgDBADAoJwDBADAoKADBADAoKwwDAMEAMCgsQMEAsCgsAMEAcCg wgMEAcCg4DAMAwQAwKDnAwQBwKDoMAwDBADAoPUDBAHAoPgwDAMEAMCg+wMEAMCg /AMEAcChBgMEAcChQAMDAMCiMAwDBAXAoyADBAXAo4ADAwLApDAMAwQAwKsBAwQB wKsEMAwDBAfAq4ADBAPAq8ADBADArOgDBADArP0wDAMEAMCtAQMEAMCtBAMEA8Ct gDAMAwQGwK5AAwQAwK5EAwQBwK8OAwQEwK8gAwMAwLAwDAMEBMC7EAMEAcC7GAME AMC8CjAMAwQAwLw/AwQBwLxAAwQAwLxFAwQAwLxgAwQAwLxpAwQBwLx0MAwDBADA vHkDBADAvHoDBADAvH0DBADAvH8DBADAvIEDBADAvIQDBADAvIgDBADAvJEwDAME AMC8nQMEAMC8ngMEAMC8uwMEAMC8vTAMAwQAwLzpAwQBwLzsMAwDBAHAvPIDBADA vPgDBADAvQEDBALAvQgDBADAvQ4DBADAvRcDBADAvSkwDAMEAMC9MwMEAMC9NAME AMC9NwMEAMC9QjAMAwQAwL1FAwQAwL1GAwQAwL1JAwQAwL1MAwQAwL13AwQAwL2X AwQAwL2aAwQAwL2dAwQAwL2gMAwDBAHAvaYDBADAvaoDBAHAvcoDBADAvfsDBADA viwDBAHAvjoDBADAvkADBADAvkMDBADAvkUDBADAvl8wDAMEAMC+gQMEAMC+hDAM AwQAwL6tAwQAwL6uAwQBwL62MAwDBAHAvr4DBAHAvsAwDAMEAMC+yQMEAMC+yjAM AwQAwL7pAwQAwL7sAwQAwL7wAwQAwL7yMAwDBADAvvcDBAHAvvgDAwDAwgMEAMDD AQMEAMDDCAMEAcDDKgMEAMDDSAMEAMDDYjAMAwQAwMNpAwQAwMNqAwQAwMNuMAwD BALAw3QDBADAw3YwDAMEAcDDhgMEAMDDlDAMAwQAwMO3AwQAwMO4AwQAwMPDAwQA wMPsMAwDBADAxAEDBALAxJgDBATAxxADBADAy1ADBAHAy2wDBADAy+MwDAMEAMDO TQMEAcDOUAMEAMDOVjAMAwQBwM7eAwQAwM7iAwQAwM8OAwQAwM8fMAwDBADAz40D BADAz44DBADAz8QDBADA50MDBADA51IwDAMEAMDuAQMEAMDuCgMEAMD1mAMEAMD1 qQMEAMD14TAMAwQAwPcBAwQAwPcKMAwDBADA+z0DBAHA+0ADBADA++IDBADA++Yw CgMCAMEDBADBEdYwDAMEA8ER2AMEA8ET4DAMAwQCwRPsAwQBwSmQMAwDBALBKZQD BAbBUgAwDAMEBcFSYAMEBcFSwDAKAwMAwVMDAwDBXjAMAwQHwV+AAwQAwWwWAwQC wWwYMAwDBADBbB0DBAHBbNQwDAMEAMFs1wMEAsFs+DALAwMAwW0DBAHBbUAwDAME AsFtRAMEA8FuYDALAwQBwW5qAwMEwWADAwDBcTAMAwQFwXIgAwQFwXJAMAwDBAXB cqADBAXBcwAwDAMEB8FzgAMEBcF0AAMEBsF0gAMEBsF1ADALAwQFwXVgAwMAwXYw CwMEB8F3gAMDAcF4MAsDAwLBfAMEAMG8BjALAwQDwbwIAwMAwbwwDAMEAcG9QgME B8G9ADAMAwQAwb2BAwQAwcIAMAwDBAHBwgYDBAXBwgADBAXBwmAwDAMEAMHCgQME BcHCgDAMAwQGwcLAAwQBwd3YMAsDBADB3dsDAwDB4gMEBsHjQDAMAwQAweOBAwQF wgbAMAwDBADCBuEDBAbCCQAwDAMEAcIJQgMEAcIJUDAMAwQCwglUAwQAwiO+MAwD BAbCI8ADBAXCT0AwCwMEB8JPgAMDAMJaMAsDAwLCXAMEBcLBAAMEBsLBQDAMAwQF wsHgAwQGwsyAMAoDAwDCzQMDAMLeMAwDBAXC32ADBAXC34AwDAMEBsLfwAMEBMMY QDAMAwQDwxhYAwQGwxiAMAwDBAXDGOADBAHDJ9gwCwMEAsMn3AMDAMMqMAwDBAXD KyADBALDgAAwDAMEA8OACAMEBcOmwDALAwMAw6cDBAXDp4AwDAMEBMOnsAMEBsPK ADAMAwQFw8pgAwQDw+pwMAwDBALD6nwDBAPD6qAwDAMEAMPqqQMEAMPquDAMAwQB w+q6AwQCw+r4MAsDAwDD6wMEBcP2ADAKAwQGw/ZAAwICwAMEAMQBAzAMAwQAxAEF AwQAxAEGAwQCxAFAMAwDBADEAUUDBADEAUYDBALEAgQwDAMEAcQDQgMEA8QDQAME AMQDWwMEBcQPIAMEAsYLAAMEAMYRTQMEAMYRdTAMAwQCxhG0AwQAxhG2AwQAxhYz MAwDBADGFl0DBAHGFmAwDAMEBcYkIAMEAMYkLgMEAsYtdAMEAMYzDDAMAwQAxjOP AwQAxjOSAwQCxjQsAwQCxjccAwQDxllYAwQAxmOUAwQAxmPeAwQFxmlgMAwDBATG hVADBAHGhVQDBADGhYwDBADGhc4DBADGheIwDAMEAMaHiQMEAMaHigMEAMaHpwME AMaToDAMAwQAxpSxAwQAxpSyMAwDBAHGtJYDBAHGtJgDBADGzsUwDAMEA8bOyAME AMbOygMEB8bwgAMEAccr9gMEAccw5gMDAMc1AwQDx1jQAwQEx1sQMAwDBAPHZwgD BADHZwwDBAXH9wADBAPH9zgDBAXH+oADBADKAE0DBATLn1ADBAPLvjgDBALMCwAD AwDMEgMEAcwwIAMEAMzh2gMEAM3JNwMEAM3TUwMEAc3c2AMEAM6nIQMEAs6+3AME Bc7DIAMEBc784AMEBs9ZQAMEBc+WoAMEAs+u2AMEBc+yQAMEBs+0wAMEBM+9wDAM AwQEz+VwAwQAz+V0MAwDBAHP5XYDBADP5XgwDAMEAc/legMEB8/lAAMEAtBSSAME BtEqwAMEBdGigAMEBdHOAAMEAdHOJgMEBNHVMAMEBdH64DAMAwQA0fvDAwQB0fvE AwQB0fv8AwQH1AAAMAwDBAXUAKADBAHUCOQwDAMEA9QI6AMEANQI8DAMAwQB1Ajy AwQB1Aj8MAsDAwDUCQMEBdQMwDALAwMA1A0DBAXUFoAwDAMEBtQWwAMEBtQxADAM AwQF1DFgAwQH1DQAMAwDBAXUNKADBAbUPAAwCwMEBdQ8YAMDBtQAMAwDBAfUQIAD BATURYAwDAMEBdRFoAMEBtRVgDAMAwQF1FXgAwQF1FhAMAwDBAfUWIADBAHUXGQw DAMEA9RcaAMEB9RfADALAwQF1F+gAwMF1EAwDAMEBdRgIAMEBtRkADAMAwQF1GRg AwQF1GeAMAwDBAbUZ8ADBATUdSAwDAMEBtR1QAMEBdR6wDALAwMA1HsDBAfUgQAw CgMDAdSCAwMA1NgwDAMEB9TZgAMEBtU3ADAMAwQH1TeAAwQG1YMAMAwDBAXVg2AD BAXViEAwDAMEB9WIgAMEBtWTADAMAwQF1ZNgAwQF1ZZAAwQF1ZaAMAwDBAXVluAD BAbVmAAwDAMEBdWYYAMEBdWaADAMAwQF1ZpgAwQF1Z6AMAwDBAbVnsADBAHVnwww DAMEBNWfEAMEAtWfgDAMAwQD1Z+IAwQH1awAMAwDBAXVrKADBAXVs4AwDAMEBtWz wAMEBdW1wDALAwMB1bYDBAXVwQAwDAMEBtXBQAMEBtXUgDAKAwMA1dUDAwDV9jAM AwQF1fcgAwQH1f8AMAoDBAXV/6ADAgHUAwQB2C58AwQA2GPeAwQE2J5gAwQE2KxA AwQG2NWAAwQF2PGAMAoDAgDZAwQE2Q5AMAwDBAXZDmADBAXZFMAwDAMEBNkU8AME BNkVYDAMAwQH2RWAAwQH2R0AMAwDBATZHZADBATZHcAwCwMEBdkd4AMDAtkwMAsD AwPZOAMEBdlAQDAMAwQE2UBwAwQG2U0AMAwDBATZTVADBAbZTgAwCwMEBNlOUAMD ANl0MAsDBATZdRADAwDZijALAwMC2YwDBAPZk7AwDAMEBtmTwAMEBNmqgDALAwQF 2aqgAwMB2bAwCwMDANmzAwQE2ceAMAoDBAXZx6ADAgHYAwQC3J7EMGQEAgACMF4D BQAgAQAFMA0DBAEgAQYDBQEgAQf4MA0DBQAgAQf7AwQCIAEIAwQCIAEUMAwDBAEg ARoDBAEgAUADBAEgAUYwDAMEASABSgMEASABTAMEBCABUAMEBiADAAMDBCoAMIIG oAYIKwYBBQUHAR0EggaSMIIGjqCCBoowggaGAgEHAgEcAgIAiQICAOAwCAICAPgC AgD7AgIBBQICAR4CAgEgAgIBJgICAXcCAgF6AgICAQICAgUwCAICAhACAgIRAgIC IAICAikCAgIvAgICNQICAk4CAgJRAgICnTAIAgICpwICAqgwCAICArcCAgK5MAgC AgLFAgICxgICAsgCAgLPMAgCAgL4AgIC+QICAvwCAgL+MAgCAgMGAgIDDwICAxIw CAICAxUCAgMWMAgCAgRNAgIEsAICBLMCAgS1AgIEvTAIAgIE0gICBNMCAgTZAgIE 4AICBOUCAgTpMAgCAgTzAgIE+wICBP8CAgUKAgIFETAIAgIFEwICBR0CAgUmAgIF PjAIAgIFSAICBUkCAgYLMAgCAgZ1AgIGdgICBn8CAgaQMAgCAgarAgIGvgICBsEC AgbEMAgCAgbKAgIGywICBs0CAgbUAgIG2DAIAgIG2gICBtwCAgbfAgIG5DAIAgIG 6gICBusCAgbuAgIG8AICBvQCAgcpMAgCAgcrAgIHLQICBzEwCAICBzkCAgc6MAgC Agc9AgIHPjAIAgIHVQICB28wCAICB4ECAgeDAgIHhgICB4owCAICB48CAgejMAgC AgeoAgIHqgICB68CAgfUAgIH3DAIAgIH4AICB+EwCAICB+oCAgftAgIH9DAIAgIH 9gICB/gCAgf7AgIH/QICB/8CAggBMAgCAggJAgIIWDAIAgIIYwICCGQwCAICCH4C AgjhMAgCAgjmAgIJSQICCUwwCAICCVMCAgm4AgIJvjAIAgIJ4QICCeICAgntMAgC AgnyAgIJ8wICChIwCAICChkCAgo2AgIKUwICClcCAgp7AgIKzjAIAgIK1QICCwYw CAICCw4CAgs/AgILTwICC2UCAgtpAgIL8jAIAgIMCwICDCUCAgxPMAgCAgxSAgIM hzAIAgIMiQICDRkwCAICDVQCAg1XAgIOKAICDwMwCAICD00CAg9OAgIQNDAIAgIR NQICEU4wCAICEWkCAhFqAgIRrDAIAgIR7AICEe0CAhNuAgIT4TAIAgIVAQICFZ8w CAICFaECAhX/AgIXswICF8UCAhgYAgIYsAICGQwwCAICGgACAho4MAgCAho6AgIa 3jAIAgIa4AICGv8CAh+dMAgCAiAAAgIhSzAIAgIhTQICIkEwCAICIkMCAiOoMAgC AiOqAgIj/wICLE0CAi2MAgIvDjAIAgIwAAICMKYwCAICMKgCAjELMAgCAjENAgIz pzAIAgIzqQICM/8CAjY3MAgCAjwAAgI8JjAIAgI8KAICPHIwCAICPHQCAj1ZMAgC Aj1bAgI9uzAIAgI9vQICPdAwCAICPdICAj3ZMAgCAj3bAgI+WzAIAgI+XQICPrkw CAICPrsCAj9VMAgCAj9XAgI/mzAIAgI/nQICP/8CAkksAgJK6gICS7ACAkvHMAgC AlAAAgJQAzAIAgJQBQICUXkwCAICUXsCAlG/MAgCAlHBAgJSCjAIAgJSDAICUp8w CAICUqECAlL5MAgCAlL7AgJTFjAIAgJTGAICUx0CAlMfMAgCAlMhAgJTjjAIAgJT kAICU8swCAICU80CAlP/AgJWXAICWGMCAlibAgJayjAIAgJgAAICYJ8wCAICYKEC AmC0MAgCAmC2AgJg0zAIAgJg1QICYOAwCAICYOICAmECMAgCAmEEAgJhHjAIAgJh IAICYS0wCAICYS8CAmGaMAgCAmGcAgJiSjAIAgJiTAICYqEwCAICYqMCAmMRAgJj EzAIAgJjFQICY8YwCAICY8gCAmPfMAgCAmPhAgJj5zAIAgJj6QICY/8CAmUYMAgC AnAAAgJwCjAIAgJwDAICcBkwCAICcBsCAnDwMAgCAnDyAgJxojAIAgJxpAICcpkC AnKbMAgCAnKdAgJy8zAIAgJy9QICczYwCAICczgCAnNnMAgCAnNpAgJzgjAIAgJz hAICc60wCAICc68CAnPpMAgCAnPrAgJz/zAIAgJ4AAICeK8wCAICeLECAnkDAgJ5 BTAIAgJ5GAICeVgwCAICeVoCAnoMMAgCAnoOAgJ7gjAIAgJ7hAICe/8wCgIDAIQA AgMAi/8wCgIDAJgAAgMAm/8wCgIDAKAAAgMApY0wCgIDAKWPAgMAr/8wCgIDALgA AgMAy/8wCgIDANwAAgMA4/8wCgIDAOgAAgMA7/8wCgIDAPIAAgMA8/8wCgIDAPuM AgMA++8wCgIDAwAAAgMDNZs= """ def setUp(self): self.asn1Spec = rfc5280.Extensions() def testDerCodec(self): substrate = pem.readBase64fromText(self.extns_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate oids = [ ] for extn in asn1Object: oids.append(extn['extnID']) extn_value, rest = der_decode(extn['extnValue'], rfc5280.certificateExtensionsMap[extn['extnID']]) assert not rest assert extn_value.prettyPrint() assert der_encode(extn_value) == extn['extnValue'] assert rfc8360.id_pe_ipAddrBlocks_v2 in oids assert rfc8360.id_pe_autonomousSysIds_v2 in oids suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8398.py0000664006321400632140000000417213605660325021737 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8398 try: import unittest2 as unittest except ImportError: import unittest class EAITestCase(unittest.TestCase): pem_text = "oCAGCCsGAQUFBwgJoBQMEuiAgeW4q0BleGFtcGxlLmNvbQ==" def setUp(self): self.asn1Spec = rfc5280.GeneralName() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['otherName']['type-id'] in rfc5280.anotherNameMap.keys() assert asn1Object['otherName']['type-id'] == rfc8398.id_on_SmtpUTF8Mailbox eai, rest = der_decode(asn1Object['otherName']['value'], asn1Spec=rfc5280.anotherNameMap[asn1Object['otherName']['type-id']]) assert not rest assert eai.prettyPrint() assert der_encode(eai) == asn1Object['otherName']['value'] assert eai[0] == u'\u8001' assert eai[1] == u'\u5E2B' def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['otherName']['type-id'] == rfc8398.id_on_SmtpUTF8Mailbox assert asn1Object['otherName']['value'][0] == u'\u8001' assert asn1Object['otherName']['value'][1] == u'\u5E2B' suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8410.py0000664006321400632140000000260513605660325021717 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5208 from pyasn1_modules import rfc8410 try: import unittest2 as unittest except ImportError: import unittest class PrivateKeyTestCase(unittest.TestCase): no_pub_key_pem_text = "MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC" def setUp(self): self.asn1Spec = rfc5208.PrivateKeyInfo() def testDerCodec(self): substrate = pem.readBase64fromText(self.no_pub_key_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['privateKeyAlgorithm']['algorithm'] == rfc8410.id_Ed25519 assert asn1Object['privateKey'].isValue assert asn1Object['privateKey'].prettyPrint()[0:10] == "0x0420d4ee" assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8418.py0000664006321400632140000000246713605660325021735 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8418 try: import unittest2 as unittest except ImportError: import unittest class KeyAgreeAlgTestCase(unittest.TestCase): key_agree_alg_id_pem_text = "MBoGCyqGSIb3DQEJEAMUMAsGCWCGSAFlAwQBLQ==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.key_agree_alg_id_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8418.dhSinglePass_stdDH_hkdf_sha384_scheme assert asn1Object['parameters'].isValue assert der_encoder.encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8419.py0000664006321400632140000001022313605660325021723 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8419 try: import unittest2 as unittest except ImportError: import unittest class Ed25519TestCase(unittest.TestCase): alg_id_1_pem_text = "MAUGAytlcA==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_1_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8419.id_Ed25519 assert not asn1Object['parameters'].isValue assert der_encode(asn1Object) == substrate class Ed448TestCase(unittest.TestCase): alg_id_2_pem_text = "MAUGAytlcQ==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_2_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8419.id_Ed448 assert not asn1Object['parameters'].isValue assert der_encode(asn1Object) == substrate class SHA512TestCase(unittest.TestCase): alg_id_3_pem_text = "MAsGCWCGSAFlAwQCAw==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_3_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8419.id_sha512 assert not asn1Object['parameters'].isValue assert der_encode(asn1Object) == substrate class SHAKE256TestCase(unittest.TestCase): alg_id_4_pem_text = "MAsGCWCGSAFlAwQCDA==" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_4_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8419.id_shake256 assert not asn1Object['parameters'].isValue assert der_encode(asn1Object) == substrate class SHAKE256LENTestCase(unittest.TestCase): alg_id_5_pem_text = "MA8GCWCGSAFlAwQCEgICAgA=" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_5_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8419.id_shake256_len assert asn1Object['parameters'].isValue assert der_encode(asn1Object) == substrate param, rest = der_decode(asn1Object['parameters'], asn1Spec=rfc5280.algorithmIdentifierMap[asn1Object['algorithm']]) assert not rest assert param.prettyPrint() assert der_encode(param) == asn1Object['parameters'] assert param == 512 def testOpenTypes(self): substrate = pem.readBase64fromText(self.alg_id_5_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert asn1Object['algorithm'] == rfc8419.id_shake256_len assert asn1Object['parameters'] == 512 assert der_encode(asn1Object) == substrate suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8479.py0000664006321400632140000001045013605660325021733 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1.type import univ from pyasn1_modules import pem from pyasn1_modules import rfc4055 from pyasn1_modules import rfc5652 from pyasn1_modules import rfc5958 from pyasn1_modules import rfc8479 try: import unittest2 as unittest except ImportError: import unittest class ValidationParmTestCase(unittest.TestCase): pem_text = """\ MIIE/gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCpPwXwfhDsWA3q jN2BWg1xfDjvZDVNfgTV/b95g304Aty3z13xPXAhHZ3ROW3pgPxTj9fiq7ZMy4Ua gMpPK81v3pHX1uokC2KcGXbgbAq2Q8ClxSXgEJllRwDENufjEdV10gArt8NlIP0N lota1kQUuI1DMsqc5DTIa35Nq4j1GW+KmLtP0kCrGq9fMGwjDbPEpSp9DTquEMHJ o7kyJIjB+93ikLvBUTgbxr+jcnTLXuhA8rC8r+KXre4NPPNPRyefRcALLt/URvfA rTvFOQfi3vIjNhBZL5FdC+FVAr5QnF3r2+cuDPbnczr4/rr81kzFGWrwyAgF5FWu pFtB5IYDAgMBAAECggEAHZ88vGNsNdmRkfhWupGW4cKCuo+Y7re8Q/H2Jd/4Nin2 FKvUPuloaztiSGDbVm+vejama/Nu5FEIumNJRYMeoVJcx2DDuUxO1ZB1aIEwfMct /DWd0/JDzuCXB0Cu5GTWLhlz0zMGHXihIdQ0DtGKt++3Ncg5gy1D+cIqqJB515/z jYdZmb0Wqmz7H3DisuxvnhiCAOuNrjcDau80hpMA9TQlb+XKNGHIBgKpJe6lnB0P MsS/AjDiDoEpP9GG9mv9+96rAga4Nos6avYlwWwbC6d+hHIWvWEWsmrDfcJlm2gN tjvG8omj00t5dAt7qGhfOoNDGr5tvJVo/g96O/0I8QKBgQDdzytVRulo9aKVdAYW /Nj04thtnRaqsTyFH+7ibEVwNIUuld/Bp6NnuGrY+K1siX8+zA9f8mKxuXXV9KK4 O89Ypw9js2BxM7VYO9Gmp6e1RY3Rrd8w7pG7/KqoPWXkuixTay9eybrJMWu3TT36 q7NheNmBHqcFmSQQuUwEmvp3MQKBgQDDVaisMJkc/sIyQh3XrlfzmMLK+GlPDucD w5e50fHl8Q5PmTcP20zVLhTevffCqeItSyeAno94Xdzc9vZ/rt69410kJEHyBO9L CmhtYz94wvSdRhbqf4VzAl2WU184sIYiIZDGsnGScgIYvo6v6mITjRhc8AMdYoPR rL6xp6frcwKBgFi1+avCj6mFzD+fxqu89nyCmXLFiAI+nmjTy7PM/7yPlNB76qDG Dil2bW1Xj+y/1R9ld6S1CVnxRbqLe+TZLuVS82m5nRHJT3b5fbD8jquGJOE+e+xT DgA0XoCpBa6D8yRt0uVDIyxCUsVd5DL0JusN7VehzcUEaZMyuL+CyDeRAoGBAImB qH6mq3Kc6Komnwlw4ttJ436sxr1vuTKOIyYdZBNB0Zg5PGi+MWU0zl5LDroLi3vl FwbVGBxcvxkSBU63FHhKMQw7Ne0gii+iQQcYQdtKKpb4ezNS1+exd55WTIcExTgL tvYZMhgsh8tRgfLWpXor7kWmdBrgeflFiOxZIL1/AoGAeBP7sdE+gzsh8jqFnVRj 7nOg+YllJAlWsf7cTH4pLIy2Eo9D+cNjhL9LK6RaAd7PSZ1adm8HfaROA2cfCm84 RI4c7Ue0G+N6LZiFvC0Bfi5SaPVAExXOty8UqjOCoZavSaXBPuNcTXZuzswcgbxI G5/kaJNHoEcdlVsPsYWKRNKgPzA9BgorBgEEAZIIEggBMS8wLQYJYIZIAWUDBAIC BCCK9DKMh7687DHjA7j1U37/y2qR2UcITZmjaYI7NvAUYg== """ def setUp(self): self.asn1Spec = rfc5958.OneAsymmetricKey() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr in asn1Object['attributes']: assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() if attr['attrType'] == rfc8479.id_attr_validation_parameters: av, rest = der_decode(attr['attrValues'][0], asn1Spec=rfc5652.cmsAttributesMap[attr['attrType']]) assert not rest assert av.prettyPrint() assert der_encode(av) == attr['attrValues'][0] assert av['hashAlg'] == rfc4055.id_sha384 seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462') assert av['seed'] == seed def testOpenTypes(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for attr in asn1Object['attributes']: assert attr['attrType'] in rfc5652.cmsAttributesMap.keys() if attr['attrType'] == rfc8479.id_attr_validation_parameters: av = attr['attrValues'][0] assert av['hashAlg'] == rfc4055.id_sha384 seed = univ.OctetString(hexValue='8af4328c87bebcec31e303b8f5537effcb6a91d947084d99a369823b36f01462') assert av['seed'] == seed suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8494.py0000664006321400632140000000334113605660325021731 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc8494 try: import unittest2 as unittest except ImportError: import unittest class CompresssedDataTestCase(unittest.TestCase): pem_text = """\ MIIBNqADAgEAMIIBLaADAgEZoIIBJASCASB4nG2P0U7CQBBF3/cr5l2K3YpSF5YA bYmbWArtQsJjKVuogd1mO0T8e0ti1IjJZB4md07OHZbWnMbqkp/qo+oW5jSCWDqL VCSpkBveg2kSbrg/FTIWcQRpJPlLmGYQzdci5MvlA+3Rx2cyREO/KVrhCOaJFLMN n03E6yqNIEmDheS2LHzPG0zNdqw0dn89XAnev4RsFQRRlnW+SITMWmMGf72JNAyk oXCj0mnPHtzwSZijYuD1YVJb8FzaB/rE2n3nUtcl2Xn7pgpkkAOqBsm1vrNWtqmM ZkC7LgmMxraFgx91y0F1wfv6mFd6AMUht41CfsbS8X9yNtdNqayjdGF2ld4z8LcV EiIPVQPtvBuLBxjW5qx3TbXXo6vHJ1OhhLY= """ def setUp(self): self.asn1Spec = rfc8494.CompressedData() def testDerCodec(self): substrate = pem.readBase64fromText(self.pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['compressionAlgorithm']['algorithmID-ShortForm'] == 0 cci = asn1Object['compressedContentInfo'] assert cci['unnamed']['contentType-ShortForm'] == 25 assert cci['compressedContent'].prettyPrint()[:12] == '0x789c6d8fd1' suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8520.py0000664006321400632140000001117313605660325021721 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Created by Russ Housley # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8520 try: import unittest2 as unittest except ImportError: import unittest class MUDCertTestCase(unittest.TestCase): mud_cert_pem_text = """\ MIIFODCCAyCgAwIBAgICEEAwDQYJKoZIhvcNAQELBQAwZTELMAkGA1UEBhMCQ0gx DzANBgNVBAgMBlp1cmljaDERMA8GA1UEBwwIV2V0emlrb24xEDAOBgNVBAoMB0lt UmlnaHQxIDAeBgNVBAMMF0ltUmlnaHQgVGVzdCA4MDIuMUFSIENBMB4XDTE5MDUw MTE4MDMyMVoXDTE5MDUzMTE4MDMyMVowZzELMAkGA1UEBhMCQ0gxEzARBgNVBAgM ClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEg MB4GA1UEAwwXTGlnaHRidWxiMjAwMCwgU04jMjAyMDIwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCzntv6tCdkZWPUx+CK9A9PCgKF8zGCJwdU4eIjo0oe A81i7iltOPnU416GJMEc2jGhlZPn2Rjjy8tPbyh1RVBfkgdq4UPWPnZPb+Gkq1c8 X8zLRrMSWKqkSGOPENieDuQpzcrkMfj7dCPcxTcJ5Gluv1jEI7bxoZOZXjNxaFXi vsaZWFub7b+5zDLWpvmpKDaeCU+gad7rWpRE/Hjh3FX8paW8KE/hMF/au4xX2Qj/ rDwHSxgs3n8FtuFUELotSgL3Acy3aISmJILBx6XrSs3nLruZzamulwWupSryHo3L U+GsOETiXwxiyrfOZo3aJNnWzlEvrYCQGyqd8Nd/XOENAgMBAAGjge8wgewwCQYD VR0TBAIwADBABggrBgEFBQcBGQQ0FjJodHRwczovL3d3dy5vZmNvdXJzZWltcmln aHQuY29tL0x1bWluYWlyZV8xNTAuanNvbjBdBggrBgEFBQcBHgRRME8xCzAJBgNV BAYTAkNIMSswKQYJKoZIhvcNAQkBFhxhc2NlcnRpYUBvZmNvdXJzZWltcmlnaHQu Y29tMRMwEQYDVQQDEwpFbGlvdCBMZWFyMB0GA1UdDgQWBBS00spi6cRFdqz95TQI 9AuPn5/DRjAfBgNVHSMEGDAWgBREKvrASIa7JJ41mQWDkJ06rXTCtTANBgkqhkiG 9w0BAQsFAAOCAgEAiS4OlazkDpgR4qhrq5Wpx6m3Bmkk5RkXnqey1yyhyfZlAGH7 ewQiybkF3nN6at/TcNWMRfGBLhRrQn1h75KEXKlc18RDorj72/bvkbJLoBmA43Mv xMF0w4YX8pQwzb4hSt04p79P2RVVYM3ex/vdok0KkouhLTlxzY7vhv1T8WGTVQHJ k2EyswS2nFa/OtIkwruXqJj+lotdV2yPgFav5j9lkw5VbOztlfSKT7qQInVm+VBI /qddz/LOYrls1A7KHzWkTvOwmvQBqI4e9xLjc3r8K4pZyMd7EsmepYmLOU+pfINf /sEjliCluR65mKcKGiUa5J31pzbVpCr6FM/NGEjqpp6F+slyNC8YM/UlaJK1W9ZI W7JAhmfil5z1CtQILFSnUh4VneTVOaYg6+gXr169fXUDlMM4ECnuqWAE2PLhfhI8 +lY8u18rFiX0bNSiUySgxU3asCC92xNmvJHuL4QwiYaGtTne36NMN7dH/32nMKl+ G3XA8cX8yZIrIkmWLBSji8UwOXwVhYovmbhHjaUMTQommxYv/Cuqi5nJUJfh5YJr APeEK6fTYpPMiZ6U1++qzZDp78MRAq7UQbluJHh8ujPuK6kQmSLXmvK5yGpnJ+Cw izaUuU1EEwgOMELjeFL62Ssvq8X+x6hZFCLygI7GNeitlblNhCXhFFurqMs= """ def setUp(self): self.asn1Spec = rfc5280.Certificate() def testDerCodec(self): substrate = pem.readBase64fromText(self.mud_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate extn_list = [ ] for extn in asn1Object['tbsCertificate']['extensions']: extn_list.append(extn['extnID']) if extn['extnID'] == rfc8520.id_pe_mudsigner: mudsigner, rest = der_decode(extn['extnValue'], rfc8520.MUDsignerSyntax()) assert der_encode(mudsigner) == extn['extnValue'] c = rfc5280.X520countryName(value="CH") assert mudsigner[0][0][0]['value'] == der_encode(c) e = rfc5280.EmailAddress(value="ascertia@ofcourseimright.com") assert mudsigner[0][1][0]['value'] == der_encode(e) cn = rfc5280.X520CommonName() cn['printableString'] = "Eliot Lear" assert mudsigner[0][2][0]['value'] == der_encode(cn) if extn['extnID'] == rfc8520.id_pe_mud_url: mudurl, rest = der_decode(extn['extnValue'], rfc8520.MUDURLSyntax()) assert der_encode(mudurl) == extn['extnValue'] assert mudurl[-5:] == ".json" assert rfc8520.id_pe_mudsigner in extn_list assert rfc8520.id_pe_mud_url in extn_list def testExtensionsMap(self): substrate = pem.readBase64fromText(self.mud_cert_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate for extn in asn1Object['tbsCertificate']['extensions']: if extn['extnID'] in rfc5280.certificateExtensionsMap.keys(): extnValue, rest = der_decode(extn['extnValue'], asn1Spec=rfc5280.certificateExtensionsMap[extn['extnID']]) assert der_encode(extnValue) == extn['extnValue'] suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8619.py0000664006321400632140000000443513605660325021735 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der import decoder as der_decoder from pyasn1.codec.der import encoder as der_encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8619 try: import unittest2 as unittest except ImportError: import unittest class HKDFSHA256TestCase(unittest.TestCase): alg_id_1_pem_text = "MA0GCyqGSIb3DQEJEAMc" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_1_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert asn1Object['algorithm'] == rfc8619.id_alg_hkdf_with_sha256 class HKDFSHA384TestCase(unittest.TestCase): alg_id_1_pem_text = "MA0GCyqGSIb3DQEJEAMd" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_1_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert asn1Object['algorithm'] == rfc8619.id_alg_hkdf_with_sha384 class HKDFSHA512TestCase(unittest.TestCase): alg_id_1_pem_text = "MA0GCyqGSIb3DQEJEAMe" def setUp(self): self.asn1Spec = rfc5280.AlgorithmIdentifier() def testDerCodec(self): substrate = pem.readBase64fromText(self.alg_id_1_pem_text) asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encoder.encode(asn1Object) == substrate assert asn1Object['algorithm'] == rfc8619.id_alg_hkdf_with_sha512 suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tests/test_rfc8649.py0000664006321400632140000000374013605660325021736 0ustar ietingofietingof00000000000000# # This file is part of pyasn1-modules software. # # Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # import sys from pyasn1.codec.der.decoder import decode as der_decode from pyasn1.codec.der.encoder import encode as der_encode from pyasn1_modules import pem from pyasn1_modules import rfc4055 from pyasn1_modules import rfc5280 from pyasn1_modules import rfc8649 try: import unittest2 as unittest except ImportError: import unittest class RootCertificateExtnTestCase(unittest.TestCase): extn_pem_text = """\ MGEGCisGAQQBg5IbAgEEUzBRMA0GCWCGSAFlAwQCAwUABEBxId+rK+WVDLOda2Yk FFRbqQAztXhs91j/RxHjYJIv/3gleQg3Qix/yQy2rIg3xysjCvHWw8AuYOGVh/sL GANG """ def setUp(self): self.asn1Spec = rfc5280.Extension() def testDerCodec(self): substrate = pem.readBase64fromText(self.extn_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object.prettyPrint() assert der_encode(asn1Object) == substrate assert asn1Object['extnID'] == rfc8649.id_ce_hashOfRootKey hashed_root_key, rest = der_decode(asn1Object['extnValue'], rfc8649.HashedRootKey()) assert not rest assert hashed_root_key.prettyPrint() assert der_encode(hashed_root_key) == asn1Object['extnValue'] assert hashed_root_key['hashAlg']['algorithm'] == rfc4055.id_sha512 def testExtensionsMap(self): substrate = pem.readBase64fromText(self.extn_pem_text) asn1Object, rest = der_decode(substrate, asn1Spec=self.asn1Spec) assert not rest assert asn1Object['extnID'] == rfc8649.id_ce_hashOfRootKey assert asn1Object['extnID'] in rfc5280.certificateExtensionsMap.keys() suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__]) if __name__ == '__main__': import sys result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(not result.wasSuccessful()) pyasn1-modules-0.2.8/tools/0000775006321400632140000000000013605660531017211 5ustar ietingofietingof00000000000000pyasn1-modules-0.2.8/tools/cmcdump.py0000755006321400632140000000335013551772550021222 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # Read CMC certificate request with wrappers on stdin, parse each into # plain text, then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc5652 from pyasn1_modules import rfc6402 if len(sys.argv) != 1: print("""Usage: $ cat cmc_request.pem | %s""" % (sys.argv[0],)) sys.exit(-1) reqCnt = 0 substrate = pem.readBase64FromFile(sys.stdin) _, rest = decoder.decode(substrate, asn1Spec=rfc5652.ContentInfo()) assert not rest next_layer = rfc5652.id_ct_contentInfo data = substrate while next_layer: if next_layer == rfc5652.id_ct_contentInfo: layer, rest = decoder.decode(data, asn1Spec=rfc5652.ContentInfo()) assert encoder.encode(layer) == data, 'wrapper recode fails' assert not rest print(" * New layer (wrapper):") print(layer.prettyPrint()) next_layer = layer['contentType'] data = layer['content'] elif next_layer == rfc5652.id_signedData: layer, rest = decoder.decode(data, asn1Spec=rfc5652.SignedData()) assert encoder.encode(layer) == data, 'wrapper recode fails' assert not rest print(" * New layer (wrapper):") print(layer.prettyPrint()) next_layer = layer['encapContentInfo']['eContentType'] data = layer['encapContentInfo']['eContent'] elif next_layer == rfc6402.id_cct_PKIData: layer, rest = decoder.decode(data, asn1Spec=rfc6402.PKIData()) assert encoder.encode(layer) == data, 'pkidata recode fails' assert not rest print(" * New layer (pkidata):") print(layer.prettyPrint()) next_layer = None data = None pyasn1-modules-0.2.8/tools/cmpdump.py0000755006321400632140000000164413551772550021243 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM CMP message on stdin, parse into # plain text, then build substrate from it # import sys from pyasn1 import debug from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc4210 if len(sys.argv) == 2 and sys.argv[1] == '-d': debug.setLogger(debug.Debug('all')) elif len(sys.argv) != 1: print("""Usage: $ cat cmp.pem | %s [-d]""" % sys.argv[0]) sys.exit(-1) pkiMessage = rfc4210.PKIMessage() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) pkiMsg, rest = decoder.decode(substrate, asn1Spec=pkiMessage) print(pkiMsg.prettyPrint()) assert encoder.encode(pkiMsg) == substrate, 'CMP message recode fails' pyasn1-modules-0.2.8/tools/crldump.py0000755006321400632140000000207613551772550021244 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read X.509 CRL on stdin, print them pretty and encode back into # original wire format. # CRL can be generated with "openssl openssl ca -gencrl ..." commands. # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2459 if len(sys.argv) != 1: print("""Usage: $ cat crl.pem | %s""" % sys.argv[0]) sys.exit(-1) asn1Spec = rfc2459.CertificateList() cnt = 0 while True: idx, substrate = pem.readPemBlocksFromFile(sys.stdin, ('-----BEGIN X509 CRL-----', '-----END X509 CRL-----')) if not substrate: break key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) if rest: substrate = substrate[:-len(rest)] print(key.prettyPrint()) assert encoder.encode(key) == substrate, 'pkcs8 recode fails' cnt += 1 print('*** %s CRL(s) re/serialized' % cnt) pyasn1-modules-0.2.8/tools/crmfdump.py0000755006321400632140000000144113551772550021406 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM X.509 CRMF request on stdin, parse into # plain text, then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2511 if len(sys.argv) != 1: print("""Usage: $ cat crmf.pem | %s""" % sys.argv[0]) sys.exit(-1) certReq = rfc2511.CertReqMessages() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) cr, rest = decoder.decode(substrate, asn1Spec=certReq) print(cr.prettyPrint()) assert encoder.encode(cr) == substrate, 'crmf recode fails' pyasn1-modules-0.2.8/tools/ocspclient.py0000755006321400632140000001242113551772550021734 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # import hashlib import sys try: import urllib2 except ImportError: import urllib.request as urllib2 from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1.type import univ from pyasn1_modules import rfc2560 from pyasn1_modules import rfc2459 from pyasn1_modules import pem sha1oid = univ.ObjectIdentifier((1, 3, 14, 3, 2, 26)) # noinspection PyClassHasNoInit class ValueOnlyBitStringEncoder(encoder.encoder.BitStringEncoder): # These methods just do not encode tag and length fields of TLV def encodeTag(self, *args): return '' def encodeLength(self, *args): return '' def encodeValue(*args): substrate, isConstructed = encoder.encoder.BitStringEncoder.encodeValue(*args) # OCSP-specific hack follows: cut off the "unused bit count" # encoded bit-string value. return substrate[1:], isConstructed def __call__(self, bitStringValue): return self.encode(None, bitStringValue, defMode=True, maxChunkSize=0) valueOnlyBitStringEncoder = ValueOnlyBitStringEncoder() # noinspection PyShadowingNames def mkOcspRequest(issuerCert, userCert): issuerTbsCertificate = issuerCert.getComponentByName('tbsCertificate') issuerSubject = issuerTbsCertificate.getComponentByName('subject') userTbsCertificate = userCert.getComponentByName('tbsCertificate') userIssuer = userTbsCertificate.getComponentByName('issuer') assert issuerSubject == userIssuer, '%s\n%s' % ( issuerSubject.prettyPrint(), userIssuer.prettyPrint() ) userIssuerHash = hashlib.sha1( encoder.encode(userIssuer) ).digest() issuerSubjectPublicKey = issuerTbsCertificate.getComponentByName('subjectPublicKeyInfo').getComponentByName( 'subjectPublicKey') issuerKeyHash = hashlib.sha1( valueOnlyBitStringEncoder(issuerSubjectPublicKey) ).digest() userSerialNumber = userTbsCertificate.getComponentByName('serialNumber') # Build request object request = rfc2560.Request() reqCert = request.setComponentByName('reqCert').getComponentByName('reqCert') hashAlgorithm = reqCert.setComponentByName('hashAlgorithm').getComponentByName('hashAlgorithm') hashAlgorithm.setComponentByName('algorithm', sha1oid) reqCert.setComponentByName('issuerNameHash', userIssuerHash) reqCert.setComponentByName('issuerKeyHash', issuerKeyHash) reqCert.setComponentByName('serialNumber', userSerialNumber) ocspRequest = rfc2560.OCSPRequest() tbsRequest = ocspRequest.setComponentByName('tbsRequest').getComponentByName('tbsRequest') tbsRequest.setComponentByName('version', 'v1') requestList = tbsRequest.setComponentByName('requestList').getComponentByName('requestList') requestList.setComponentByPosition(0, request) return ocspRequest def parseOcspResponse(ocspResponse): responseStatus = ocspResponse.getComponentByName('responseStatus') assert responseStatus == rfc2560.OCSPResponseStatus('successful'), responseStatus.prettyPrint() responseBytes = ocspResponse.getComponentByName('responseBytes') responseType = responseBytes.getComponentByName('responseType') assert responseType == rfc2560.id_pkix_ocsp_basic, responseType.prettyPrint() response = responseBytes.getComponentByName('response') basicOCSPResponse, _ = decoder.decode( response, asn1Spec=rfc2560.BasicOCSPResponse() ) tbsResponseData = basicOCSPResponse.getComponentByName('tbsResponseData') response0 = tbsResponseData.getComponentByName('responses').getComponentByPosition(0) return ( tbsResponseData.getComponentByName('producedAt'), response0.getComponentByName('certID'), response0.getComponentByName('certStatus').getName(), response0.getComponentByName('thisUpdate') ) if len(sys.argv) != 2: print("""Usage: $ cat CACertificate.pem userCertificate.pem | %s """ % sys.argv[0]) sys.exit(-1) else: ocspUrl = sys.argv[1] # Parse CA and user certificates issuerCert, _ = decoder.decode( pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') )[1], asn1Spec=rfc2459.Certificate() ) # noinspection PyRedeclaration userCert, _ = decoder.decode( pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') )[1], asn1Spec=rfc2459.Certificate() ) # Build OCSP request ocspReq = mkOcspRequest(issuerCert, userCert) # Use HTTP POST to get response (see Appendix A of RFC 2560) # In case you need proxies, set the http_proxy env variable httpReq = urllib2.Request( ocspUrl, encoder.encode(ocspReq), {'Content-Type': 'application/ocsp-request'} ) httpRsp = urllib2.urlopen(httpReq).read() # Process OCSP response # noinspection PyRedeclaration ocspRsp, _ = decoder.decode(httpRsp, asn1Spec=rfc2560.OCSPResponse()) producedAt, certId, certStatus, thisUpdate = parseOcspResponse(ocspRsp) print('Certificate ID %s is %s at %s till %s\n' % (certId.getComponentByName('serialNumber'), certStatus, producedAt, thisUpdate)) pyasn1-modules-0.2.8/tools/ocspreqdump.py0000755006321400632140000000145513551772550022140 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM X.509 CRMF request on stdin, parse into # plain text, then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2560 if len(sys.argv) != 1: print("""Usage: $ cat ocsp-request.pem | %s""" % sys.argv[0]) sys.exit(-1) ocspReq = rfc2560.OCSPRequest() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) cr, rest = decoder.decode(substrate, asn1Spec=ocspReq) print(cr.prettyPrint()) assert encoder.encode(cr) == substrate, 'OCSP request recode fails' pyasn1-modules-0.2.8/tools/ocsprspdump.py0000755006321400632140000000145213551772550022152 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM OCSP response on stdin, parse into # plain text, then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2560 if len(sys.argv) != 1: print("""Usage: $ cat ocsp-response.pem | %s""" % sys.argv[0]) sys.exit(-1) ocspReq = rfc2560.OCSPResponse() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) cr, rest = decoder.decode(substrate, asn1Spec=ocspReq) print(cr.prettyPrint()) assert encoder.encode(cr) == substrate, 'OCSP request recode fails' pyasn1-modules-0.2.8/tools/pkcs10dump.py0000755006321400632140000000221513551772550021560 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM X.509 certificate requests (PKCS#10 format) on stdin, # parse each into plain text, then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2314 if len(sys.argv) != 1: print("""Usage: $ cat certificateRequest.pem | %s""" % sys.argv[0]) sys.exit(-1) certType = rfc2314.CertificationRequest() certCnt = 0 while True: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE REQUEST-----', '-----END CERTIFICATE REQUEST-----') ) if not substrate: break cert, rest = decoder.decode(substrate, asn1Spec=certType) if rest: substrate = substrate[:-len(rest)] print(cert.prettyPrint()) assert encoder.encode(cert) == substrate, 'cert recode fails' certCnt += 1 print('*** %s PEM certificate request(s) de/serialized' % certCnt) pyasn1-modules-0.2.8/tools/pkcs1dump.py0000755006321400632140000000257013551772550021504 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read unencrypted PKCS#1/PKIX-compliant, PEM&DER encoded private keys on # stdin, print them pretty and encode back into original wire format. # Private keys can be generated with "openssl genrsa|gendsa" commands. # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2437 from pyasn1_modules import rfc2459 if len(sys.argv) != 1: print("""Usage: $ cat rsakey.pem | %s""" % sys.argv[0]) sys.exit(-1) cnt = 0 while True: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN RSA PRIVATE KEY-----', '-----END RSA PRIVATE KEY-----'), ('-----BEGIN DSA PRIVATE KEY-----', '-----END DSA PRIVATE KEY-----') ) if not substrate: break if idx == 0: asn1Spec = rfc2437.RSAPrivateKey() elif idx == 1: asn1Spec = rfc2459.DSAPrivateKey() else: break key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) if rest: substrate = substrate[:-len(rest)] print(key.prettyPrint()) assert encoder.encode(key) == substrate, 'pkcs8 recode fails' cnt += 1 print('*** %s key(s) re/serialized' % cnt) pyasn1-modules-0.2.8/tools/pkcs7dump.py0000755006321400632140000000275013551772550021512 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM PKCS#7 on stdin, parse it into plain text, # then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2315 if len(sys.argv) != 1: print("""Usage: $ cat pkcs7Certificate.pem | %s""" % sys.argv[0]) sys.exit(-1) idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN PKCS7-----', '-----END PKCS7-----') ) assert substrate, 'bad PKCS7 data on input' contentInfo, rest = decoder.decode(substrate, asn1Spec=rfc2315.ContentInfo()) if rest: substrate = substrate[:-len(rest)] print(contentInfo.prettyPrint()) assert encoder.encode(contentInfo) == substrate, 're-encode fails' contentType = contentInfo.getComponentByName('contentType') contentInfoMap = { (1, 2, 840, 113549, 1, 7, 1): rfc2315.Data(), (1, 2, 840, 113549, 1, 7, 2): rfc2315.SignedData(), (1, 2, 840, 113549, 1, 7, 3): rfc2315.EnvelopedData(), (1, 2, 840, 113549, 1, 7, 4): rfc2315.SignedAndEnvelopedData(), (1, 2, 840, 113549, 1, 7, 5): rfc2315.DigestedData(), (1, 2, 840, 113549, 1, 7, 6): rfc2315.EncryptedData() } content, _ = decoder.decode( contentInfo.getComponentByName('content'), asn1Spec=contentInfoMap[contentType] ) print(content.prettyPrint()) pyasn1-modules-0.2.8/tools/pkcs8dump.py0000755006321400632140000000244513551772550021514 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read bunch of ASN.1/PEM plain/encrypted private keys in PKCS#8 # format on stdin, parse each into plain text, then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc5208 if len(sys.argv) != 1: print("""Usage: $ cat pkcs8key.pem | %s""" % sys.argv[0]) sys.exit(-1) cnt = 0 while True: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN PRIVATE KEY-----', '-----END PRIVATE KEY-----'), ('-----BEGIN ENCRYPTED PRIVATE KEY-----', '-----END ENCRYPTED PRIVATE KEY-----') ) if not substrate: break if idx == 0: asn1Spec = rfc5208.PrivateKeyInfo() elif idx == 1: asn1Spec = rfc5208.EncryptedPrivateKeyInfo() else: break key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) if rest: substrate = substrate[:-len(rest)] print(key.prettyPrint()) assert encoder.encode(key) == substrate, 'pkcs8 recode fails' cnt += 1 print('*** %s PKCS#8 key(s) de/serialized' % cnt) pyasn1-modules-0.2.8/tools/snmpget.py0000755006321400632140000000265213551772550021253 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Generate SNMPGET request, parse response # import socket import sys from pyasn1.codec.ber import decoder from pyasn1.codec.ber import encoder from pyasn1_modules import rfc1157 if len(sys.argv) != 4: print("""Usage: $ %s """ % sys.argv[0]) sys.exit(-1) msg = rfc1157.Message() msg.setComponentByPosition(0) msg.setComponentByPosition(1, sys.argv[1]) # pdu pdus = msg.setComponentByPosition(2).getComponentByPosition(2) pdu = pdus.setComponentByPosition(0).getComponentByPosition(0) pdu.setComponentByPosition(0, 123) pdu.setComponentByPosition(1, 0) pdu.setComponentByPosition(2, 0) vbl = pdu.setComponentByPosition(3).getComponentByPosition(3) vb = vbl.setComponentByPosition(0).getComponentByPosition(0) vb.setComponentByPosition(0, sys.argv[3]) v = vb.setComponentByPosition(1).getComponentByPosition(1).setComponentByPosition(0).getComponentByPosition(0).setComponentByPosition(3).getComponentByPosition(3) print('sending: %s' % msg.prettyPrint()) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.sendto(encoder.encode(msg), (sys.argv[2], 161)) substrate, _ = sock.recvfrom(2048) # noinspection PyRedeclaration rMsg, _ = decoder.decode(substrate, asn1Spec=msg) print('received: %s' % rMsg.prettyPrint()) pyasn1-modules-0.2.8/tools/x509dump-rfc5280.py0000755006321400632140000000230413551772550022252 0ustar ietingofietingof00000000000000#!/usr/bin/env python # coding: utf-8 # # This file is part of pyasn1-modules software. # # Created by Stanisław Pitucha with asn1ate tool. # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM X.509 certificates on stdin, parse each into plain text, # then build substrate from it (using RFC5280) # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc5280 if len(sys.argv) != 1: print("""Usage: $ cat CACertificate.pem | %s $ cat userCertificate.pem | %s""" % (sys.argv[0], sys.argv[0])) sys.exit(-1) certType = rfc5280.Certificate() certCnt = 0 while 1: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') ) if not substrate: break cert, rest = decoder.decode(substrate, asn1Spec=certType) if rest: substrate = substrate[:-len(rest)] print(cert.prettyPrint()) assert encoder.encode(cert) == substrate, 'cert recode fails' certCnt += 1 print('*** %s PEM cert(s) de/serialized' % certCnt) pyasn1-modules-0.2.8/tools/x509dump.py0000755006321400632140000000216413551772550021167 0ustar ietingofietingof00000000000000#!/usr/bin/env python # # This file is part of pyasn1-modules software. # # Copyright (c) 2005-2019, Ilya Etingof # License: http://snmplabs.com/pyasn1/license.html # # Read ASN.1/PEM X.509 certificates on stdin, parse each into plain text, # then build substrate from it # import sys from pyasn1.codec.der import decoder from pyasn1.codec.der import encoder from pyasn1_modules import pem from pyasn1_modules import rfc2459 if len(sys.argv) != 1: print("""Usage: $ cat CACertificate.pem | %s $ cat userCertificate.pem | %s""" % (sys.argv[0], sys.argv[0])) sys.exit(-1) certType = rfc2459.Certificate() certCnt = 0 while True: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') ) if not substrate: break cert, rest = decoder.decode(substrate, asn1Spec=certType) if rest: substrate = substrate[:-len(rest)] print(cert.prettyPrint()) assert encoder.encode(cert) == substrate, 'cert recode fails' certCnt += 1 print('*** %s PEM cert(s) de/serialized' % certCnt)