pyasn1-modules-0.0.3/0000755000014400001440000000000011744221522014504 5ustar ilyausers00000000000000pyasn1-modules-0.0.3/PKG-INFO0000644000014400001440000000143711744221522015606 0ustar ilyausers00000000000000Metadata-Version: 1.0 Name: pyasn1-modules Version: 0.0.3 Summary: ASN.1 modules Home-page: http://sourceforge.net/projects/pyasn1/ Author: Ilya Etingof Author-email: ilya@glas.net License: BSD Description: UNKNOWN Platform: UNKNOWN Classifier: Development Status :: 5 - Production/Stable Classifier: Intended Audience :: Developers Classifier: Intended Audience :: Information Technology Classifier: Intended Audience :: Telecommunications Industry Classifier: Operating System :: OS Independent Classifier: Programming Language :: Python :: 2 Classifier: Programming Language :: Python :: 3 Classifier: Topic :: Communications Classifier: Topic :: Security :: Cryptography Classifier: Topic :: Software Development :: Libraries :: Python Modules Classifier: License :: OSI Approved :: BSD License pyasn1-modules-0.0.3/tools/0000755000014400001440000000000011744221522015644 5ustar ilyausers00000000000000pyasn1-modules-0.0.3/tools/crldump.py0000755000014400001440000000171211741636611017676 0ustar ilyausers00000000000000#!/usr/bin/python # # Read X.509 CRL on stdin, print them pretty and encode back into # original wire format. # CRL can be generated with "openssl openssl ca -gencrl ..." commands. # from pyasn1_modules import rfc2459, pem from pyasn1.codec.der import encoder, decoder import sys if len(sys.argv) != 1: print("""Usage: $ cat crl.pem | %s""" % sys.argv[0]) sys.exit(-1) asn1Spec = rfc2459.CertificateList() cnt = 0 while 1: idx, substrate = pem.readPemBlocksFromFile(sys.stdin, ('-----BEGIN X509 CRL-----', '-----END X509 CRL-----')) if not substrate: break key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) if rest: substrate = substrate[:-len(rest)] print(key.prettyPrint()) assert encoder.encode(key, defMode=False) == substrate or \ encoder.encode(key, defMode=True) == substrate, \ 'pkcs8 recode fails' cnt = cnt + 1 print('*** %s CRL(s) re/serialized' % cnt) pyasn1-modules-0.0.3/tools/ocspreqdump.py0000755000014400001440000000125411741312350020562 0ustar ilyausers00000000000000#!/usr/bin/python # # Read ASN.1/PEM X.509 CRMF request on stdin, parse into # plain text, then build substrate from it # from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc2560, pem import sys if len(sys.argv) != 1: print("""Usage: $ cat ocsp-request.pem | %s""" % sys.argv[0]) sys.exit(-1) ocspReq = rfc2560.OCSPRequest() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) cr, rest = decoder.decode(substrate, asn1Spec=ocspReq) print(cr.prettyPrint()) assert encoder.encode(cr, defMode=False) == substrate or \ encoder.encode(cr, defMode=True) == substrate, \ 'OCSP request recode fails' pyasn1-modules-0.0.3/tools/pkcs10dump.py0000755000014400001440000000212511741636630020217 0ustar ilyausers00000000000000#!/usr/bin/python # # Read ASN.1/PEM X.509 certificate requests (PKCS#10 format) on stdin, # parse each into plain text, then build substrate from it # from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc2314, pem import sys if len(sys.argv) != 1: print("""Usage: $ cat certificateRequest.pem | %s""" % sys.argv[0]) sys.exit(-1) certType = rfc2314.CertificationRequest() certCnt = 0 while 1: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE REQUEST-----', '-----END CERTIFICATE REQUEST-----') ) if not substrate: break cert, rest = decoder.decode(substrate, asn1Spec=certType) if rest: substrate = substrate[:-len(rest)] print(cert.prettyPrint()) assert encoder.encode(cert, defMode=False) == substrate or \ encoder.encode(cert, defMode=True) == substrate, \ 'cert recode fails' certCnt = certCnt + 1 print('*** %s PEM certificate request(s) de/serialized' % certCnt) pyasn1-modules-0.0.3/tools/x509dump.py0000755000014400001440000000210011741636660017617 0ustar ilyausers00000000000000#!/usr/bin/python # # Read ASN.1/PEM X.509 certificates on stdin, parse each into plain text, # then build substrate from it # from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc2459, pem import sys if len(sys.argv) != 1: print("""Usage: $ cat CACertificate.pem | %s $ cat userCertificate.pem | %s""" % (sys.argv[0], sys.argv[0])) sys.exit(-1) certType = rfc2459.Certificate() certCnt = 0 while 1: idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') ) if not substrate: break cert, rest = decoder.decode(substrate, asn1Spec=certType) if rest: substrate = substrate[:-len(rest)] print(cert.prettyPrint()) assert encoder.encode(cert, defMode=False) == substrate or \ encoder.encode(cert, defMode=True) == substrate, \ 'cert recode fails' certCnt = certCnt + 1 print('*** %s PEM cert(s) de/serialized' % certCnt) pyasn1-modules-0.0.3/tools/ocsprspdump.py0000755000014400001440000000125111741312350020574 0ustar ilyausers00000000000000#!/usr/bin/python # # Read ASN.1/PEM OCSP response on stdin, parse into # plain text, then build substrate from it # from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc2560, pem import sys if len(sys.argv) != 1: print("""Usage: $ cat ocsp-response.pem | %s""" % sys.argv[0]) sys.exit(-1) ocspReq = rfc2560.OCSPResponse() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) cr, rest = decoder.decode(substrate, asn1Spec=ocspReq) print(cr.prettyPrint()) assert encoder.encode(cr, defMode=False) == substrate or \ encoder.encode(cr, defMode=True) == substrate, \ 'OCSP request recode fails' pyasn1-modules-0.0.3/tools/pkcs8dump.py0000755000014400001440000000222611741636653020155 0ustar ilyausers00000000000000#!/usr/bin/python # # Read bunch of ASN.1/PEM plain/encrypted private keys in PKCS#8 # format on stdin, parse each into plain text, then build substrate from it # from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc5208, pem import sys if len(sys.argv) != 1: print("""Usage: $ cat pkcs8key.pem | %s""" % sys.argv[0]) sys.exit(-1) cnt = 0 while 1: idx, substrate = pem.readPemBlocksFromFile(sys.stdin, ('-----BEGIN PRIVATE KEY-----', '-----END PRIVATE KEY-----'), ('-----BEGIN ENCRYPTED PRIVATE KEY-----', '-----END ENCRYPTED PRIVATE KEY-----') ) if not substrate: break if idx == 0: asn1Spec = rfc5208.PrivateKeyInfo() elif idx == 1: asn1Spec = rfc5208.EncryptedPrivateKeyInfo() else: break key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) if rest: substrate = substrate[:-len(rest)] print(key.prettyPrint()) assert encoder.encode(key, defMode=False) == substrate or \ encoder.encode(key, defMode=True) == substrate, \ 'pkcs8 recode fails' cnt = cnt + 1 print('*** %s PKCS#8 key(s) de/serialized' % cnt) pyasn1-modules-0.0.3/tools/snmpget.py0000755000014400001440000000230011741357456017706 0ustar ilyausers00000000000000#!/usr/bin/python # # Generate SNMPGET request, parse response # from pyasn1.codec.ber import encoder, decoder from pyasn1_modules import rfc1157 import sys, socket if len(sys.argv) != 4: print("""Usage: $ %s """ % sys.argv[0]) sys.exit(-1) msg = rfc1157.Message() msg.setComponentByPosition(0) msg.setComponentByPosition(1, sys.argv[1]) # pdu pdus = msg.setComponentByPosition(2).getComponentByPosition(2) pdu = pdus.setComponentByPosition(0).getComponentByPosition(0) pdu.setComponentByPosition(0, 123) pdu.setComponentByPosition(1, 0) pdu.setComponentByPosition(2, 0) vbl = pdu.setComponentByPosition(3).getComponentByPosition(3) vb = vbl.setComponentByPosition(0).getComponentByPosition(0) vb.setComponentByPosition(0, sys.argv[3]) v = vb.setComponentByPosition(1).getComponentByPosition(1).setComponentByPosition(0).getComponentByPosition(0).setComponentByPosition(3).getComponentByPosition(3) print('sending: %s' % msg.prettyPrint()) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.sendto(encoder.encode(msg), (sys.argv[2], 161)) substrate, _ = sock.recvfrom(2048) rMsg, _ = decoder.decode(substrate, asn1Spec=msg) print('received: %s' % rMsg.prettyPrint()) pyasn1-modules-0.0.3/tools/ocspclient.py0000755000014400001440000001166011741636623020401 0ustar ilyausers00000000000000#!/usr/bin/python # from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc2560, rfc2459, pem from pyasn1.type import univ import sys, hashlib try: import urllib2 except ImportError: import urllib.request as urllib2 sha1oid = univ.ObjectIdentifier((1, 3, 14, 3, 2, 26)) class ValueOnlyBitStringEncoder(encoder.encoder.BitStringEncoder): # These methods just do not encode tag and length fields of TLV def encodeTag(self, *args): return '' def encodeLength(self, *args): return '' def encodeValue(*args): substrate, isConstructed = encoder.encoder.BitStringEncoder.encodeValue(*args) # OCSP-specific hack follows: cut off the "unused bit count" # encoded bit-string value. return substrate[1:], isConstructed def __call__(self, bitStringValue): return self.encode(None, bitStringValue, defMode=1, maxChunkSize=0) valueOnlyBitStringEncoder = ValueOnlyBitStringEncoder() def mkOcspRequest(issuerCert, userCert): issuerTbsCertificate = issuerCert.getComponentByName('tbsCertificate') issuerSubject = issuerTbsCertificate.getComponentByName('subject') userTbsCertificate = userCert.getComponentByName('tbsCertificate') userIssuer = userTbsCertificate.getComponentByName('issuer') assert issuerSubject == userIssuer, '%s\n%s' % ( issuerSubject.prettyPrint(), userIssuer.prettyPrint() ) userIssuerHash = hashlib.sha1( encoder.encode(userIssuer) ).digest() issuerSubjectPublicKey = issuerTbsCertificate.getComponentByName('subjectPublicKeyInfo').getComponentByName('subjectPublicKey') issuerKeyHash = hashlib.sha1( valueOnlyBitStringEncoder(issuerSubjectPublicKey) ).digest() userSerialNumber = userTbsCertificate.getComponentByName('serialNumber') # Build request object request = rfc2560.Request() reqCert = request.setComponentByName('reqCert').getComponentByName('reqCert') hashAlgorithm = reqCert.setComponentByName('hashAlgorithm').getComponentByName('hashAlgorithm') hashAlgorithm.setComponentByName('algorithm', sha1oid) reqCert.setComponentByName('issuerNameHash', userIssuerHash) reqCert.setComponentByName('issuerKeyHash', issuerKeyHash) reqCert.setComponentByName('serialNumber', userSerialNumber) ocspRequest = rfc2560.OCSPRequest() tbsRequest = ocspRequest.setComponentByName('tbsRequest').getComponentByName('tbsRequest') tbsRequest.setComponentByName('version', 'v1') requestList = tbsRequest.setComponentByName('requestList').getComponentByName('requestList') requestList.setComponentByPosition(0, request) return ocspRequest def parseOcspResponse(ocspResponse): responseStatus = ocspResponse.getComponentByName('responseStatus') assert responseStatus == rfc2560.OCSPResponseStatus('successful'), responseStatus.prettyPrint() responseBytes = ocspResponse.getComponentByName('responseBytes') responseType = responseBytes.getComponentByName('responseType') assert responseType == id_pkix_ocsp_basic, responseType.prettyPrint() response = responseBytes.getComponentByName('response') basicOCSPResponse, _ = decoder.decode( response, asn1Spec=rfc2560.BasicOCSPResponse() ) tbsResponseData = basicOCSPResponse.getComponentByName('tbsResponseData') response0 = tbsResponseData.getComponentByName('responses').getComponentByPosition(0) return ( tbsResponseData.getComponentByName('producedAt'), response0.getComponentByName('certID'), response0.getComponentByName('certStatus').getName(), response0.getComponentByName('thisUpdate') ) if len(sys.argv) != 2: print("""Usage: $ cat CACertificate.pem userCertificate.pem | %s """ % sys.argv[0]) sys.exit(-1) else: ocspUrl = sys.argv[1] # Parse CA and user certificates issuerCert, _ = decoder.decode( pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') )[1], asn1Spec=rfc2459.Certificate() ) userCert, _ = decoder.decode( pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----') )[1], asn1Spec=rfc2459.Certificate() ) # Build OCSP request ocspReq = mkOcspRequest(issuerCert, userCert) # Use HTTP POST to get response (see Appendix A of RFC 2560) # In case you need proxies, set the http_proxy env variable httpReq = urllib2.Request( ocspUrl, encoder.encode(ocspReq), { 'Content-Type': 'application/ocsp-request' } ) httpRsp = urllib2.urlopen(httpReq).read() # Process OCSP response ocspRsp, _ = decoder.decode(httpRsp, asn1Spec=rfc2560.OCSPResponse()) producedAt, certId, certStatus, thisUpdate = parseOcspResponse(ocspRsp) print('Certificate ID %s is %s at %s till %s\n' % ( certId.getComponentByName('serialNumber'), certStatus, producedAt, thisUpdate)) pyasn1-modules-0.0.3/tools/pkcs1dump.py0000755000014400001440000000231411741636636020145 0ustar ilyausers00000000000000#!/usr/bin/python # # Read unencrypted PKCS#1/PKIX-compliant, PEM&DER encoded private keys on # stdin, print them pretty and encode back into original wire format. # Private keys can be generated with "openssl genrsa|gendsa" commands. # from pyasn1_modules import rfc2459, rfc2437, pem from pyasn1.codec.der import encoder, decoder import sys if len(sys.argv) != 1: print("""Usage: $ cat rsakey.pem | %s""" % sys.argv[0]) sys.exit(-1) cnt = 0 while 1: idx, substrate = pem.readPemBlocksFromFile(sys.stdin, ('-----BEGIN RSA PRIVATE KEY-----', '-----END RSA PRIVATE KEY-----'), ('-----BEGIN DSA PRIVATE KEY-----', '-----END DSA PRIVATE KEY-----') ) if not substrate: break if idx == 0: asn1Spec = rfc2437.RSAPrivateKey() elif idx == 1: asn1Spec = rfc2459.DSAPrivateKey() else: break key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) if rest: substrate = substrate[:-len(rest)] print(key.prettyPrint()) assert encoder.encode(key, defMode=False) == substrate or \ encoder.encode(key, defMode=True) == substrate, \ 'pkcs8 recode fails' cnt = cnt + 1 print('*** %s key(s) re/serialized' % cnt) pyasn1-modules-0.0.3/tools/pkcs7dump.py0000755000014400001440000000260011741636646020152 0ustar ilyausers00000000000000#!/usr/bin/python # # Read ASN.1/PEM PKCS#7 on stdin, parse it into plain text, # then build substrate from it # from pyasn1_modules import rfc2315, pem from pyasn1.codec.der import encoder, decoder import sys if len(sys.argv) != 1: print("""Usage: $ cat pkcs7Certificate.pem | %s""" % sys.argv[0]) sys.exit(-1) idx, substrate = pem.readPemBlocksFromFile( sys.stdin, ('-----BEGIN PKCS7-----', '-----END PKCS7-----') ) assert substrate, 'bad PKCS7 data on input' contentInfo, rest = decoder.decode(substrate, asn1Spec=rfc2315.ContentInfo()) if rest: substrate = substrate[:-len(rest)] print(contentInfo.prettyPrint()) assert encoder.encode(contentInfo, defMode=False) == substrate or \ encoder.encode(contentInfo, defMode=True) == substrate, \ 're-encode fails' contentType = contentInfo.getComponentByName('contentType') contentInfoMap = { (1, 2, 840, 113549, 1, 7, 1): rfc2315.Data(), (1, 2, 840, 113549, 1, 7, 2): rfc2315.SignedData(), (1, 2, 840, 113549, 1, 7, 3): rfc2315.EnvelopedData(), (1, 2, 840, 113549, 1, 7, 4): rfc2315.SignedAndEnvelopedData(), (1, 2, 840, 113549, 1, 7, 5): rfc2315.DigestedData(), (1, 2, 840, 113549, 1, 7, 6): rfc2315.EncryptedData() } content, _ = decoder.decode( contentInfo.getComponentByName('content'), asn1Spec=contentInfoMap[contentType] ) print(content.prettyPrint()) pyasn1-modules-0.0.3/tools/crmfdump.py0000755000014400001440000000123411741357456020053 0ustar ilyausers00000000000000#!/usr/bin/python # Read ASN.1/PEM X.509 CRMF request on stdin, parse into # plain text, then build substrate from it from pyasn1.codec.der import decoder, encoder from pyasn1_modules import rfc2511, pem import sys if len(sys.argv) != 1: print("""Usage: $ cat crmf.pem | %s""" % sys.argv[0]) sys.exit(-1) certReq = rfc2511.CertReqMessages() substrate = pem.readBase64FromFile(sys.stdin) if not substrate: sys.exit(0) cr, rest = decoder.decode(substrate, asn1Spec=certReq) print(cr.prettyPrint()) assert encoder.encode(cr, defMode=False) == substrate or \ encoder.encode(cr, defMode=True) == substrate, \ 'crmf recode fails' pyasn1-modules-0.0.3/MANIFEST.in0000644000014400001440000000013011742505451016240 0ustar ilyausers00000000000000include CHANGES README LICENSE recursive-include tools *.py recursive-include test *.sh pyasn1-modules-0.0.3/CHANGES0000644000014400001440000000154011741357455015513 0ustar ilyausers00000000000000Revision 0.0.3 -------------- - Text cases implemented - X.509 CRMF structures (RFC2511) and crmfdump.py tool added - X.509 CRL structures and crldump.py tool added - PKCS#10 structures and pkcs10dump.py tool added - PKCS#8 structures and pkcs8dump.py tool added - PKCS#1 (rfc3447) structures added - OCSP request & response dumping tool added - SNMPv2c & SNMPv3/USM structures added - keydump.py moved into pkcs1dump.py - PEM files read function generalized to be used more universally. - complete PKIX1 '88 code implemented at rfc2459.py Revision 0.0.2 -------------- - Require pyasn1 >= 0.1.1 - Fixes towards Py3K compatibility + use either of existing urllib module + adopt to the new bytes type + print operator is now a function + new exception syntax Revision 0.0.1a --------------- - Initial revision, most code carried from pyasn1 examples. pyasn1-modules-0.0.3/pyasn1_modules.egg-info/0000755000014400001440000000000011744221522021141 5ustar ilyausers00000000000000pyasn1-modules-0.0.3/pyasn1_modules.egg-info/SOURCES.txt0000644000014400001440000000205511744221521023026 0ustar ilyausers00000000000000CHANGES LICENSE MANIFEST.in README setup.py pyasn1_modules/__init__.py pyasn1_modules/pem.py pyasn1_modules/pkcs12.py pyasn1_modules/rfc1155.py pyasn1_modules/rfc1157.py pyasn1_modules/rfc1902.py pyasn1_modules/rfc1905.py pyasn1_modules/rfc2251.py pyasn1_modules/rfc2314.py pyasn1_modules/rfc2315.py pyasn1_modules/rfc2437.py pyasn1_modules/rfc2459.py pyasn1_modules/rfc2511.py pyasn1_modules/rfc2560.py pyasn1_modules/rfc3412.py pyasn1_modules/rfc3414.py pyasn1_modules/rfc3447.py pyasn1_modules/rfc5208.py pyasn1_modules.egg-info/PKG-INFO pyasn1_modules.egg-info/SOURCES.txt pyasn1_modules.egg-info/dependency_links.txt pyasn1_modules.egg-info/requires.txt pyasn1_modules.egg-info/top_level.txt pyasn1_modules.egg-info/zip-safe test/crl.sh test/crmf.sh test/ocspreq.sh test/ocsprsp.sh test/pkcs1.sh test/pkcs10.sh test/pkcs7.sh test/pkcs8.sh test/x509dump.sh tools/crldump.py tools/crmfdump.py tools/ocspclient.py tools/ocspreqdump.py tools/ocsprspdump.py tools/pkcs10dump.py tools/pkcs1dump.py tools/pkcs7dump.py tools/pkcs8dump.py tools/snmpget.py tools/x509dump.pypyasn1-modules-0.0.3/pyasn1_modules.egg-info/top_level.txt0000644000014400001440000000001711744221521023670 0ustar ilyausers00000000000000pyasn1_modules pyasn1-modules-0.0.3/pyasn1_modules.egg-info/requires.txt0000644000014400001440000000001511744221521023534 0ustar ilyausers00000000000000pyasn1>=0.1.1pyasn1-modules-0.0.3/pyasn1_modules.egg-info/PKG-INFO0000644000014400001440000000143711744221521022242 0ustar ilyausers00000000000000Metadata-Version: 1.0 Name: pyasn1-modules Version: 0.0.3 Summary: ASN.1 modules Home-page: http://sourceforge.net/projects/pyasn1/ Author: Ilya Etingof Author-email: ilya@glas.net License: BSD Description: UNKNOWN Platform: UNKNOWN Classifier: Development Status :: 5 - Production/Stable Classifier: Intended Audience :: Developers Classifier: Intended Audience :: Information Technology Classifier: Intended Audience :: Telecommunications Industry Classifier: Operating System :: OS Independent Classifier: Programming Language :: Python :: 2 Classifier: Programming Language :: Python :: 3 Classifier: Topic :: Communications Classifier: Topic :: Security :: Cryptography Classifier: Topic :: Software Development :: Libraries :: Python Modules Classifier: License :: OSI Approved :: BSD License pyasn1-modules-0.0.3/pyasn1_modules.egg-info/dependency_links.txt0000644000014400001440000000000111744221521025206 0ustar ilyausers00000000000000 pyasn1-modules-0.0.3/pyasn1_modules.egg-info/zip-safe0000644000014400001440000000000111534707735022605 0ustar ilyausers00000000000000 pyasn1-modules-0.0.3/pyasn1_modules/0000755000014400001440000000000011744221522017447 5ustar ilyausers00000000000000pyasn1-modules-0.0.3/pyasn1_modules/rfc3414.py0000644000014400001440000000157411741333400021112 0ustar ilyausers00000000000000# # SNMPv3 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3414.txt # from pyasn1.type import univ, namedtype, namedval, tag, constraint class UsmSecurityParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()), namedtype.NamedType('msgAuthoritativeEngineBoots', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgAuthoritativeEngineTime', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgUserName', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))), namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()), namedtype.NamedType('msgPrivacyParameters', univ.OctetString()) ) pyasn1-modules-0.0.3/pyasn1_modules/pem.py0000644000014400001440000000354511741636546020626 0ustar ilyausers00000000000000import base64, sys stSpam, stHam, stDump = 0, 1, 2 # The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')... # Return is (marker-index, substrate) def readPemBlocksFromFile(fileObj, *markers): startMarkers = dict(map(lambda x: (x[1],x[0]), enumerate(map(lambda x: x[0], markers)))) stopMarkers = dict(map(lambda x: (x[1],x[0]), enumerate(map(lambda x: x[1], markers)))) idx = -1; substrate = '' state = stSpam while 1: certLine = fileObj.readline() if not certLine: break certLine = certLine.strip() if state == stSpam: if certLine in startMarkers: certLines = [] idx = startMarkers[certLine] state = stHam continue if state == stHam: if certLine in stopMarkers and stopMarkers[certLine] == idx: state = stDump else: certLines.append(certLine) if state == stDump: if sys.version_info[0] <= 2: substrate = ''.join([ base64.b64decode(x) for x in certLines ]) else: substrate = ''.encode().join([ base64.b64decode(x.encode()) for x in certLines ]) break return idx, substrate # Backward compatibility routine def readPemFromFile(fileObj, startMarker='-----BEGIN CERTIFICATE-----', endMarker='-----END CERTIFICATE-----'): idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker)) return substrate def readBase64FromFile(fileObj): if sys.version_info[0] <= 2: return ''.join([ base64.b64decode(x) for x in fileObj.readlines() ]) else: return ''.encode().join( [ base64.b64decode(x.encode()) for x in fileObj.readlines() ] ) pyasn1-modules-0.0.3/pyasn1_modules/rfc1155.py0000644000014400001440000000470711741333252021120 0ustar ilyausers00000000000000# # SNMPv1 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1155.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import univ, namedtype, namedval, tag, constraint class ObjectName(univ.ObjectIdentifier): pass class SimpleSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('number', univ.Integer()), namedtype.NamedType('string', univ.OctetString()), namedtype.NamedType('object', univ.ObjectIdentifier()), namedtype.NamedType('empty', univ.Null()) ) class IpAddress(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( 4, 4 ) class NetworkAddress(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('internet', IpAddress()) ) class Counter(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Gauge(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) ) subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, 4294967295 ) class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) ) class ApplicationSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('address', NetworkAddress()), namedtype.NamedType('counter', Counter()), namedtype.NamedType('gauge', Gauge()), namedtype.NamedType('ticks', TimeTicks()), namedtype.NamedType('arbitrary', Opaque()) ) class ObjectSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', SimpleSyntax()), namedtype.NamedType('application-wide', ApplicationSyntax()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc5208.py0000644000014400001440000000242411740575121021117 0ustar ilyausers00000000000000# # PKCS#8 syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc5208 # # Sample captures could be obtained with "openssl pkcs8 -topk8" command # from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2251 class KeyEncryptionAlgorithms(AlgorithmIdentifier): pass class PrivateKeyAlgorithms(AlgorithmIdentifier): pass class EncryptedData(univ.OctetString): pass class EncryptedPrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptionAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('encryptedData', EncryptedData()) ) class PrivateKey(univ.OctetString): pass class Attributes(univ.SetOf): componentType = rfc2251.Attribute() class Version(univ.Integer): namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) class PrivateKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('privateKey', PrivateKey()), namedtype.OptionalNamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc1902.py0000644000014400001440000000666211741333400021115 0ustar ilyausers00000000000000# # SNMPv2c message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1902.txt # from pyasn1.type import univ, namedtype, namedval, tag, constraint class Integer(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( -2147483648, 2147483647 ) class Integer32(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( -2147483648, 2147483647 ) class OctetString(univ.OctetString): subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueSizeConstraint( 0, 65535 ) class IpAddress(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00) ) subtypeSpec = univ.OctetString.subtypeSpec+constraint.ValueSizeConstraint( 4, 4 ) class Counter32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01) ) subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( 0, 4294967295 ) class Gauge32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) ) subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( 0, 4294967295 ) class Unsigned32(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) ) subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( 0, 4294967295 ) class TimeTicks(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03) ) subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( 0, 4294967295 ) class Opaque(univ.OctetString): tagSet = univ.OctetString.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04) ) class Counter64(univ.Integer): tagSet = univ.Integer.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06) ) subtypeSpec = univ.Integer.subtypeSpec+constraint.ValueRangeConstraint( 0, 18446744073709551615 ) class Bits(univ.OctetString): pass class ObjectName(univ.ObjectIdentifier): pass class SimpleSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('integer-value', Integer()), namedtype.NamedType('string-value', OctetString()), namedtype.NamedType('objectID-value', univ.ObjectIdentifier()) ) class ApplicationSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('ipAddress-value', IpAddress()), namedtype.NamedType('counter-value', Counter32()), namedtype.NamedType('timeticks-value', TimeTicks()), namedtype.NamedType('arbitrary-value', Opaque()), namedtype.NamedType('big-counter-value', Counter64()), # This conflicts with Counter32 # namedtype.NamedType('unsigned-integer-value', Unsigned32()), namedtype.NamedType('gauge32-value', Gauge32()) ) # BITS misplaced? class ObjectSyntax(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', SimpleSyntax()), namedtype.NamedType('application-wide', ApplicationSyntax()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc2437.py0000644000014400001440000000451211740610673021122 0ustar ilyausers00000000000000# # PKCS#1 syntax # # ASN.1 source from: # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2.asn # # Sample captures could be obtained with "openssl genrsa" command # from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import AlgorithmIdentifier pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') md4WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.3') md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') rsaOAEPEncryptionSET = univ.ObjectIdentifier('1.2.840.113549.1.1.6') id_RSAES_OAEP = univ.ObjectIdentifier('1.2.840.113549.1.1.7') id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8') id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9') id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') MAX = 16 class Version(univ.Integer): pass class RSAPrivateKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()), namedtype.NamedType('privateExponent', univ.Integer()), namedtype.NamedType('prime1', univ.Integer()), namedtype.NamedType('prime2', univ.Integer()), namedtype.NamedType('exponent1', univ.Integer()), namedtype.NamedType('exponent2', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()) ) class RSAPublicKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()) ) # XXX defaults not set class RSAES_OAEP_params(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc2459.py0000644000014400001440000012731111741357511021131 0ustar ilyausers00000000000000# # X.509 message syntax # # ASN.1 source from: # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn # http://www.ietf.org/rfc/rfc2459.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful MAX = 64 # XXX ? # # PKIX1Explicit88 # # Upper Bounds ub_name = univ.Integer(32768) ub_common_name = univ.Integer(64) ub_locality_name = univ.Integer(128) ub_state_name = univ.Integer(128) ub_organization_name = univ.Integer(64) ub_organizational_unit_name = univ.Integer(64) ub_title = univ.Integer(64) ub_match = univ.Integer(128) ub_emailaddress_length = univ.Integer(128) ub_common_name_length = univ.Integer(64) ub_country_name_alpha_length = univ.Integer(2) ub_country_name_numeric_length = univ.Integer(3) ub_domain_defined_attributes = univ.Integer(4) ub_domain_defined_attribute_type_length = univ.Integer(8) ub_domain_defined_attribute_value_length = univ.Integer(128) ub_domain_name_length = univ.Integer(16) ub_extension_attributes = univ.Integer(256) ub_e163_4_number_length = univ.Integer(15) ub_e163_4_sub_address_length = univ.Integer(40) ub_generation_qualifier_length = univ.Integer(3) ub_given_name_length = univ.Integer(16) ub_initials_length = univ.Integer(5) ub_integer_options = univ.Integer(256) ub_numeric_user_id_length = univ.Integer(32) ub_organization_name_length = univ.Integer(64) ub_organizational_unit_name_length = univ.Integer(32) ub_organizational_units = univ.Integer(4) ub_pds_name_length = univ.Integer(16) ub_pds_parameter_length = univ.Integer(30) ub_pds_physical_address_lines = univ.Integer(6) ub_postal_code_length = univ.Integer(16) ub_surname_length = univ.Integer(40) ub_terminal_id_length = univ.Integer(24) ub_unformatted_address_length = univ.Integer(180) ub_x121_address_length = univ.Integer(16) class UniversalString(char.UniversalString): pass class BMPString(char.BMPString): pass class UTF8String(char.UTF8String): pass id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') id_qt = univ.ObjectIdentifier('1.3.6.1.5.5.7.2') id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') id_ad = univ.ObjectIdentifier('1.3.6.1.5.5.7.48') id_qt_cps = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.1') id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') class AttributeValue(univ.Any): pass class AttributeType(univ.ObjectIdentifier): pass class AttributeTypeAndValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('value', AttributeValue()) ) class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) id_at = univ.ObjectIdentifier('2.5.4') id_at_name = univ.ObjectIdentifier('2.5.4.41') id_at_sutname = univ.ObjectIdentifier('2.5.4.4') id_at_givenName = univ.ObjectIdentifier('2.5.4.42') id_at_initials = univ.ObjectIdentifier('2.5.4.43') id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') class X520name(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) ) id_at_commonName = univ.ObjectIdentifier('2.5.4.3') class X520CommonName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) ) id_at_localityName = univ.ObjectIdentifier('2.5.4.7') class X520LocalityName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) ) id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') class X520StateOrProvinceName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) ) id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') class X520OrganizationName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) ) id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') class X520OrganizationalUnitName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) ) id_at_title = univ.ObjectIdentifier('2.5.4.12') class X520Title(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) ) id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') class X520dnQualifier(char.PrintableString): pass id_at_countryName = univ.ObjectIdentifier('2.5.4.6') class X520countryName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') class Pkcs9email(char.IA5String): subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) # ---- class DSAPrivateKey(univ.Sequence): """PKIX compliant DSA private key structure""" componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('g', univ.Integer()), namedtype.NamedType('public', univ.Integer()), namedtype.NamedType('private', univ.Integer()) ) # ---- class RelativeDistinguishedName(univ.SetOf): componentType = AttributeTypeAndValue() class RDNSequence(univ.SequenceOf): componentType = RelativeDistinguishedName() class Name(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('', RDNSequence()) ) class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX ) # certificate and CRL specific structures begin here class AlgorithmIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any()) ) class Extension(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extnID', univ.ObjectIdentifier()), namedtype.DefaultedNamedType('critical', univ.Boolean('False')), namedtype.NamedType('extnValue', univ.Any()) ) class Extensions(univ.SequenceOf): componentType = Extension() sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) class SubjectPublicKeyInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algorithm', AlgorithmIdentifier()), namedtype.NamedType('subjectPublicKey', univ.BitString()) ) class UniqueIdentifier(univ.BitString): pass class Time(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('utcTime', useful.UTCTime()), namedtype.NamedType('generalTime', useful.GeneralizedTime()) ) class Validity(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('notBefore', Time()), namedtype.NamedType('notAfter', Time()) ) class CertificateSerialNumber(univ.Integer): pass class Version(univ.Integer): namedValues = namedval.NamedValues( ('v1', 0), ('v2', 1), ('v3', 2) ) class TBSCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('serialNumber', CertificateSerialNumber()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('validity', Validity()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class Certificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificate', TBSCertificate()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signatureValue', univ.BitString()) ) # CRL structures class RevokedCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('userCertificate', CertificateSerialNumber()), namedtype.NamedType('revocationDate', Time()), namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) ) class TBSCertList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version()), namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('thisUpdate', Time()), namedtype.OptionalNamedType('nextUpdate', Time()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class CertificateList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertList', TBSCertList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) # Algorithm OIDs and parameter structures pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') class Dss_Sig_Value(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('r', univ.Integer()), namedtype.NamedType('s', univ.Integer()) ) dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') class ValidationParms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('seed', univ.BitString()), namedtype.NamedType('pgenCounter', univ.Integer()) ) class DomainParameters(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('g', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('j', univ.Integer()), namedtype.OptionalNamedType('validationParms', ValidationParms()) ) id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') class Dss_Parms(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('p', univ.Integer()), namedtype.NamedType('q', univ.Integer()), namedtype.NamedType('g', univ.Integer()) ) # x400 address syntax starts here teletex_domain_defined_attributes = univ.Integer(6) class TeletexDomainDefinedAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.TeletexString()) ) class TeletexDomainDefinedAttributes(univ.SequenceOf): componentType = TeletexDomainDefinedAttribute() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) terminal_type = univ.Integer(23) class TerminalType(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) namedValues = namedval.NamedValues( ('telex', 3), ('teletelex', 4), ('g3-facsimile', 5), ('g4-facsimile', 6), ('ia5-terminal', 7), ('videotex', 8) ) class PresentationAddress(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), ) extended_network_address = univ.Integer(22) class E163_4_address(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtendedNetworkAddress(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('e163-4-address', E163_4_address()), namedtype.NamedType('psap-address', PresentationAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class PDSParameter(univ.Set): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) ) local_postal_attributes = univ.Integer(21) class LocalPostalAttributes(PDSParameter): pass class UniquePostalName(PDSParameter): pass unique_postal_name = univ.Integer(20) poste_restante_address = univ.Integer(19) class PosteRestanteAddress(PDSParameter): pass post_office_box_address = univ.Integer(18) class PostOfficeBoxAddress(PDSParameter): pass street_address = univ.Integer(17) class StreetAddress(PDSParameter): pass class UnformattedPostalAddress(univ.Set): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) ) physical_delivery_office_name = univ.Integer(10) class PhysicalDeliveryOfficeName(PDSParameter): pass physical_delivery_office_number = univ.Integer(11) class PhysicalDeliveryOfficeNumber(PDSParameter): pass extension_OR_address_components = univ.Integer(12) class ExtensionORAddressComponents(PDSParameter): pass physical_delivery_personal_name = univ.Integer(13) class PhysicalDeliveryPersonalName(PDSParameter): pass physical_delivery_organization_name = univ.Integer(14) class PhysicalDeliveryOrganizationName(PDSParameter): pass extension_physical_delivery_address_components = univ.Integer(15) class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass unformatted_postal_address = univ.Integer(16) postal_code = univ.Integer(9) class PostalCode(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) ) class PhysicalDeliveryCountryName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) class PDSName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) physical_delivery_country_name = univ.Integer(8) class TeletexOrganizationalUnitName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) pds_name = univ.Integer(7) teletex_organizational_unit_names = univ.Integer(5) class TeletexOrganizationalUnitNames(univ.SequenceOf): componentType = TeletexOrganizationalUnitName() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) teletex_personal_name = univ.Integer(4) class TeletexPersonalName(univ.Set): componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) teletex_organization_name = univ.Integer(3) class TeletexOrganizationName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) teletex_common_name = univ.Integer(2) class TeletexCommonName(char.TeletexString): subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) class CommonName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) common_name = univ.Integer(1) class ExtensionAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtensionAttributes(univ.SetOf): componentType = ExtensionAttribute() subtypeSpec = univ.SetOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) class BuiltInDomainDefinedAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) ) class BuiltInDomainDefinedAttributes(univ.SequenceOf): componentType = BuiltInDomainDefinedAttribute() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) class OrganizationalUnitName(char.PrintableString): subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) class OrganizationalUnitNames(univ.SequenceOf): componentType = OrganizationalUnitName() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) class PersonalName(univ.Set): componentType = namedtype.NamedTypes( namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class NumericUserIdentifier(char.NumericString): subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) class OrganizationName(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) class PrivateDomainName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) ) class TerminalIdentifier(char.PrintableString): subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) class X121Address(char.NumericString): subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) class NetworkAddress(X121Address): pass class AdministrationDomainName(univ.Choice): tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) ) componentType = namedtype.NamedTypes( namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) ) class CountryName(univ.Choice): tagSet = univ.Choice.tagSet.tagExplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) ) componentType = namedtype.NamedTypes( namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) ) class BuiltInStandardAttributes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('country-name', CountryName()), namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.OptionalNamedType('personal-name', PersonalName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) ) class ORAddress(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) ) # # PKIX1Implicit88 # id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') class InvalidityDate(useful.GeneralizedTime): pass id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') id_holdinstruction_reject = univ.ObjectIdentifier('2.2.840.10040.2.3') holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') class HoldInstructionCode(univ.ObjectIdentifier): pass id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') class CRLReason(univ.Enumerated): namedValues = namedval.NamedValues( ('unspecified', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('removeFromCRL', 8) ) id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') class CRLNumber(univ.Integer): subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) class BaseCRLNumber(CRLNumber): pass id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1.1') id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') id_kp_ipsecEndSystem = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.5') id_kp_ipsecTunnel = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.6') id_kp_ipsecUser = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.7') id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') class KeyPurposeId(univ.ObjectIdentifier): pass class ExtKeyUsageSyntax(univ.SequenceOf): componentType = KeyPurposeId() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) class ReasonFlags(univ.BitString): namedValues = namedval.NamedValues( ('unused', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6) ) class SkipCerts(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') class PolicyConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') class BasicConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('cA', univ.Boolean(False)), namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) ) id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') class SubjectDirectoryAttributes(univ.SequenceOf): componentType = Attribute() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) class EDIPartyName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class AnotherName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type-id', univ.ObjectIdentifier()), namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class GeneralName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) ) class GeneralNames(univ.SequenceOf): componentType = GeneralName() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) class AccessDescription(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), namedtype.NamedType('accessLocation', GeneralName()) ) class AuthorityInfoAccessSyntax(univ.SequenceOf): componentType = AccessDescription() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') class DistributionPointName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class DistributionPoint(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) ) class BaseDistance(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') class CRLDistPointsSyntax(univ.SequenceOf): componentType = DistributionPoint subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') class IssuingDistributionPoint(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class GeneralSubtree(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('base', GeneralName()), namedtype.NamedType('minimum', BaseDistance(0).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class GeneralSubtrees(univ.SequenceOf): componentType = GeneralSubtree() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') class NameConstraints(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class DisplayText(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) ) class NoticeReference(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('organization', DisplayText()), namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) ) class UserNotice(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('noticeRef', NoticeReference()), namedtype.OptionalNamedType('explicitText', DisplayText()) ) class CPSuri(char.IA5String): pass class PolicyQualifierId(univ.ObjectIdentifier): subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) class CertPolicyId(univ.ObjectIdentifier): pass class PolicyQualifierInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyQualifierId', PolicyQualifierId()), namedtype.NamedType('qualifier', univ.Any()) ) id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') class PolicyInformation(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyIdentifier', CertPolicyId()), namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class CertificatePolicies(univ.SequenceOf): componentType = PolicyInformation() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') class PolicyMapping(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) ) class PolicyMappings(univ.SequenceOf): componentType = PolicyMapping() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') class PrivateKeyUsagePeriod(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') class KeyUsage(univ.BitString): namedValues = namedval.NamedValues( ('digitalSignature', 0), ('nonRepudiation', 1), ('keyEncipherment', 2), ('dataEncipherment', 3), ('keyAgreement', 4), ('keyCertSign', 5), ('cRLSign', 6), ('encipherOnly', 7), ('decipherOnly', 8) ) id_ce = univ.ObjectIdentifier('2.5.29') id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') class KeyIdentifier(univ.OctetString): pass id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') class SubjectKeyIdentifier(KeyIdentifier): pass class AuthorityKeyIdentifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') class CertificateIssuer(GeneralNames): pass id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') class SubjectAltName(GeneralNames): pass id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') class IssuerAltName(GeneralNames): pass pyasn1-modules-0.0.3/pyasn1_modules/rfc2560.py0000644000014400001440000001721511527265144021125 0ustar ilyausers00000000000000# # OCSP request/response syntax # # Derived from a minimal OCSP library (RFC2560) code written by # Bud P. Bruegger # Copyright: Ancitel, S.p.a, Rome, Italy # License: BSD # # # current limitations: # * request and response works only for a single certificate # * only some values are parsed out of the response # * the request does't set a nonce nor signature # * there is no signature validation of the response # * dates are left as strings in GeneralizedTime format -- datetime.datetime # would be nicer # from pyasn1.type import tag, namedtype, namedval, univ, constraint, useful from pyasn1_modules import rfc2459 # Start of OCSP module definitions # This should be in directory Authentication Framework (X.509) module class CRLReason(univ.Enumerated): namedValues = namedval.NamedValues( ('unspecified', 0), ('keyCompromise', 1), ('cACompromise', 2), ('affiliationChanged', 3), ('superseded', 4), ('cessationOfOperation', 5), ('certificateHold', 6), ('removeFromCRL', 8), ('privilegeWithdrawn', 9), ('aACompromise', 10) ) # end of directory Authentication Framework (X.509) module # This should be in PKIX Certificate Extensions module class GeneralName(univ.OctetString): pass # end of PKIX Certificate Extensions module id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9)) id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1)) id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1)) id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2)) id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3)) id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4)) id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5)) id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6)) id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7)) class AcceptableResponses(univ.SequenceOf): componentType = univ.ObjectIdentifier() class ArchiveCutoff(useful.GeneralizedTime): pass class UnknownInfo(univ.Null): pass class RevokedInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('revocationTime', useful.GeneralizedTime()), namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class CertID(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('issuerNameHash', univ.OctetString()), namedtype.NamedType('issuerKeyHash', univ.OctetString()), namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber()) ) class CertStatus(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('good', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('revoked', RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('unknown', UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class SingleResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certID', CertID()), namedtype.NamedType('certStatus', CertStatus()), namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class KeyHash(univ.OctetString): pass class ResponderID(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('byName', rfc2459.Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('byKey', KeyHash().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class Version(univ.Integer): namedValues = namedval.NamedValues(('v1', 0)) class ResponseData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('responderID', ResponderID()), namedtype.NamedType('producedAt', useful.GeneralizedTime()), namedtype.NamedType('responses', univ.SequenceOf(SingleResponse())), namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class BasicOCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsResponseData', ResponseData()), namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class ResponseBytes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('responseType', univ.ObjectIdentifier()), namedtype.NamedType('response', univ.OctetString()) ) class OCSPResponseStatus(univ.Enumerated): namedValues = namedval.NamedValues( ('successful', 0), ('malformedRequest', 1), ('internalError', 2), ('tryLater', 3), ('undefinedStatus', 4), # should never occur ('sigRequired', 5), ('unauthorized', 6) ) class OCSPResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('responseStatus', OCSPResponseStatus()), namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Request(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('reqCert', CertID()), namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class Signature(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()), namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class TBSRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('requestorName', GeneralName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('requestList', univ.SequenceOf(Request())), namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class OCSPRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsRequest', TBSRequest()), namedtype.OptionalNamedType('optionalSignature', Signature().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc2314.py0000644000014400001440000000222211741357455021117 0ustar ilyausers00000000000000# # PKCS#10 syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc2314 # # Sample captures could be obtained with "openssl req" command # from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import * class Attributes(univ.SetOf): componentType = Attribute() class Version(univ.Integer): pass class CertificationRequestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class Signature(univ.BitString): pass class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass class CertificationRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc3447.py0000644000014400001440000000257011740610673021126 0ustar ilyausers00000000000000# # PKCS#1 syntax # # ASN.1 source from: # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn # # Sample captures could be obtained with "openssl genrsa" command # from pyasn1_modules.rfc2437 import * class OtherPrimeInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('prime', univ.Integer()), namedtype.NamedType('exponent', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()) ) class OtherPrimeInfos(univ.SequenceOf): componentType = OtherPrimeInfo() subtypeSpec = univ.SequenceOf.subtypeSpec + \ constraint.ValueSizeConstraint(1, MAX) class RSAPrivateKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('two-prime', 0), ('multi', 1)))), namedtype.NamedType('modulus', univ.Integer()), namedtype.NamedType('publicExponent', univ.Integer()), namedtype.NamedType('privateExponent', univ.Integer()), namedtype.NamedType('prime1', univ.Integer()), namedtype.NamedType('prime2', univ.Integer()), namedtype.NamedType('exponent1', univ.Integer()), namedtype.NamedType('exponent2', univ.Integer()), namedtype.NamedType('coefficient', univ.Integer()), namedtype.OptionalNamedType('otherPrimeInfos', OtherPrimeInfos()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc2251.py0000644000014400001440000005345211527265144021125 0ustar ilyausers00000000000000# # LDAP message syntax # # ASN.1 source from: # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/ldap.asn # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import tag, namedtype, namedval, univ, constraint,char,useful from pyasn1.codec.der import decoder, encoder maxInt = univ.Integer(2147483647) class LDAPString(univ.OctetString): pass class LDAPOID(univ.OctetString): pass class LDAPDN(LDAPString): pass class RelativeLDAPDN(LDAPString): pass class AttributeType(LDAPString): pass class AttributeDescription(LDAPString): pass class AttributeDescriptionList(univ.SequenceOf): componentType = AttributeDescription() class AttributeValue(univ.OctetString): pass class AssertionValue(univ.OctetString): pass class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeDesc', AttributeDescription()), namedtype.NamedType('assertionValue', AssertionValue()) ) class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) class MatchingRuleId(LDAPString): pass class Control(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('controlType', LDAPOID()), namedtype.DefaultedNamedType('criticality', univ.Boolean('False')), namedtype.OptionalNamedType('controlValue', univ.OctetString()) ) class Controls(univ.SequenceOf): componentType = Control() class LDAPURL(LDAPString): pass class Referral(univ.SequenceOf): componentType = LDAPURL() class SaslCredentials(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('mechanism', LDAPString()), namedtype.OptionalNamedType('credentials', univ.OctetString()) ) class AuthenticationChoice(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('simple', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('reserved-1', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('reserved-2', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('sasl', SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) ) class BindRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0) ) componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))), namedtype.NamedType('name', LDAPDN()), namedtype.NamedType('authentication', AuthenticationChoice()) ) class PartialAttributeList(univ.SequenceOf): componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) class SearchResultEntry(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4) ) componentType = namedtype.NamedTypes( namedtype.NamedType('objectName', LDAPDN()), namedtype.NamedType('attributes', PartialAttributeList()) ) class MatchingRuleAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('type', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), namedtype.NamedType('matchValue', AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) ) class SubstringFilter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('substrings', univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))))))) ) # Ugly hack to handle recursive Filter reference (up to 3-levels deep). class Filter3(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) class Filter2(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('not', Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) class Filter(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('not', Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.NamedType('substrings', SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.NamedType('present', AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) # End of Filter hack class SearchRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3) ) componentType = namedtype.NamedTypes( namedtype.NamedType('baseObject', LDAPDN()), namedtype.NamedType('scope', univ.Enumerated(namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))), namedtype.NamedType('derefAliases', univ.Enumerated(namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), ('derefFindingBaseObj', 2), ('derefAlways', 3)))), namedtype.NamedType('sizeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), namedtype.NamedType('timeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), namedtype.NamedType('typesOnly', univ.Boolean()), namedtype.NamedType('filter', Filter()), namedtype.NamedType('attributes', AttributeDescriptionList()) ) class UnbindRequest(univ.Null): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) ) class BindResponse(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) ) componentType = namedtype.NamedTypes( namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))) ) class LDAPResult(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class SearchResultReference(univ.SequenceOf): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19) ) componentType = LDAPURL() class SearchResultDone(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5) ) class AttributeTypeAndValues(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) ) class ModifyRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6) ) componentType = namedtype.NamedTypes( namedtype.NamedType('object', LDAPDN()), namedtype.NamedType('modification', univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))), namedtype.NamedType('modification', AttributeTypeAndValues()))))) ) class ModifyResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7) ) class AttributeList(univ.SequenceOf): componentType = univ.Sequence(componentType=namedtype.NamedTypes(namedtype.NamedType('type', AttributeDescription()), namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())))) class AddRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8) ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('attributes', AttributeList()) ) class AddResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9) ) class DelRequest(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10) ) class DelResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11) ) class ModifyDNRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12) ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('newrdn', RelativeLDAPDN()), namedtype.NamedType('deleteoldrdn', univ.Boolean()), namedtype.OptionalNamedType('newSuperior', LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) ) class ModifyDNResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13) ) class CompareRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14) ) componentType = namedtype.NamedTypes( namedtype.NamedType('entry', LDAPDN()), namedtype.NamedType('ava', AttributeValueAssertion()) ) class CompareResponse(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15) ) class AbandonRequest(LDAPResult): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16) ) class ExtendedRequest(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23) ) componentType = namedtype.NamedTypes( namedtype.NamedType('requestName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class ExtendedResponse(univ.Sequence): tagSet = univ.Sequence.tagSet.tagImplicitly( tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24) ) componentType = namedtype.NamedTypes( namedtype.NamedType('resultCode', univ.Enumerated(namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), ('compareTrue', 6), ('authMethodNotSupported', 7), ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), ('confidentialityRequired', 13), ('saslBindInProgress', 14), ('noSuchAttribute', 16), ('undefinedAttributeType', 17), ('inappropriateMatching', 18), ('constraintViolation', 19), ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), ('reserved-35', 35), ('aliasDereferencingProblem', 36), ('inappropriateAuthentication', 48), ('invalidCredentials', 49), ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), ('objectClassModsProhibited', 69), ('reserved-70', 70), ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), namedtype.NamedType('matchedDN', LDAPDN()), namedtype.NamedType('errorMessage', LDAPString()), namedtype.OptionalNamedType('referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('responseName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))), namedtype.OptionalNamedType('response', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11))) ) class MessageID(univ.Integer): subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( 0, maxInt ) class LDAPMessage(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('messageID', MessageID()), namedtype.NamedType('protocolOp', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('bindRequest', BindRequest()), namedtype.NamedType('bindResponse', BindResponse()), namedtype.NamedType('unbindRequest', UnbindRequest()), namedtype.NamedType('searchRequest', SearchRequest()), namedtype.NamedType('searchResEntry', SearchResultEntry()), namedtype.NamedType('searchResDone', SearchResultDone()), namedtype.NamedType('searchResRef', SearchResultReference()), namedtype.NamedType('modifyRequest', ModifyRequest()), namedtype.NamedType('modifyResponse', ModifyResponse()), namedtype.NamedType('addRequest', AddRequest()), namedtype.NamedType('addResponse', AddResponse()), namedtype.NamedType('delRequest', DelRequest()), namedtype.NamedType('delResponse', DelResponse()), namedtype.NamedType('modDNRequest', ModifyDNRequest()), namedtype.NamedType('modDNResponse', ModifyDNResponse()), namedtype.NamedType('compareRequest', CompareRequest()), namedtype.NamedType('compareResponse', CompareResponse()), namedtype.NamedType('abandonRequest', AbandonRequest()), namedtype.NamedType('extendedReq', ExtendedRequest()), namedtype.NamedType('extendedResp', ExtendedResponse())))), namedtype.OptionalNamedType('controls', Controls().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc2315.py0000644000014400001440000002127611741073105021115 0ustar ilyausers00000000000000# # PKCS#7 message syntax # # ASN.1 source from: # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/pkcs7.asn # # Sample captures from: # openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b # from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful from pyasn1_modules.rfc2459 import * class Attribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', AttributeType()), namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) ) class AttributeValueAssertion(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('attributeType', AttributeType()), namedtype.NamedType('attributeValue', AttributeValue()) ) pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7') data = univ.ObjectIdentifier('1.2.840.113549.1.7.1') signedData = univ.ObjectIdentifier('1.2.840.113549.1.7.2') envelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.3') signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4') digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5') encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6') class ContentType(univ.ObjectIdentifier): pass class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass class EncryptedContent(univ.OctetString): pass class EncryptedContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class Version(univ.Integer): pass # overrides x509.Version class EncryptedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) ) class DigestAlgorithmIdentifier(AlgorithmIdentifier): pass class DigestAlgorithmIdentifiers(univ.SetOf): componentType = DigestAlgorithmIdentifier() class Digest(univ.OctetString): pass class ContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.OptionalNamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class DigestedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('contentInfo', ContentInfo()), namedtype.NamedType('digest', Digest) ) class IssuerAndSerialNumber(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', Name()), namedtype.NamedType('serialNumber', CertificateSerialNumber()) ) class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass class EncryptedKey(univ.OctetString): pass class RecipientInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedKey', EncryptedKey()) ) class RecipientInfos(univ.SetOf): componentType = RecipientInfo() class Attributes(univ.SetOf): componentType = Attribute() class ExtendedCertificateInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('certificate', Certificate()), namedtype.NamedType('attributes', Attributes()) ) class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass class Signature(univ.BitString): pass class ExtendedCertificate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) class ExtendedCertificateOrCertificate(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('certificate', Certificate()), namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class ExtendedCertificatesAndCertificates(univ.SetOf): componentType = ExtendedCertificateOrCertificate() class SerialNumber(univ.Integer): pass class CRLEntry(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('userCertificate', SerialNumber()), namedtype.NamedType('revocationDate', useful.UTCTime()) ) class TBSCertificateRevocationList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('signature', AlgorithmIdentifier()), namedtype.NamedType('issuer', Name()), namedtype.NamedType('lastUpdate', useful.UTCTime()), namedtype.NamedType('nextUpdate', useful.UTCTime()), namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry())) ) class CertificateRevocationList(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()), namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class CertificateRevocationLists(univ.SetOf): componentType = CertificateRevocationList() class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): pass class EncryptedDigest(univ.OctetString): pass class SignerInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()), namedtype.NamedType('encryptedDigest', EncryptedDigest()), namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) ) class SignerInfos(univ.SetOf): componentType = SignerInfo() class SignedAndEnvelopedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) class EnvelopedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('recipientInfos', RecipientInfos()), namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) ) class DigestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), namedtype.NamedType('digest', Digest()) ) class SignedData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), namedtype.NamedType('contentInfo', ContentInfo()), namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('signerInfos', SignerInfos()) ) class Data(univ.OctetString): pass pyasn1-modules-0.0.3/pyasn1_modules/pkcs12.py0000644000014400001440000000232411740066274021134 0ustar ilyausers00000000000000# # PKCS#12 syntax # # ASN.1 source from: # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12.asn # # Sample captures could be obtained with "openssl pkcs12" command # from pyasn1.type import tag, namedtype, namedval, univ, constraint from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2251 class Attributes(univ.SetOf): componentType = rfc2251.Attribute() class Version(univ.Integer): pass class CertificationRequestInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('subject', Name()), namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), namedtype.NamedType('attributes', Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class Signature(univ.BitString): pass class SignatureAlgorithmIdentifier(AlgorithmIdentifier): pass class CertificationRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), namedtype.NamedType('signature', Signature()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc3412.py0000644000014400001440000000321311741333400021100 0ustar ilyausers00000000000000# # SNMPv3 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc3412.txt # from pyasn1.type import univ, namedtype, namedval, tag, constraint from pyasn1_modules import rfc1905 class ScopedPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contextEngineId', univ.OctetString()), namedtype.NamedType('contextName', univ.OctetString()), namedtype.NamedType('data', rfc1905.PDUs()) ) class ScopedPduData(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('plaintext', ScopedPDU()), namedtype.NamedType('encryptedPDU', univ.OctetString()), ) class HeaderData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgID', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgMaxSize', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))), namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))), namedtype.NamedType('msgSecurityModel', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647))) ) class SNMPv3Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('msgVersion', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), namedtype.NamedType('msgGlobalData', HeaderData()), namedtype.NamedType('msgSecurityParameters', univ.OctetString()), namedtype.NamedType('msgData', ScopedPduData()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc1157.py0000644000014400001440000000632511741357455021133 0ustar ilyausers00000000000000# # SNMPv1 message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1157.txt # # Sample captures from: # http://wiki.wireshark.org/SampleCaptures/ # from pyasn1.type import univ, namedtype, namedval, tag, constraint from pyasn1_modules import rfc1155 class Version(univ.Integer): namedValues = namedval.NamedValues( ('version-1', 0) ) defaultValue = 0 class Community(univ.OctetString): pass class RequestID(univ.Integer): pass class ErrorStatus(univ.Integer): namedValues = namedval.NamedValues( ('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5) ) class ErrorIndex(univ.Integer): pass class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('name', rfc1155.ObjectName()), namedtype.NamedType('value', rfc1155.ObjectSyntax()) ) class VarBindList(univ.SequenceOf): componentType = VarBind() class _RequestBase(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', RequestID()), namedtype.NamedType('error-status', ErrorStatus()), namedtype.NamedType('error-index', ErrorIndex()), namedtype.NamedType('variable-bindings', VarBindList()) ) class GetRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) class GetNextRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) class GetResponsePDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) ) class SetRequestPDU(_RequestBase): tagSet = _RequestBase.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) ) class TrapPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('enterprise', univ.ObjectIdentifier()), namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()), namedtype.NamedType('generic-trap', univ.Integer().clone(namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), ('authenticationFailure', 4), ('egpNeighborLoss', 5), ('enterpriseSpecific', 6)))), namedtype.NamedType('specific-trap', univ.Integer()), namedtype.NamedType('time-stamp', rfc1155.TimeTicks()), namedtype.NamedType('variable-bindings', VarBindList()) ) class Pdus(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('get-request', GetRequestPDU()), namedtype.NamedType('get-next-request', GetNextRequestPDU()), namedtype.NamedType('get-response', GetResponsePDU()), namedtype.NamedType('set-request', SetRequestPDU()), namedtype.NamedType('trap', TrapPDU()) ) class Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', Version()), namedtype.NamedType('community', Community()), namedtype.NamedType('data', Pdus()) ) pyasn1-modules-0.0.3/pyasn1_modules/rfc1905.py0000644000014400001440000001021211741333400021102 0ustar ilyausers00000000000000# # SNMPv2c message syntax # # ASN.1 source from: # http://www.ietf.org/rfc/rfc1905.txt # from pyasn1.type import univ, namedtype, namedval, tag, constraint from pyasn1_modules import rfc1902 max_bindings = rfc1902.Integer(2147483647) class _BindValue(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('value', rfc1902.ObjectSyntax()), namedtype.NamedType('unSpecified', univ.Null()), namedtype.NamedType('noSuchObject', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('noSuchInstance', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('endOfMibView', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class VarBind(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('name', rfc1902.ObjectName()), namedtype.NamedType('', _BindValue()) ) class VarBindList(univ.SequenceOf): componentType = VarBind() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint( 0, max_bindings ) class PDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', rfc1902.Integer32()), namedtype.NamedType('error-status', univ.Integer(namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), ('notWritable', 17), ('inconsistentName', 18)))), namedtype.NamedType('error-index', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('variable-bindings', VarBindList()) ) class BulkPDU(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('request-id', rfc1902.Integer32()), namedtype.NamedType('non-repeaters', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('max-repetitions', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), namedtype.NamedType('variable-bindings', VarBindList()) ) class GetRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) ) class GetNextRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) ) class ResponsePDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) ) class SetRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) ) class GetBulkRequestPDU(BulkPDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) ) class InformRequestPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) ) class SNMPv2TrapPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) ) class ReportPDU(PDU): tagSet = PDU.tagSet.tagImplicitly( tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) ) class PDUs(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('get-request', GetRequestPDU()), namedtype.NamedType('get-next-request', GetNextRequestPDU()), namedtype.NamedType('get-bulk-request', GetBulkRequestPDU()), namedtype.NamedType('response', ResponsePDU()), namedtype.NamedType('set-request', SetRequestPDU()), namedtype.NamedType('inform-request', InformRequestPDU()), namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()), namedtype.NamedType('report', ReportPDU()) ) pyasn1-modules-0.0.3/pyasn1_modules/__init__.py0000644000014400001440000000000011527265144021555 0ustar ilyausers00000000000000pyasn1-modules-0.0.3/pyasn1_modules/rfc2511.py0000644000014400001440000002243711737761012021121 0ustar ilyausers00000000000000# # X.509 certificate Request Message Format (CRMF) syntax # # ASN.1 source from: # http://tools.ietf.org/html/rfc2511 # # Sample captures could be obtained with OpenSSL # from pyasn1.type import tag, namedtype, namedval, univ, constraint, char,useful from pyasn1_modules.rfc2459 import * from pyasn1_modules import rfc2315 MAX=16 id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5') id_regCtrl = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1') id_regCtrl_regToken = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.1') id_regCtrl_authenticator = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.2') id_regCtrl_pkiPublicationInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.3') id_regCtrl_pkiArchiveOptions = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.4') id_regCtrl_oldCertID = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.5') id_regCtrl_protocolEncrKey = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.6') id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2') id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1') id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2') # This should be in PKIX Certificate Extensions module class GeneralName(univ.OctetString): pass # end of PKIX Certificate Extensions module class UTF8Pairs(char.UTF8String): pass class ProtocolEncrKey(SubjectPublicKeyInfo): pass class CertId(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('issuer', GeneralName()), namedtype.NamedType('serialNumber', univ.Integer()) ) class OldCertId(CertId): pass class KeyGenParameters(univ.OctetString): pass class EncryptedValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.NamedType('encValue', univ.BitString()) ) class EncryptedKey(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedValue', EncryptedValue()), namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) ) class PKIArchiveOptions(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('archiveRemGenPrivKey', univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class SinglePubInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('pubMethod', univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), namedtype.OptionalNamedType('pubLocation', GeneralName()) ) class PKIPublicationInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('action', univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class Authenticator(char.UTF8String): pass class RegToken(char.UTF8String): pass class SubsequentMessage(univ.Integer): namedValues = namedval.NamedValues( ('encrCert', 0), ('challengeResp', 1) ) class POPOPrivKey(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('thisMessage', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.NamedType('dhMAC', univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) ) class PBMParameter(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('salt', univ.OctetString()), namedtype.NamedType('owf', AlgorithmIdentifier()), namedtype.NamedType('iterationCount', univ.Integer()), namedtype.NamedType('mac', AlgorithmIdentifier()) ) class PKMACValue(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('algId', AlgorithmIdentifier()), namedtype.NamedType('value', univ.BitString()) ) class POPOSigningKeyInput(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('authInfo', univ.Choice(componentType=namedtype.NamedTypes(namedtype.NamedType('sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('publicKeyMAC', PKMACValue())))), namedtype.NamedType('publicKey', SubjectPublicKeyInfo()) ) class POPOSigningKey(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) ) class ProofOfPossession(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('raVerified', univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('signature', POPOSigningKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) ) class Controls(univ.SequenceOf): componentType = AttributeTypeAndValue() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) class OptionalValidity(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('notBefore', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('notAfter', Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) class CertTemplate(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.OptionalNamedType('version', Version().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), namedtype.OptionalNamedType('validity', OptionalValidity().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) ) class CertRequest(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReqId', univ.Integer()), namedtype.NamedType('certTemplate', CertTemplate()), namedtype.OptionalNamedType('controls', Controls()) ) class CertReq(CertRequest): pass class CertReqMsg(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('certReq', CertRequest()), namedtype.OptionalNamedType('pop', ProofOfPossession()), namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) ) class CertReqMessages(univ.SequenceOf): componentType = CertReqMsg() subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) pyasn1-modules-0.0.3/setup.py0000644000014400001440000000304311743343521016221 0ustar ilyausers00000000000000#!/usr/bin/env python import sys def howto_install_setuptools(): print(""" Error: You need setuptools Python package! It's very easy to install it, just type (as root on Linux): wget http://peak.telecommunity.com/dist/ez_setup.py python ez_setup.py """) try: from setuptools import setup params = { 'install_requires': [ 'pyasn1>=0.1.1' ], 'zip_safe': True } except ImportError: for arg in sys.argv: if arg.find('egg') != -1: howto_install_setuptools() sys.exit(1) from distutils.core import setup params = {} if sys.version_info[:2] > (2, 4): params['requires'] = [ 'pyasn1(>=0.1.1)' ] params.update( { 'name': 'pyasn1-modules', 'version': '0.0.3', 'description': 'ASN.1 modules', 'author': 'Ilya Etingof', 'author_email': 'ilya@glas.net', 'url': 'http://sourceforge.net/projects/pyasn1/', 'classifiers': [ 'Development Status :: 5 - Production/Stable', 'Intended Audience :: Developers', 'Intended Audience :: Information Technology', 'Intended Audience :: Telecommunications Industry', 'Operating System :: OS Independent', 'Programming Language :: Python :: 2', 'Programming Language :: Python :: 3', 'Topic :: Communications', 'Topic :: Security :: Cryptography', 'Topic :: Software Development :: Libraries :: Python Modules', 'License :: OSI Approved :: BSD License' ], 'license': 'BSD', 'packages': [ 'pyasn1_modules' ] } ) setup(**params) pyasn1-modules-0.0.3/setup.cfg0000644000014400001440000000007311744221522016325 0ustar ilyausers00000000000000[egg_info] tag_build = tag_date = 0 tag_svn_revision = 0 pyasn1-modules-0.0.3/LICENSE0000644000014400001440000000306511737357060015526 0ustar ilyausers00000000000000Copyright (c) 2011-2012 Ilya Etingof , all rights reserved. THIS SOFTWARE IS NOT FAULT TOLERANT AND SHOULD NOT BE USED IN ANY SITUATION ENDANGERING HUMAN LIFE OR PROPERTY. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * The name of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. pyasn1-modules-0.0.3/README0000644000014400001440000000070311642527001015362 0ustar ilyausers00000000000000 ASN.1 modules for Python ------------------------ This is a small but growing collection of ASN.1 data structures [1] expressed in Python terms using pyasn1 [2] data model. It's thought to be useful to protocol developers and testers. All modules are py2k/py3k-compliant. If you happen to convert some ASN.1 module into pyasn1 that is not yet present in this collection and wish to contribute - please send it to me. =-=-= mailto: ilya@glas.net pyasn1-modules-0.0.3/test/0000755000014400001440000000000011744221522015463 5ustar ilyausers00000000000000pyasn1-modules-0.0.3/test/x509dump.sh0000644000014400001440000000211411741312465017414 0ustar ilyausers00000000000000#!/bin/sh x509dump.py <