diff --git a/.venv/lib/python3.11/site-packages/googleapis_common_protos-1.66.0.dist-info/LICENSE b/.venv/lib/python3.11/site-packages/googleapis_common_protos-1.66.0.dist-info/LICENSE new file mode 100644 index 0000000000000000000000000000000000000000..d645695673349e3947e8e5ae42332d0ac3164cd7 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/googleapis_common_protos-1.66.0.dist-info/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/.venv/lib/python3.11/site-packages/googleapis_common_protos-1.66.0.dist-info/WHEEL b/.venv/lib/python3.11/site-packages/googleapis_common_protos-1.66.0.dist-info/WHEEL new file mode 100644 index 0000000000000000000000000000000000000000..ee810efb31c37815a70827942976bfcba5b5d2bc --- /dev/null +++ b/.venv/lib/python3.11/site-packages/googleapis_common_protos-1.66.0.dist-info/WHEEL @@ -0,0 +1,6 @@ +Wheel-Version: 1.0 +Generator: setuptools (75.3.0) +Root-Is-Purelib: true +Tag: py2-none-any +Tag: py3-none-any + diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/pem.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/pem.py new file mode 100644 index 0000000000000000000000000000000000000000..29235ab5cf9a3c8c340e978c307f1424d03cebd6 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/pem.py @@ -0,0 +1,58 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +import base64 + +stSpam, stHam, stDump = 0, 1, 2 + + +# The markers parameters is in form ('start1', 'stop1'), ('start2', 'stop2')... +# Return is (marker-index, substrate) +def readPemBlocksFromFile(fileObj, *markers): + startMarkers = dict(map(lambda x: (x[1], x[0]), + enumerate(map(lambda y: y[0], markers)))) + stopMarkers = dict(map(lambda x: (x[1], x[0]), + enumerate(map(lambda y: y[1], markers)))) + idx = -1 + substrate = '' + certLines = [] + state = stSpam + while True: + certLine = fileObj.readline() + if not certLine: + break + certLine = certLine.strip() + if state == stSpam: + if certLine in startMarkers: + certLines = [] + idx = startMarkers[certLine] + state = stHam + continue + if state == stHam: + if certLine in stopMarkers and stopMarkers[certLine] == idx: + state = stDump + else: + certLines.append(certLine) + if state == stDump: + substrate = ''.encode().join([base64.b64decode(x.encode()) for x in certLines]) + break + return idx, substrate + + +# Backward compatibility routine +def readPemFromFile(fileObj, + startMarker='-----BEGIN CERTIFICATE-----', + endMarker='-----END CERTIFICATE-----'): + idx, substrate = readPemBlocksFromFile(fileObj, (startMarker, endMarker)) + return substrate + + +def readBase64fromText(text): + return base64.b64decode(text.encode()) + + +def readBase64FromFile(fileObj): + return readBase64fromText(fileObj.read()) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1155.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1155.py new file mode 100644 index 0000000000000000000000000000000000000000..18702345d136e30da968206754a757ca6afddd8c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1155.py @@ -0,0 +1,96 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv1 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1155.txt +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + + +class ObjectName(univ.ObjectIdentifier): + pass + + +class SimpleSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('number', univ.Integer()), + namedtype.NamedType('string', univ.OctetString()), + namedtype.NamedType('object', univ.ObjectIdentifier()), + namedtype.NamedType('empty', univ.Null()) + ) + + +class IpAddress(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( + 4, 4 + ) + + +class NetworkAddress(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('internet', IpAddress()) + ) + + +class Counter(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 1) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class Gauge(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class TimeTicks(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 3) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class Opaque(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 4) + ) + + +class ApplicationSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('address', NetworkAddress()), + namedtype.NamedType('counter', Counter()), + namedtype.NamedType('gauge', Gauge()), + namedtype.NamedType('ticks', TimeTicks()), + namedtype.NamedType('arbitrary', Opaque()) + ) + + +class ObjectSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', SimpleSyntax()), + namedtype.NamedType('application-wide', ApplicationSyntax()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1901.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1901.py new file mode 100644 index 0000000000000000000000000000000000000000..658dcb938169eed38a4a2da5d43e523487223308 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1901.py @@ -0,0 +1,22 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv2c message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1901.txt +# +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ + + +class Message(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('version-2c', 1)))), + namedtype.NamedType('community', univ.OctetString()), + namedtype.NamedType('data', univ.Any()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1902.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1902.py new file mode 100644 index 0000000000000000000000000000000000000000..063998a9481ebdbdcf38c7af824719d9e544c2fe --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1902.py @@ -0,0 +1,129 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv2c message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1902.txt +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + + +class Integer(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + -2147483648, 2147483647 + ) + + +class Integer32(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + -2147483648, 2147483647 + ) + + +class OctetString(univ.OctetString): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint( + 0, 65535 + ) + + +class IpAddress(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x00) + ) + subtypeSpec = univ.OctetString.subtypeSpec + constraint.ValueSizeConstraint( + 4, 4 + ) + + +class Counter32(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x01) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class Gauge32(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class Unsigned32(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x02) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class TimeTicks(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x03) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 4294967295 + ) + + +class Opaque(univ.OctetString): + tagSet = univ.OctetString.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x04) + ) + + +class Counter64(univ.Integer): + tagSet = univ.Integer.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 0x06) + ) + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, 18446744073709551615 + ) + + +class Bits(univ.OctetString): + pass + + +class ObjectName(univ.ObjectIdentifier): + pass + + +class SimpleSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('integer-value', Integer()), + namedtype.NamedType('string-value', OctetString()), + namedtype.NamedType('objectID-value', univ.ObjectIdentifier()) + ) + + +class ApplicationSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ipAddress-value', IpAddress()), + namedtype.NamedType('counter-value', Counter32()), + namedtype.NamedType('timeticks-value', TimeTicks()), + namedtype.NamedType('arbitrary-value', Opaque()), + namedtype.NamedType('big-counter-value', Counter64()), + # This conflicts with Counter32 + # namedtype.NamedType('unsigned-integer-value', Unsigned32()), + namedtype.NamedType('gauge32-value', Gauge32()) + ) # BITS misplaced? + + +class ObjectSyntax(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', SimpleSyntax()), + namedtype.NamedType('application-wide', ApplicationSyntax()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1905.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1905.py new file mode 100644 index 0000000000000000000000000000000000000000..435427b2bc2ed528ceafe561c54d2072ce53be59 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1905.py @@ -0,0 +1,135 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv2c PDU syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1905.txt +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc1902 + +max_bindings = rfc1902.Integer(2147483647) + + +class _BindValue(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('value', rfc1902.ObjectSyntax()), + namedtype.NamedType('unSpecified', univ.Null()), + namedtype.NamedType('noSuchObject', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('noSuchInstance', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('endOfMibView', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class VarBind(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('name', rfc1902.ObjectName()), + namedtype.NamedType('', _BindValue()) + ) + + +class VarBindList(univ.SequenceOf): + componentType = VarBind() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint( + 0, max_bindings + ) + + +class PDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('request-id', rfc1902.Integer32()), + namedtype.NamedType('error-status', univ.Integer( + namedValues=namedval.NamedValues(('noError', 0), ('tooBig', 1), ('noSuchName', 2), ('badValue', 3), + ('readOnly', 4), ('genErr', 5), ('noAccess', 6), ('wrongType', 7), + ('wrongLength', 8), ('wrongEncoding', 9), ('wrongValue', 10), + ('noCreation', 11), ('inconsistentValue', 12), ('resourceUnavailable', 13), + ('commitFailed', 14), ('undoFailed', 15), ('authorizationError', 16), + ('notWritable', 17), ('inconsistentName', 18)))), + namedtype.NamedType('error-index', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + + +class BulkPDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('request-id', rfc1902.Integer32()), + namedtype.NamedType('non-repeaters', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('max-repetitions', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, max_bindings))), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + + +class GetRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + + +class GetNextRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + + +class ResponsePDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) + + +class SetRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + + +class GetBulkRequestPDU(BulkPDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) + ) + + +class InformRequestPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) + ) + + +class SNMPv2TrapPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) + ) + + +class ReportPDU(PDU): + tagSet = PDU.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) + ) + + +class PDUs(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('get-request', GetRequestPDU()), + namedtype.NamedType('get-next-request', GetNextRequestPDU()), + namedtype.NamedType('get-bulk-request', GetBulkRequestPDU()), + namedtype.NamedType('response', ResponsePDU()), + namedtype.NamedType('set-request', SetRequestPDU()), + namedtype.NamedType('inform-request', InformRequestPDU()), + namedtype.NamedType('snmpV2-trap', SNMPv2TrapPDU()), + namedtype.NamedType('report', ReportPDU()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2315.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2315.py new file mode 100644 index 0000000000000000000000000000000000000000..1069fc27dd7ca67f49bb34cf52296adeb3ea396c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2315.py @@ -0,0 +1,294 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS#7 message syntax +# +# ASN.1 source from: +# https://opensource.apple.com/source/Security/Security-55179.1/libsecurity_asn1/asn1/pkcs7.asn.auto.html +# +# Sample captures from: +# openssl crl2pkcs7 -nocrl -certfile cert1.cer -out outfile.p7b +# +from pyasn1_modules.rfc2459 import * + + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) + ) + + +class AttributeValueAssertion(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('attributeType', AttributeType()), + namedtype.NamedType('attributeValue', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap)) + ) + + +pkcs_7 = univ.ObjectIdentifier('1.2.840.113549.1.7') +data = univ.ObjectIdentifier('1.2.840.113549.1.7.1') +signedData = univ.ObjectIdentifier('1.2.840.113549.1.7.2') +envelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.3') +signedAndEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.7.4') +digestedData = univ.ObjectIdentifier('1.2.840.113549.1.7.5') +encryptedData = univ.ObjectIdentifier('1.2.840.113549.1.7.6') + + +class ContentType(univ.ObjectIdentifier): + pass + + +class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class EncryptedContent(univ.OctetString): + pass + + +contentTypeMap = {} + + +class EncryptedContentInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), + namedtype.OptionalNamedType( + 'encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ), + openType=opentype.OpenType('contentType', contentTypeMap) + ) + ) + + +class Version(univ.Integer): # overrides x509.Version + pass + + +class EncryptedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) + ) + + +class DigestAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class DigestAlgorithmIdentifiers(univ.SetOf): + componentType = DigestAlgorithmIdentifier() + + +class Digest(univ.OctetString): + pass + + +class ContentInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.OptionalNamedType( + 'content', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)), + openType=opentype.OpenType('contentType', contentTypeMap) + ) + ) + + +class DigestedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('contentInfo', ContentInfo()), + namedtype.NamedType('digest', Digest()) + ) + + +class IssuerAndSerialNumber(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('serialNumber', CertificateSerialNumber()) + ) + + +class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class EncryptedKey(univ.OctetString): + pass + + +class RecipientInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) + ) + + +class RecipientInfos(univ.SetOf): + componentType = RecipientInfo() + + +class Attributes(univ.SetOf): + componentType = Attribute() + + +class ExtendedCertificateInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('certificate', Certificate()), + namedtype.NamedType('attributes', Attributes()) + ) + + +class SignatureAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class Signature(univ.BitString): + pass + + +class ExtendedCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) + ) + + +class ExtendedCertificateOrCertificate(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class ExtendedCertificatesAndCertificates(univ.SetOf): + componentType = ExtendedCertificateOrCertificate() + + +class SerialNumber(univ.Integer): + pass + + +class CRLEntry(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userCertificate', SerialNumber()), + namedtype.NamedType('revocationDate', useful.UTCTime()) + ) + + +class TBSCertificateRevocationList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('lastUpdate', useful.UTCTime()), + namedtype.NamedType('nextUpdate', useful.UTCTime()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=CRLEntry())) + ) + + +class CertificateRevocationList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificateRevocationList', TBSCertificateRevocationList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + + +class CertificateRevocationLists(univ.SetOf): + componentType = CertificateRevocationList() + + +class DigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class EncryptedDigest(univ.OctetString): + pass + + +class SignerInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('authenticatedAttributes', Attributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('digestEncryptionAlgorithm', DigestEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedDigest', EncryptedDigest()), + namedtype.OptionalNamedType('unauthenticatedAttributes', Attributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class SignerInfos(univ.SetOf): + componentType = SignerInfo() + + +class SignedAndEnvelopedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) + ) + + +class EnvelopedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()) + ) + + +class DigestInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('digest', Digest()) + ) + + +class SignedData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.OptionalNamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('contentInfo', ContentInfo()), + namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('signerInfos', SignerInfos()) + ) + + +class Data(univ.OctetString): + pass + +_contentTypeMapUpdate = { + data: Data(), + signedData: SignedData(), + envelopedData: EnvelopedData(), + signedAndEnvelopedData: SignedAndEnvelopedData(), + digestedData: DigestedData(), + encryptedData: EncryptedData() +} + +contentTypeMap.update(_contentTypeMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2459.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2459.py new file mode 100644 index 0000000000000000000000000000000000000000..57f783e45159f9886758dd73d4892f63c2fc844f --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2459.py @@ -0,0 +1,1339 @@ +# +# This file is part of pyasn1-modules software. +# +# Updated by Russ Housley to resolve the TODO regarding the Certificate +# Policies Certificate Extension. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# X.509 message syntax +# +# ASN.1 source from: +# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn +# http://www.ietf.org/rfc/rfc2459.txt +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +MAX = float('inf') + +# +# PKIX1Explicit88 +# + +# Upper Bounds +ub_name = univ.Integer(32768) +ub_common_name = univ.Integer(64) +ub_locality_name = univ.Integer(128) +ub_state_name = univ.Integer(128) +ub_organization_name = univ.Integer(64) +ub_organizational_unit_name = univ.Integer(64) +ub_title = univ.Integer(64) +ub_match = univ.Integer(128) +ub_emailaddress_length = univ.Integer(128) +ub_common_name_length = univ.Integer(64) +ub_country_name_alpha_length = univ.Integer(2) +ub_country_name_numeric_length = univ.Integer(3) +ub_domain_defined_attributes = univ.Integer(4) +ub_domain_defined_attribute_type_length = univ.Integer(8) +ub_domain_defined_attribute_value_length = univ.Integer(128) +ub_domain_name_length = univ.Integer(16) +ub_extension_attributes = univ.Integer(256) +ub_e163_4_number_length = univ.Integer(15) +ub_e163_4_sub_address_length = univ.Integer(40) +ub_generation_qualifier_length = univ.Integer(3) +ub_given_name_length = univ.Integer(16) +ub_initials_length = univ.Integer(5) +ub_integer_options = univ.Integer(256) +ub_numeric_user_id_length = univ.Integer(32) +ub_organization_name_length = univ.Integer(64) +ub_organizational_unit_name_length = univ.Integer(32) +ub_organizational_units = univ.Integer(4) +ub_pds_name_length = univ.Integer(16) +ub_pds_parameter_length = univ.Integer(30) +ub_pds_physical_address_lines = univ.Integer(6) +ub_postal_code_length = univ.Integer(16) +ub_surname_length = univ.Integer(40) +ub_terminal_id_length = univ.Integer(24) +ub_unformatted_address_length = univ.Integer(180) +ub_x121_address_length = univ.Integer(16) + + +class UniversalString(char.UniversalString): + pass + + +class BMPString(char.BMPString): + pass + + +class UTF8String(char.UTF8String): + pass + + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') +id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') +id_qt = univ.ObjectIdentifier('1.3.6.1.5.5.7.2') +id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') +id_ad = univ.ObjectIdentifier('1.3.6.1.5.5.7.48') + +id_qt_cps = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.1') +id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') + +id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') +id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') + + + + +id_at = univ.ObjectIdentifier('2.5.4') +id_at_name = univ.ObjectIdentifier('2.5.4.41') +# preserve misspelled variable for compatibility +id_at_sutname = id_at_surname = univ.ObjectIdentifier('2.5.4.4') +id_at_givenName = univ.ObjectIdentifier('2.5.4.42') +id_at_initials = univ.ObjectIdentifier('2.5.4.43') +id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') + + +class X520name(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) + ) + + +id_at_commonName = univ.ObjectIdentifier('2.5.4.3') + + +class X520CommonName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) + ) + + +id_at_localityName = univ.ObjectIdentifier('2.5.4.7') + + +class X520LocalityName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) + ) + + +id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') + + +class X520StateOrProvinceName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) + ) + + +id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') + + +class X520OrganizationName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) + ) + + +id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') + + +class X520OrganizationalUnitName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) + ) + + +id_at_title = univ.ObjectIdentifier('2.5.4.12') + + +class X520Title(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) + ) + + +id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') + + +class X520dnQualifier(char.PrintableString): + pass + + +id_at_countryName = univ.ObjectIdentifier('2.5.4.6') + + +class X520countryName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) + + +pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') + +emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') + + +class Pkcs9email(char.IA5String): + subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) + + +# ---- + +class DSAPrivateKey(univ.Sequence): + """PKIX compliant DSA private key structure""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('public', univ.Integer()), + namedtype.NamedType('private', univ.Integer()) + ) + + +# ---- + + +class DirectoryString(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + # hm, this should not be here!? XXX + ) + + +# certificate and CRL specific structures begin here + +class AlgorithmIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) + ) + + + +# Algorithm OIDs and parameter structures + +pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') +rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') +md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') +md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') +sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') +id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') + + +class Dss_Sig_Value(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('r', univ.Integer()), + namedtype.NamedType('s', univ.Integer()) + ) + + +dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') + + +class ValidationParms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('seed', univ.BitString()), + namedtype.NamedType('pgenCounter', univ.Integer()) + ) + + +class DomainParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('j', univ.Integer()), + namedtype.OptionalNamedType('validationParms', ValidationParms()) + ) + + +id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') + + +class Dss_Parms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()) + ) + + +# x400 address syntax starts here + +teletex_domain_defined_attributes = univ.Integer(6) + + +class TeletexDomainDefinedAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString()) + ) + + +class TeletexDomainDefinedAttributes(univ.SequenceOf): + componentType = TeletexDomainDefinedAttribute() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +terminal_type = univ.Integer(23) + + +class TerminalType(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) + namedValues = namedval.NamedValues( + ('telex', 3), + ('teletelex', 4), + ('g3-facsimile', 5), + ('g4-facsimile', 6), + ('ia5-terminal', 7), + ('videotex', 8) + ) + + +class PresentationAddress(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + ) + + +extended_network_address = univ.Integer(22) + + +class E163_4_address(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class ExtendedNetworkAddress(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('e163-4-address', E163_4_address()), + namedtype.NamedType('psap-address', PresentationAddress().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class PDSParameter(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) + ) + + +local_postal_attributes = univ.Integer(21) + + +class LocalPostalAttributes(PDSParameter): + pass + + +class UniquePostalName(PDSParameter): + pass + + +unique_postal_name = univ.Integer(20) + +poste_restante_address = univ.Integer(19) + + +class PosteRestanteAddress(PDSParameter): + pass + + +post_office_box_address = univ.Integer(18) + + +class PostOfficeBoxAddress(PDSParameter): + pass + + +street_address = univ.Integer(17) + + +class StreetAddress(PDSParameter): + pass + + +class UnformattedPostalAddress(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) + ) + + +physical_delivery_office_name = univ.Integer(10) + + +class PhysicalDeliveryOfficeName(PDSParameter): + pass + + +physical_delivery_office_number = univ.Integer(11) + + +class PhysicalDeliveryOfficeNumber(PDSParameter): + pass + + +extension_OR_address_components = univ.Integer(12) + + +class ExtensionORAddressComponents(PDSParameter): + pass + + +physical_delivery_personal_name = univ.Integer(13) + + +class PhysicalDeliveryPersonalName(PDSParameter): + pass + + +physical_delivery_organization_name = univ.Integer(14) + + +class PhysicalDeliveryOrganizationName(PDSParameter): + pass + + +extension_physical_delivery_address_components = univ.Integer(15) + + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): + pass + + +unformatted_postal_address = univ.Integer(16) + +postal_code = univ.Integer(9) + + +class PostalCode(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) + ) + + +class PhysicalDeliveryCountryName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, + ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + ) + + +class PDSName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) + + +physical_delivery_country_name = univ.Integer(8) + + +class TeletexOrganizationalUnitName(char.TeletexString): + subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +pds_name = univ.Integer(7) + +teletex_organizational_unit_names = univ.Integer(5) + + +class TeletexOrganizationalUnitNames(univ.SequenceOf): + componentType = TeletexOrganizationalUnitName() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) + + +teletex_personal_name = univ.Integer(4) + + +class TeletexPersonalName(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + + +teletex_organization_name = univ.Integer(3) + + +class TeletexOrganizationName(char.TeletexString): + subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +teletex_common_name = univ.Integer(2) + + +class TeletexCommonName(char.TeletexString): + subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) + + +class CommonName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) + + +common_name = univ.Integer(1) + + +class ExtensionAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class ExtensionAttributes(univ.SetOf): + componentType = ExtensionAttribute() + sizeSpec = univ.SetOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) + + +class BuiltInDomainDefinedAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) + ) + + +class BuiltInDomainDefinedAttributes(univ.SequenceOf): + componentType = BuiltInDomainDefinedAttribute() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +class OrganizationalUnitName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +class OrganizationalUnitNames(univ.SequenceOf): + componentType = OrganizationalUnitName() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) + + +class PersonalName(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + + +class NumericUserIdentifier(char.NumericString): + subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + + +class OrganizationName(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +class PrivateDomainName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) + ) + + +class TerminalIdentifier(char.PrintableString): + subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) + + +class X121Address(char.NumericString): + subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) + + +class NetworkAddress(X121Address): + pass + + +class AdministrationDomainName(univ.Choice): + tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) + ) + + +class CountryName(univ.Choice): + tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, + ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) + ) + + +class BuiltInStandardAttributes(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('country-name', CountryName()), + namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) + ) + + +class ORAddress(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), + namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), + namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) + ) + + +# +# PKIX1Implicit88 +# + +id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') + + +class InvalidityDate(useful.GeneralizedTime): + pass + + +id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') +id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') +id_holdinstruction_reject = univ.ObjectIdentifier('2.2.840.10040.2.3') + +holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') + +id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') + + +class HoldInstructionCode(univ.ObjectIdentifier): + pass + + +id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') + + +class CRLReason(univ.Enumerated): + namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8) + ) + + +id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') + + +class CRLNumber(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) + + +class BaseCRLNumber(CRLNumber): + pass + + +id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1') +id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') +id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') +id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') +id_kp_ipsecEndSystem = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.5') +id_kp_ipsecTunnel = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.6') +id_kp_ipsecUser = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.7') +id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') +id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') +id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') + + +class KeyPurposeId(univ.ObjectIdentifier): + pass + + +class ExtKeyUsageSyntax(univ.SequenceOf): + componentType = KeyPurposeId() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class ReasonFlags(univ.BitString): + namedValues = namedval.NamedValues( + ('unused', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6) + ) + + +class SkipCerts(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) + + +id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') + + +class PolicyConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') + + +class BasicConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('cA', univ.Boolean(False)), + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) + ) + + +id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') + + +class EDIPartyName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('partyName', + DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + + +id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') + + + +class BaseDistance(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) + + +id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') + + +id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') + + + + +id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') + + +class DisplayText(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('visibleString', + char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) + ) + + +class NoticeReference(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) + ) + + +class UserNotice(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) + ) + + +class CPSuri(char.IA5String): + pass + + +class PolicyQualifierId(univ.ObjectIdentifier): + subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) + + +class CertPolicyId(univ.ObjectIdentifier): + pass + + +class PolicyQualifierInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType('qualifier', univ.Any()) + ) + + +id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') + + +class PolicyInformation(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', CertPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +class CertificatePolicies(univ.SequenceOf): + componentType = PolicyInformation() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') + + +class PolicyMapping(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) + ) + + +class PolicyMappings(univ.SequenceOf): + componentType = PolicyMapping() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') + + +class PrivateKeyUsagePeriod(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') + + +class KeyUsage(univ.BitString): + namedValues = namedval.NamedValues( + ('digitalSignature', 0), + ('nonRepudiation', 1), + ('keyEncipherment', 2), + ('dataEncipherment', 3), + ('keyAgreement', 4), + ('keyCertSign', 5), + ('cRLSign', 6), + ('encipherOnly', 7), + ('decipherOnly', 8) + ) + + +id_ce = univ.ObjectIdentifier('2.5.29') + +id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') + + +class KeyIdentifier(univ.OctetString): + pass + + +id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') + + +class SubjectKeyIdentifier(KeyIdentifier): + pass + + +id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') + + +id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') + + +id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') + + +class AttributeValue(univ.Any): + pass + + +class AttributeType(univ.ObjectIdentifier): + pass + +certificateAttributesMap = {} + + +class AttributeTypeAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('value', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap)) + ) + + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + + +class SubjectDirectoryAttributes(univ.SequenceOf): + componentType = Attribute() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class RelativeDistinguishedName(univ.SetOf): + componentType = AttributeTypeAndValue() + + +class RDNSequence(univ.SequenceOf): + componentType = RelativeDistinguishedName() + + +class Name(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('', RDNSequence()) + ) + +class CertificateSerialNumber(univ.Integer): + pass + + +class AnotherName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType('value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class GeneralName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) + ) + + +class GeneralNames(univ.SequenceOf): + componentType = GeneralName() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class AccessDescription(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) + ) + + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + componentType = AccessDescription() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class AuthorityKeyIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class DistributionPointName(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class DistributionPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) + + +class CRLDistPointsSyntax(univ.SequenceOf): + componentType = DistributionPoint() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class IssuingDistributionPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + + +class GeneralSubtree(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class GeneralSubtrees(univ.SequenceOf): + componentType = GeneralSubtree() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class CertificateIssuer(GeneralNames): + pass + + +class SubjectAltName(GeneralNames): + pass + + +class IssuerAltName(GeneralNames): + pass + + +certificateExtensionsMap = {} + + +class Extension(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean('False')), + namedtype.NamedType('extnValue', univ.OctetString(), + openType=opentype.OpenType('extnID', certificateExtensionsMap)) + ) + + +class Extensions(univ.SequenceOf): + componentType = Extension() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class SubjectPublicKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + ) + + +class UniqueIdentifier(univ.BitString): + pass + + +class Time(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) + ) + + +class Validity(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) + ) + + +class Version(univ.Integer): + namedValues = namedval.NamedValues( + ('v1', 0), ('v2', 1), ('v3', 2) + ) + + +class TBSCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + + +class Certificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signatureValue', univ.BitString()) + ) + +# CRL structures + +class RevokedCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + ) + + +class TBSCertList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), + namedtype.OptionalNamedType('crlExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class CertificateList(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + +# map of AttributeType -> AttributeValue + +_certificateAttributesMapUpdate = { + id_at_name: X520name(), + id_at_surname: X520name(), + id_at_givenName: X520name(), + id_at_initials: X520name(), + id_at_generationQualifier: X520name(), + id_at_commonName: X520CommonName(), + id_at_localityName: X520LocalityName(), + id_at_stateOrProvinceName: X520StateOrProvinceName(), + id_at_organizationName: X520OrganizationName(), + id_at_organizationalUnitName: X520OrganizationalUnitName(), + id_at_title: X520Title(), + id_at_dnQualifier: X520dnQualifier(), + id_at_countryName: X520countryName(), + emailAddress: Pkcs9email(), +} + +certificateAttributesMap.update(_certificateAttributesMapUpdate) + + +# map of Certificate Extension OIDs to Extensions + +_certificateExtensionsMapUpdate = { + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), + id_ce_keyUsage: KeyUsage(), + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), + id_ce_certificatePolicies: CertificatePolicies(), + id_ce_policyMappings: PolicyMappings(), + id_ce_subjectAltName: SubjectAltName(), + id_ce_issuerAltName: IssuerAltName(), + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), + id_ce_basicConstraints: BasicConstraints(), + id_ce_nameConstraints: NameConstraints(), + id_ce_policyConstraints: PolicyConstraints(), + id_ce_extKeyUsage: ExtKeyUsageSyntax(), + id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), + id_ce_cRLNumber: univ.Integer(), + id_ce_deltaCRLIndicator: BaseCRLNumber(), + id_ce_issuingDistributionPoint: IssuingDistributionPoint(), + id_ce_cRLReasons: CRLReason(), + id_ce_holdInstructionCode: univ.ObjectIdentifier(), + id_ce_invalidityDate: useful.GeneralizedTime(), + id_ce_certificateIssuer: GeneralNames(), +} + +certificateExtensionsMap.update(_certificateExtensionsMapUpdate) + diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2511.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2511.py new file mode 100644 index 0000000000000000000000000000000000000000..8935cdabe33251cc5d6e1ebc51578845143194d5 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2511.py @@ -0,0 +1,258 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# X.509 certificate Request Message Format (CRMF) syntax +# +# ASN.1 source from: +# http://tools.ietf.org/html/rfc2511 +# +# Sample captures could be obtained with OpenSSL +# +from pyasn1_modules import rfc2315 +from pyasn1_modules.rfc2459 import * + +MAX = float('inf') + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') +id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5') +id_regCtrl = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1') +id_regCtrl_regToken = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.1') +id_regCtrl_authenticator = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.2') +id_regCtrl_pkiPublicationInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.3') +id_regCtrl_pkiArchiveOptions = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.4') +id_regCtrl_oldCertID = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.5') +id_regCtrl_protocolEncrKey = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.6') +id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2') +id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1') +id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2') + + +# This should be in PKIX Certificate Extensions module + +class GeneralName(univ.OctetString): + pass + + +# end of PKIX Certificate Extensions module + +class UTF8Pairs(char.UTF8String): + pass + + +class ProtocolEncrKey(SubjectPublicKeyInfo): + pass + + +class CertId(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', GeneralName()), + namedtype.NamedType('serialNumber', univ.Integer()) + ) + + +class OldCertId(CertId): + pass + + +class KeyGenParameters(univ.OctetString): + pass + + +class EncryptedValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('encValue', univ.BitString()) + ) + + +class EncryptedKey(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedValue', EncryptedValue()), + namedtype.NamedType('envelopedData', rfc2315.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class PKIArchiveOptions(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('archiveRemGenPrivKey', + univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class SinglePubInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('pubMethod', univ.Integer( + namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), + namedtype.OptionalNamedType('pubLocation', GeneralName()) + ) + + +class PKIPublicationInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('action', + univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), + namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +class Authenticator(char.UTF8String): + pass + + +class RegToken(char.UTF8String): + pass + + +class SubsequentMessage(univ.Integer): + namedValues = namedval.NamedValues( + ('encrCert', 0), + ('challengeResp', 1) + ) + + +class POPOPrivKey(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('thisMessage', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dhMAC', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class PBMParameter(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString()), + namedtype.NamedType('owf', AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', AlgorithmIdentifier()) + ) + + +class PKMACValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algId', AlgorithmIdentifier()), + namedtype.NamedType('value', univ.BitString()) + ) + + +class POPOSigningKeyInput(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'authInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'sender', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ), + namedtype.NamedType('publicKeyMAC', PKMACValue()) + ) + ) + ), + namedtype.NamedType('publicKey', SubjectPublicKeyInfo()) + ) + + +class POPOSigningKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) + ) + + +class ProofOfPossession(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('raVerified', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signature', POPOSigningKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('keyAgreement', POPOPrivKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + ) + + +class Controls(univ.SequenceOf): + componentType = AttributeTypeAndValue() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class OptionalValidity(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', + Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', + Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class CertTemplate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('issuer', Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('validity', OptionalValidity().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('subject', Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), + namedtype.OptionalNamedType('extensions', Extensions().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + + +class CertRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('certTemplate', CertTemplate()), + namedtype.OptionalNamedType('controls', Controls()) + ) + + +class CertReq(CertRequest): + pass + + +class CertReqMsg(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReq', CertRequest()), + namedtype.OptionalNamedType('pop', ProofOfPossession()), + namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +class CertReqMessages(univ.SequenceOf): + componentType = CertReqMsg() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2631.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2631.py new file mode 100644 index 0000000000000000000000000000000000000000..44e537101c433bf35b87b2b2947f33f58fb58f98 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2631.py @@ -0,0 +1,37 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Diffie-Hellman Key Agreement +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc2631.txt +# https://www.rfc-editor.org/errata/eid5897 +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + + +class KeySpecificInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.NamedType('counter', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(4, 4))) + ) + + +class OtherInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('keyInfo', KeySpecificInfo()), + namedtype.OptionalNamedType('partyAInfo', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('suppPubInfo', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2876.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2876.py new file mode 100644 index 0000000000000000000000000000000000000000..04c402b7ea6cddf9058e587bd6e3299838eebd58 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2876.py @@ -0,0 +1,56 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# KEA and SKIPJACK Algorithms in CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc2876.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5751 + + +id_fortezzaConfidentialityAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.4') + + +id_fortezzaWrap80 = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.23') + + +id_kEAKeyEncryptionAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.24') + + +id_keyExchangeAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.22') + + +class Skipjack_Parm(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('initialization-vector', univ.OctetString()) + ) + + +# Update the Algorithm Identifier map in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + id_fortezzaConfidentialityAlgorithm: Skipjack_Parm(), + id_kEAKeyEncryptionAlgorithm: rfc5280.AlgorithmIdentifier(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) + + +# Update the SMIMECapabilities Attribute map in rfc5751.py + +_smimeCapabilityMapUpdate = { + id_kEAKeyEncryptionAlgorithm: rfc5280.AlgorithmIdentifier(), +} + +rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2985.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2985.py new file mode 100644 index 0000000000000000000000000000000000000000..75bccf097dcd4c1f704f3207e5c35c562a90097b --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2985.py @@ -0,0 +1,588 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS#9: Selected Attribute Types (Version 2.0) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc2985.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc7292 +from pyasn1_modules import rfc5958 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5280 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +MAX = float('inf') + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +Attribute = rfc5280.Attribute + +EmailAddress = rfc5280.EmailAddress + +Extensions = rfc5280.Extensions + +Time = rfc5280.Time + +X520countryName = rfc5280.X520countryName + +X520SerialNumber = rfc5280.X520SerialNumber + + +# Imports from RFC 5652 + +ContentInfo = rfc5652.ContentInfo + +ContentType = rfc5652.ContentType + +Countersignature = rfc5652.Countersignature + +MessageDigest = rfc5652.MessageDigest + +SignerInfo = rfc5652.SignerInfo + +SigningTime = rfc5652.SigningTime + + +# Imports from RFC 5958 + +EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo + + +# Imports from RFC 7292 + +PFX = rfc7292.PFX + + +# TODO: +# Need a place to import PKCS15Token; it does not yet appear in an RFC + + +# SingleAttribute is the same as Attribute in RFC 5280, except that the +# attrValues SET must have one and only one member + +class AttributeType(univ.ObjectIdentifier): + pass + + +class AttributeValue(univ.Any): + pass + + +class AttributeValues(univ.SetOf): + pass + +AttributeValues.componentType = AttributeValue() + + +class SingleAttributeValues(univ.SetOf): + pass + +SingleAttributeValues.componentType = AttributeValue() + + +class SingleAttribute(univ.Sequence): + pass + +SingleAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', + AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), + openType=opentype.OpenType('type', rfc5280.certificateAttributesMap) + ) +) + + +# CMSAttribute is the same as Attribute in RFC 5652, and CMSSingleAttribute +# is the companion where the attrValues SET must have one and only one member + +CMSAttribute = rfc5652.Attribute + + +class CMSSingleAttribute(univ.Sequence): + pass + +CMSSingleAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', AttributeType()), + namedtype.NamedType('attrValues', + AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), + openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) + ) +) + + +# DirectoryString is the same as RFC 5280, except the length is limited to 255 + +class DirectoryString(univ.Choice): + pass + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))) +) + + +# PKCS9String is DirectoryString with an additional choice of IA5String, +# and the SIZE is limited to 255 + +class PKCS9String(univ.Choice): + pass + +PKCS9String.componentType = namedtype.NamedTypes( + namedtype.NamedType('ia5String', char.IA5String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('directoryString', DirectoryString()) +) + + +# Upper Bounds + +pkcs_9_ub_pkcs9String = univ.Integer(255) + +pkcs_9_ub_challengePassword = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_ub_emailAddress = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_ub_match = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_ub_signingDescription = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_ub_unstructuredAddress = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_ub_unstructuredName = univ.Integer(pkcs_9_ub_pkcs9String) + + +ub_name = univ.Integer(32768) + +pkcs_9_ub_placeOfBirth = univ.Integer(ub_name) + +pkcs_9_ub_pseudonym = univ.Integer(ub_name) + + +# Object Identifier Arcs + +ietf_at = _OID(1, 3, 6, 1, 5, 5, 7, 9) + +id_at = _OID(2, 5, 4) + +pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) + +pkcs_9_mo = _OID(pkcs_9, 0) + +smime = _OID(pkcs_9, 16) + +certTypes = _OID(pkcs_9, 22) + +crlTypes = _OID(pkcs_9, 23) + +pkcs_9_oc = _OID(pkcs_9, 24) + +pkcs_9_at = _OID(pkcs_9, 25) + +pkcs_9_sx = _OID(pkcs_9, 26) + +pkcs_9_mr = _OID(pkcs_9, 27) + + +# Object Identifiers for Syntaxes for use with LDAP-accessible directories + +pkcs_9_sx_pkcs9String = _OID(pkcs_9_sx, 1) + +pkcs_9_sx_signingTime = _OID(pkcs_9_sx, 2) + + +# Object Identifiers for object classes + +pkcs_9_oc_pkcsEntity = _OID(pkcs_9_oc, 1) + +pkcs_9_oc_naturalPerson = _OID(pkcs_9_oc, 2) + + +# Object Identifiers for matching rules + +pkcs_9_mr_caseIgnoreMatch = _OID(pkcs_9_mr, 1) + +pkcs_9_mr_signingTimeMatch = _OID(pkcs_9_mr, 2) + + +# PKCS #7 PDU + +pkcs_9_at_pkcs7PDU = _OID(pkcs_9_at, 5) + +pKCS7PDU = Attribute() +pKCS7PDU['type'] = pkcs_9_at_pkcs7PDU +pKCS7PDU['values'][0] = ContentInfo() + + +# PKCS #12 token + +pkcs_9_at_userPKCS12 = _OID(2, 16, 840, 1, 113730, 3, 1, 216) + +userPKCS12 = Attribute() +userPKCS12['type'] = pkcs_9_at_userPKCS12 +userPKCS12['values'][0] = PFX() + + +# PKCS #15 token + +pkcs_9_at_pkcs15Token = _OID(pkcs_9_at, 1) + +# TODO: Once PKCS15Token can be imported, this can be included +# +# pKCS15Token = Attribute() +# userPKCS12['type'] = pkcs_9_at_pkcs15Token +# userPKCS12['values'][0] = PKCS15Token() + + +# PKCS #8 encrypted private key information + +pkcs_9_at_encryptedPrivateKeyInfo = _OID(pkcs_9_at, 2) + +encryptedPrivateKeyInfo = Attribute() +encryptedPrivateKeyInfo['type'] = pkcs_9_at_encryptedPrivateKeyInfo +encryptedPrivateKeyInfo['values'][0] = EncryptedPrivateKeyInfo() + + +# Electronic-mail address + +pkcs_9_at_emailAddress = rfc5280.id_emailAddress + +emailAddress = Attribute() +emailAddress['type'] = pkcs_9_at_emailAddress +emailAddress['values'][0] = EmailAddress() + + +# Unstructured name + +pkcs_9_at_unstructuredName = _OID(pkcs_9, 2) + +unstructuredName = Attribute() +unstructuredName['type'] = pkcs_9_at_unstructuredName +unstructuredName['values'][0] = PKCS9String() + + +# Unstructured address + +pkcs_9_at_unstructuredAddress = _OID(pkcs_9, 8) + +unstructuredAddress = Attribute() +unstructuredAddress['type'] = pkcs_9_at_unstructuredAddress +unstructuredAddress['values'][0] = DirectoryString() + + +# Date of birth + +pkcs_9_at_dateOfBirth = _OID(ietf_at, 1) + +dateOfBirth = SingleAttribute() +dateOfBirth['type'] = pkcs_9_at_dateOfBirth +dateOfBirth['values'][0] = useful.GeneralizedTime() + + +# Place of birth + +pkcs_9_at_placeOfBirth = _OID(ietf_at, 2) + +placeOfBirth = SingleAttribute() +placeOfBirth['type'] = pkcs_9_at_placeOfBirth +placeOfBirth['values'][0] = DirectoryString() + + +# Gender + +class GenderString(char.PrintableString): + pass + +GenderString.subtypeSpec = constraint.ValueSizeConstraint(1, 1) +GenderString.subtypeSpec = constraint.SingleValueConstraint("M", "F", "m", "f") + + +pkcs_9_at_gender = _OID(ietf_at, 3) + +gender = SingleAttribute() +gender['type'] = pkcs_9_at_gender +gender['values'][0] = GenderString() + + +# Country of citizenship + +pkcs_9_at_countryOfCitizenship = _OID(ietf_at, 4) + +countryOfCitizenship = Attribute() +countryOfCitizenship['type'] = pkcs_9_at_countryOfCitizenship +countryOfCitizenship['values'][0] = X520countryName() + + +# Country of residence + +pkcs_9_at_countryOfResidence = _OID(ietf_at, 5) + +countryOfResidence = Attribute() +countryOfResidence['type'] = pkcs_9_at_countryOfResidence +countryOfResidence['values'][0] = X520countryName() + + +# Pseudonym + +id_at_pseudonym = _OID(2, 5, 4, 65) + +pseudonym = Attribute() +pseudonym['type'] = id_at_pseudonym +pseudonym['values'][0] = DirectoryString() + + +# Serial number + +id_at_serialNumber = rfc5280.id_at_serialNumber + +serialNumber = Attribute() +serialNumber['type'] = id_at_serialNumber +serialNumber['values'][0] = X520SerialNumber() + + +# Content type + +pkcs_9_at_contentType = rfc5652.id_contentType + +contentType = CMSSingleAttribute() +contentType['attrType'] = pkcs_9_at_contentType +contentType['attrValues'][0] = ContentType() + + +# Message digest + +pkcs_9_at_messageDigest = rfc5652.id_messageDigest + +messageDigest = CMSSingleAttribute() +messageDigest['attrType'] = pkcs_9_at_messageDigest +messageDigest['attrValues'][0] = MessageDigest() + + +# Signing time + +pkcs_9_at_signingTime = rfc5652.id_signingTime + +signingTime = CMSSingleAttribute() +signingTime['attrType'] = pkcs_9_at_signingTime +signingTime['attrValues'][0] = SigningTime() + + +# Random nonce + +class RandomNonce(univ.OctetString): + pass + +RandomNonce.subtypeSpec = constraint.ValueSizeConstraint(4, MAX) + + +pkcs_9_at_randomNonce = _OID(pkcs_9_at, 3) + +randomNonce = CMSSingleAttribute() +randomNonce['attrType'] = pkcs_9_at_randomNonce +randomNonce['attrValues'][0] = RandomNonce() + + +# Sequence number + +class SequenceNumber(univ.Integer): + pass + +SequenceNumber.subtypeSpec = constraint.ValueRangeConstraint(1, MAX) + + +pkcs_9_at_sequenceNumber = _OID(pkcs_9_at, 4) + +sequenceNumber = CMSSingleAttribute() +sequenceNumber['attrType'] = pkcs_9_at_sequenceNumber +sequenceNumber['attrValues'][0] = SequenceNumber() + + +# Countersignature + +pkcs_9_at_counterSignature = rfc5652.id_countersignature + +counterSignature = CMSAttribute() +counterSignature['attrType'] = pkcs_9_at_counterSignature +counterSignature['attrValues'][0] = Countersignature() + + +# Challenge password + +pkcs_9_at_challengePassword = _OID(pkcs_9, 7) + +challengePassword = SingleAttribute() +challengePassword['type'] = pkcs_9_at_challengePassword +challengePassword['values'][0] = DirectoryString() + + +# Extension request + +class ExtensionRequest(Extensions): + pass + + +pkcs_9_at_extensionRequest = _OID(pkcs_9, 14) + +extensionRequest = SingleAttribute() +extensionRequest['type'] = pkcs_9_at_extensionRequest +extensionRequest['values'][0] = ExtensionRequest() + + +# Extended-certificate attributes (deprecated) + +class AttributeSet(univ.SetOf): + pass + +AttributeSet.componentType = Attribute() + + +pkcs_9_at_extendedCertificateAttributes = _OID(pkcs_9, 9) + +extendedCertificateAttributes = SingleAttribute() +extendedCertificateAttributes['type'] = pkcs_9_at_extendedCertificateAttributes +extendedCertificateAttributes['values'][0] = AttributeSet() + + +# Friendly name + +class FriendlyName(char.BMPString): + pass + +FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName) + + +pkcs_9_at_friendlyName = _OID(pkcs_9, 20) + +friendlyName = SingleAttribute() +friendlyName['type'] = pkcs_9_at_friendlyName +friendlyName['values'][0] = FriendlyName() + + +# Local key identifier + +pkcs_9_at_localKeyId = _OID(pkcs_9, 21) + +localKeyId = SingleAttribute() +localKeyId['type'] = pkcs_9_at_localKeyId +localKeyId['values'][0] = univ.OctetString() + + +# Signing description + +pkcs_9_at_signingDescription = _OID(pkcs_9, 13) + +signingDescription = CMSSingleAttribute() +signingDescription['attrType'] = pkcs_9_at_signingDescription +signingDescription['attrValues'][0] = DirectoryString() + + +# S/MIME capabilities + +class SMIMECapability(AlgorithmIdentifier): + pass + + +class SMIMECapabilities(univ.SequenceOf): + pass + +SMIMECapabilities.componentType = SMIMECapability() + + +pkcs_9_at_smimeCapabilities = _OID(pkcs_9, 15) + +smimeCapabilities = CMSSingleAttribute() +smimeCapabilities['attrType'] = pkcs_9_at_smimeCapabilities +smimeCapabilities['attrValues'][0] = SMIMECapabilities() + + +# Certificate Attribute Map + +_certificateAttributesMapUpdate = { + # Attribute types for use with the "pkcsEntity" object class + pkcs_9_at_pkcs7PDU: ContentInfo(), + pkcs_9_at_userPKCS12: PFX(), + # TODO: Once PKCS15Token can be imported, this can be included + # pkcs_9_at_pkcs15Token: PKCS15Token(), + pkcs_9_at_encryptedPrivateKeyInfo: EncryptedPrivateKeyInfo(), + # Attribute types for use with the "naturalPerson" object class + pkcs_9_at_emailAddress: EmailAddress(), + pkcs_9_at_unstructuredName: PKCS9String(), + pkcs_9_at_unstructuredAddress: DirectoryString(), + pkcs_9_at_dateOfBirth: useful.GeneralizedTime(), + pkcs_9_at_placeOfBirth: DirectoryString(), + pkcs_9_at_gender: GenderString(), + pkcs_9_at_countryOfCitizenship: X520countryName(), + pkcs_9_at_countryOfResidence: X520countryName(), + id_at_pseudonym: DirectoryString(), + id_at_serialNumber: X520SerialNumber(), + # Attribute types for use with PKCS #10 certificate requests + pkcs_9_at_challengePassword: DirectoryString(), + pkcs_9_at_extensionRequest: ExtensionRequest(), + pkcs_9_at_extendedCertificateAttributes: AttributeSet(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) + + +# CMS Attribute Map + +# Note: pkcs_9_at_smimeCapabilities is not included in the map because +# the definition in RFC 5751 is preferred, which produces the same +# encoding, but it allows different parameters for SMIMECapability +# and AlgorithmIdentifier. + +_cmsAttributesMapUpdate = { + # Attribute types for use in PKCS #7 data (a.k.a. CMS) + pkcs_9_at_contentType: ContentType(), + pkcs_9_at_messageDigest: MessageDigest(), + pkcs_9_at_signingTime: SigningTime(), + pkcs_9_at_randomNonce: RandomNonce(), + pkcs_9_at_sequenceNumber: SequenceNumber(), + pkcs_9_at_counterSignature: Countersignature(), + # Attributes for use in PKCS #12 "PFX" PDUs or PKCS #15 tokens + pkcs_9_at_friendlyName: FriendlyName(), + pkcs_9_at_localKeyId: univ.OctetString(), + pkcs_9_at_signingDescription: DirectoryString(), + # pkcs_9_at_smimeCapabilities: SMIMECapabilities(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3114.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3114.py new file mode 100644 index 0000000000000000000000000000000000000000..badcb1f2140383a12b286f7db1be1cf640df89ac --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3114.py @@ -0,0 +1,77 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# TEST Company Classification Policies +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3114.txt +# + +from pyasn1.type import char +from pyasn1.type import namedval +from pyasn1.type import univ + +from pyasn1_modules import rfc5755 + + +id_smime = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, )) + +id_tsp = id_smime + (7, ) + +id_tsp_TEST_Amoco = id_tsp + (1, ) + +class Amoco_SecurityClassification(univ.Integer): + namedValues = namedval.NamedValues( + ('amoco-general', 6), + ('amoco-confidential', 7), + ('amoco-highly-confidential', 8) + ) + + +id_tsp_TEST_Caterpillar = id_tsp + (2, ) + +class Caterpillar_SecurityClassification(univ.Integer): + namedValues = namedval.NamedValues( + ('caterpillar-public', 6), + ('caterpillar-green', 7), + ('caterpillar-yellow', 8), + ('caterpillar-red', 9) + ) + + +id_tsp_TEST_Whirlpool = id_tsp + (3, ) + +class Whirlpool_SecurityClassification(univ.Integer): + namedValues = namedval.NamedValues( + ('whirlpool-public', 6), + ('whirlpool-internal', 7), + ('whirlpool-confidential', 8) + ) + + +id_tsp_TEST_Whirlpool_Categories = id_tsp + (4, ) + +class SecurityCategoryValues(univ.SequenceOf): + componentType = char.UTF8String() + +# Example SecurityCategoryValues: "LAW DEPARTMENT USE ONLY" +# Example SecurityCategoryValues: "HUMAN RESOURCES USE ONLY" + + +# Also, the privacy mark in the security label can contain a string, +# such as: "ATTORNEY-CLIENT PRIVILEGED INFORMATION" + + +# Map of security category type OIDs to security category added +# to the ones that are in rfc5755.py + +_securityCategoryMapUpdate = { + id_tsp_TEST_Whirlpool_Categories: SecurityCategoryValues(), +} + +rfc5755.securityCategoryMap.update(_securityCategoryMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3161.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3161.py new file mode 100644 index 0000000000000000000000000000000000000000..0e1dcedb393be1ae9e2f270533e1d62f99d01308 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3161.py @@ -0,0 +1,142 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Time-Stamp Protocol (TSP) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3161.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc4210 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + + +Extensions = rfc5280.Extensions + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +GeneralName = rfc5280.GeneralName + +ContentInfo = rfc5652.ContentInfo + +PKIFreeText = rfc4210.PKIFreeText + + +id_ct_TSTInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.4') + + +class Accuracy(univ.Sequence): + pass + +Accuracy.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('seconds', univ.Integer()), + namedtype.OptionalNamedType('millis', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 999)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('micros', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 999)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class MessageImprint(univ.Sequence): + pass + +MessageImprint.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('hashedMessage', univ.OctetString()) +) + + +class PKIFailureInfo(univ.BitString): + pass + +PKIFailureInfo.namedValues = namedval.NamedValues( + ('badAlg', 0), + ('badRequest', 2), + ('badDataFormat', 5), + ('timeNotAvailable', 14), + ('unacceptedPolicy', 15), + ('unacceptedExtension', 16), + ('addInfoNotAvailable', 17), + ('systemFailure', 25) +) + + +class PKIStatus(univ.Integer): + pass + +PKIStatus.namedValues = namedval.NamedValues( + ('granted', 0), + ('grantedWithMods', 1), + ('rejection', 2), + ('waiting', 3), + ('revocationWarning', 4), + ('revocationNotification', 5) +) + + +class PKIStatusInfo(univ.Sequence): + pass + +PKIStatusInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.OptionalNamedType('statusString', PKIFreeText()), + namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) +) + + +class TSAPolicyId(univ.ObjectIdentifier): + pass + + +class TSTInfo(univ.Sequence): + pass + +TSTInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))), + namedtype.NamedType('policy', TSAPolicyId()), + namedtype.NamedType('messageImprint', MessageImprint()), + namedtype.NamedType('serialNumber', univ.Integer()), + namedtype.NamedType('genTime', useful.GeneralizedTime()), + namedtype.OptionalNamedType('accuracy', Accuracy()), + namedtype.DefaultedNamedType('ordering', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('nonce', univ.Integer()), + namedtype.OptionalNamedType('tsa', GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class TimeStampReq(univ.Sequence): + pass + +TimeStampReq.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))), + namedtype.NamedType('messageImprint', MessageImprint()), + namedtype.OptionalNamedType('reqPolicy', TSAPolicyId()), + namedtype.OptionalNamedType('nonce', univ.Integer()), + namedtype.DefaultedNamedType('certReq', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('extensions', Extensions().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class TimeStampToken(ContentInfo): + pass + + +class TimeStampResp(univ.Sequence): + pass + +TimeStampResp.componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('timeStampToken', TimeStampToken()) +) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3274.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3274.py new file mode 100644 index 0000000000000000000000000000000000000000..425e006f3ddb54e3ddbf3a85da585815943bfb25 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3274.py @@ -0,0 +1,59 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add a map for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Compressed Data Content Type +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3274.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + + +class CompressionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +# The CMS Compressed Data Content Type + +id_ct_compressedData = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.9') + +class CompressedData(univ.Sequence): + pass + +CompressedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', rfc5652.CMSVersion()), # Always set to 0 + namedtype.NamedType('compressionAlgorithm', CompressionAlgorithmIdentifier()), + namedtype.NamedType('encapContentInfo', rfc5652.EncapsulatedContentInfo()) +) + + +# Algorithm identifier for the zLib Compression Algorithm +# This includes cpa_zlibCompress as defined in RFC 6268, +# from https://www.rfc-editor.org/rfc/rfc6268.txt + +id_alg_zlibCompress = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.8') + +cpa_zlibCompress = rfc5280.AlgorithmIdentifier() +cpa_zlibCompress['algorithm'] = id_alg_zlibCompress +# cpa_zlibCompress['parameters'] are absent + + +# Map of Content Type OIDs to Content Types is added to thr +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_compressedData: CompressedData(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3280.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3280.py new file mode 100644 index 0000000000000000000000000000000000000000..4c6df13280461ffe38e1e32f0ef8e759242b16fe --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3280.py @@ -0,0 +1,1543 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Internet X.509 Public Key Infrastructure Certificate and Certificate +# Revocation List (CRL) Profile +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3280.txt +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +MAX = float('inf') + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +unformatted_postal_address = univ.Integer(16) + +ub_organizational_units = univ.Integer(4) + +ub_organizational_unit_name_length = univ.Integer(32) + + +class OrganizationalUnitName(char.PrintableString): + pass + + +OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +class OrganizationalUnitNames(univ.SequenceOf): + pass + + +OrganizationalUnitNames.componentType = OrganizationalUnitName() +OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) + + +class AttributeType(univ.ObjectIdentifier): + pass + + +id_at = _OID(2, 5, 4) + +id_at_name = _OID(id_at, 41) + +ub_pds_parameter_length = univ.Integer(30) + + +class PDSParameter(univ.Set): + pass + + +PDSParameter.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) +) + + +class PhysicalDeliveryOrganizationName(PDSParameter): + pass + + +ub_organization_name_length = univ.Integer(64) + +ub_domain_defined_attribute_type_length = univ.Integer(8) + +ub_domain_defined_attribute_value_length = univ.Integer(128) + + +class TeletexDomainDefinedAttribute(univ.Sequence): + pass + + +TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + +id_pkix = _OID(1, 3, 6, 1, 5, 5, 7) + +id_qt = _OID(id_pkix, 2) + + +class PresentationAddress(univ.Sequence): + pass + + +PresentationAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class AlgorithmIdentifier(univ.Sequence): + pass + + +AlgorithmIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any()) +) + + +class UniqueIdentifier(univ.BitString): + pass + + +class Extension(univ.Sequence): + pass + + +Extension.componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), + namedtype.NamedType('extnValue', univ.OctetString()) +) + + +class Extensions(univ.SequenceOf): + pass + + +Extensions.componentType = Extension() +Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class CertificateSerialNumber(univ.Integer): + pass + + +class SubjectPublicKeyInfo(univ.Sequence): + pass + + +SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) +) + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class Validity(univ.Sequence): + pass + + +Validity.componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) +) + + +class Version(univ.Integer): + pass + + +Version.namedValues = namedval.NamedValues( + ('v1', 0), + ('v2', 1), + ('v3', 2) +) + + +class AttributeValue(univ.Any): + pass + + +class AttributeTypeAndValue(univ.Sequence): + pass + + +AttributeTypeAndValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('value', AttributeValue()) +) + + +class RelativeDistinguishedName(univ.SetOf): + pass + + +RelativeDistinguishedName.componentType = AttributeTypeAndValue() +RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class RDNSequence(univ.SequenceOf): + pass + + +RDNSequence.componentType = RelativeDistinguishedName() + + +class Name(univ.Choice): + pass + + +Name.componentType = namedtype.NamedTypes( + namedtype.NamedType('rdnSequence', RDNSequence()) +) + + +class TBSCertificate(univ.Sequence): + pass + + +TBSCertificate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value="v1")), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class Certificate(univ.Sequence): + pass + + +Certificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + +ub_surname_length = univ.Integer(40) + + +class TeletexOrganizationName(char.TeletexString): + pass + + +TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + +ub_e163_4_sub_address_length = univ.Integer(40) + +teletex_common_name = univ.Integer(2) + +ub_country_name_alpha_length = univ.Integer(2) + +ub_country_name_numeric_length = univ.Integer(3) + + +class CountryName(univ.Choice): + pass + + +CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) +CountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + +extension_OR_address_components = univ.Integer(12) + +id_at_dnQualifier = _OID(id_at, 46) + +ub_e163_4_number_length = univ.Integer(15) + + +class ExtendedNetworkAddress(univ.Choice): + pass + + +ExtendedNetworkAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + )) + ), + namedtype.NamedType('psap-address', PresentationAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + +terminal_type = univ.Integer(23) + +id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25) + +ub_state_name = univ.Integer(128) + + +class X520StateOrProvinceName(univ.Choice): + pass + + +X520StateOrProvinceName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) +) + +ub_organization_name = univ.Integer(64) + + +class X520OrganizationName(univ.Choice): + pass + + +X520OrganizationName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) +) + +ub_emailaddress_length = univ.Integer(128) + + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): + pass + + +id_at_surname = _OID(id_at, 4) + +ub_common_name_length = univ.Integer(64) + +id_ad = _OID(id_pkix, 48) + +ub_numeric_user_id_length = univ.Integer(32) + + +class NumericUserIdentifier(char.NumericString): + pass + + +NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + + +class OrganizationName(char.PrintableString): + pass + + +OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + +ub_domain_name_length = univ.Integer(16) + + +class AdministrationDomainName(univ.Choice): + pass + + +AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) +AdministrationDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) +) + + +class PrivateDomainName(univ.Choice): + pass + + +PrivateDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) +) + +ub_generation_qualifier_length = univ.Integer(3) + +ub_given_name_length = univ.Integer(16) + +ub_initials_length = univ.Integer(5) + + +class PersonalName(univ.Set): + pass + + +PersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +ub_terminal_id_length = univ.Integer(24) + + +class TerminalIdentifier(char.PrintableString): + pass + + +TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) + +ub_x121_address_length = univ.Integer(16) + + +class X121Address(char.NumericString): + pass + + +X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) + + +class NetworkAddress(X121Address): + pass + + +class BuiltInStandardAttributes(univ.Sequence): + pass + + +BuiltInStandardAttributes.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('country-name', CountryName()), + namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) +) + +ub_domain_defined_attributes = univ.Integer(4) + + +class BuiltInDomainDefinedAttribute(univ.Sequence): + pass + + +BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + + +class BuiltInDomainDefinedAttributes(univ.SequenceOf): + pass + + +BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() +BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + +ub_extension_attributes = univ.Integer(256) + + +class ExtensionAttribute(univ.Sequence): + pass + + +ExtensionAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class ExtensionAttributes(univ.SetOf): + pass + + +ExtensionAttributes.componentType = ExtensionAttribute() +ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) + + +class ORAddress(univ.Sequence): + pass + + +ORAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), + namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), + namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) +) + +id_pe = _OID(id_pkix, 1) + +ub_title = univ.Integer(64) + + +class X520Title(univ.Choice): + pass + + +X520Title.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) +) + +id_at_organizationalUnitName = _OID(id_at, 11) + + +class EmailAddress(char.IA5String): + pass + + +EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) + +physical_delivery_country_name = univ.Integer(8) + +id_at_givenName = _OID(id_at, 42) + + +class TeletexCommonName(char.TeletexString): + pass + + +TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + +id_qt_cps = _OID(id_qt, 1) + + +class LocalPostalAttributes(PDSParameter): + pass + + +class StreetAddress(PDSParameter): + pass + + +id_kp = _OID(id_pkix, 3) + + +class DirectoryString(univ.Choice): + pass + + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class DomainComponent(char.IA5String): + pass + + +id_at_initials = _OID(id_at, 43) + +id_qt_unotice = _OID(id_qt, 2) + +ub_pds_name_length = univ.Integer(16) + + +class PDSName(char.PrintableString): + pass + + +PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) + + +class PosteRestanteAddress(PDSParameter): + pass + + +class DistinguishedName(RDNSequence): + pass + + +class CommonName(char.PrintableString): + pass + + +CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + +ub_serial_number = univ.Integer(64) + + +class X520SerialNumber(char.PrintableString): + pass + + +X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) + +id_at_generationQualifier = _OID(id_at, 44) + +ub_organizational_unit_name = univ.Integer(64) + +id_ad_ocsp = _OID(id_ad, 1) + + +class TeletexOrganizationalUnitName(char.TeletexString): + pass + + +TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + + +class TeletexPersonalName(univ.Set): + pass + + +TeletexPersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class TeletexDomainDefinedAttributes(univ.SequenceOf): + pass + + +TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() +TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + + +class TBSCertList(univ.Sequence): + pass + + +TBSCertList.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType('revokedCertificates', + univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + )) + )), + namedtype.OptionalNamedType('crlExtensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + +local_postal_attributes = univ.Integer(21) + +pkcs_9 = _OID(1, 2, 840, 113549, 1, 9) + + +class PhysicalDeliveryCountryName(univ.Choice): + pass + + +PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + +ub_name = univ.Integer(32768) + + +class X520name(univ.Choice): + pass + + +X520name.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) +) + +id_emailAddress = _OID(pkcs_9, 1) + + +class TerminalType(univ.Integer): + pass + + +TerminalType.namedValues = namedval.NamedValues( + ('telex', 3), + ('teletex', 4), + ('g3-facsimile', 5), + ('g4-facsimile', 6), + ('ia5-terminal', 7), + ('videotex', 8) +) + + +class X520OrganizationalUnitName(univ.Choice): + pass + + +X520OrganizationalUnitName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) +) + +id_at_commonName = _OID(id_at, 3) + +pds_name = univ.Integer(7) + +post_office_box_address = univ.Integer(18) + +ub_locality_name = univ.Integer(128) + + +class X520LocalityName(univ.Choice): + pass + + +X520LocalityName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) +) + +id_ad_timeStamping = _OID(id_ad, 3) + +id_at_countryName = _OID(id_at, 6) + +physical_delivery_personal_name = univ.Integer(13) + +teletex_personal_name = univ.Integer(4) + +teletex_organizational_unit_names = univ.Integer(5) + + +class PhysicalDeliveryPersonalName(PDSParameter): + pass + + +ub_postal_code_length = univ.Integer(16) + + +class PostalCode(univ.Choice): + pass + + +PostalCode.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) +) + + +class X520countryName(char.PrintableString): + pass + + +X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) + +postal_code = univ.Integer(9) + +id_ad_caRepository = _OID(id_ad, 5) + +extension_physical_delivery_address_components = univ.Integer(15) + + +class PostOfficeBoxAddress(PDSParameter): + pass + + +class PhysicalDeliveryOfficeName(PDSParameter): + pass + + +id_at_title = _OID(id_at, 12) + +id_at_serialNumber = _OID(id_at, 5) + +id_ad_caIssuers = _OID(id_ad, 2) + +ub_integer_options = univ.Integer(256) + + +class CertificateList(univ.Sequence): + pass + + +CertificateList.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class PhysicalDeliveryOfficeNumber(PDSParameter): + pass + + +class TeletexOrganizationalUnitNames(univ.SequenceOf): + pass + + +TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() +TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) + +physical_delivery_office_name = univ.Integer(10) + +ub_common_name = univ.Integer(64) + + +class ExtensionORAddressComponents(PDSParameter): + pass + + +ub_pseudonym = univ.Integer(128) + +poste_restante_address = univ.Integer(19) + +id_at_organizationName = _OID(id_at, 10) + +physical_delivery_office_number = univ.Integer(11) + +id_at_pseudonym = _OID(id_at, 65) + + +class X520CommonName(univ.Choice): + pass + + +X520CommonName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) +) + +physical_delivery_organization_name = univ.Integer(14) + + +class X520dnQualifier(char.PrintableString): + pass + + +id_at_stateOrProvinceName = _OID(id_at, 8) + +common_name = univ.Integer(1) + +id_at_localityName = _OID(id_at, 7) + +ub_match = univ.Integer(128) + +ub_unformatted_address_length = univ.Integer(180) + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue())) +) + +extended_network_address = univ.Integer(22) + +unique_postal_name = univ.Integer(20) + +ub_pds_physical_address_lines = univ.Integer(6) + + +class UnformattedPostalAddress(univ.Set): + pass + + +UnformattedPostalAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) +) + + +class UniquePostalName(PDSParameter): + pass + + +class X520Pseudonym(univ.Choice): + pass + + +X520Pseudonym.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) +) + +teletex_organization_name = univ.Integer(3) + +teletex_domain_defined_attributes = univ.Integer(6) + +street_address = univ.Integer(17) + +id_kp_OCSPSigning = _OID(id_kp, 9) + +id_ce = _OID(2, 5, 29) + +id_ce_certificatePolicies = _OID(id_ce, 32) + + +class EDIPartyName(univ.Sequence): + pass + + +EDIPartyName.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('partyName', + DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class AnotherName(univ.Sequence): + pass + + +AnotherName.componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class GeneralName(univ.Choice): + pass + + +GeneralName.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', + univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) +) + + +class GeneralNames(univ.SequenceOf): + pass + + +GeneralNames.componentType = GeneralName() +GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class IssuerAltName(GeneralNames): + pass + + +id_ce_cRLDistributionPoints = _OID(id_ce, 31) + + +class CertPolicyId(univ.ObjectIdentifier): + pass + + +class PolicyMappings(univ.SequenceOf): + pass + + +PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) +)) + +PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class PolicyQualifierId(univ.ObjectIdentifier): + pass + + +holdInstruction = _OID(2, 2, 840, 10040, 2) + +id_ce_subjectDirectoryAttributes = _OID(id_ce, 9) + +id_holdinstruction_callissuer = _OID(holdInstruction, 2) + + +class SubjectDirectoryAttributes(univ.SequenceOf): + pass + + +SubjectDirectoryAttributes.componentType = Attribute() +SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +anyPolicy = _OID(id_ce_certificatePolicies, 0) + +id_ce_subjectAltName = _OID(id_ce, 17) + +id_kp_emailProtection = _OID(id_kp, 4) + + +class ReasonFlags(univ.BitString): + pass + + +ReasonFlags.namedValues = namedval.NamedValues( + ('unused', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('privilegeWithdrawn', 7), + ('aACompromise', 8) +) + + +class DistributionPointName(univ.Choice): + pass + + +DistributionPointName.componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', + GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class DistributionPoint(univ.Sequence): + pass + + +DistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + +id_ce_keyUsage = _OID(id_ce, 15) + + +class PolicyQualifierInfo(univ.Sequence): + pass + + +PolicyQualifierInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType('qualifier', univ.Any()) +) + + +class PolicyInformation(univ.Sequence): + pass + + +PolicyInformation.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', CertPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) +) + + +class CertificatePolicies(univ.SequenceOf): + pass + + +CertificatePolicies.componentType = PolicyInformation() +CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_ce_basicConstraints = _OID(id_ce, 19) + + +class HoldInstructionCode(univ.ObjectIdentifier): + pass + + +class KeyPurposeId(univ.ObjectIdentifier): + pass + + +class ExtKeyUsageSyntax(univ.SequenceOf): + pass + + +ExtKeyUsageSyntax.componentType = KeyPurposeId() +ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class SubjectAltName(GeneralNames): + pass + + +class BasicConstraints(univ.Sequence): + pass + + +BasicConstraints.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) +) + + +class SkipCerts(univ.Integer): + pass + + +SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class InhibitAnyPolicy(SkipCerts): + pass + + +class CRLNumber(univ.Integer): + pass + + +CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class BaseCRLNumber(CRLNumber): + pass + + +class KeyIdentifier(univ.OctetString): + pass + + +class AuthorityKeyIdentifier(univ.Sequence): + pass + + +AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + +id_ce_nameConstraints = _OID(id_ce, 30) + +id_kp_serverAuth = _OID(id_kp, 1) + +id_ce_freshestCRL = _OID(id_ce, 46) + +id_ce_cRLReasons = _OID(id_ce, 21) + + +class CRLDistributionPoints(univ.SequenceOf): + pass + + +CRLDistributionPoints.componentType = DistributionPoint() +CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class FreshestCRL(CRLDistributionPoints): + pass + + +id_ce_inhibitAnyPolicy = _OID(id_ce, 54) + + +class CRLReason(univ.Enumerated): + pass + + +CRLReason.namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8), + ('privilegeWithdrawn', 9), + ('aACompromise', 10) +) + + +class BaseDistance(univ.Integer): + pass + + +BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class GeneralSubtree(univ.Sequence): + pass + + +GeneralSubtree.componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class GeneralSubtrees(univ.SequenceOf): + pass + + +GeneralSubtrees.componentType = GeneralSubtree() +GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + pass + + +NameConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + +id_pe_authorityInfoAccess = _OID(id_pe, 1) + +id_pe_subjectInfoAccess = _OID(id_pe, 11) + +id_ce_certificateIssuer = _OID(id_ce, 29) + +id_ce_invalidityDate = _OID(id_ce, 24) + + +class DirectoryString(univ.Choice): + pass + + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('any', univ.Any()) +) + +id_ce_authorityKeyIdentifier = _OID(id_ce, 35) + + +class AccessDescription(univ.Sequence): + pass + + +AccessDescription.componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) +) + + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + pass + + +AuthorityInfoAccessSyntax.componentType = AccessDescription() +AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_ce_issuingDistributionPoint = _OID(id_ce, 28) + + +class CPSuri(char.IA5String): + pass + + +class DisplayText(univ.Choice): + pass + + +DisplayText.componentType = namedtype.NamedTypes( + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', + char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) +) + + +class NoticeReference(univ.Sequence): + pass + + +NoticeReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) +) + + +class UserNotice(univ.Sequence): + pass + + +UserNotice.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) +) + + +class PrivateKeyUsagePeriod(univ.Sequence): + pass + + +PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + +id_ce_subjectKeyIdentifier = _OID(id_ce, 14) + + +class CertificateIssuer(GeneralNames): + pass + + +class InvalidityDate(useful.GeneralizedTime): + pass + + +class SubjectInfoAccessSyntax(univ.SequenceOf): + pass + + +SubjectInfoAccessSyntax.componentType = AccessDescription() +SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class KeyUsage(univ.BitString): + pass + + +KeyUsage.namedValues = namedval.NamedValues( + ('digitalSignature', 0), + ('nonRepudiation', 1), + ('keyEncipherment', 2), + ('dataEncipherment', 3), + ('keyAgreement', 4), + ('keyCertSign', 5), + ('cRLSign', 6), + ('encipherOnly', 7), + ('decipherOnly', 8) +) + +id_ce_extKeyUsage = _OID(id_ce, 37) + +anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0) + +id_ce_privateKeyUsagePeriod = _OID(id_ce, 16) + +id_ce_policyMappings = _OID(id_ce, 33) + +id_ce_cRLNumber = _OID(id_ce, 20) + +id_ce_policyConstraints = _OID(id_ce, 36) + +id_holdinstruction_none = _OID(holdInstruction, 1) + +id_holdinstruction_reject = _OID(holdInstruction, 3) + +id_kp_timeStamping = _OID(id_kp, 8) + + +class PolicyConstraints(univ.Sequence): + pass + + +PolicyConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SubjectKeyIdentifier(KeyIdentifier): + pass + + +id_kp_clientAuth = _OID(id_kp, 2) + +id_ce_deltaCRLIndicator = _OID(id_ce, 27) + +id_ce_issuerAltName = _OID(id_ce, 18) + +id_kp_codeSigning = _OID(id_kp, 3) + +id_ce_holdInstructionCode = _OID(id_ce, 23) + + +class IssuingDistributionPoint(univ.Sequence): + pass + + +IssuingDistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) +) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3412.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3412.py new file mode 100644 index 0000000000000000000000000000000000000000..2cf1e1020f2aeb86b7b52335fd536e6593cdcc4d --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3412.py @@ -0,0 +1,53 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv3 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3412.txt +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc1905 + + +class ScopedPDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contextEngineId', univ.OctetString()), + namedtype.NamedType('contextName', univ.OctetString()), + namedtype.NamedType('data', rfc1905.PDUs()) + ) + + +class ScopedPduData(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('plaintext', ScopedPDU()), + namedtype.NamedType('encryptedPDU', univ.OctetString()), + ) + + +class HeaderData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('msgID', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgMaxSize', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(484, 2147483647))), + namedtype.NamedType('msgFlags', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 1))), + namedtype.NamedType('msgSecurityModel', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 2147483647))) + ) + + +class SNMPv3Message(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('msgVersion', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgGlobalData', HeaderData()), + namedtype.NamedType('msgSecurityParameters', univ.OctetString()), + namedtype.NamedType('msgData', ScopedPduData()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3447.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3447.py new file mode 100644 index 0000000000000000000000000000000000000000..3352b70c9e7e0cb4f06a8e8cb09c78795fe5cba1 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3447.py @@ -0,0 +1,45 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS#1 syntax +# +# ASN.1 source from: +# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn +# +# Sample captures could be obtained with "openssl genrsa" command +# +from pyasn1.type import constraint +from pyasn1.type import namedval + +from pyasn1_modules.rfc2437 import * + + +class OtherPrimeInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('prime', univ.Integer()), + namedtype.NamedType('exponent', univ.Integer()), + namedtype.NamedType('coefficient', univ.Integer()) + ) + + +class OtherPrimeInfos(univ.SequenceOf): + componentType = OtherPrimeInfo() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class RSAPrivateKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('two-prime', 0), ('multi', 1)))), + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()), + namedtype.NamedType('privateExponent', univ.Integer()), + namedtype.NamedType('prime1', univ.Integer()), + namedtype.NamedType('prime2', univ.Integer()), + namedtype.NamedType('exponent1', univ.Integer()), + namedtype.NamedType('exponent2', univ.Integer()), + namedtype.NamedType('coefficient', univ.Integer()), + namedtype.OptionalNamedType('otherPrimeInfos', OtherPrimeInfos()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3537.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3537.py new file mode 100644 index 0000000000000000000000000000000000000000..374dd8193ca54427fd3b47ebd2fa213180ba8a3d --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3537.py @@ -0,0 +1,34 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# SEED Encryption Algorithm in CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4010.txt +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +id_alg_HMACwith3DESwrap = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.11') + + +id_alg_HMACwithAESwrap = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.12') + + +# Update the Algorithm Identifier map in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + id_alg_HMACwith3DESwrap: univ.Null(""), + id_alg_HMACwithAESwrap: univ.Null(""), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3560.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3560.py new file mode 100644 index 0000000000000000000000000000000000000000..8365436df57b890b66afb762853c105c68f107d2 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3560.py @@ -0,0 +1,74 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# RSAES-OAEP Key Transport Algorithm in CMS +# +# Notice that all of the things needed in RFC 3560 are also defined +# in RFC 4055. So, they are all pulled from the RFC 4055 module into +# this one so that people looking a RFC 3560 can easily find them. +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3560.txt +# + +from pyasn1_modules import rfc4055 + +id_sha1 = rfc4055.id_sha1 + +id_sha256 = rfc4055.id_sha256 + +id_sha384 = rfc4055.id_sha384 + +id_sha512 = rfc4055.id_sha512 + +id_mgf1 = rfc4055.id_mgf1 + +rsaEncryption = rfc4055.rsaEncryption + +id_RSAES_OAEP = rfc4055.id_RSAES_OAEP + +id_pSpecified = rfc4055.id_pSpecified + +sha1Identifier = rfc4055.sha1Identifier + +sha256Identifier = rfc4055.sha256Identifier + +sha384Identifier = rfc4055.sha384Identifier + +sha512Identifier = rfc4055.sha512Identifier + +mgf1SHA1Identifier = rfc4055.mgf1SHA1Identifier + +mgf1SHA256Identifier = rfc4055.mgf1SHA256Identifier + +mgf1SHA384Identifier = rfc4055.mgf1SHA384Identifier + +mgf1SHA512Identifier = rfc4055.mgf1SHA512Identifier + +pSpecifiedEmptyIdentifier = rfc4055.pSpecifiedEmptyIdentifier + + +class RSAES_OAEP_params(rfc4055.RSAES_OAEP_params): + pass + + +rSAES_OAEP_Default_Params = RSAES_OAEP_params() + +rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier + +rSAES_OAEP_SHA256_Params = rfc4055.rSAES_OAEP_SHA256_Params + +rSAES_OAEP_SHA256_Identifier = rfc4055.rSAES_OAEP_SHA256_Identifier + +rSAES_OAEP_SHA384_Params = rfc4055.rSAES_OAEP_SHA384_Params + +rSAES_OAEP_SHA384_Identifier = rfc4055.rSAES_OAEP_SHA384_Identifier + +rSAES_OAEP_SHA512_Params = rfc4055.rSAES_OAEP_SHA512_Params + +rSAES_OAEP_SHA512_Identifier = rfc4055.rSAES_OAEP_SHA512_Identifier diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3565.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3565.py new file mode 100644 index 0000000000000000000000000000000000000000..ec75e234892581f8c94dbdf180ee2af9150bc594 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3565.py @@ -0,0 +1,57 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Use of the Advanced Encryption Standard (AES) Encryption +# Algorithm in the Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3565.txt + + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class AES_IV(univ.OctetString): + pass + +AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) + + +id_aes128_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.2') + +id_aes192_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.22') + +id_aes256_CBC = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.42') + + +id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5') + +id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25') + +id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45') + + +# Update the Algorithm Identifier map + +_algorithmIdentifierMapUpdate = { + id_aes128_CBC: AES_IV(), + id_aes192_CBC: AES_IV(), + id_aes256_CBC: AES_IV(), + id_aes128_wrap: univ.Null(), + id_aes192_wrap: univ.Null(), + id_aes256_wrap: univ.Null(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3657.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3657.py new file mode 100644 index 0000000000000000000000000000000000000000..ebf23dabcb6ed0e5f27a6023df9cf7d9b5b5de60 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3657.py @@ -0,0 +1,66 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Camellia Algorithm in CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3657.txt +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5751 + + +id_camellia128_cbc = univ.ObjectIdentifier('1.2.392.200011.61.1.1.1.2') + +id_camellia192_cbc = univ.ObjectIdentifier('1.2.392.200011.61.1.1.1.3') + +id_camellia256_cbc = univ.ObjectIdentifier('1.2.392.200011.61.1.1.1.4') + +id_camellia128_wrap = univ.ObjectIdentifier('1.2.392.200011.61.1.1.3.2') + +id_camellia192_wrap = univ.ObjectIdentifier('1.2.392.200011.61.1.1.3.3') + +id_camellia256_wrap = univ.ObjectIdentifier('1.2.392.200011.61.1.1.3.4') + + + +class Camellia_IV(univ.OctetString): + subtypeSpec = constraint.ValueSizeConstraint(16, 16) + + +class CamelliaSMimeCapability(univ.Null): + pass + + +# Update the Algorithm Identifier map in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + id_camellia128_cbc: Camellia_IV(), + id_camellia192_cbc: Camellia_IV(), + id_camellia256_cbc: Camellia_IV(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) + + +# Update the SMIMECapabilities Attribute map in rfc5751.py + +_smimeCapabilityMapUpdate = { + id_camellia128_cbc: CamelliaSMimeCapability(), + id_camellia192_cbc: CamelliaSMimeCapability(), + id_camellia256_cbc: CamelliaSMimeCapability(), + id_camellia128_wrap: CamelliaSMimeCapability(), + id_camellia192_wrap: CamelliaSMimeCapability(), + id_camellia256_wrap: CamelliaSMimeCapability(), +} + +rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3709.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3709.py new file mode 100644 index 0000000000000000000000000000000000000000..aa1d5b6abff14a564094bb3cd2d8d96e39ab4feb --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3709.py @@ -0,0 +1,207 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Logotypes in X.509 Certificates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3709.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc6170 + +MAX = float('inf') + + +class HashAlgAndValue(univ.Sequence): + pass + +HashAlgAndValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('hashValue', univ.OctetString()) +) + + +class LogotypeDetails(univ.Sequence): + pass + +LogotypeDetails.componentType = namedtype.NamedTypes( + namedtype.NamedType('mediaType', char.IA5String()), + namedtype.NamedType('logotypeHash', univ.SequenceOf( + componentType=HashAlgAndValue()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('logotypeURI', univ.SequenceOf( + componentType=char.IA5String()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class LogotypeAudioInfo(univ.Sequence): + pass + +LogotypeAudioInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('fileSize', univ.Integer()), + namedtype.NamedType('playTime', univ.Integer()), + namedtype.NamedType('channels', univ.Integer()), + namedtype.OptionalNamedType('sampleRate', univ.Integer().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('language', char.IA5String().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) +) + + +class LogotypeAudio(univ.Sequence): + pass + +LogotypeAudio.componentType = namedtype.NamedTypes( + namedtype.NamedType('audioDetails', LogotypeDetails()), + namedtype.OptionalNamedType('audioInfo', LogotypeAudioInfo()) +) + + +class LogotypeImageType(univ.Integer): + pass + +LogotypeImageType.namedValues = namedval.NamedValues( + ('grayScale', 0), + ('color', 1) +) + + +class LogotypeImageResolution(univ.Choice): + pass + +LogotypeImageResolution.componentType = namedtype.NamedTypes( + namedtype.NamedType('numBits', + univ.Integer().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('tableSize', + univ.Integer().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class LogotypeImageInfo(univ.Sequence): + pass + +LogotypeImageInfo.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('type', LogotypeImageType().subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='color')), + namedtype.NamedType('fileSize', univ.Integer()), + namedtype.NamedType('xSize', univ.Integer()), + namedtype.NamedType('ySize', univ.Integer()), + namedtype.OptionalNamedType('resolution', LogotypeImageResolution()), + namedtype.OptionalNamedType('language', char.IA5String().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) +) + + +class LogotypeImage(univ.Sequence): + pass + +LogotypeImage.componentType = namedtype.NamedTypes( + namedtype.NamedType('imageDetails', LogotypeDetails()), + namedtype.OptionalNamedType('imageInfo', LogotypeImageInfo()) +) + + +class LogotypeData(univ.Sequence): + pass + +LogotypeData.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('image', univ.SequenceOf( + componentType=LogotypeImage())), + namedtype.OptionalNamedType('audio', univ.SequenceOf( + componentType=LogotypeAudio()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1))) +) + + +class LogotypeReference(univ.Sequence): + pass + +LogotypeReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('refStructHash', univ.SequenceOf( + componentType=HashAlgAndValue()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('refStructURI', univ.SequenceOf( + componentType=char.IA5String()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class LogotypeInfo(univ.Choice): + pass + +LogotypeInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('direct', + LogotypeData().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 0))), + namedtype.NamedType('indirect', LogotypeReference().subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 1))) +) + +# Other logotype type and associated object identifiers + +id_logo_background = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.2') + +id_logo_loyalty = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.1') + +id_logo_certImage = rfc6170.id_logo_certImage + + +class OtherLogotypeInfo(univ.Sequence): + pass + +OtherLogotypeInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('logotypeType', univ.ObjectIdentifier()), + namedtype.NamedType('info', LogotypeInfo()) +) + + +# Logotype Certificate Extension + +id_pe_logotype = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.12') + + +class LogotypeExtn(univ.Sequence): + pass + +LogotypeExtn.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('communityLogos', univ.SequenceOf( + componentType=LogotypeInfo()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('issuerLogo', LogotypeInfo().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('subjectLogo', LogotypeInfo().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('otherLogos', univ.SequenceOf( + componentType=OtherLogotypeInfo()).subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_logotype: LogotypeExtn(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3739.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3739.py new file mode 100644 index 0000000000000000000000000000000000000000..4aa5aaf0de80c14c7bec5d8f840dfccdca50dd39 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3739.py @@ -0,0 +1,203 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add WithComponentsConstraints to +# enforce the requirements that are indicated in comments. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Qualified Certificates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3739.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# Initialize the qcStatement map + +qcStatementMap = { } + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +AttributeType = rfc5280.AttributeType + +DirectoryString = rfc5280.DirectoryString + +GeneralName = rfc5280.GeneralName + +id_pkix = rfc5280.id_pkix + +id_pe = rfc5280.id_pe + + +# Arc for QC personal data attributes + +id_pda = id_pkix + (9, ) + + +# Arc for QC statements + +id_qcs = id_pkix + (11, ) + + +# Personal data attributes + +id_pda_dateOfBirth = id_pda + (1, ) + +class DateOfBirth(useful.GeneralizedTime): + pass + + +id_pda_placeOfBirth = id_pda + (2, ) + +class PlaceOfBirth(DirectoryString): + pass + + +id_pda_gender = id_pda + (3, ) + +class Gender(char.PrintableString): + subtypeSpec = constraint.ConstraintsIntersection( + constraint.ValueSizeConstraint(1, 1), + constraint.SingleValueConstraint('M', 'F', 'm', 'f') + ) + + +id_pda_countryOfCitizenship = id_pda + (4, ) + +class CountryOfCitizenship(char.PrintableString): + subtypeSpec = constraint.ValueSizeConstraint(2, 2) + # ISO 3166 Country Code + + +id_pda_countryOfResidence = id_pda + (5, ) + +class CountryOfResidence(char.PrintableString): + subtypeSpec = constraint.ValueSizeConstraint(2, 2) + # ISO 3166 Country Code + + +# Biometric info certificate extension + +id_pe_biometricInfo = id_pe + (2, ) + + +class PredefinedBiometricType(univ.Integer): + namedValues = namedval.NamedValues( + ('picture', 0), + ('handwritten-signature', 1) + ) + subtypeSpec = constraint.SingleValueConstraint(0, 1) + + +class TypeOfBiometricData(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('predefinedBiometricType', PredefinedBiometricType()), + namedtype.NamedType('biometricDataOid', univ.ObjectIdentifier()) + ) + + +class BiometricData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('typeOfBiometricData', TypeOfBiometricData()), + namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('biometricDataHash', univ.OctetString()), + namedtype.OptionalNamedType('sourceDataUri', char.IA5String()) + ) + + +class BiometricSyntax(univ.SequenceOf): + componentType = BiometricData() + + +# QC Statements certificate extension +# NOTE: This extension does not allow to mix critical and +# non-critical Qualified Certificate Statements. Either all +# statements must be critical or all statements must be +# non-critical. + +id_pe_qcStatements = id_pe + (3, ) + + +class NameRegistrationAuthorities(univ.SequenceOf): + componentType = GeneralName() + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class QCStatement(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('statementId', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('statementInfo', univ.Any(), + openType=opentype.OpenType('statementId', qcStatementMap)) + ) + + +class QCStatements(univ.SequenceOf): + componentType = QCStatement() + + +class SemanticsInformation(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('semanticsIndentifier', + univ.ObjectIdentifier()), + namedtype.OptionalNamedType('nameRegistrationAuthorities', + NameRegistrationAuthorities()) + ) + subtypeSpec = constraint.ConstraintsUnion( + constraint.WithComponentsConstraint( + ('semanticsIndentifier', constraint.ComponentPresentConstraint())), + constraint.WithComponentsConstraint( + ('nameRegistrationAuthorities', constraint.ComponentPresentConstraint())) + ) + + +id_qcs = id_pkix + (11, ) + + +id_qcs_pkixQCSyntax_v1 = id_qcs + (1, ) + + +id_qcs_pkixQCSyntax_v2 = id_qcs + (2, ) + + +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py + +_certificateExtensionsMap = { + id_pe_biometricInfo: BiometricSyntax(), + id_pe_qcStatements: QCStatements(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) + + +# Map of AttributeType OIDs to AttributeValue added to the +# ones that are in rfc5280.py + +_certificateAttributesMapUpdate = { + id_pda_dateOfBirth: DateOfBirth(), + id_pda_placeOfBirth: PlaceOfBirth(), + id_pda_gender: Gender(), + id_pda_countryOfCitizenship: CountryOfCitizenship(), + id_pda_countryOfResidence: CountryOfResidence(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) + diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3770.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3770.py new file mode 100644 index 0000000000000000000000000000000000000000..3fefe1d90e2c6efdf1aa95bc1d4f09719f826d53 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3770.py @@ -0,0 +1,75 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Extensions and Attributes Supporting Authentication +# in PPP and Wireless LAN Networks +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3770.txt +# https://www.rfc-editor.org/errata/eid234 +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +MAX = float('inf') + + +# Extended Key Usage Values + +id_kp_eapOverLAN = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.14') + +id_kp_eapOverPPP = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.13') + + +# Wireless LAN SSID Extension + +id_pe_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.13') + + +class SSID(univ.OctetString): + pass + +SSID.subtypeSpec = constraint.ValueSizeConstraint(1, 32) + + +class SSIDList(univ.SequenceOf): + pass + +SSIDList.componentType = SSID() +SSIDList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +# Wireless LAN SSID Attribute Certificate Attribute +# Uses same syntax as the certificate extension: SSIDList +# Correction for https://www.rfc-editor.org/errata/eid234 + +id_aca_wlanSSID = univ.ObjectIdentifier('1.3.6.1.5.5.7.10.7') + + +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py + +_certificateExtensionsMap = { + id_pe_wlanSSID: SSIDList(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) + + +# Map of AttributeType OIDs to AttributeValue added to the +# ones that are in rfc5280.py + +_certificateAttributesMapUpdate = { + id_aca_wlanSSID: SSIDList(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3779.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3779.py new file mode 100644 index 0000000000000000000000000000000000000000..8e6eaa3e7b293d62a8a66077c7d7e64fa9157332 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3779.py @@ -0,0 +1,137 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# X.509 Extensions for IP Addresses and AS Identifiers +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3779.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# IP Address Delegation Extension + +id_pe_ipAddrBlocks = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.7') + + +class IPAddress(univ.BitString): + pass + + +class IPAddressRange(univ.Sequence): + pass + +IPAddressRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('min', IPAddress()), + namedtype.NamedType('max', IPAddress()) +) + + +class IPAddressOrRange(univ.Choice): + pass + +IPAddressOrRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('addressPrefix', IPAddress()), + namedtype.NamedType('addressRange', IPAddressRange()) +) + + +class IPAddressChoice(univ.Choice): + pass + +IPAddressChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('inherit', univ.Null()), + namedtype.NamedType('addressesOrRanges', univ.SequenceOf( + componentType=IPAddressOrRange()) + ) +) + + +class IPAddressFamily(univ.Sequence): + pass + +IPAddressFamily.componentType = namedtype.NamedTypes( + namedtype.NamedType('addressFamily', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(2, 3))), + namedtype.NamedType('ipAddressChoice', IPAddressChoice()) +) + + +class IPAddrBlocks(univ.SequenceOf): + pass + +IPAddrBlocks.componentType = IPAddressFamily() + + +# Autonomous System Identifier Delegation Extension + +id_pe_autonomousSysIds = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.8') + + +class ASId(univ.Integer): + pass + + +class ASRange(univ.Sequence): + pass + +ASRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('min', ASId()), + namedtype.NamedType('max', ASId()) +) + + +class ASIdOrRange(univ.Choice): + pass + +ASIdOrRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('id', ASId()), + namedtype.NamedType('range', ASRange()) +) + + +class ASIdentifierChoice(univ.Choice): + pass + +ASIdentifierChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('inherit', univ.Null()), + namedtype.NamedType('asIdsOrRanges', univ.SequenceOf( + componentType=ASIdOrRange()) + ) +) + + +class ASIdentifiers(univ.Sequence): + pass + +ASIdentifiers.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('asnum', ASIdentifierChoice().subtype( + explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('rdi', ASIdentifierChoice().subtype( + explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 1))) +) + + +# Map of Certificate Extension OIDs to Extensions is added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_ipAddrBlocks: IPAddrBlocks(), + id_pe_autonomousSysIds: ASIdentifiers(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4010.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4010.py new file mode 100644 index 0000000000000000000000000000000000000000..4981f76bedca81cd0f5146cd8c13effea9459d5d --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4010.py @@ -0,0 +1,58 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# SEED Encryption Algorithm in CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4010.txt +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5751 + + +id_seedCBC = univ.ObjectIdentifier('1.2.410.200004.1.4') + + +id_npki_app_cmsSeed_wrap = univ.ObjectIdentifier('1.2.410.200004.7.1.1.1') + + +class SeedIV(univ.OctetString): + subtypeSpec = constraint.ValueSizeConstraint(16, 16) + + +class SeedCBCParameter(SeedIV): + pass + + +class SeedSMimeCapability(univ.Null): + pass + + +# Update the Algorithm Identifier map in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + id_seedCBC: SeedCBCParameter(), + id_npki_app_cmsSeed_wrap: univ.Null(""), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) + + +# Update the SMIMECapabilities Attribute map in rfc5751.py + +_smimeCapabilityMapUpdate = { + id_seedCBC: SeedSMimeCapability(), + id_npki_app_cmsSeed_wrap: SeedSMimeCapability(), + +} + +rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4055.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4055.py new file mode 100644 index 0000000000000000000000000000000000000000..bdc128632a577621205d5da83a2d62889aaec761 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4055.py @@ -0,0 +1,258 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with a very small amount of assistance from +# asn1ate v.0.6.0. +# Modified by Russ Housley to add maps for opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Additional Algorithms and Identifiers for RSA Cryptography +# for use in Certificates and CRLs +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4055.txt +# +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + return univ.ObjectIdentifier(output) + + +id_sha1 = _OID(1, 3, 14, 3, 2, 26) + +id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1) + +id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2) + +id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3) + +id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4) + +rsaEncryption = _OID(1, 2, 840, 113549, 1, 1, 1) + +id_mgf1 = _OID(1, 2, 840, 113549, 1, 1, 8) + +id_RSAES_OAEP = _OID(1, 2, 840, 113549, 1, 1, 7) + +id_pSpecified = _OID(1, 2, 840, 113549, 1, 1, 9) + +id_RSASSA_PSS = _OID(1, 2, 840, 113549, 1, 1, 10) + +sha256WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 11) + +sha384WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 12) + +sha512WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 13) + +sha224WithRSAEncryption = _OID(1, 2, 840, 113549, 1, 1, 14) + +sha1Identifier = rfc5280.AlgorithmIdentifier() +sha1Identifier['algorithm'] = id_sha1 +sha1Identifier['parameters'] = univ.Null("") + +sha224Identifier = rfc5280.AlgorithmIdentifier() +sha224Identifier['algorithm'] = id_sha224 +sha224Identifier['parameters'] = univ.Null("") + +sha256Identifier = rfc5280.AlgorithmIdentifier() +sha256Identifier['algorithm'] = id_sha256 +sha256Identifier['parameters'] = univ.Null("") + +sha384Identifier = rfc5280.AlgorithmIdentifier() +sha384Identifier['algorithm'] = id_sha384 +sha384Identifier['parameters'] = univ.Null("") + +sha512Identifier = rfc5280.AlgorithmIdentifier() +sha512Identifier['algorithm'] = id_sha512 +sha512Identifier['parameters'] = univ.Null("") + +mgf1SHA1Identifier = rfc5280.AlgorithmIdentifier() +mgf1SHA1Identifier['algorithm'] = id_mgf1 +mgf1SHA1Identifier['parameters'] = sha1Identifier + +mgf1SHA224Identifier = rfc5280.AlgorithmIdentifier() +mgf1SHA224Identifier['algorithm'] = id_mgf1 +mgf1SHA224Identifier['parameters'] = sha224Identifier + +mgf1SHA256Identifier = rfc5280.AlgorithmIdentifier() +mgf1SHA256Identifier['algorithm'] = id_mgf1 +mgf1SHA256Identifier['parameters'] = sha256Identifier + +mgf1SHA384Identifier = rfc5280.AlgorithmIdentifier() +mgf1SHA384Identifier['algorithm'] = id_mgf1 +mgf1SHA384Identifier['parameters'] = sha384Identifier + +mgf1SHA512Identifier = rfc5280.AlgorithmIdentifier() +mgf1SHA512Identifier['algorithm'] = id_mgf1 +mgf1SHA512Identifier['parameters'] = sha512Identifier + +pSpecifiedEmptyIdentifier = rfc5280.AlgorithmIdentifier() +pSpecifiedEmptyIdentifier['algorithm'] = id_pSpecified +pSpecifiedEmptyIdentifier['parameters'] = univ.OctetString(value='') + + +class RSAPublicKey(univ.Sequence): + pass + +RSAPublicKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()) +) + + +class HashAlgorithm(rfc5280.AlgorithmIdentifier): + pass + + +class MaskGenAlgorithm(rfc5280.AlgorithmIdentifier): + pass + + +class RSAES_OAEP_params(univ.Sequence): + pass + +RSAES_OAEP_params.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('hashFunc', rfc5280.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('maskGenFunc', rfc5280.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('pSourceFunc', rfc5280.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + +rSAES_OAEP_Default_Params = RSAES_OAEP_params() + +rSAES_OAEP_Default_Identifier = rfc5280.AlgorithmIdentifier() +rSAES_OAEP_Default_Identifier['algorithm'] = id_RSAES_OAEP +rSAES_OAEP_Default_Identifier['parameters'] = rSAES_OAEP_Default_Params + +rSAES_OAEP_SHA224_Params = RSAES_OAEP_params() +rSAES_OAEP_SHA224_Params['hashFunc'] = sha224Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSAES_OAEP_SHA224_Params['maskGenFunc'] = mgf1SHA224Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSAES_OAEP_SHA224_Identifier = rfc5280.AlgorithmIdentifier() +rSAES_OAEP_SHA224_Identifier['algorithm'] = id_RSAES_OAEP +rSAES_OAEP_SHA224_Identifier['parameters'] = rSAES_OAEP_SHA224_Params + +rSAES_OAEP_SHA256_Params = RSAES_OAEP_params() +rSAES_OAEP_SHA256_Params['hashFunc'] = sha256Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSAES_OAEP_SHA256_Params['maskGenFunc'] = mgf1SHA256Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSAES_OAEP_SHA256_Identifier = rfc5280.AlgorithmIdentifier() +rSAES_OAEP_SHA256_Identifier['algorithm'] = id_RSAES_OAEP +rSAES_OAEP_SHA256_Identifier['parameters'] = rSAES_OAEP_SHA256_Params + +rSAES_OAEP_SHA384_Params = RSAES_OAEP_params() +rSAES_OAEP_SHA384_Params['hashFunc'] = sha384Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSAES_OAEP_SHA384_Params['maskGenFunc'] = mgf1SHA384Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSAES_OAEP_SHA384_Identifier = rfc5280.AlgorithmIdentifier() +rSAES_OAEP_SHA384_Identifier['algorithm'] = id_RSAES_OAEP +rSAES_OAEP_SHA384_Identifier['parameters'] = rSAES_OAEP_SHA384_Params + +rSAES_OAEP_SHA512_Params = RSAES_OAEP_params() +rSAES_OAEP_SHA512_Params['hashFunc'] = sha512Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSAES_OAEP_SHA512_Params['maskGenFunc'] = mgf1SHA512Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSAES_OAEP_SHA512_Identifier = rfc5280.AlgorithmIdentifier() +rSAES_OAEP_SHA512_Identifier['algorithm'] = id_RSAES_OAEP +rSAES_OAEP_SHA512_Identifier['parameters'] = rSAES_OAEP_SHA512_Params + + +class RSASSA_PSS_params(univ.Sequence): + pass + +RSASSA_PSS_params.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('maskGenAlgorithm', rfc5280.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.DefaultedNamedType('saltLength', univ.Integer(value=20).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.DefaultedNamedType('trailerField', univ.Integer(value=1).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +rSASSA_PSS_Default_Params = RSASSA_PSS_params() + +rSASSA_PSS_Default_Identifier = rfc5280.AlgorithmIdentifier() +rSASSA_PSS_Default_Identifier['algorithm'] = id_RSASSA_PSS +rSASSA_PSS_Default_Identifier['parameters'] = rSASSA_PSS_Default_Params + +rSASSA_PSS_SHA224_Params = RSASSA_PSS_params() +rSASSA_PSS_SHA224_Params['hashAlgorithm'] = sha224Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSASSA_PSS_SHA224_Params['maskGenAlgorithm'] = mgf1SHA224Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSASSA_PSS_SHA224_Identifier = rfc5280.AlgorithmIdentifier() +rSASSA_PSS_SHA224_Identifier['algorithm'] = id_RSASSA_PSS +rSASSA_PSS_SHA224_Identifier['parameters'] = rSASSA_PSS_SHA224_Params + +rSASSA_PSS_SHA256_Params = RSASSA_PSS_params() +rSASSA_PSS_SHA256_Params['hashAlgorithm'] = sha256Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSASSA_PSS_SHA256_Params['maskGenAlgorithm'] = mgf1SHA256Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSASSA_PSS_SHA256_Identifier = rfc5280.AlgorithmIdentifier() +rSASSA_PSS_SHA256_Identifier['algorithm'] = id_RSASSA_PSS +rSASSA_PSS_SHA256_Identifier['parameters'] = rSASSA_PSS_SHA256_Params + +rSASSA_PSS_SHA384_Params = RSASSA_PSS_params() +rSASSA_PSS_SHA384_Params['hashAlgorithm'] = sha384Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSASSA_PSS_SHA384_Params['maskGenAlgorithm'] = mgf1SHA384Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSASSA_PSS_SHA384_Identifier = rfc5280.AlgorithmIdentifier() +rSASSA_PSS_SHA384_Identifier['algorithm'] = id_RSASSA_PSS +rSASSA_PSS_SHA384_Identifier['parameters'] = rSASSA_PSS_SHA384_Params + +rSASSA_PSS_SHA512_Params = RSASSA_PSS_params() +rSASSA_PSS_SHA512_Params['hashAlgorithm'] = sha512Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0), cloneValueFlag=True) +rSASSA_PSS_SHA512_Params['maskGenAlgorithm'] = mgf1SHA512Identifier.subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), cloneValueFlag=True) + +rSASSA_PSS_SHA512_Identifier = rfc5280.AlgorithmIdentifier() +rSASSA_PSS_SHA512_Identifier['algorithm'] = id_RSASSA_PSS +rSASSA_PSS_SHA512_Identifier['parameters'] = rSASSA_PSS_SHA512_Params + + +# Update the Algorithm Identifier map + +_algorithmIdentifierMapUpdate = { + id_sha1: univ.Null(), + id_sha224: univ.Null(), + id_sha256: univ.Null(), + id_sha384: univ.Null(), + id_sha512: univ.Null(), + id_mgf1: rfc5280.AlgorithmIdentifier(), + id_pSpecified: univ.OctetString(), + id_RSAES_OAEP: RSAES_OAEP_params(), + id_RSASSA_PSS: RSASSA_PSS_params(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4108.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4108.py new file mode 100644 index 0000000000000000000000000000000000000000..ecace9e3ee958500c827ac3d1cda8232e91db992 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4108.py @@ -0,0 +1,350 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add items from the verified errata. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Firmware Wrapper +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4108.txt +# https://www.rfc-editor.org/errata_search.php?rfc=4108 +# + + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +class HardwareSerialEntry(univ.Choice): + pass + +HardwareSerialEntry.componentType = namedtype.NamedTypes( + namedtype.NamedType('all', univ.Null()), + namedtype.NamedType('single', univ.OctetString()), + namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('low', univ.OctetString()), + namedtype.NamedType('high', univ.OctetString()) + )) + ) +) + + +class HardwareModules(univ.Sequence): + pass + +HardwareModules.componentType = namedtype.NamedTypes( + namedtype.NamedType('hwType', univ.ObjectIdentifier()), + namedtype.NamedType('hwSerialEntries', univ.SequenceOf(componentType=HardwareSerialEntry())) +) + + +class CommunityIdentifier(univ.Choice): + pass + +CommunityIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('communityOID', univ.ObjectIdentifier()), + namedtype.NamedType('hwModuleList', HardwareModules()) +) + + + +class PreferredPackageIdentifier(univ.Sequence): + pass + +PreferredPackageIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('fwPkgID', univ.ObjectIdentifier()), + namedtype.NamedType('verNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) +) + + +class PreferredOrLegacyPackageIdentifier(univ.Choice): + pass + +PreferredOrLegacyPackageIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('preferred', PreferredPackageIdentifier()), + namedtype.NamedType('legacy', univ.OctetString()) +) + + +class CurrentFWConfig(univ.Sequence): + pass + +CurrentFWConfig.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('fwPkgType', univ.Integer()), + namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()) +) + + +class PreferredOrLegacyStalePackageIdentifier(univ.Choice): + pass + +PreferredOrLegacyStalePackageIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('preferredStaleVerNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.NamedType('legacyStaleVersion', univ.OctetString()) +) + + +class FirmwarePackageLoadErrorCode(univ.Enumerated): + pass + +FirmwarePackageLoadErrorCode.namedValues = namedval.NamedValues( + ('decodeFailure', 1), + ('badContentInfo', 2), + ('badSignedData', 3), + ('badEncapContent', 4), + ('badCertificate', 5), + ('badSignerInfo', 6), + ('badSignedAttrs', 7), + ('badUnsignedAttrs', 8), + ('missingContent', 9), + ('noTrustAnchor', 10), + ('notAuthorized', 11), + ('badDigestAlgorithm', 12), + ('badSignatureAlgorithm', 13), + ('unsupportedKeySize', 14), + ('signatureFailure', 15), + ('contentTypeMismatch', 16), + ('badEncryptedData', 17), + ('unprotectedAttrsPresent', 18), + ('badEncryptContent', 19), + ('badEncryptAlgorithm', 20), + ('missingCiphertext', 21), + ('noDecryptKey', 22), + ('decryptFailure', 23), + ('badCompressAlgorithm', 24), + ('missingCompressedContent', 25), + ('decompressFailure', 26), + ('wrongHardware', 27), + ('stalePackage', 28), + ('notInCommunity', 29), + ('unsupportedPackageType', 30), + ('missingDependency', 31), + ('wrongDependencyVersion', 32), + ('insufficientMemory', 33), + ('badFirmware', 34), + ('unsupportedParameters', 35), + ('breaksDependency', 36), + ('otherError', 99) +) + + +class VendorLoadErrorCode(univ.Integer): + pass + + +# Wrapped Firmware Key Unsigned Attribute and Object Identifier + +id_aa_wrappedFirmwareKey = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.39') + +class WrappedFirmwareKey(rfc5652.EnvelopedData): + pass + + +# Firmware Package Information Signed Attribute and Object Identifier + +id_aa_firmwarePackageInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.42') + +class FirmwarePackageInfo(univ.Sequence): + pass + +FirmwarePackageInfo.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('fwPkgType', univ.Integer()), + namedtype.OptionalNamedType('dependencies', univ.SequenceOf(componentType=PreferredOrLegacyPackageIdentifier())) +) + +FirmwarePackageInfo.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) + + +# Community Identifiers Signed Attribute and Object Identifier + +id_aa_communityIdentifiers = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.40') + +class CommunityIdentifiers(univ.SequenceOf): + pass + +CommunityIdentifiers.componentType = CommunityIdentifier() + + +# Implemented Compression Algorithms Signed Attribute and Object Identifier + +id_aa_implCompressAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.43') + +class ImplementedCompressAlgorithms(univ.SequenceOf): + pass + +ImplementedCompressAlgorithms.componentType = univ.ObjectIdentifier() + + +# Implemented Cryptographic Algorithms Signed Attribute and Object Identifier + +id_aa_implCryptoAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.38') + +class ImplementedCryptoAlgorithms(univ.SequenceOf): + pass + +ImplementedCryptoAlgorithms.componentType = univ.ObjectIdentifier() + + +# Decrypt Key Identifier Signed Attribute and Object Identifier + +id_aa_decryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.37') + +class DecryptKeyIdentifier(univ.OctetString): + pass + + +# Target Hardware Identifier Signed Attribute and Object Identifier + +id_aa_targetHardwareIDs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.36') + +class TargetHardwareIdentifiers(univ.SequenceOf): + pass + +TargetHardwareIdentifiers.componentType = univ.ObjectIdentifier() + + +# Firmware Package Identifier Signed Attribute and Object Identifier + +id_aa_firmwarePackageID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.35') + +class FirmwarePackageIdentifier(univ.Sequence): + pass + +FirmwarePackageIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('name', PreferredOrLegacyPackageIdentifier()), + namedtype.OptionalNamedType('stale', PreferredOrLegacyStalePackageIdentifier()) +) + + +# Firmware Package Message Digest Signed Attribute and Object Identifier + +id_aa_fwPkgMessageDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.41') + +class FirmwarePackageMessageDigest(univ.Sequence): + pass + +FirmwarePackageMessageDigest.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('msgDigest', univ.OctetString()) +) + + +# Firmware Package Load Error Report Content Type and Object Identifier + +class FWErrorVersion(univ.Integer): + pass + +FWErrorVersion.namedValues = namedval.NamedValues( + ('v1', 1) +) + + +id_ct_firmwareLoadError = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.18') + +class FirmwarePackageLoadError(univ.Sequence): + pass + +FirmwarePackageLoadError.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', FWErrorVersion().subtype(value='v1')), + namedtype.NamedType('hwType', univ.ObjectIdentifier()), + namedtype.NamedType('hwSerialNum', univ.OctetString()), + namedtype.NamedType('errorCode', FirmwarePackageLoadErrorCode()), + namedtype.OptionalNamedType('vendorErrorCode', VendorLoadErrorCode()), + namedtype.OptionalNamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()), + namedtype.OptionalNamedType('config', univ.SequenceOf(componentType=CurrentFWConfig()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +# Firmware Package Load Receipt Content Type and Object Identifier + +class FWReceiptVersion(univ.Integer): + pass + +FWReceiptVersion.namedValues = namedval.NamedValues( + ('v1', 1) +) + + +id_ct_firmwareLoadReceipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.17') + +class FirmwarePackageLoadReceipt(univ.Sequence): + pass + +FirmwarePackageLoadReceipt.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', FWReceiptVersion().subtype(value='v1')), + namedtype.NamedType('hwType', univ.ObjectIdentifier()), + namedtype.NamedType('hwSerialNum', univ.OctetString()), + namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()), + namedtype.OptionalNamedType('trustAnchorKeyID', univ.OctetString()), + namedtype.OptionalNamedType('decryptKeyID', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +# Firmware Package Content Type and Object Identifier + +id_ct_firmwarePackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.16') + +class FirmwarePkgData(univ.OctetString): + pass + + +# Other Name syntax for Hardware Module Name + +id_on_hardwareModuleName = univ.ObjectIdentifier('1.3.6.1.5.5.7.8.4') + +class HardwareModuleName(univ.Sequence): + pass + +HardwareModuleName.componentType = namedtype.NamedTypes( + namedtype.NamedType('hwType', univ.ObjectIdentifier()), + namedtype.NamedType('hwSerialNum', univ.OctetString()) +) + + +# Map of Attribute Type OIDs to Attributes is added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_wrappedFirmwareKey: WrappedFirmwareKey(), + id_aa_firmwarePackageInfo: FirmwarePackageInfo(), + id_aa_communityIdentifiers: CommunityIdentifiers(), + id_aa_implCompressAlgs: ImplementedCompressAlgorithms(), + id_aa_implCryptoAlgs: ImplementedCryptoAlgorithms(), + id_aa_decryptKeyID: DecryptKeyIdentifier(), + id_aa_targetHardwareIDs: TargetHardwareIdentifiers(), + id_aa_firmwarePackageID: FirmwarePackageIdentifier(), + id_aa_fwPkgMessageDigest: FirmwarePackageMessageDigest(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# Map of Content Type OIDs to Content Types is added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_firmwareLoadError: FirmwarePackageLoadError(), + id_ct_firmwareLoadReceipt: FirmwarePackageLoadReceipt(), + id_ct_firmwarePackage: FirmwarePkgData(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) + + +# Map of Other Name OIDs to Other Name is added to the +# ones that are in rfc5280.py + +_anotherNameMapUpdate = { + id_on_hardwareModuleName: HardwareModuleName(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4210.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4210.py new file mode 100644 index 0000000000000000000000000000000000000000..0935e3e9acea85dd2c723c922b3ae017afbc4d37 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4210.py @@ -0,0 +1,803 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Management Protocol structures as per RFC4210 +# +# Based on Alex Railean's work +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc2314 +from pyasn1_modules import rfc2459 +from pyasn1_modules import rfc2511 + +MAX = float('inf') + + +class KeyIdentifier(univ.OctetString): + pass + + +class CMPCertificate(rfc2459.Certificate): + pass + + +class OOBCert(CMPCertificate): + pass + + +class CertAnnContent(CMPCertificate): + pass + + +class PKIFreeText(univ.SequenceOf): + """ + PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String + """ + componentType = char.UTF8String() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +class PollRepContent(univ.SequenceOf): + """ + PollRepContent ::= SEQUENCE OF SEQUENCE { + certReqId INTEGER, + checkAfter INTEGER, -- time in seconds + reason PKIFreeText OPTIONAL + } + """ + + class CertReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('checkAfter', univ.Integer()), + namedtype.OptionalNamedType('reason', PKIFreeText()) + ) + + componentType = CertReq() + + +class PollReqContent(univ.SequenceOf): + """ + PollReqContent ::= SEQUENCE OF SEQUENCE { + certReqId INTEGER + } + + """ + + class CertReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()) + ) + + componentType = CertReq() + + +class InfoTypeAndValue(univ.Sequence): + """ + InfoTypeAndValue ::= SEQUENCE { + infoType OBJECT IDENTIFIER, + infoValue ANY DEFINED BY infoType OPTIONAL + }""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('infoType', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('infoValue', univ.Any()) + ) + + +class GenRepContent(univ.SequenceOf): + componentType = InfoTypeAndValue() + + +class GenMsgContent(univ.SequenceOf): + componentType = InfoTypeAndValue() + + +class PKIConfirmContent(univ.Null): + pass + + +class CRLAnnContent(univ.SequenceOf): + componentType = rfc2459.CertificateList() + + +class CAKeyUpdAnnContent(univ.Sequence): + """ + CAKeyUpdAnnContent ::= SEQUENCE { + oldWithNew CMPCertificate, + newWithOld CMPCertificate, + newWithNew CMPCertificate + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('oldWithNew', CMPCertificate()), + namedtype.NamedType('newWithOld', CMPCertificate()), + namedtype.NamedType('newWithNew', CMPCertificate()) + ) + + +class RevDetails(univ.Sequence): + """ + RevDetails ::= SEQUENCE { + certDetails CertTemplate, + crlEntryDetails Extensions OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certDetails', rfc2511.CertTemplate()), + namedtype.OptionalNamedType('crlEntryDetails', rfc2459.Extensions()) + ) + + +class RevReqContent(univ.SequenceOf): + componentType = RevDetails() + + +class CertOrEncCert(univ.Choice): + """ + CertOrEncCert ::= CHOICE { + certificate [0] CMPCertificate, + encryptedCert [1] EncryptedValue + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', CMPCertificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('encryptedCert', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class CertifiedKeyPair(univ.Sequence): + """ + CertifiedKeyPair ::= SEQUENCE { + certOrEncCert CertOrEncCert, + privateKey [0] EncryptedValue OPTIONAL, + publicationInfo [1] PKIPublicationInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certOrEncCert', CertOrEncCert()), + namedtype.OptionalNamedType('privateKey', rfc2511.EncryptedValue().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('publicationInfo', rfc2511.PKIPublicationInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class POPODecKeyRespContent(univ.SequenceOf): + componentType = univ.Integer() + + +class Challenge(univ.Sequence): + """ + Challenge ::= SEQUENCE { + owf AlgorithmIdentifier OPTIONAL, + witness OCTET STRING, + challenge OCTET STRING + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()), + namedtype.NamedType('challenge', univ.OctetString()) + ) + + +class PKIStatus(univ.Integer): + """ + PKIStatus ::= INTEGER { + accepted (0), + grantedWithMods (1), + rejection (2), + waiting (3), + revocationWarning (4), + revocationNotification (5), + keyUpdateWarning (6) + } + """ + namedValues = namedval.NamedValues( + ('accepted', 0), + ('grantedWithMods', 1), + ('rejection', 2), + ('waiting', 3), + ('revocationWarning', 4), + ('revocationNotification', 5), + ('keyUpdateWarning', 6) + ) + + +class PKIFailureInfo(univ.BitString): + """ + PKIFailureInfo ::= BIT STRING { + badAlg (0), + badMessageCheck (1), + badRequest (2), + badTime (3), + badCertId (4), + badDataFormat (5), + wrongAuthority (6), + incorrectData (7), + missingTimeStamp (8), + badPOP (9), + certRevoked (10), + certConfirmed (11), + wrongIntegrity (12), + badRecipientNonce (13), + timeNotAvailable (14), + unacceptedPolicy (15), + unacceptedExtension (16), + addInfoNotAvailable (17), + badSenderNonce (18), + badCertTemplate (19), + signerNotTrusted (20), + transactionIdInUse (21), + unsupportedVersion (22), + notAuthorized (23), + systemUnavail (24), + systemFailure (25), + duplicateCertReq (26) + """ + namedValues = namedval.NamedValues( + ('badAlg', 0), + ('badMessageCheck', 1), + ('badRequest', 2), + ('badTime', 3), + ('badCertId', 4), + ('badDataFormat', 5), + ('wrongAuthority', 6), + ('incorrectData', 7), + ('missingTimeStamp', 8), + ('badPOP', 9), + ('certRevoked', 10), + ('certConfirmed', 11), + ('wrongIntegrity', 12), + ('badRecipientNonce', 13), + ('timeNotAvailable', 14), + ('unacceptedPolicy', 15), + ('unacceptedExtension', 16), + ('addInfoNotAvailable', 17), + ('badSenderNonce', 18), + ('badCertTemplate', 19), + ('signerNotTrusted', 20), + ('transactionIdInUse', 21), + ('unsupportedVersion', 22), + ('notAuthorized', 23), + ('systemUnavail', 24), + ('systemFailure', 25), + ('duplicateCertReq', 26) + ) + + +class PKIStatusInfo(univ.Sequence): + """ + PKIStatusInfo ::= SEQUENCE { + status PKIStatus, + statusString PKIFreeText OPTIONAL, + failInfo PKIFailureInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.OptionalNamedType('statusString', PKIFreeText()), + namedtype.OptionalNamedType('failInfo', PKIFailureInfo()) + ) + + +class ErrorMsgContent(univ.Sequence): + """ + ErrorMsgContent ::= SEQUENCE { + pKIStatusInfo PKIStatusInfo, + errorCode INTEGER OPTIONAL, + -- implementation-specific error codes + errorDetails PKIFreeText OPTIONAL + -- implementation-specific error details + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('pKIStatusInfo', PKIStatusInfo()), + namedtype.OptionalNamedType('errorCode', univ.Integer()), + namedtype.OptionalNamedType('errorDetails', PKIFreeText()) + ) + + +class CertStatus(univ.Sequence): + """ + CertStatus ::= SEQUENCE { + certHash OCTET STRING, + certReqId INTEGER, + statusInfo PKIStatusInfo OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certHash', univ.OctetString()), + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.OptionalNamedType('statusInfo', PKIStatusInfo()) + ) + + +class CertConfirmContent(univ.SequenceOf): + componentType = CertStatus() + + +class RevAnnContent(univ.Sequence): + """ + RevAnnContent ::= SEQUENCE { + status PKIStatus, + certId CertId, + willBeRevokedAt GeneralizedTime, + badSinceDate GeneralizedTime, + crlDetails Extensions OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatus()), + namedtype.NamedType('certId', rfc2511.CertId()), + namedtype.NamedType('willBeRevokedAt', useful.GeneralizedTime()), + namedtype.NamedType('badSinceDate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('crlDetails', rfc2459.Extensions()) + ) + + +class RevRepContent(univ.Sequence): + """ + RevRepContent ::= SEQUENCE { + status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, + revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId + OPTIONAL, + crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList + OPTIONAL + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'status', univ.SequenceOf( + componentType=PKIStatusInfo(), + sizeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ), + namedtype.OptionalNamedType( + 'revCerts', univ.SequenceOf(componentType=rfc2511.CertId()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType( + 'crls', univ.SequenceOf(componentType=rfc2459.CertificateList()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + + +class KeyRecRepContent(univ.Sequence): + """ + KeyRecRepContent ::= SEQUENCE { + status PKIStatusInfo, + newSigCert [0] CMPCertificate OPTIONAL, + caCerts [1] SEQUENCE SIZE (1..MAX) OF + CMPCertificate OPTIONAL, + keyPairHist [2] SEQUENCE SIZE (1..MAX) OF + CertifiedKeyPair OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType( + 'newSigCert', CMPCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.OptionalNamedType( + 'caCerts', univ.SequenceOf(componentType=CMPCertificate()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1), + sizeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ), + namedtype.OptionalNamedType('keyPairHist', univ.SequenceOf(componentType=CertifiedKeyPair()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2), + sizeSpec=constraint.ValueSizeConstraint(1, MAX)) + ) + ) + + +class CertResponse(univ.Sequence): + """ + CertResponse ::= SEQUENCE { + certReqId INTEGER, + status PKIStatusInfo, + certifiedKeyPair CertifiedKeyPair OPTIONAL, + rspInfo OCTET STRING OPTIONAL + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('status', PKIStatusInfo()), + namedtype.OptionalNamedType('certifiedKeyPair', CertifiedKeyPair()), + namedtype.OptionalNamedType('rspInfo', univ.OctetString()) + ) + + +class CertRepMessage(univ.Sequence): + """ + CertRepMessage ::= SEQUENCE { + caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate + OPTIONAL, + response SEQUENCE OF CertResponse + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType( + 'caPubs', univ.SequenceOf( + componentType=CMPCertificate() + ).subtype(sizeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)) + ), + namedtype.NamedType('response', univ.SequenceOf(componentType=CertResponse())) + ) + + +class POPODecKeyChallContent(univ.SequenceOf): + componentType = Challenge() + + +class OOBCertHash(univ.Sequence): + """ + OOBCertHash ::= SEQUENCE { + hashAlg [0] AlgorithmIdentifier OPTIONAL, + certId [1] CertId OPTIONAL, + hashVal BIT STRING + } + """ + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType( + 'hashAlg', rfc2459.AlgorithmIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)) + ), + namedtype.OptionalNamedType( + 'certId', rfc2511.CertId().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)) + ), + namedtype.NamedType('hashVal', univ.BitString()) + ) + + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +class NestedMessageContent(univ.SequenceOf): + """ + NestedMessageContent ::= PKIMessages + """ + componentType = univ.Any() + + +class DHBMParameter(univ.Sequence): + """ + DHBMParameter ::= SEQUENCE { + owf AlgorithmIdentifier, + -- AlgId for a One-Way Function (SHA-1 recommended) + mac AlgorithmIdentifier + -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], + } -- or HMAC [RFC2104, RFC2202]) + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) + ) + + +id_DHBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.30') + + +class PBMParameter(univ.Sequence): + """ + PBMParameter ::= SEQUENCE { + salt OCTET STRING, + owf AlgorithmIdentifier, + iterationCount INTEGER, + mac AlgorithmIdentifier + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'salt', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 128)) + ), + namedtype.NamedType('owf', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', rfc2459.AlgorithmIdentifier()) + ) + + +id_PasswordBasedMac = univ.ObjectIdentifier('1.2.840.113533.7.66.13') + + +class PKIProtection(univ.BitString): + pass + + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +nestedMessageContent = NestedMessageContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 20)) + + +class PKIBody(univ.Choice): + """ + PKIBody ::= CHOICE { -- message-specific body elements + ir [0] CertReqMessages, --Initialization Request + ip [1] CertRepMessage, --Initialization Response + cr [2] CertReqMessages, --Certification Request + cp [3] CertRepMessage, --Certification Response + p10cr [4] CertificationRequest, --imported from [PKCS10] + popdecc [5] POPODecKeyChallContent, --pop Challenge + popdecr [6] POPODecKeyRespContent, --pop Response + kur [7] CertReqMessages, --Key Update Request + kup [8] CertRepMessage, --Key Update Response + krr [9] CertReqMessages, --Key Recovery Request + krp [10] KeyRecRepContent, --Key Recovery Response + rr [11] RevReqContent, --Revocation Request + rp [12] RevRepContent, --Revocation Response + ccr [13] CertReqMessages, --Cross-Cert. Request + ccp [14] CertRepMessage, --Cross-Cert. Response + ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. + cann [16] CertAnnContent, --Certificate Ann. + rann [17] RevAnnContent, --Revocation Ann. + crlann [18] CRLAnnContent, --CRL Announcement + pkiconf [19] PKIConfirmContent, --Confirmation + nested [20] NestedMessageContent, --Nested Message + genm [21] GenMsgContent, --General Message + genp [22] GenRepContent, --General Response + error [23] ErrorMsgContent, --Error Message + certConf [24] CertConfirmContent, --Certificate confirm + pollReq [25] PollReqContent, --Polling request + pollRep [26] PollRepContent --Polling response + + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'ir', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + ), + namedtype.NamedType( + 'ip', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ), + namedtype.NamedType( + 'cr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) + ), + namedtype.NamedType( + 'cp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + ), + namedtype.NamedType( + 'p10cr', rfc2314.CertificationRequest().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4) + ) + ), + namedtype.NamedType( + 'popdecc', POPODecKeyChallContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5) + ) + ), + namedtype.NamedType( + 'popdecr', POPODecKeyRespContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6) + ) + ), + namedtype.NamedType( + 'kur', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7) + ) + ), + namedtype.NamedType( + 'kup', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8) + ) + ), + namedtype.NamedType( + 'krr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9) + ) + ), + namedtype.NamedType( + 'krp', KeyRecRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 10) + ) + ), + namedtype.NamedType( + 'rr', RevReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 11) + ) + ), + namedtype.NamedType( + 'rp', RevRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 12) + ) + ), + namedtype.NamedType( + 'ccr', rfc2511.CertReqMessages().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 13) + ) + ), + namedtype.NamedType( + 'ccp', CertRepMessage().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 14) + ) + ), + namedtype.NamedType( + 'ckuann', CAKeyUpdAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 15) + ) + ), + namedtype.NamedType( + 'cann', CertAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 16) + ) + ), + namedtype.NamedType( + 'rann', RevAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 17) + ) + ), + namedtype.NamedType( + 'crlann', CRLAnnContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 18) + ) + ), + namedtype.NamedType( + 'pkiconf', PKIConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 19) + ) + ), + namedtype.NamedType( + 'nested', nestedMessageContent + ), + # namedtype.NamedType('nested', NestedMessageContent().subtype( + # explicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatConstructed,20) + # ) + # ), + namedtype.NamedType( + 'genm', GenMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 21) + ) + ), + namedtype.NamedType( + 'gen', GenRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 22) + ) + ), + namedtype.NamedType( + 'error', ErrorMsgContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 23) + ) + ), + namedtype.NamedType( + 'certConf', CertConfirmContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 24) + ) + ), + namedtype.NamedType( + 'pollReq', PollReqContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 25) + ) + ), + namedtype.NamedType( + 'pollRep', PollRepContent().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 26) + ) + ) + ) + + +class PKIHeader(univ.Sequence): + """ + PKIHeader ::= SEQUENCE { + pvno INTEGER { cmp1999(1), cmp2000(2) }, + sender GeneralName, + recipient GeneralName, + messageTime [0] GeneralizedTime OPTIONAL, + protectionAlg [1] AlgorithmIdentifier OPTIONAL, + senderKID [2] KeyIdentifier OPTIONAL, + recipKID [3] KeyIdentifier OPTIONAL, + transactionID [4] OCTET STRING OPTIONAL, + senderNonce [5] OCTET STRING OPTIONAL, + recipNonce [6] OCTET STRING OPTIONAL, + freeText [7] PKIFreeText OPTIONAL, + generalInfo [8] SEQUENCE SIZE (1..MAX) OF + InfoTypeAndValue OPTIONAL + } + + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'pvno', univ.Integer( + namedValues=namedval.NamedValues(('cmp1999', 1), ('cmp2000', 2)) + ) + ), + namedtype.NamedType('sender', rfc2459.GeneralName()), + namedtype.NamedType('recipient', rfc2459.GeneralName()), + namedtype.OptionalNamedType('messageTime', useful.GeneralizedTime().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('protectionAlg', rfc2459.AlgorithmIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('senderKID', rfc2459.KeyIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('recipKID', rfc2459.KeyIdentifier().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('transactionID', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('senderNonce', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.OptionalNamedType('recipNonce', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('freeText', PKIFreeText().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))), + namedtype.OptionalNamedType('generalInfo', + univ.SequenceOf( + componentType=InfoTypeAndValue().subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX) + ) + ).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)) + ) + ) + + +class ProtectedPart(univ.Sequence): + """ + ProtectedPart ::= SEQUENCE { + header PKIHeader, + body PKIBody + } + """ + componentType = namedtype.NamedTypes( + namedtype.NamedType('header', PKIHeader()), + namedtype.NamedType('infoValue', PKIBody()) + ) + + +class PKIMessage(univ.Sequence): + """ + PKIMessage ::= SEQUENCE { + header PKIHeader, + body PKIBody, + protection [0] PKIProtection OPTIONAL, + extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate + OPTIONAL + }""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('header', PKIHeader()), + namedtype.NamedType('body', PKIBody()), + namedtype.OptionalNamedType('protection', PKIProtection().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('extraCerts', + univ.SequenceOf( + componentType=CMPCertificate() + ).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX), + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + ) + ) + + +class PKIMessages(univ.SequenceOf): + """ + PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage + """ + componentType = PKIMessage() + sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) + + +# pyasn1 does not naturally handle recursive definitions, thus this hack: +# NestedMessageContent ::= PKIMessages +NestedMessageContent._componentType = PKIMessages() +nestedMessageContent._componentType = PKIMessages() diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4476.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4476.py new file mode 100644 index 0000000000000000000000000000000000000000..25a0ccb7e88d3c5a12f15861b9f5ba59537b1742 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4476.py @@ -0,0 +1,93 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Attribute Certificate Policies Extension +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4476.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# Imports from RFC 5280 + +PolicyQualifierId = rfc5280.PolicyQualifierId + +PolicyQualifierInfo = rfc5280.PolicyQualifierInfo + +UserNotice = rfc5280.UserNotice + +id_pkix = rfc5280.id_pkix + + +# Object Identifiers + +id_pe = id_pkix + (1,) + +id_pe_acPolicies = id_pe + (15,) + +id_qt = id_pkix + (2,) + +id_qt_acps = id_qt + (4,) + +id_qt_acunotice = id_qt + (5,) + + +# Attribute Certificate Policies Extension + +class ACUserNotice(UserNotice): + pass + + +class ACPSuri(char.IA5String): + pass + + +class AcPolicyId(univ.ObjectIdentifier): + pass + + +class PolicyInformation(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', AcPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', + univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +class AcPoliciesSyntax(univ.SequenceOf): + componentType = PolicyInformation() + subtypeSpec = constraint.ValueSizeConstraint(1, MAX) + + +# Update the policy qualifier map in rfc5280.py + +_policyQualifierInfoMapUpdate = { + id_qt_acps: ACPSuri(), + id_qt_acunotice: UserNotice(), +} + +rfc5280.policyQualifierInfoMap.update(_policyQualifierInfoMapUpdate) + + +# Update the certificate extension map in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_acPolicies: AcPoliciesSyntax(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4985.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4985.py new file mode 100644 index 0000000000000000000000000000000000000000..318e412380dfc345bb8c0bdf1e6d74afca370d58 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4985.py @@ -0,0 +1,49 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Expression of Service Names in X.509 Certificates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4985.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# As specified in Appendix A.2 of RFC 4985 + +id_pkix = rfc5280.id_pkix + +id_on = id_pkix + (8, ) + +id_on_dnsSRV = id_on + (7, ) + + +class SRVName(char.IA5String): + subtypeSpec = constraint.ValueSizeConstraint(1, MAX) + + +srvName = rfc5280.AnotherName() +srvName['type-id'] = id_on_dnsSRV +srvName['value'] = SRVName() + + +# Map of Other Name OIDs to Other Name is added to the +# ones that are in rfc5280.py + +_anotherNameMapUpdate = { + id_on_dnsSRV: SRVName(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5035.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5035.py new file mode 100644 index 0000000000000000000000000000000000000000..1cec98249cb7395a3c8e48a1efb6f6c2362ff558 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5035.py @@ -0,0 +1,199 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add a map for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Update to Enhanced Security Services for S/MIME +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5035.txt +# + +from pyasn1.codec.der.encoder import encode as der_encode + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc2634 +from pyasn1_modules import rfc4055 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5280 + +ContentType = rfc5652.ContentType + +IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber + +SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +PolicyInformation = rfc5280.PolicyInformation + +GeneralNames = rfc5280.GeneralNames + +CertificateSerialNumber = rfc5280.CertificateSerialNumber + + +# Signing Certificate Attribute V1 and V2 + +id_aa_signingCertificate = rfc2634.id_aa_signingCertificate + +id_aa_signingCertificateV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.47') + +Hash = rfc2634.Hash + +IssuerSerial = rfc2634.IssuerSerial + +ESSCertID = rfc2634.ESSCertID + +SigningCertificate = rfc2634.SigningCertificate + + +sha256AlgId = AlgorithmIdentifier() +sha256AlgId['algorithm'] = rfc4055.id_sha256 +# A non-schema object for sha256AlgId['parameters'] as absent +sha256AlgId['parameters'] = der_encode(univ.OctetString('')) + + +class ESSCertIDv2(univ.Sequence): + pass + +ESSCertIDv2.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('hashAlgorithm', sha256AlgId), + namedtype.NamedType('certHash', Hash()), + namedtype.OptionalNamedType('issuerSerial', IssuerSerial()) +) + + +class SigningCertificateV2(univ.Sequence): + pass + +SigningCertificateV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('certs', univ.SequenceOf( + componentType=ESSCertIDv2())), + namedtype.OptionalNamedType('policies', univ.SequenceOf( + componentType=PolicyInformation())) +) + + +# Mail List Expansion History Attribute + +id_aa_mlExpandHistory = rfc2634.id_aa_mlExpandHistory + +ub_ml_expansion_history = rfc2634.ub_ml_expansion_history + +EntityIdentifier = rfc2634.EntityIdentifier + +MLReceiptPolicy = rfc2634.MLReceiptPolicy + +MLData = rfc2634.MLData + +MLExpansionHistory = rfc2634.MLExpansionHistory + + +# ESS Security Label Attribute + +id_aa_securityLabel = rfc2634.id_aa_securityLabel + +ub_privacy_mark_length = rfc2634.ub_privacy_mark_length + +ub_security_categories = rfc2634.ub_security_categories + +ub_integer_options = rfc2634.ub_integer_options + +ESSPrivacyMark = rfc2634.ESSPrivacyMark + +SecurityClassification = rfc2634.SecurityClassification + +SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier + +SecurityCategory = rfc2634.SecurityCategory + +SecurityCategories = rfc2634.SecurityCategories + +ESSSecurityLabel = rfc2634.ESSSecurityLabel + + +# Equivalent Labels Attribute + +id_aa_equivalentLabels = rfc2634.id_aa_equivalentLabels + +EquivalentLabels = rfc2634.EquivalentLabels + + +# Content Identifier Attribute + +id_aa_contentIdentifier = rfc2634.id_aa_contentIdentifier + +ContentIdentifier = rfc2634.ContentIdentifier + + +# Content Reference Attribute + +id_aa_contentReference = rfc2634.id_aa_contentReference + +ContentReference = rfc2634.ContentReference + + +# Message Signature Digest Attribute + +id_aa_msgSigDigest = rfc2634.id_aa_msgSigDigest + +MsgSigDigest = rfc2634.MsgSigDigest + + +# Content Hints Attribute + +id_aa_contentHint = rfc2634.id_aa_contentHint + +ContentHints = rfc2634.ContentHints + + +# Receipt Request Attribute + +AllOrFirstTier = rfc2634.AllOrFirstTier + +ReceiptsFrom = rfc2634.ReceiptsFrom + +id_aa_receiptRequest = rfc2634.id_aa_receiptRequest + +ub_receiptsTo = rfc2634.ub_receiptsTo + +ReceiptRequest = rfc2634.ReceiptRequest + + +# Receipt Content Type + +ESSVersion = rfc2634.ESSVersion + +id_ct_receipt = rfc2634.id_ct_receipt + +Receipt = rfc2634.Receipt + +ub_receiptsTo = rfc2634.ub_receiptsTo + +ReceiptRequest = rfc2634.ReceiptRequest + + +# Map of Attribute Type to the Attribute structure is added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_signingCertificateV2: SigningCertificateV2(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# Map of Content Type OIDs to Content Types is added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_receipt: Receipt(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5126.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5126.py new file mode 100644 index 0000000000000000000000000000000000000000..8e016c209fea96cef48739ae42ec14ca71ed6a14 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5126.py @@ -0,0 +1,577 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Advanced Electronic Signatures (CAdES) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5126.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import useful +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5035 +from pyasn1_modules import rfc5755 +from pyasn1_modules import rfc6960 +from pyasn1_modules import rfc3161 + +MAX = float('inf') + + +# Maps for OpenTypes + +commitmentQualifierMap = { } + +sigQualifiersMap = { } + +otherRevRefMap = { } + +otherRevValMap = { } + + +# Imports from RFC 5652 + +ContentInfo = rfc5652.ContentInfo + +ContentType = rfc5652.ContentType + +SignedData = rfc5652.SignedData + +EncapsulatedContentInfo = rfc5652.EncapsulatedContentInfo + +SignerInfo = rfc5652.SignerInfo + +MessageDigest = rfc5652.MessageDigest + +SigningTime = rfc5652.SigningTime + +Countersignature = rfc5652.Countersignature + +id_data = rfc5652.id_data + +id_signedData = rfc5652.id_signedData + +id_contentType= rfc5652.id_contentType + +id_messageDigest = rfc5652.id_messageDigest + +id_signingTime = rfc5652.id_signingTime + +id_countersignature = rfc5652.id_countersignature + + +# Imports from RFC 5035 + +SigningCertificate = rfc5035.SigningCertificate + +IssuerSerial = rfc5035.IssuerSerial + +ContentReference = rfc5035.ContentReference + +ContentIdentifier = rfc5035.ContentIdentifier + +id_aa_contentReference = rfc5035.id_aa_contentReference + +id_aa_contentIdentifier = rfc5035.id_aa_contentIdentifier + +id_aa_signingCertificate = rfc5035.id_aa_signingCertificate + +id_aa_signingCertificateV2 = rfc5035.id_aa_signingCertificateV2 + + +# Imports from RFC 5280 + +Certificate = rfc5280.Certificate + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +CertificateList = rfc5280.CertificateList + +Name = rfc5280.Name + +Attribute = rfc5280.Attribute + +GeneralNames = rfc5280.GeneralNames + +GeneralName = rfc5280.GeneralName + +PolicyInformation = rfc5280.PolicyInformation + +DirectoryString = rfc5280.DirectoryString + + +# Imports from RFC 5755 + +AttributeCertificate = rfc5755.AttributeCertificate + + +# Imports from RFC 6960 + +BasicOCSPResponse = rfc6960.BasicOCSPResponse + +ResponderID = rfc6960.ResponderID + + +# Imports from RFC 3161 + +TimeStampToken = rfc3161.TimeStampToken + + +# OID used referencing electronic signature mechanisms + +id_etsi_es_IDUP_Mechanism_v1 = univ.ObjectIdentifier('0.4.0.1733.1.4.1') + + +# OtherSigningCertificate - deprecated + +id_aa_ets_otherSigCert = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.19') + + +class OtherHashValue(univ.OctetString): + pass + + +class OtherHashAlgAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('hashValue', OtherHashValue()) + ) + + +class OtherHash(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('sha1Hash', OtherHashValue()), + namedtype.NamedType('otherHash', OtherHashAlgAndValue()) + ) + + +class OtherCertID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('otherCertHash', OtherHash()), + namedtype.OptionalNamedType('issuerSerial', IssuerSerial()) + ) + + +class OtherSigningCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certs', + univ.SequenceOf(componentType=OtherCertID())), + namedtype.OptionalNamedType('policies', + univ.SequenceOf(componentType=PolicyInformation())) + ) + + +# Signature Policy Identifier + +id_aa_ets_sigPolicyId = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.15') + + +class SigPolicyId(univ.ObjectIdentifier): + pass + + +class SigPolicyHash(OtherHashAlgAndValue): + pass + + +class SigPolicyQualifierId(univ.ObjectIdentifier): + pass + + +class SigPolicyQualifierInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('sigPolicyQualifierId', SigPolicyQualifierId()), + namedtype.NamedType('sigQualifier', univ.Any(), + openType=opentype.OpenType('sigPolicyQualifierId', sigQualifiersMap)) + ) + + +class SignaturePolicyId(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('sigPolicyId', SigPolicyId()), + namedtype.NamedType('sigPolicyHash', SigPolicyHash()), + namedtype.OptionalNamedType('sigPolicyQualifiers', + univ.SequenceOf(componentType=SigPolicyQualifierInfo()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +class SignaturePolicyImplied(univ.Null): + pass + + +class SignaturePolicy(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signaturePolicyId', SignaturePolicyId()), + namedtype.NamedType('signaturePolicyImplied', SignaturePolicyImplied()) + ) + + +id_spq_ets_unotice = univ.ObjectIdentifier('1.2.840.113549.1.9.16.5.2') + + +class DisplayText(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('visibleString', char.VisibleString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 200))) + ) + + +class NoticeReference(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', + univ.SequenceOf(componentType=univ.Integer())) + ) + +class SPUserNotice(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) + ) + + +noticeToUser = SigPolicyQualifierInfo() +noticeToUser['sigPolicyQualifierId'] = id_spq_ets_unotice +noticeToUser['sigQualifier'] = SPUserNotice() + + +id_spq_ets_uri = univ.ObjectIdentifier('1.2.840.113549.1.9.16.5.1') + + +class SPuri(char.IA5String): + pass + + +pointerToSigPolSpec = SigPolicyQualifierInfo() +pointerToSigPolSpec['sigPolicyQualifierId'] = id_spq_ets_uri +pointerToSigPolSpec['sigQualifier'] = SPuri() + + +# Commitment Type + +id_aa_ets_commitmentType = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.16') + + +class CommitmentTypeIdentifier(univ.ObjectIdentifier): + pass + + +class CommitmentTypeQualifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('commitmentTypeIdentifier', + CommitmentTypeIdentifier()), + namedtype.NamedType('qualifier', univ.Any(), + openType=opentype.OpenType('commitmentTypeIdentifier', + commitmentQualifierMap)) + ) + + +class CommitmentTypeIndication(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('commitmentTypeId', CommitmentTypeIdentifier()), + namedtype.OptionalNamedType('commitmentTypeQualifier', + univ.SequenceOf(componentType=CommitmentTypeQualifier()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +id_cti_ets_proofOfOrigin = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.1') + +id_cti_ets_proofOfReceipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.2') + +id_cti_ets_proofOfDelivery = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.3') + +id_cti_ets_proofOfSender = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.4') + +id_cti_ets_proofOfApproval = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.5') + +id_cti_ets_proofOfCreation = univ.ObjectIdentifier('1.2.840.113549.1.9.16.6.6') + + +# Signer Location + +id_aa_ets_signerLocation = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.17') + + +class PostalAddress(univ.SequenceOf): + componentType = DirectoryString() + subtypeSpec = constraint.ValueSizeConstraint(1, 6) + + +class SignerLocation(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('countryName', + DirectoryString().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('localityName', + DirectoryString().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('postalAdddress', + PostalAddress().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +# Signature Timestamp + +id_aa_signatureTimeStampToken = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.14') + + +class SignatureTimeStampToken(TimeStampToken): + pass + + +# Content Timestamp + +id_aa_ets_contentTimestamp = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.20') + + +class ContentTimestamp(TimeStampToken): + pass + + +# Signer Attributes + +id_aa_ets_signerAttr = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.18') + + +class ClaimedAttributes(univ.SequenceOf): + componentType = Attribute() + + +class CertifiedAttributes(AttributeCertificate): + pass + + +class SignerAttribute(univ.SequenceOf): + componentType = univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('claimedAttributes', + ClaimedAttributes().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('certifiedAttributes', + CertifiedAttributes().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + )) + + +# Complete Certificate Refs + +id_aa_ets_certificateRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.21') + + +class CompleteCertificateRefs(univ.SequenceOf): + componentType = OtherCertID() + + +# Complete Revocation Refs + +id_aa_ets_revocationRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.22') + + +class CrlIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('crlissuer', Name()), + namedtype.NamedType('crlIssuedTime', useful.UTCTime()), + namedtype.OptionalNamedType('crlNumber', univ.Integer()) + ) + + +class CrlValidatedID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('crlHash', OtherHash()), + namedtype.OptionalNamedType('crlIdentifier', CrlIdentifier()) + ) + + +class CRLListID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('crls', + univ.SequenceOf(componentType=CrlValidatedID())) + ) + + +class OcspIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ocspResponderID', ResponderID()), + namedtype.NamedType('producedAt', useful.GeneralizedTime()) + ) + + +class OcspResponsesID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ocspIdentifier', OcspIdentifier()), + namedtype.OptionalNamedType('ocspRepHash', OtherHash()) + ) + + +class OcspListID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ocspResponses', + univ.SequenceOf(componentType=OcspResponsesID())) + ) + + +class OtherRevRefType(univ.ObjectIdentifier): + pass + + +class OtherRevRefs(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('otherRevRefType', OtherRevRefType()), + namedtype.NamedType('otherRevRefs', univ.Any(), + openType=opentype.OpenType('otherRevRefType', otherRevRefMap)) + ) + + +class CrlOcspRef(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('crlids', + CRLListID().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ocspids', + OcspListID().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('otherRev', + OtherRevRefs().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) + + +class CompleteRevocationRefs(univ.SequenceOf): + componentType = CrlOcspRef() + + +# Certificate Values + +id_aa_ets_certValues = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.23') + + +class CertificateValues(univ.SequenceOf): + componentType = Certificate() + + +# Certificate Revocation Values + +id_aa_ets_revocationValues = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.24') + + +class OtherRevValType(univ.ObjectIdentifier): + pass + + +class OtherRevVals(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('otherRevValType', OtherRevValType()), + namedtype.NamedType('otherRevVals', univ.Any(), + openType=opentype.OpenType('otherRevValType', otherRevValMap)) + ) + + +class RevocationValues(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('crlVals', + univ.SequenceOf(componentType=CertificateList()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('ocspVals', + univ.SequenceOf(componentType=BasicOCSPResponse()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('otherRevVals', + OtherRevVals().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) + + +# CAdES-C Timestamp + +id_aa_ets_escTimeStamp = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.25') + + +class ESCTimeStampToken(TimeStampToken): + pass + + +# Time-Stamped Certificates and CRLs + +id_aa_ets_certCRLTimestamp = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.26') + + +class TimestampedCertsCRLs(TimeStampToken): + pass + + +# Archive Timestamp + +id_aa_ets_archiveTimestampV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.48') + + +class ArchiveTimeStampToken(TimeStampToken): + pass + + +# Attribute certificate references + +id_aa_ets_attrCertificateRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.44') + + +class AttributeCertificateRefs(univ.SequenceOf): + componentType = OtherCertID() + + +# Attribute revocation references + +id_aa_ets_attrRevocationRefs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.45') + + +class AttributeRevocationRefs(univ.SequenceOf): + componentType = CrlOcspRef() + + +# Update the sigQualifiersMap + +_sigQualifiersMapUpdate = { + id_spq_ets_unotice: SPUserNotice(), + id_spq_ets_uri: SPuri(), +} + +sigQualifiersMap.update(_sigQualifiersMapUpdate) + + +# Update the CMS Attribute Map in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_ets_otherSigCert: OtherSigningCertificate(), + id_aa_ets_sigPolicyId: SignaturePolicy(), + id_aa_ets_commitmentType: CommitmentTypeIndication(), + id_aa_ets_signerLocation: SignerLocation(), + id_aa_signatureTimeStampToken: SignatureTimeStampToken(), + id_aa_ets_contentTimestamp: ContentTimestamp(), + id_aa_ets_signerAttr: SignerAttribute(), + id_aa_ets_certificateRefs: CompleteCertificateRefs(), + id_aa_ets_revocationRefs: CompleteRevocationRefs(), + id_aa_ets_certValues: CertificateValues(), + id_aa_ets_revocationValues: RevocationValues(), + id_aa_ets_escTimeStamp: ESCTimeStampToken(), + id_aa_ets_certCRLTimestamp: TimestampedCertsCRLs(), + id_aa_ets_archiveTimestampV2: ArchiveTimeStampToken(), + id_aa_ets_attrCertificateRefs: AttributeCertificateRefs(), + id_aa_ets_attrRevocationRefs: AttributeRevocationRefs(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5208.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5208.py new file mode 100644 index 0000000000000000000000000000000000000000..295fdbf388bfed5c9c040d4c8690cc5cbb97d793 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5208.py @@ -0,0 +1,56 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS#8 syntax +# +# ASN.1 source from: +# http://tools.ietf.org/html/rfc5208 +# +# Sample captures could be obtained with "openssl pkcs8 -topk8" command +# +from pyasn1_modules import rfc2251 +from pyasn1_modules.rfc2459 import * + + +class KeyEncryptionAlgorithms(AlgorithmIdentifier): + pass + + +class PrivateKeyAlgorithms(AlgorithmIdentifier): + pass + + +class EncryptedData(univ.OctetString): + pass + + +class EncryptedPrivateKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptionAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('encryptedData', EncryptedData()) + ) + + +class PrivateKey(univ.OctetString): + pass + + +class Attributes(univ.SetOf): + componentType = rfc2251.Attribute() + + +class Version(univ.Integer): + namedValues = namedval.NamedValues(('v1', 0), ('v2', 1)) + + +class PrivateKeyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('privateKeyAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('privateKey', PrivateKey()), + namedtype.OptionalNamedType('attributes', Attributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5636.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5636.py new file mode 100644 index 0000000000000000000000000000000000000000..f87bc4ec82f0b2452c63f896bf45f21513977369 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5636.py @@ -0,0 +1,113 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Traceable Anonymous Certificate +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5480.txt + +from pyasn1.type import namedtype +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc5652 + + +# Imports from RFC 5652 + +ContentInfo = rfc5652.ContentInfo + +EncapsulatedContentInfo = rfc5652.EncapsulatedContentInfo + +id_data = rfc5652.id_data + + +# Object Identifiers + +id_KISA = univ.ObjectIdentifier((1, 2, 410, 200004,)) + + +id_npki = id_KISA + (10,) + + +id_attribute = id_npki + (1,) + + +id_kisa_tac = id_attribute + (1,) + + +id_kisa_tac_token = id_kisa_tac + (1,) + + +id_kisa_tac_tokenandblindbash = id_kisa_tac + (2,) + + +id_kisa_tac_tokenandpartially = id_kisa_tac + (3,) + + +# Structures for Traceable Anonymous Certificate (TAC) + +class UserKey(univ.OctetString): + pass + + +class Timeout(useful.GeneralizedTime): + pass + + +class BlinedCertificateHash(univ.OctetString): + pass + + +class PartiallySignedCertificateHash(univ.OctetString): + pass + + +class Token(ContentInfo): + pass + + +class TokenandBlindHash(ContentInfo): + pass + + +class TokenandPartiallySignedCertificateHash(ContentInfo): + pass + + +# Added to the module in RFC 5636 for the CMS Content Type Map + +class TACToken(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userKey', UserKey()), + namedtype.NamedType('timeout', Timeout()) + ) + + +class TACTokenandBlindHash(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('token', Token()), + namedtype.NamedType('blinded', BlinedCertificateHash()) + ) + + +class TACTokenandPartiallySignedCertificateHash(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('token', Token()), + namedtype.NamedType('partially', PartiallySignedCertificateHash()) + ) + + +# Add to the CMS Content Type Map in rfc5752.py + +_cmsContentTypesMapUpdate = { + id_kisa_tac_token: TACToken(), + id_kisa_tac_tokenandblindbash: TACTokenandBlindHash(), + id_kisa_tac_tokenandpartially: TACTokenandPartiallySignedCertificateHash(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5639.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5639.py new file mode 100644 index 0000000000000000000000000000000000000000..d48d30044b07a7344bfc105ad2a8bd5b4e343d92 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5639.py @@ -0,0 +1,49 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Elliptic Curve Cryptography Brainpool Standard Curves +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5639.txt + + +from pyasn1.type import univ + + +ecStdCurvesAndGeneration = univ.ObjectIdentifier((1, 3, 36, 3, 3, 2, 8,)) + +ellipticCurve = ecStdCurvesAndGeneration + (1,) + +versionOne = ellipticCurve + (1,) + +brainpoolP160r1 = versionOne + (1,) + +brainpoolP160t1 = versionOne + (2,) + +brainpoolP192r1 = versionOne + (3,) + +brainpoolP192t1 = versionOne + (4,) + +brainpoolP224r1 = versionOne + (5,) + +brainpoolP224t1 = versionOne + (6,) + +brainpoolP256r1 = versionOne + (7,) + +brainpoolP256t1 = versionOne + (8,) + +brainpoolP320r1 = versionOne + (9,) + +brainpoolP320t1 = versionOne + (10,) + +brainpoolP384r1 = versionOne + (11,) + +brainpoolP384t1 = versionOne + (12,) + +brainpoolP512r1 = versionOne + (13,) + +brainpoolP512t1 = versionOne + (14,) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5649.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5649.py new file mode 100644 index 0000000000000000000000000000000000000000..84809eeb188d23648f30940b9892619ad0699d58 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5649.py @@ -0,0 +1,33 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# AES Key Wrap with Padding +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5649.txt + +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +class AlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +id_aes128_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.5') + +id_aes192_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.25') + +id_aes256_wrap = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.45') + + +id_aes128_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.8') + +id_aes192_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.28') + +id_aes256_wrap_pad = univ.ObjectIdentifier('2.16.840.1.101.3.4.1.48') diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5652.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5652.py new file mode 100644 index 0000000000000000000000000000000000000000..1e958293df5e01d79b64c9c8798202079f3c4269 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5652.py @@ -0,0 +1,761 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Modified by Russ Housley to add support for opentypes. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc5652.txt +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc3281 +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +def _buildOid(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +cmsContentTypesMap = { } + +cmsAttributesMap = { } + +otherKeyAttributesMap = { } + +otherCertFormatMap = { } + +otherRevInfoFormatMap = { } + +otherRecipientInfoMap = { } + + +class AttCertVersionV1(univ.Integer): + pass + + +AttCertVersionV1.namedValues = namedval.NamedValues( + ('v1', 0) +) + + +class AttributeCertificateInfoV1(univ.Sequence): + pass + + +AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), + namedtype.NamedType( + 'subject', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + ) + ), + namedtype.NamedType('issuer', rfc5280.GeneralNames()), + namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), + namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), + namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', rfc5280.Extensions()) +) + + +class AttributeCertificateV1(univ.Sequence): + pass + + +AttributeCertificateV1.componentType = namedtype.NamedTypes( + namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), + namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class AttributeValue(univ.Any): + pass + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('attrType', cmsAttributesMap) + ) +) + + +class SignedAttributes(univ.SetOf): + pass + + +SignedAttributes.componentType = Attribute() +SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class AttributeCertificateV2(rfc3281.AttributeCertificate): + pass + + +class OtherKeyAttribute(univ.Sequence): + pass + + +OtherKeyAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('keyAttr', univ.Any(), + openType=opentype.OpenType('keyAttrId', otherKeyAttributesMap) + ) +) + + +class UnauthAttributes(univ.SetOf): + pass + + +UnauthAttributes.componentType = Attribute() +UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) + + +class SignatureValue(univ.OctetString): + pass + + +class IssuerAndSerialNumber(univ.Sequence): + pass + + +IssuerAndSerialNumber.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc5280.Name()), + namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()) +) + + +class SubjectKeyIdentifier(univ.OctetString): + pass + + +class RecipientKeyIdentifier(univ.Sequence): + pass + + +RecipientKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KeyAgreeRecipientIdentifier(univ.Choice): + pass + + +KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class EncryptedKey(univ.OctetString): + pass + + +class RecipientEncryptedKey(univ.Sequence): + pass + + +RecipientEncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientEncryptedKeys(univ.SequenceOf): + pass + + +RecipientEncryptedKeys.componentType = RecipientEncryptedKey() + + +class MessageAuthenticationCode(univ.OctetString): + pass + + +class CMSVersion(univ.Integer): + pass + + +CMSVersion.namedValues = namedval.NamedValues( + ('v0', 0), + ('v1', 1), + ('v2', 2), + ('v3', 3), + ('v4', 4), + ('v5', 5) +) + + +class OtherCertificateFormat(univ.Sequence): + pass + + +OtherCertificateFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherCert', univ.Any(), + openType=opentype.OpenType('otherCertFormat', otherCertFormatMap) + ) +) + + +class ExtendedCertificateInfo(univ.Sequence): + pass + + +ExtendedCertificateInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('certificate', rfc5280.Certificate()), + namedtype.NamedType('attributes', UnauthAttributes()) +) + + +class Signature(univ.BitString): + pass + + +class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class ExtendedCertificate(univ.Sequence): + pass + + +ExtendedCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) +) + + +class CertificateChoices(univ.Choice): + pass + + +CertificateChoices.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc5280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class CertificateSet(univ.SetOf): + pass + + +CertificateSet.componentType = CertificateChoices() + + +class OtherRevocationInfoFormat(univ.Sequence): + pass + + +OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherRevInfo', univ.Any(), + openType=opentype.OpenType('otherRevInfoFormat', otherRevInfoFormatMap) + ) +) + + +class RevocationInfoChoice(univ.Choice): + pass + + +RevocationInfoChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('crl', rfc5280.CertificateList()), + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class RevocationInfoChoices(univ.SetOf): + pass + + +RevocationInfoChoices.componentType = RevocationInfoChoice() + + +class OriginatorInfo(univ.Sequence): + pass + + +OriginatorInfo.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('certs', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class ContentType(univ.ObjectIdentifier): + pass + + +class EncryptedContent(univ.OctetString): + pass + + +class ContentEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class EncryptedContentInfo(univ.Sequence): + pass + + +EncryptedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class UnprotectedAttributes(univ.SetOf): + pass + + +UnprotectedAttributes.componentType = Attribute() +UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class KEKIdentifier(univ.Sequence): + pass + + +KEKIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyIdentifier', univ.OctetString()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KEKRecipientInfo(univ.Sequence): + pass + + +KEKRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('kekid', KEKIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class KeyDerivationAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class PasswordRecipientInfo(univ.Sequence): + pass + + +PasswordRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientIdentifier(univ.Choice): + pass + + +RecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class KeyTransRecipientInfo(univ.Sequence): + pass + + +KeyTransRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('rid', RecipientIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class UserKeyingMaterial(univ.OctetString): + pass + + +class OriginatorPublicKey(univ.Sequence): + pass + + +OriginatorPublicKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('publicKey', univ.BitString()) +) + + +class OriginatorIdentifierOrKey(univ.Choice): + pass + + +OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class KeyAgreeRecipientInfo(univ.Sequence): + pass + + +KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) +) + + +class OtherRecipientInfo(univ.Sequence): + pass + + +OtherRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('oriType', univ.ObjectIdentifier()), + namedtype.NamedType('oriValue', univ.Any(), + openType=opentype.OpenType('oriType', otherRecipientInfoMap) + ) +) + + +class RecipientInfo(univ.Choice): + pass + + +RecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('ktri', KeyTransRecipientInfo()), + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) +) + + +class RecipientInfos(univ.SetOf): + pass + + +RecipientInfos.componentType = RecipientInfo() +RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class EnvelopedData(univ.Sequence): + pass + + +EnvelopedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) + +id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) + + +class EncryptedData(univ.Sequence): + pass + + +EncryptedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + +id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) + +id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) + + +class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier): + pass + + +class UnsignedAttributes(univ.SetOf): + pass + + +UnsignedAttributes.componentType = Attribute() +UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class SignerIdentifier(univ.Choice): + pass + + +SignerIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class SignerInfo(univ.Sequence): + pass + + +SignerInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('sid', SignerIdentifier()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', SignatureValue()), + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SignerInfos(univ.SetOf): + pass + + +SignerInfos.componentType = SignerInfo() + + +class Countersignature(SignerInfo): + pass + + +class ContentInfo(univ.Sequence): + pass + + +ContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('contentType', cmsContentTypesMap) + ) +) + + +class EncapsulatedContentInfo(univ.Sequence): + pass + + +EncapsulatedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('eContentType', ContentType()), + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + +id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) + +id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) + + +class MessageDigest(univ.OctetString): + pass + + +class AuthAttributes(univ.SetOf): + pass + + +AuthAttributes.componentType = Attribute() +AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class AuthenticatedData(univ.Sequence): + pass + + +AuthenticatedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('mac', MessageAuthenticationCode()), + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) + + +class ExtendedCertificateOrCertificate(univ.Choice): + pass + + +ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc5280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class Digest(univ.OctetString): + pass + + +class DigestedData(univ.Sequence): + pass + + +DigestedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.NamedType('digest', Digest()) +) + +id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) + + +class DigestAlgorithmIdentifiers(univ.SetOf): + pass + + +DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() + + +class SignedData(univ.Sequence): + pass + + +SignedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) +) + +id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) + + +class SigningTime(Time): + pass + + +id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) + + +# CMS Content Type Map + +_cmsContentTypesMapUpdate = { + id_ct_contentInfo: ContentInfo(), + id_data: univ.OctetString(), + id_signedData: SignedData(), + id_envelopedData: EnvelopedData(), + id_digestedData: DigestedData(), + id_encryptedData: EncryptedData(), + id_ct_authData: AuthenticatedData(), +} + +cmsContentTypesMap.update(_cmsContentTypesMapUpdate) + + +# CMS Attribute Map + +_cmsAttributesMapUpdate = { + id_contentType: ContentType(), + id_messageDigest: MessageDigest(), + id_signingTime: SigningTime(), + id_countersignature: Countersignature(), +} + +cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5753.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5753.py new file mode 100644 index 0000000000000000000000000000000000000000..94c37c2ab10ca604fbbef5260ac8565bc2a78d6c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5753.py @@ -0,0 +1,157 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Elliptic Curve Cryptography (ECC) Algorithms in the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5753.txt +# + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5480 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5751 +from pyasn1_modules import rfc8018 + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Imports from RFC 5652 + +OriginatorPublicKey = rfc5652.OriginatorPublicKey + +UserKeyingMaterial = rfc5652.UserKeyingMaterial + + +# Imports from RFC 5480 + +ECDSA_Sig_Value = rfc5480.ECDSA_Sig_Value + +ECParameters = rfc5480.ECParameters + +ECPoint = rfc5480.ECPoint + +id_ecPublicKey = rfc5480.id_ecPublicKey + + +# Imports from RFC 8018 + +id_hmacWithSHA224 = rfc8018.id_hmacWithSHA224 + +id_hmacWithSHA256 = rfc8018.id_hmacWithSHA256 + +id_hmacWithSHA384 = rfc8018.id_hmacWithSHA384 + +id_hmacWithSHA512 = rfc8018.id_hmacWithSHA512 + + +# Object Identifier arcs + +x9_63_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0') + +secg_scheme = univ.ObjectIdentifier('1.3.132.1') + + +# Object Identifiers for the algorithms + +dhSinglePass_cofactorDH_sha1kdf_scheme = x9_63_scheme + (3, ) + +dhSinglePass_cofactorDH_sha224kdf_scheme = secg_scheme + (14, 0, ) + +dhSinglePass_cofactorDH_sha256kdf_scheme = secg_scheme + (14, 1, ) + +dhSinglePass_cofactorDH_sha384kdf_scheme = secg_scheme + (14, 2, ) + +dhSinglePass_cofactorDH_sha512kdf_scheme = secg_scheme + (14, 3, ) + +dhSinglePass_stdDH_sha1kdf_scheme = x9_63_scheme + (2, ) + +dhSinglePass_stdDH_sha224kdf_scheme = secg_scheme + (11, 0, ) + +dhSinglePass_stdDH_sha256kdf_scheme = secg_scheme + (11, 1, ) + +dhSinglePass_stdDH_sha384kdf_scheme = secg_scheme + (11, 2, ) + +dhSinglePass_stdDH_sha512kdf_scheme = secg_scheme + (11, 3, ) + +mqvSinglePass_sha1kdf_scheme = x9_63_scheme + (16, ) + +mqvSinglePass_sha224kdf_scheme = secg_scheme + (15, 0, ) + +mqvSinglePass_sha256kdf_scheme = secg_scheme + (15, 1, ) + +mqvSinglePass_sha384kdf_scheme = secg_scheme + (15, 2, ) + +mqvSinglePass_sha512kdf_scheme = secg_scheme + (15, 3, ) + + +# Structures for parameters and key derivation + +class IV(univ.OctetString): + # Exactly 8 octets + pass + + +class CBCParameter(IV): + pass + + +class KeyWrapAlgorithm(AlgorithmIdentifier): + pass + + +class ECC_CMS_SharedInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('keyInfo', KeyWrapAlgorithm()), + namedtype.OptionalNamedType('entityUInfo', + univ.OctetString().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('suppPubInfo', + univ.OctetString().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class MQVuserKeyingMaterial(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ephemeralPublicKey', OriginatorPublicKey()), + namedtype.OptionalNamedType('addedukm', + UserKeyingMaterial().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +# Update the Algorithm Identifier map in rfc5280.py and +# Update the SMIMECapabilities Attribute Map in rfc5751.py + +_algorithmIdentifierMapUpdate = { + dhSinglePass_stdDH_sha1kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_stdDH_sha224kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_stdDH_sha256kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_stdDH_sha384kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_stdDH_sha512kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_cofactorDH_sha1kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_cofactorDH_sha224kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_cofactorDH_sha256kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_cofactorDH_sha384kdf_scheme: KeyWrapAlgorithm(), + dhSinglePass_cofactorDH_sha512kdf_scheme: KeyWrapAlgorithm(), + mqvSinglePass_sha1kdf_scheme: KeyWrapAlgorithm(), + mqvSinglePass_sha224kdf_scheme: KeyWrapAlgorithm(), + mqvSinglePass_sha256kdf_scheme: KeyWrapAlgorithm(), + mqvSinglePass_sha384kdf_scheme: KeyWrapAlgorithm(), + mqvSinglePass_sha512kdf_scheme: KeyWrapAlgorithm(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) + +rfc5751.smimeCapabilityMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5913.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5913.py new file mode 100644 index 0000000000000000000000000000000000000000..0bd065330d5c06dba90a984ed821bc90745ec3bb --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5913.py @@ -0,0 +1,44 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Authority Clearance Constraints Certificate Extension +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5913.txt +# https://www.rfc-editor.org/errata/eid5890 +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5755 + +MAX = float('inf') + + +# Authority Clearance Constraints Certificate Extension + +id_pe_clearanceConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.21') + +id_pe_authorityClearanceConstraints = id_pe_clearanceConstraints + + +class AuthorityClearanceConstraints(univ.SequenceOf): + componentType = rfc5755.Clearance() + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_clearanceConstraints: AuthorityClearanceConstraints(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5916.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5916.py new file mode 100644 index 0000000000000000000000000000000000000000..ac23c86b79a8a800f2ee269863268fe086114e54 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5916.py @@ -0,0 +1,35 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Device Owner Attribute +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5916.txt +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# Device Owner Attribute + +id_deviceOwner = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 69)) + +at_deviceOwner = rfc5280.Attribute() +at_deviceOwner['type'] = id_deviceOwner +at_deviceOwner['values'][0] = univ.ObjectIdentifier() + + +# Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. + +_certificateAttributesMapUpdate = { + id_deviceOwner: univ.ObjectIdentifier(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5917.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5917.py new file mode 100644 index 0000000000000000000000000000000000000000..ed9af987db5e9250eb722e45d799994c0bce09a4 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5917.py @@ -0,0 +1,55 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Clearance Sponsor Attribute +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5917.txt +# https://www.rfc-editor.org/errata/eid4558 +# https://www.rfc-editor.org/errata/eid5883 +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# DirectoryString is the same as RFC 5280, except for two things: +# 1. the length is limited to 64; +# 2. only the 'utf8String' choice remains because the ASN.1 +# specification says: ( WITH COMPONENTS { utf8String PRESENT } ) + +class DirectoryString(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 64))), + ) + + +# Clearance Sponsor Attribute + +id_clearanceSponsor = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 68)) + +ub_clearance_sponsor = univ.Integer(64) + + +at_clearanceSponsor = rfc5280.Attribute() +at_clearanceSponsor['type'] = id_clearanceSponsor +at_clearanceSponsor['values'][0] = DirectoryString() + + +# Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. + +_certificateAttributesMapUpdate = { + id_clearanceSponsor: DirectoryString(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5924.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5924.py new file mode 100644 index 0000000000000000000000000000000000000000..4358e4f52970ead3f77be63f9576e18ec7f9876b --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5924.py @@ -0,0 +1,19 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Extended Key Usage (EKU) for Session Initiation Protocol (SIP) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5924.txt +# + +from pyasn1.type import univ + +id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') + +id_kp_sipDomain = id_kp + (20, ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5934.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5934.py new file mode 100644 index 0000000000000000000000000000000000000000..e3ad247aa07006fab85becd64fb34682cfebb402 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5934.py @@ -0,0 +1,786 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Trust Anchor Format +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5934.txt + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from pyasn1_modules import rfc2985 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5914 + +MAX = float('inf') + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + return univ.ObjectIdentifier(output) + + +# Imports from RFC 2985 + +SingleAttribute = rfc2985.SingleAttribute + + +# Imports from RFC5914 + +CertPathControls = rfc5914.CertPathControls + +TrustAnchorChoice = rfc5914.TrustAnchorChoice + +TrustAnchorTitle = rfc5914.TrustAnchorTitle + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +AnotherName = rfc5280.AnotherName + +Attribute = rfc5280.Attribute + +Certificate = rfc5280.Certificate + +CertificateSerialNumber = rfc5280.CertificateSerialNumber + +Extension = rfc5280.Extension + +Extensions = rfc5280.Extensions + +KeyIdentifier = rfc5280.KeyIdentifier + +Name = rfc5280.Name + +SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo + +TBSCertificate = rfc5280.TBSCertificate + +Validity = rfc5280.Validity + + +# Object Identifier Arc for TAMP Message Content Types + +id_tamp = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.77') + + +# TAMP Status Query Message + +id_ct_TAMP_statusQuery = _OID(id_tamp, 1) + + +class TAMPVersion(univ.Integer): + pass + +TAMPVersion.namedValues = namedval.NamedValues( + ('v1', 1), + ('v2', 2) +) + + +class TerseOrVerbose(univ.Enumerated): + pass + +TerseOrVerbose.namedValues = namedval.NamedValues( + ('terse', 1), + ('verbose', 2) +) + + +class HardwareSerialEntry(univ.Choice): + pass + +HardwareSerialEntry.componentType = namedtype.NamedTypes( + namedtype.NamedType('all', univ.Null()), + namedtype.NamedType('single', univ.OctetString()), + namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('low', univ.OctetString()), + namedtype.NamedType('high', univ.OctetString()) + )) + ) +) + + +class HardwareModules(univ.Sequence): + pass + +HardwareModules.componentType = namedtype.NamedTypes( + namedtype.NamedType('hwType', univ.ObjectIdentifier()), + namedtype.NamedType('hwSerialEntries', univ.SequenceOf( + componentType=HardwareSerialEntry()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class HardwareModuleIdentifierList(univ.SequenceOf): + pass + +HardwareModuleIdentifierList.componentType = HardwareModules() +HardwareModuleIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class Community(univ.ObjectIdentifier): + pass + + +class CommunityIdentifierList(univ.SequenceOf): + pass + +CommunityIdentifierList.componentType = Community() +CommunityIdentifierList.subtypeSpec=constraint.ValueSizeConstraint(0, MAX) + + +class TargetIdentifier(univ.Choice): + pass + +TargetIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('hwModules', HardwareModuleIdentifierList().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('communities', CommunityIdentifierList().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('allModules', univ.Null().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('uri', char.IA5String().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('otherName', AnotherName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) +) + + +class SeqNumber(univ.Integer): + pass + +SeqNumber.subtypeSpec = constraint.ValueRangeConstraint(0, 9223372036854775807) + + +class TAMPMsgRef(univ.Sequence): + pass + +TAMPMsgRef.componentType = namedtype.NamedTypes( + namedtype.NamedType('target', TargetIdentifier()), + namedtype.NamedType('seqNum', SeqNumber()) +) + + +class TAMPStatusQuery(univ.Sequence): + pass + +TAMPStatusQuery.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', TAMPVersion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.DefaultedNamedType('terse', TerseOrVerbose().subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype(value='verbose')), + namedtype.NamedType('query', TAMPMsgRef()) +) + + +tamp_status_query = rfc5652.ContentInfo() +tamp_status_query['contentType'] = id_ct_TAMP_statusQuery +tamp_status_query['content'] = TAMPStatusQuery() + + +# TAMP Status Response Message + +id_ct_TAMP_statusResponse = _OID(id_tamp, 2) + + +class KeyIdentifiers(univ.SequenceOf): + pass + +KeyIdentifiers.componentType = KeyIdentifier() +KeyIdentifiers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class TrustAnchorChoiceList(univ.SequenceOf): + pass + +TrustAnchorChoiceList.componentType = TrustAnchorChoice() +TrustAnchorChoiceList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class TAMPSequenceNumber(univ.Sequence): + pass + +TAMPSequenceNumber.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyId', KeyIdentifier()), + namedtype.NamedType('seqNumber', SeqNumber()) +) + + +class TAMPSequenceNumbers(univ.SequenceOf): + pass + +TAMPSequenceNumbers.componentType = TAMPSequenceNumber() +TAMPSequenceNumbers.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class TerseStatusResponse(univ.Sequence): + pass + +TerseStatusResponse.componentType = namedtype.NamedTypes( + namedtype.NamedType('taKeyIds', KeyIdentifiers()), + namedtype.OptionalNamedType('communities', CommunityIdentifierList()) +) + + +class VerboseStatusResponse(univ.Sequence): + pass + +VerboseStatusResponse.componentType = namedtype.NamedTypes( + namedtype.NamedType('taInfo', TrustAnchorChoiceList()), + namedtype.OptionalNamedType('continPubKeyDecryptAlg', + AlgorithmIdentifier().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('communities', + CommunityIdentifierList().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tampSeqNumbers', + TAMPSequenceNumbers().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class StatusResponse(univ.Choice): + pass + +StatusResponse.componentType = namedtype.NamedTypes( + namedtype.NamedType('terseResponse', TerseStatusResponse().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('verboseResponse', VerboseStatusResponse().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class TAMPStatusResponse(univ.Sequence): + pass + +TAMPStatusResponse.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', TAMPVersion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('query', TAMPMsgRef()), + namedtype.NamedType('response', StatusResponse()), + namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1)) +) + + +tamp_status_response = rfc5652.ContentInfo() +tamp_status_response['contentType'] = id_ct_TAMP_statusResponse +tamp_status_response['content'] = TAMPStatusResponse() + + +# Trust Anchor Update Message + +id_ct_TAMP_update = _OID(id_tamp, 3) + + +class TBSCertificateChangeInfo(univ.Sequence): + pass + +TBSCertificateChangeInfo.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('serialNumber', CertificateSerialNumber()), + namedtype.OptionalNamedType('signature', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('issuer', Name().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('validity', Validity().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('subject', Name().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 5))) +) + + +class TrustAnchorChangeInfo(univ.Sequence): + pass + +TrustAnchorChangeInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('pubKey', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('keyId', KeyIdentifier()), + namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()), + namedtype.OptionalNamedType('certPath', CertPathControls()), + namedtype.OptionalNamedType('exts', Extensions().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class TrustAnchorChangeInfoChoice(univ.Choice): + pass + +TrustAnchorChangeInfoChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertChange', TBSCertificateChangeInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('taChange', TrustAnchorChangeInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class TrustAnchorUpdate(univ.Choice): + pass + +TrustAnchorUpdate.componentType = namedtype.NamedTypes( + namedtype.NamedType('add', TrustAnchorChoice().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('remove', SubjectPublicKeyInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('change', TrustAnchorChangeInfoChoice().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class TAMPUpdate(univ.Sequence): + pass + +TAMPUpdate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.DefaultedNamedType('terse', + TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype(value='verbose')), + namedtype.NamedType('msgRef', TAMPMsgRef()), + namedtype.NamedType('updates', + univ.SequenceOf(componentType=TrustAnchorUpdate()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.OptionalNamedType('tampSeqNumbers', + TAMPSequenceNumbers().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +tamp_update = rfc5652.ContentInfo() +tamp_update['contentType'] = id_ct_TAMP_update +tamp_update['content'] = TAMPUpdate() + + +# Trust Anchor Update Confirm Message + +id_ct_TAMP_updateConfirm = _OID(id_tamp, 4) + + +class StatusCode(univ.Enumerated): + pass + +StatusCode.namedValues = namedval.NamedValues( + ('success', 0), + ('decodeFailure', 1), + ('badContentInfo', 2), + ('badSignedData', 3), + ('badEncapContent', 4), + ('badCertificate', 5), + ('badSignerInfo', 6), + ('badSignedAttrs', 7), + ('badUnsignedAttrs', 8), + ('missingContent', 9), + ('noTrustAnchor', 10), + ('notAuthorized', 11), + ('badDigestAlgorithm', 12), + ('badSignatureAlgorithm', 13), + ('unsupportedKeySize', 14), + ('unsupportedParameters', 15), + ('signatureFailure', 16), + ('insufficientMemory', 17), + ('unsupportedTAMPMsgType', 18), + ('apexTAMPAnchor', 19), + ('improperTAAddition', 20), + ('seqNumFailure', 21), + ('contingencyPublicKeyDecrypt', 22), + ('incorrectTarget', 23), + ('communityUpdateFailed', 24), + ('trustAnchorNotFound', 25), + ('unsupportedTAAlgorithm', 26), + ('unsupportedTAKeySize', 27), + ('unsupportedContinPubKeyDecryptAlg', 28), + ('missingSignature', 29), + ('resourcesBusy', 30), + ('versionNumberMismatch', 31), + ('missingPolicySet', 32), + ('revokedCertificate', 33), + ('unsupportedTrustAnchorFormat', 34), + ('improperTAChange', 35), + ('malformed', 36), + ('cmsError', 37), + ('unsupportedTargetIdentifier', 38), + ('other', 127) +) + + +class StatusCodeList(univ.SequenceOf): + pass + +StatusCodeList.componentType = StatusCode() +StatusCodeList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class TerseUpdateConfirm(StatusCodeList): + pass + + +class VerboseUpdateConfirm(univ.Sequence): + pass + +VerboseUpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.NamedType('status', StatusCodeList()), + namedtype.NamedType('taInfo', TrustAnchorChoiceList()), + namedtype.OptionalNamedType('tampSeqNumbers', TAMPSequenceNumbers()), + namedtype.DefaultedNamedType('usesApex', univ.Boolean().subtype(value=1)) +) + + +class UpdateConfirm(univ.Choice): + pass + +UpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.NamedType('terseConfirm', TerseUpdateConfirm().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('verboseConfirm', VerboseUpdateConfirm().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class TAMPUpdateConfirm(univ.Sequence): + pass + +TAMPUpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', TAMPVersion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('update', TAMPMsgRef()), + namedtype.NamedType('confirm', UpdateConfirm()) +) + + +tamp_update_confirm = rfc5652.ContentInfo() +tamp_update_confirm['contentType'] = id_ct_TAMP_updateConfirm +tamp_update_confirm['content'] = TAMPUpdateConfirm() + + +# Apex Trust Anchor Update Message + +id_ct_TAMP_apexUpdate = _OID(id_tamp, 5) + + +class TAMPApexUpdate(univ.Sequence): + pass + +TAMPApexUpdate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.DefaultedNamedType('terse', + TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype(value='verbose')), + namedtype.NamedType('msgRef', TAMPMsgRef()), + namedtype.NamedType('clearTrustAnchors', univ.Boolean()), + namedtype.NamedType('clearCommunities', univ.Boolean()), + namedtype.OptionalNamedType('seqNumber', SeqNumber()), + namedtype.NamedType('apexTA', TrustAnchorChoice()) +) + + +tamp_apex_update = rfc5652.ContentInfo() +tamp_apex_update['contentType'] = id_ct_TAMP_apexUpdate +tamp_apex_update['content'] = TAMPApexUpdate() + + +# Apex Trust Anchor Update Confirm Message + +id_ct_TAMP_apexUpdateConfirm = _OID(id_tamp, 6) + + +class TerseApexUpdateConfirm(StatusCode): + pass + + +class VerboseApexUpdateConfirm(univ.Sequence): + pass + +VerboseApexUpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.NamedType('status', StatusCode()), + namedtype.NamedType('taInfo', TrustAnchorChoiceList()), + namedtype.OptionalNamedType('communities', + CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('tampSeqNumbers', + TAMPSequenceNumbers().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1))) +) + + +class ApexUpdateConfirm(univ.Choice): + pass + +ApexUpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.NamedType('terseApexConfirm', + TerseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0))), + namedtype.NamedType('verboseApexConfirm', + VerboseApexUpdateConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 1))) +) + + +class TAMPApexUpdateConfirm(univ.Sequence): + pass + +TAMPApexUpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('apexReplace', TAMPMsgRef()), + namedtype.NamedType('apexConfirm', ApexUpdateConfirm()) +) + + +tamp_apex_update_confirm = rfc5652.ContentInfo() +tamp_apex_update_confirm['contentType'] = id_ct_TAMP_apexUpdateConfirm +tamp_apex_update_confirm['content'] = TAMPApexUpdateConfirm() + + +# Community Update Message + +id_ct_TAMP_communityUpdate = _OID(id_tamp, 7) + + +class CommunityUpdates(univ.Sequence): + pass + +CommunityUpdates.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('remove', + CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('add', + CommunityIdentifierList().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 2))) +) + + +class TAMPCommunityUpdate(univ.Sequence): + pass + +TAMPCommunityUpdate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.DefaultedNamedType('terse', + TerseOrVerbose().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype(value='verbose')), + namedtype.NamedType('msgRef', TAMPMsgRef()), + namedtype.NamedType('updates', CommunityUpdates()) +) + + +tamp_community_update = rfc5652.ContentInfo() +tamp_community_update['contentType'] = id_ct_TAMP_communityUpdate +tamp_community_update['content'] = TAMPCommunityUpdate() + + +# Community Update Confirm Message + +id_ct_TAMP_communityUpdateConfirm = _OID(id_tamp, 8) + + +class TerseCommunityConfirm(StatusCode): + pass + + +class VerboseCommunityConfirm(univ.Sequence): + pass + +VerboseCommunityConfirm.componentType = namedtype.NamedTypes( + namedtype.NamedType('status', StatusCode()), + namedtype.OptionalNamedType('communities', CommunityIdentifierList()) +) + + +class CommunityConfirm(univ.Choice): + pass + +CommunityConfirm.componentType = namedtype.NamedTypes( + namedtype.NamedType('terseCommConfirm', + TerseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0))), + namedtype.NamedType('verboseCommConfirm', + VerboseCommunityConfirm().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 1))) +) + + +class TAMPCommunityUpdateConfirm(univ.Sequence): + pass + +TAMPCommunityUpdateConfirm.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('update', TAMPMsgRef()), + namedtype.NamedType('commConfirm', CommunityConfirm()) +) + + +tamp_community_update_confirm = rfc5652.ContentInfo() +tamp_community_update_confirm['contentType'] = id_ct_TAMP_communityUpdateConfirm +tamp_community_update_confirm['content'] = TAMPCommunityUpdateConfirm() + + +# Sequence Number Adjust Message + +id_ct_TAMP_seqNumAdjust = _OID(id_tamp, 10) + + + +class SequenceNumberAdjust(univ.Sequence): + pass + +SequenceNumberAdjust.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('msgRef', TAMPMsgRef()) +) + + +tamp_sequence_number_adjust = rfc5652.ContentInfo() +tamp_sequence_number_adjust['contentType'] = id_ct_TAMP_seqNumAdjust +tamp_sequence_number_adjust['content'] = SequenceNumberAdjust() + + +# Sequence Number Adjust Confirm Message + +id_ct_TAMP_seqNumAdjustConfirm = _OID(id_tamp, 11) + + +class SequenceNumberAdjustConfirm(univ.Sequence): + pass + +SequenceNumberAdjustConfirm.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('adjust', TAMPMsgRef()), + namedtype.NamedType('status', StatusCode()) +) + + +tamp_sequence_number_adjust_confirm = rfc5652.ContentInfo() +tamp_sequence_number_adjust_confirm['contentType'] = id_ct_TAMP_seqNumAdjustConfirm +tamp_sequence_number_adjust_confirm['content'] = SequenceNumberAdjustConfirm() + + +# TAMP Error Message + +id_ct_TAMP_error = _OID(id_tamp, 9) + + +class TAMPError(univ.Sequence): + pass + +TAMPError.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + TAMPVersion().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value='v2')), + namedtype.NamedType('msgType', univ.ObjectIdentifier()), + namedtype.NamedType('status', StatusCode()), + namedtype.OptionalNamedType('msgRef', TAMPMsgRef()) +) + + +tamp_error = rfc5652.ContentInfo() +tamp_error['contentType'] = id_ct_TAMP_error +tamp_error['content'] = TAMPError() + + +# Object Identifier Arc for Attributes + +id_attributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.5') + + +# contingency-public-key-decrypt-key unsigned attribute + +id_aa_TAMP_contingencyPublicKeyDecryptKey = _OID(id_attributes, 63) + + +class PlaintextSymmetricKey(univ.OctetString): + pass + + +contingency_public_key_decrypt_key = Attribute() +contingency_public_key_decrypt_key['type'] = id_aa_TAMP_contingencyPublicKeyDecryptKey +contingency_public_key_decrypt_key['values'][0] = PlaintextSymmetricKey() + + +# id-pe-wrappedApexContinKey extension + +id_pe_wrappedApexContinKey =univ.ObjectIdentifier('1.3.6.1.5.5.7.1.20') + + +class ApexContingencyKey(univ.Sequence): + pass + +ApexContingencyKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('wrapAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('wrappedContinPubKey', univ.OctetString()) +) + + +wrappedApexContinKey = Extension() +wrappedApexContinKey['extnID'] = id_pe_wrappedApexContinKey +wrappedApexContinKey['critical'] = 0 +wrappedApexContinKey['extnValue'] = univ.OctetString() + + +# Add to the map of CMS Content Type OIDs to Content Types in +# rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_TAMP_statusQuery: TAMPStatusQuery(), + id_ct_TAMP_statusResponse: TAMPStatusResponse(), + id_ct_TAMP_update: TAMPUpdate(), + id_ct_TAMP_updateConfirm: TAMPUpdateConfirm(), + id_ct_TAMP_apexUpdate: TAMPApexUpdate(), + id_ct_TAMP_apexUpdateConfirm: TAMPApexUpdateConfirm(), + id_ct_TAMP_communityUpdate: TAMPCommunityUpdate(), + id_ct_TAMP_communityUpdateConfirm: TAMPCommunityUpdateConfirm(), + id_ct_TAMP_seqNumAdjust: SequenceNumberAdjust(), + id_ct_TAMP_seqNumAdjustConfirm: SequenceNumberAdjustConfirm(), + id_ct_TAMP_error: TAMPError(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) + + +# Add to the map of CMS Attribute OIDs to Attribute Values in +# rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_TAMP_contingencyPublicKeyDecryptKey: PlaintextSymmetricKey(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# Add to the map of Certificate Extension OIDs to Extensions in +# rfc5280.py + +_certificateExtensionsMap = { + id_pe_wrappedApexContinKey: ApexContingencyKey(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5940.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5940.py new file mode 100644 index 0000000000000000000000000000000000000000..e105923358b795b1547a1fae4aa29fffbbd80317 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5940.py @@ -0,0 +1,59 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add map for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Additional CMS Revocation Information Choices +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5940.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc2560 +from pyasn1_modules import rfc5652 + + +# RevocationInfoChoice for OCSP response: +# The OID is included in otherRevInfoFormat, and +# signed OCSPResponse is included in otherRevInfo + +id_ri_ocsp_response = univ.ObjectIdentifier('1.3.6.1.5.5.7.16.2') + +OCSPResponse = rfc2560.OCSPResponse + + +# RevocationInfoChoice for SCVP request/response: +# The OID is included in otherRevInfoFormat, and +# SCVPReqRes is included in otherRevInfo + +id_ri_scvp = univ.ObjectIdentifier('1.3.6.1.5.5.7.16.4') + +ContentInfo = rfc5652.ContentInfo + +class SCVPReqRes(univ.Sequence): + pass + +SCVPReqRes.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('request', + ContentInfo().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('response', ContentInfo()) +) + + +# Map of Revocation Info Format OIDs to Revocation Info Format +# is added to the ones that are in rfc5652.py + +_otherRevInfoFormatMapUpdate = { + id_ri_ocsp_response: OCSPResponse(), + id_ri_scvp: SCVPReqRes(), +} + +rfc5652.otherRevInfoFormatMap.update(_otherRevInfoFormatMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6019.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6019.py new file mode 100644 index 0000000000000000000000000000000000000000..c6872c76699c9fd4f80e8b58ecda934f2e8d724a --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6019.py @@ -0,0 +1,45 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# Modified by Russ Housley to add a map for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# BinaryTime: An Alternate Format for Representing Date and Time +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6019.txt + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +# BinaryTime: Represent date and time as an integer + +class BinaryTime(univ.Integer): + pass + +BinaryTime.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +# CMS Attribute for representing signing time in BinaryTime + +id_aa_binarySigningTime = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.46') + +class BinarySigningTime(BinaryTime): + pass + + +# Map of Attribute Type OIDs to Attributes ia added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_binarySigningTime: BinarySigningTime(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6031.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6031.py new file mode 100644 index 0000000000000000000000000000000000000000..6e1bb2261d57cc3f537814493a8a0c3c1b18ba29 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6031.py @@ -0,0 +1,469 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Symmetric Key Package Content Type +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6031.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc6019 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + return univ.ObjectIdentifier(output) + + +MAX = float('inf') + +id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12') + + +# Symmetric Key Package Attributes + +id_pskc_manufacturer = _OID(id_pskc, 1) + +class at_pskc_manufacturer(char.UTF8String): + pass + + +id_pskc_serialNo = _OID(id_pskc, 2) + +class at_pskc_serialNo(char.UTF8String): + pass + + +id_pskc_model = _OID(id_pskc, 3) + +class at_pskc_model(char.UTF8String): + pass + + +id_pskc_issueNo = _OID(id_pskc, 4) + +class at_pskc_issueNo(char.UTF8String): + pass + + +id_pskc_deviceBinding = _OID(id_pskc, 5) + +class at_pskc_deviceBinding(char.UTF8String): + pass + + +id_pskc_deviceStartDate = _OID(id_pskc, 6) + +class at_pskc_deviceStartDate(useful.GeneralizedTime): + pass + + +id_pskc_deviceExpiryDate = _OID(id_pskc, 7) + +class at_pskc_deviceExpiryDate(useful.GeneralizedTime): + pass + + +id_pskc_moduleId = _OID(id_pskc, 8) + +class at_pskc_moduleId(char.UTF8String): + pass + + +id_pskc_deviceUserId = _OID(id_pskc, 26) + +class at_pskc_deviceUserId(char.UTF8String): + pass + + +# Symmetric Key Attributes + +id_pskc_keyId = _OID(id_pskc, 9) + +class at_pskc_keyUserId(char.UTF8String): + pass + + +id_pskc_algorithm = _OID(id_pskc, 10) + +class at_pskc_algorithm(char.UTF8String): + pass + + +id_pskc_issuer = _OID(id_pskc, 11) + +class at_pskc_issuer(char.UTF8String): + pass + + +id_pskc_keyProfileId = _OID(id_pskc, 12) + +class at_pskc_keyProfileId(char.UTF8String): + pass + + +id_pskc_keyReference = _OID(id_pskc, 13) + +class at_pskc_keyReference(char.UTF8String): + pass + + +id_pskc_friendlyName = _OID(id_pskc, 14) + +class FriendlyName(univ.Sequence): + pass + +FriendlyName.componentType = namedtype.NamedTypes( + namedtype.NamedType('friendlyName', char.UTF8String()), + namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String()) +) + +class at_pskc_friendlyName(FriendlyName): + pass + + +id_pskc_algorithmParameters = _OID(id_pskc, 15) + +class Encoding(char.UTF8String): + pass + +Encoding.namedValues = namedval.NamedValues( + ('dec', "DECIMAL"), + ('hex', "HEXADECIMAL"), + ('alpha', "ALPHANUMERIC"), + ('b64', "BASE64"), + ('bin', "BINARY") +) + +Encoding.subtypeSpec = constraint.SingleValueConstraint( + "DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" ) + +class ChallengeFormat(univ.Sequence): + pass + +ChallengeFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('encoding', Encoding()), + namedtype.DefaultedNamedType('checkDigit', + univ.Boolean().subtype(value=0)), + namedtype.NamedType('min', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.NamedType('max', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) +) + +class ResponseFormat(univ.Sequence): + pass + +ResponseFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('encoding', Encoding()), + namedtype.NamedType('length', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.DefaultedNamedType('checkDigit', + univ.Boolean().subtype(value=0)) +) + +class PSKCAlgorithmParameters(univ.Choice): + pass + +PSKCAlgorithmParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('suite', char.UTF8String()), + namedtype.NamedType('challengeFormat', ChallengeFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('responseFormat', ResponseFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + +class at_pskc_algorithmParameters(PSKCAlgorithmParameters): + pass + + +id_pskc_counter = _OID(id_pskc, 16) + +class at_pskc_counter(univ.Integer): + pass + +at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +id_pskc_time = _OID(id_pskc, 17) + +class at_pskc_time(rfc6019.BinaryTime): + pass + + +id_pskc_timeInterval = _OID(id_pskc, 18) + +class at_pskc_timeInterval(univ.Integer): + pass + +at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +id_pskc_timeDrift = _OID(id_pskc, 19) + +class at_pskc_timeDrift(univ.Integer): + pass + +at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +id_pskc_valueMAC = _OID(id_pskc, 20) + +class ValueMac(univ.Sequence): + pass + +ValueMac.componentType = namedtype.NamedTypes( + namedtype.NamedType('macAlgorithm', char.UTF8String()), + namedtype.NamedType('mac', char.UTF8String()) +) + +class at_pskc_valueMAC(ValueMac): + pass + + +id_pskc_keyUserId = _OID(id_pskc, 27) + +class at_pskc_keyId(char.UTF8String): + pass + + +id_pskc_keyStartDate = _OID(id_pskc, 21) + +class at_pskc_keyStartDate(useful.GeneralizedTime): + pass + + +id_pskc_keyExpiryDate = _OID(id_pskc, 22) + +class at_pskc_keyExpiryDate(useful.GeneralizedTime): + pass + + +id_pskc_numberOfTransactions = _OID(id_pskc, 23) + +class at_pskc_numberOfTransactions(univ.Integer): + pass + +at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +id_pskc_keyUsages = _OID(id_pskc, 24) + +class PSKCKeyUsage(char.UTF8String): + pass + +PSKCKeyUsage.namedValues = namedval.NamedValues( + ('otp', "OTP"), + ('cr', "CR"), + ('encrypt', "Encrypt"), + ('integrity', "Integrity"), + ('verify', "Verify"), + ('unlock', "Unlock"), + ('decrypt', "Decrypt"), + ('keywrap', "KeyWrap"), + ('unwrap', "Unwrap"), + ('derive', "Derive"), + ('generate', "Generate") +) + +PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint( + "OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock", + "Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" ) + +class PSKCKeyUsages(univ.SequenceOf): + pass + +PSKCKeyUsages.componentType = PSKCKeyUsage() + +class at_pskc_keyUsage(PSKCKeyUsages): + pass + + +id_pskc_pinPolicy = _OID(id_pskc, 25) + +class PINUsageMode(char.UTF8String): + pass + +PINUsageMode.namedValues = namedval.NamedValues( + ("local", "Local"), + ("prepend", "Prepend"), + ("append", "Append"), + ("algorithmic", "Algorithmic") +) + +PINUsageMode.subtypeSpec = constraint.SingleValueConstraint( + "Local", "Prepend", "Append", "Algorithmic" ) + +class PINPolicy(univ.Sequence): + pass + +PINPolicy.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('pinUsageMode', PINUsageMode().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('minLength', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('maxLength', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('pinEncoding', Encoding().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) +) + +class at_pskc_pinPolicy(PINPolicy): + pass + + +# Map of Symmetric Key Package Attribute OIDs to Attributes + +sKeyPkgAttributesMap = { + id_pskc_manufacturer: at_pskc_manufacturer(), + id_pskc_serialNo: at_pskc_serialNo(), + id_pskc_model: at_pskc_model(), + id_pskc_issueNo: at_pskc_issueNo(), + id_pskc_deviceBinding: at_pskc_deviceBinding(), + id_pskc_deviceStartDate: at_pskc_deviceStartDate(), + id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(), + id_pskc_moduleId: at_pskc_moduleId(), + id_pskc_deviceUserId: at_pskc_deviceUserId(), +} + + +# Map of Symmetric Key Attribute OIDs to Attributes + +sKeyAttributesMap = { + id_pskc_keyId: at_pskc_keyId(), + id_pskc_algorithm: at_pskc_algorithm(), + id_pskc_issuer: at_pskc_issuer(), + id_pskc_keyProfileId: at_pskc_keyProfileId(), + id_pskc_keyReference: at_pskc_keyReference(), + id_pskc_friendlyName: at_pskc_friendlyName(), + id_pskc_algorithmParameters: at_pskc_algorithmParameters(), + id_pskc_counter: at_pskc_counter(), + id_pskc_time: at_pskc_time(), + id_pskc_timeInterval: at_pskc_timeInterval(), + id_pskc_timeDrift: at_pskc_timeDrift(), + id_pskc_valueMAC: at_pskc_valueMAC(), + id_pskc_keyUserId: at_pskc_keyUserId(), + id_pskc_keyStartDate: at_pskc_keyStartDate(), + id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(), + id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(), + id_pskc_keyUsages: at_pskc_keyUsage(), + id_pskc_pinPolicy: at_pskc_pinPolicy(), +} + + +# This definition replaces Attribute() from rfc5652.py; it is the same except +# that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap + +class AttributeType(univ.ObjectIdentifier): + pass + + +class AttributeValue(univ.Any): + pass + + +class SKeyAttribute(univ.Sequence): + pass + +SKeyAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', AttributeType()), + namedtype.NamedType('attrValues', + univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('attrType', sKeyAttributesMap) + ) +) + + +class SKeyPkgAttribute(univ.Sequence): + pass + +SKeyPkgAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', AttributeType()), + namedtype.NamedType('attrValues', + univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('attrType', sKeyPkgAttributesMap) + ) +) + + +# Symmetric Key Package Content Type + +id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25') + + +class KeyPkgVersion(univ.Integer): + pass + +KeyPkgVersion.namedValues = namedval.NamedValues( + ('v1', 1) +) + + +class OneSymmetricKey(univ.Sequence): + pass + +OneSymmetricKey.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('sKeyAttrs', + univ.SequenceOf(componentType=SKeyAttribute()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.OptionalNamedType('sKey', univ.OctetString()) +) + +OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) + + +class SymmetricKeys(univ.SequenceOf): + pass + +SymmetricKeys.componentType = OneSymmetricKey() +SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class SymmetricKeyPackage(univ.Sequence): + pass + +SymmetricKeyPackage.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')), + namedtype.OptionalNamedType('sKeyPkgAttrs', + univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX), + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('sKeys', SymmetricKeys()) +) + + +# Map of Content Type OIDs to Content Types are +# added to the ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_KP_sKeyPackage: SymmetricKeyPackage(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6120.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6120.py new file mode 100644 index 0000000000000000000000000000000000000000..ab256203a08e3d468f76ffd79968dcb164f61e9b --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6120.py @@ -0,0 +1,43 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Extensible Messaging and Presence Protocol (XMPP) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6120.txt +# + +from pyasn1.type import char +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# XmppAddr Identifier Type as specified in Section 13.7.1.4. of RFC 6120 + +id_pkix = rfc5280.id_pkix + +id_on = id_pkix + (8, ) + +id_on_xmppAddr = id_on + (5, ) + + +class XmppAddr(char.UTF8String): + pass + + +# Map of Other Name OIDs to Other Name is added to the +# ones that are in rfc5280.py + +_anotherNameMapUpdate = { + id_on_xmppAddr: XmppAddr(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6170.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6170.py new file mode 100644 index 0000000000000000000000000000000000000000..e2876167b705a19f49247bdaa16cb099463c589c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6170.py @@ -0,0 +1,17 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Image in the Internet X.509 Public Key Infrastructure +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6170.txt +# + +from pyasn1.type import univ + +id_logo_certImage = univ.ObjectIdentifier('1.3.6.1.5.5.7.20.3') diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6210.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6210.py new file mode 100644 index 0000000000000000000000000000000000000000..28587b9e70b0fc0b2e2504ca8963d1c4af50eae4 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6210.py @@ -0,0 +1,42 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Experiment for Hash Functions with Parameters in the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6210.txt +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +id_alg_MD5_XOR_EXPERIMENT = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.13') + + +class MD5_XOR_EXPERIMENT(univ.OctetString): + pass + +MD5_XOR_EXPERIMENT.subtypeSpec = constraint.ValueSizeConstraint(64, 64) + + +mda_xor_md5_EXPERIMENT = rfc5280.AlgorithmIdentifier() +mda_xor_md5_EXPERIMENT['algorithm'] = id_alg_MD5_XOR_EXPERIMENT +mda_xor_md5_EXPERIMENT['parameters'] = MD5_XOR_EXPERIMENT() + + +# Map of Algorithm Identifier OIDs to Parameters added to the +# ones that are in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + id_alg_MD5_XOR_EXPERIMENT: MD5_XOR_EXPERIMENT(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6211.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6211.py new file mode 100644 index 0000000000000000000000000000000000000000..abd7a8688d0ca856c525d138564dacb5fb945a3e --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6211.py @@ -0,0 +1,72 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Algorithm Identifier Protection Attribute +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6211.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + + +# Imports from RFC 5652 + +DigestAlgorithmIdentifier = rfc5652.DigestAlgorithmIdentifier + +MessageAuthenticationCodeAlgorithm = rfc5652.MessageAuthenticationCodeAlgorithm + +SignatureAlgorithmIdentifier = rfc5652.SignatureAlgorithmIdentifier + + +# CMS Algorithm Protection attribute + +id_aa_cmsAlgorithmProtect = univ.ObjectIdentifier('1.2.840.113549.1.9.52') + + +class CMSAlgorithmProtection(univ.Sequence): + pass + +CMSAlgorithmProtection.componentType = namedtype.NamedTypes( + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('signatureAlgorithm', + SignatureAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('macAlgorithm', + MessageAuthenticationCodeAlgorithm().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + +CMSAlgorithmProtection.subtypeSpec = constraint.ConstraintsUnion( + constraint.WithComponentsConstraint( + ('signatureAlgorithm', constraint.ComponentPresentConstraint()), + ('macAlgorithm', constraint.ComponentAbsentConstraint())), + constraint.WithComponentsConstraint( + ('signatureAlgorithm', constraint.ComponentAbsentConstraint()), + ('macAlgorithm', constraint.ComponentPresentConstraint())) +) + + +aa_cmsAlgorithmProtection = rfc5652.Attribute() +aa_cmsAlgorithmProtection['attrType'] = id_aa_cmsAlgorithmProtect +aa_cmsAlgorithmProtection['attrValues'][0] = CMSAlgorithmProtection() + + +# Map of Attribute Type OIDs to Attributes are +# added to the ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_cmsAlgorithmProtect: CMSAlgorithmProtection(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) \ No newline at end of file diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6402.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6402.py new file mode 100644 index 0000000000000000000000000000000000000000..5490b05fb973082255802cd9cc53c7f90e04a4b0 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6402.py @@ -0,0 +1,628 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Modified by Russ Housley to add a maps for CMC Control Attributes +# and CMC Content Types for use with opentypes. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Management over CMS (CMC) Updates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6402.txt +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc4211 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +def _buildOid(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +# Since CMS Attributes and CMC Controls both use 'attrType', one map is used +cmcControlAttributesMap = rfc5652.cmsAttributesMap + + +class ChangeSubjectName(univ.Sequence): + pass + + +ChangeSubjectName.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('subject', rfc5280.Name()), + namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames()) +) + + +class AttributeValue(univ.Any): + pass + + +class CMCStatus(univ.Integer): + pass + + +CMCStatus.namedValues = namedval.NamedValues( + ('success', 0), + ('failed', 2), + ('pending', 3), + ('noSupport', 4), + ('confirmRequired', 5), + ('popRequired', 6), + ('partial', 7) +) + + +class PendInfo(univ.Sequence): + pass + + +PendInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('pendToken', univ.OctetString()), + namedtype.NamedType('pendTime', useful.GeneralizedTime()) +) + +bodyIdMax = univ.Integer(4294967295) + + +class BodyPartID(univ.Integer): + pass + + +BodyPartID.subtypeSpec = constraint.ValueRangeConstraint(0, bodyIdMax) + + +class BodyPartPath(univ.SequenceOf): + pass + + +BodyPartPath.componentType = BodyPartID() +BodyPartPath.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class BodyPartReference(univ.Choice): + pass + + +BodyPartReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('bodyPartPath', BodyPartPath()) +) + + +class CMCFailInfo(univ.Integer): + pass + + +CMCFailInfo.namedValues = namedval.NamedValues( + ('badAlg', 0), + ('badMessageCheck', 1), + ('badRequest', 2), + ('badTime', 3), + ('badCertId', 4), + ('unsupportedExt', 5), + ('mustArchiveKeys', 6), + ('badIdentity', 7), + ('popRequired', 8), + ('popFailed', 9), + ('noKeyReuse', 10), + ('internalCAError', 11), + ('tryLater', 12), + ('authDataFail', 13) +) + + +class CMCStatusInfoV2(univ.Sequence): + pass + + +CMCStatusInfoV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('cMCStatus', CMCStatus()), + namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())), + namedtype.OptionalNamedType('statusString', char.UTF8String()), + namedtype.OptionalNamedType( + 'otherInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfo', CMCFailInfo()), + namedtype.NamedType('pendInfo', PendInfo()), + namedtype.NamedType( + 'extendedFailInfo', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfoOID', univ.ObjectIdentifier()), + namedtype.NamedType('failInfoValue', AttributeValue())) + ) + ) + ) + ) + ) +) + + +class GetCRL(univ.Sequence): + pass + + +GetCRL.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerName', rfc5280.Name()), + namedtype.OptionalNamedType('cRLName', rfc5280.GeneralName()), + namedtype.OptionalNamedType('time', useful.GeneralizedTime()), + namedtype.OptionalNamedType('reasons', rfc5280.ReasonFlags()) +) + +id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) + +id_cmc = _buildOid(id_pkix, 7) + +id_cmc_batchResponses = _buildOid(id_cmc, 29) + +id_cmc_popLinkWitness = _buildOid(id_cmc, 23) + + +class PopLinkWitnessV2(univ.Sequence): + pass + + +PopLinkWitnessV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyGenAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('macAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()) +) + +id_cmc_popLinkWitnessV2 = _buildOid(id_cmc, 33) + +id_cmc_identityProofV2 = _buildOid(id_cmc, 34) + +id_cmc_revokeRequest = _buildOid(id_cmc, 17) + +id_cmc_recipientNonce = _buildOid(id_cmc, 7) + + +class ControlsProcessed(univ.Sequence): + pass + + +ControlsProcessed.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartReference())) +) + + +class CertificationRequest(univ.Sequence): + pass + + +CertificationRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'certificationRequestInfo', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer()), + namedtype.NamedType('subject', rfc5280.Name()), + namedtype.NamedType( + 'subjectPublicKeyInfo', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) + ) + ) + ), + namedtype.NamedType( + 'attributes', univ.SetOf( + componentType=rfc5652.Attribute()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ) + ) + ) + ), + namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class TaggedCertificationRequest(univ.Sequence): + pass + + +TaggedCertificationRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('certificationRequest', CertificationRequest()) +) + + +class TaggedRequest(univ.Choice): + pass + + +TaggedRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('tcr', TaggedCertificationRequest().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('crm', + rfc4211.CertReqMsg().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('orm', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('requestMessageType', univ.ObjectIdentifier()), + namedtype.NamedType('requestMessageValue', univ.Any()) + )) + .subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + +id_cmc_popLinkRandom = _buildOid(id_cmc, 22) + +id_cmc_statusInfo = _buildOid(id_cmc, 1) + +id_cmc_trustedAnchors = _buildOid(id_cmc, 26) + +id_cmc_transactionId = _buildOid(id_cmc, 5) + +id_cmc_encryptedPOP = _buildOid(id_cmc, 9) + + +class PublishTrustAnchors(univ.Sequence): + pass + + +PublishTrustAnchors.componentType = namedtype.NamedTypes( + namedtype.NamedType('seqNumber', univ.Integer()), + namedtype.NamedType('hashAlgorithm', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('anchorHashes', univ.SequenceOf(componentType=univ.OctetString())) +) + + +class RevokeRequest(univ.Sequence): + pass + + +RevokeRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerName', rfc5280.Name()), + namedtype.NamedType('serialNumber', univ.Integer()), + namedtype.NamedType('reason', rfc5280.CRLReason()), + namedtype.OptionalNamedType('invalidityDate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('passphrase', univ.OctetString()), + namedtype.OptionalNamedType('comment', char.UTF8String()) +) + +id_cmc_senderNonce = _buildOid(id_cmc, 6) + +id_cmc_authData = _buildOid(id_cmc, 27) + + +class TaggedContentInfo(univ.Sequence): + pass + + +TaggedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('contentInfo', rfc5652.ContentInfo()) +) + + +class IdentifyProofV2(univ.Sequence): + pass + + +IdentifyProofV2.componentType = namedtype.NamedTypes( + namedtype.NamedType('proofAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('macAlgId', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()) +) + + +class CMCPublicationInfo(univ.Sequence): + pass + + +CMCPublicationInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('certHashes', univ.SequenceOf(componentType=univ.OctetString())), + namedtype.NamedType('pubInfo', rfc4211.PKIPublicationInfo()) +) + +id_kp_cmcCA = _buildOid(rfc5280.id_kp, 27) + +id_cmc_confirmCertAcceptance = _buildOid(id_cmc, 24) + +id_cmc_raIdentityWitness = _buildOid(id_cmc, 35) + +id_ExtensionReq = _buildOid(1, 2, 840, 113549, 1, 9, 14) + +id_cct = _buildOid(id_pkix, 12) + +id_cct_PKIData = _buildOid(id_cct, 2) + +id_kp_cmcRA = _buildOid(rfc5280.id_kp, 28) + + +class CMCStatusInfo(univ.Sequence): + pass + + +CMCStatusInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('cMCStatus', CMCStatus()), + namedtype.NamedType('bodyList', univ.SequenceOf(componentType=BodyPartID())), + namedtype.OptionalNamedType('statusString', char.UTF8String()), + namedtype.OptionalNamedType( + 'otherInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('failInfo', CMCFailInfo()), + namedtype.NamedType('pendInfo', PendInfo()) + ) + ) + ) +) + + +class DecryptedPOP(univ.Sequence): + pass + + +DecryptedPOP.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('thePOP', univ.OctetString()) +) + +id_cmc_addExtensions = _buildOid(id_cmc, 8) + +id_cmc_modCertTemplate = _buildOid(id_cmc, 31) + + +class TaggedAttribute(univ.Sequence): + pass + + +TaggedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('attrType', cmcControlAttributesMap) + ) +) + + +class OtherMsg(univ.Sequence): + pass + + +OtherMsg.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartID', BodyPartID()), + namedtype.NamedType('otherMsgType', univ.ObjectIdentifier()), + namedtype.NamedType('otherMsgValue', univ.Any()) +) + + +class PKIData(univ.Sequence): + pass + + +PKIData.componentType = namedtype.NamedTypes( + namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), + namedtype.NamedType('reqSequence', univ.SequenceOf(componentType=TaggedRequest())), + namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), + namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) +) + + +class BodyPartList(univ.SequenceOf): + pass + + +BodyPartList.componentType = BodyPartID() +BodyPartList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_cmc_responseBody = _buildOid(id_cmc, 37) + + +class AuthPublish(BodyPartID): + pass + + +class CMCUnsignedData(univ.Sequence): + pass + + +CMCUnsignedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyPartPath', BodyPartPath()), + namedtype.NamedType('identifier', univ.ObjectIdentifier()), + namedtype.NamedType('content', univ.Any()) +) + + +class CMCCertId(rfc5652.IssuerAndSerialNumber): + pass + + +class PKIResponse(univ.Sequence): + pass + + +PKIResponse.componentType = namedtype.NamedTypes( + namedtype.NamedType('controlSequence', univ.SequenceOf(componentType=TaggedAttribute())), + namedtype.NamedType('cmsSequence', univ.SequenceOf(componentType=TaggedContentInfo())), + namedtype.NamedType('otherMsgSequence', univ.SequenceOf(componentType=OtherMsg())) +) + + +class ResponseBody(PKIResponse): + pass + + +id_cmc_statusInfoV2 = _buildOid(id_cmc, 25) + +id_cmc_lraPOPWitness = _buildOid(id_cmc, 11) + + +class ModCertTemplate(univ.Sequence): + pass + + +ModCertTemplate.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkiDataReference', BodyPartPath()), + namedtype.NamedType('certReferences', BodyPartList()), + namedtype.DefaultedNamedType('replace', univ.Boolean().subtype(value=1)), + namedtype.NamedType('certTemplate', rfc4211.CertTemplate()) +) + +id_cmc_regInfo = _buildOid(id_cmc, 18) + +id_cmc_identityProof = _buildOid(id_cmc, 3) + + +class ExtensionReq(univ.SequenceOf): + pass + + +ExtensionReq.componentType = rfc5280.Extension() +ExtensionReq.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_kp_cmcArchive = _buildOid(rfc5280.id_kp, 28) + +id_cmc_publishCert = _buildOid(id_cmc, 30) + +id_cmc_dataReturn = _buildOid(id_cmc, 4) + + +class LraPopWitness(univ.Sequence): + pass + + +LraPopWitness.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkiDataBodyid', BodyPartID()), + namedtype.NamedType('bodyIds', univ.SequenceOf(componentType=BodyPartID())) +) + +id_aa = _buildOid(1, 2, 840, 113549, 1, 9, 16, 2) + +id_aa_cmc_unsignedData = _buildOid(id_aa, 34) + +id_cmc_getCert = _buildOid(id_cmc, 15) + +id_cmc_batchRequests = _buildOid(id_cmc, 28) + +id_cmc_decryptedPOP = _buildOid(id_cmc, 10) + +id_cmc_responseInfo = _buildOid(id_cmc, 19) + +id_cmc_changeSubjectName = _buildOid(id_cmc, 36) + + +class GetCert(univ.Sequence): + pass + + +GetCert.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerName', rfc5280.GeneralName()), + namedtype.NamedType('serialNumber', univ.Integer()) +) + +id_cmc_identification = _buildOid(id_cmc, 2) + +id_cmc_queryPending = _buildOid(id_cmc, 21) + + +class AddExtensions(univ.Sequence): + pass + + +AddExtensions.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkiDataReference', BodyPartID()), + namedtype.NamedType('certReferences', univ.SequenceOf(componentType=BodyPartID())), + namedtype.NamedType('extensions', univ.SequenceOf(componentType=rfc5280.Extension())) +) + + +class EncryptedPOP(univ.Sequence): + pass + + +EncryptedPOP.componentType = namedtype.NamedTypes( + namedtype.NamedType('request', TaggedRequest()), + namedtype.NamedType('cms', rfc5652.ContentInfo()), + namedtype.NamedType('thePOPAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witnessAlgID', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('witness', univ.OctetString()) +) + +id_cmc_getCRL = _buildOid(id_cmc, 16) + +id_cct_PKIResponse = _buildOid(id_cct, 3) + +id_cmc_controlProcessed = _buildOid(id_cmc, 32) + + +class NoSignatureValue(univ.OctetString): + pass + + +id_ad_cmc = _buildOid(rfc5280.id_ad, 12) + +id_alg_noSignature = _buildOid(id_pkix, 6, 2) + + +# Map of CMC Control OIDs to CMC Control Attributes + +_cmcControlAttributesMapUpdate = { + id_cmc_statusInfo: CMCStatusInfo(), + id_cmc_statusInfoV2: CMCStatusInfoV2(), + id_cmc_identification: char.UTF8String(), + id_cmc_identityProof: univ.OctetString(), + id_cmc_identityProofV2: IdentifyProofV2(), + id_cmc_dataReturn: univ.OctetString(), + id_cmc_transactionId: univ.Integer(), + id_cmc_senderNonce: univ.OctetString(), + id_cmc_recipientNonce: univ.OctetString(), + id_cmc_addExtensions: AddExtensions(), + id_cmc_encryptedPOP: EncryptedPOP(), + id_cmc_decryptedPOP: DecryptedPOP(), + id_cmc_lraPOPWitness: LraPopWitness(), + id_cmc_getCert: GetCert(), + id_cmc_getCRL: GetCRL(), + id_cmc_revokeRequest: RevokeRequest(), + id_cmc_regInfo: univ.OctetString(), + id_cmc_responseInfo: univ.OctetString(), + id_cmc_queryPending: univ.OctetString(), + id_cmc_popLinkRandom: univ.OctetString(), + id_cmc_popLinkWitness: univ.OctetString(), + id_cmc_popLinkWitnessV2: PopLinkWitnessV2(), + id_cmc_confirmCertAcceptance: CMCCertId(), + id_cmc_trustedAnchors: PublishTrustAnchors(), + id_cmc_authData: AuthPublish(), + id_cmc_batchRequests: BodyPartList(), + id_cmc_batchResponses: BodyPartList(), + id_cmc_publishCert: CMCPublicationInfo(), + id_cmc_modCertTemplate: ModCertTemplate(), + id_cmc_controlProcessed: ControlsProcessed(), + id_ExtensionReq: ExtensionReq(), +} + +cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) + + +# Map of CMC Content Type OIDs to CMC Content Types are added to +# the ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_cct_PKIData: PKIData(), + id_cct_PKIResponse: PKIResponse(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) + diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6486.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6486.py new file mode 100644 index 0000000000000000000000000000000000000000..31c936a4f259cdf194d768bdc47249816d761c48 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6486.py @@ -0,0 +1,68 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# RPKI Manifests +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6486.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import useful +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16') + +id_ct = id_smime + (1, ) + +id_ct_rpkiManifest = id_ct + (26, ) + + +class FileAndHash(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('file', char.IA5String()), + namedtype.NamedType('hash', univ.BitString()) + ) + + +class Manifest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + univ.Integer().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.NamedType('manifestNumber', + univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.NamedType('thisUpdate', + useful.GeneralizedTime()), + namedtype.NamedType('nextUpdate', + useful.GeneralizedTime()), + namedtype.NamedType('fileHashAlg', + univ.ObjectIdentifier()), + namedtype.NamedType('fileList', + univ.SequenceOf(componentType=FileAndHash()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, MAX))) + ) + + +# Map of Content Type OIDs to Content Types added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_rpkiManifest: Manifest(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6487.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6487.py new file mode 100644 index 0000000000000000000000000000000000000000..d8c2f87423f98a0157f7bbd26152a39ede1d5acb --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6487.py @@ -0,0 +1,22 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Profile for X.509 PKIX Resource Certificates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6487.txt +# + +from pyasn1.type import univ + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') + +id_ad = id_pkix + (48, ) + +id_ad_rpkiManifest = id_ad + (10, ) +id_ad_signedObject = id_ad + (11, ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6960.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6960.py new file mode 100644 index 0000000000000000000000000000000000000000..e5f13056490151af1baa46e90870a6f9485df609 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6960.py @@ -0,0 +1,223 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Online Certificate Status Protocol (OCSP) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6960.txt +# + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from pyasn1_modules import rfc2560 +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier +AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax +Certificate = rfc5280.Certificate +CertificateSerialNumber = rfc5280.CertificateSerialNumber +CRLReason = rfc5280.CRLReason +Extensions = rfc5280.Extensions +GeneralName = rfc5280.GeneralName +Name = rfc5280.Name + +id_kp = rfc5280.id_kp + +id_ad_ocsp = rfc5280.id_ad_ocsp + + +# Imports from the original OCSP module in RFC 2560 + +AcceptableResponses = rfc2560.AcceptableResponses +ArchiveCutoff = rfc2560.ArchiveCutoff +CertStatus = rfc2560.CertStatus +KeyHash = rfc2560.KeyHash +OCSPResponse = rfc2560.OCSPResponse +OCSPResponseStatus = rfc2560.OCSPResponseStatus +ResponseBytes = rfc2560.ResponseBytes +RevokedInfo = rfc2560.RevokedInfo +UnknownInfo = rfc2560.UnknownInfo +Version = rfc2560.Version + +id_kp_OCSPSigning = rfc2560.id_kp_OCSPSigning + +id_pkix_ocsp = rfc2560.id_pkix_ocsp +id_pkix_ocsp_archive_cutoff = rfc2560.id_pkix_ocsp_archive_cutoff +id_pkix_ocsp_basic = rfc2560.id_pkix_ocsp_basic +id_pkix_ocsp_crl = rfc2560.id_pkix_ocsp_crl +id_pkix_ocsp_nocheck = rfc2560.id_pkix_ocsp_nocheck +id_pkix_ocsp_nonce = rfc2560.id_pkix_ocsp_nonce +id_pkix_ocsp_response = rfc2560.id_pkix_ocsp_response +id_pkix_ocsp_service_locator = rfc2560.id_pkix_ocsp_service_locator + + +# Additional object identifiers + +id_pkix_ocsp_pref_sig_algs = id_pkix_ocsp + (8, ) +id_pkix_ocsp_extended_revoke = id_pkix_ocsp + (9, ) + + +# Updated structures (mostly to improve openTypes support) + +class CertID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('issuerNameHash', univ.OctetString()), + namedtype.NamedType('issuerKeyHash', univ.OctetString()), + namedtype.NamedType('serialNumber', CertificateSerialNumber()) + ) + + +class SingleResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certID', CertID()), + namedtype.NamedType('certStatus', CertStatus()), + namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('singleExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class ResponderID(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('byName', Name().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('byKey', KeyHash().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class ResponseData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('responderID', ResponderID()), + namedtype.NamedType('producedAt', useful.GeneralizedTime()), + namedtype.NamedType('responses', univ.SequenceOf( + componentType=SingleResponse())), + namedtype.OptionalNamedType('responseExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class BasicOCSPResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsResponseData', ResponseData()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()), + namedtype.OptionalNamedType('certs', univ.SequenceOf( + componentType=Certificate()).subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class Request(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('reqCert', CertID()), + namedtype.OptionalNamedType('singleRequestExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class Signature(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()), + namedtype.OptionalNamedType('certs', univ.SequenceOf( + componentType=Certificate()).subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class TBSRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestorName', GeneralName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('requestList', univ.SequenceOf( + componentType=Request())), + namedtype.OptionalNamedType('requestExtensions', Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class OCSPRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsRequest', TBSRequest()), + namedtype.OptionalNamedType('optionalSignature', Signature().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +# Previously omitted structure + +class ServiceLocator(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('locator', AuthorityInfoAccessSyntax()) + ) + + +# Additional structures + +class CrlID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('crlUrl', char.IA5String().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crlNum', univ.Integer().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('crlTime', useful.GeneralizedTime().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class PreferredSignatureAlgorithm(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('sigIdentifier', AlgorithmIdentifier()), + namedtype.OptionalNamedType('certIdentifier', AlgorithmIdentifier()) + ) + + +class PreferredSignatureAlgorithms(univ.SequenceOf): + componentType = PreferredSignatureAlgorithm() + + + +# Response Type OID to Response Map + +ocspResponseMap = { + id_pkix_ocsp_basic: BasicOCSPResponse(), +} + + +# Map of Extension OIDs to Extensions added to the ones +# that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + # Certificate Extension + id_pkix_ocsp_nocheck: univ.Null(""), + # OCSP Request Extensions + id_pkix_ocsp_nonce: univ.OctetString(), + id_pkix_ocsp_response: AcceptableResponses(), + id_pkix_ocsp_service_locator: ServiceLocator(), + id_pkix_ocsp_pref_sig_algs: PreferredSignatureAlgorithms(), + # OCSP Response Extensions + id_pkix_ocsp_crl: CrlID(), + id_pkix_ocsp_archive_cutoff: ArchiveCutoff(), + id_pkix_ocsp_extended_revoke: univ.Null(""), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7191.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7191.py new file mode 100644 index 0000000000000000000000000000000000000000..7c2be1156278fb36441bf0e94a260e056fede4a4 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7191.py @@ -0,0 +1,261 @@ +# This file is being contributed to of pyasn1-modules software. +# +# Created by Russ Housley without assistance from the asn1ate tool. +# Modified by Russ Housley to add support for opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Key Package Receipt and Error Content Types +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7191.txt + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + +MAX = float('inf') + +DistinguishedName = rfc5280.DistinguishedName + + +# SingleAttribute is the same as Attribute in RFC 5652, except that the +# attrValues SET must have one and only one member + +class AttributeValue(univ.Any): + pass + + +class AttributeValues(univ.SetOf): + pass + +AttributeValues.componentType = AttributeValue() +AttributeValues.sizeSpec = univ.Set.sizeSpec + constraint.ValueSizeConstraint(1, 1) + + +class SingleAttribute(univ.Sequence): + pass + +SingleAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', AttributeValues(), + openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) + ) +) + + +# SIR Entity Name + +class SIREntityNameType(univ.ObjectIdentifier): + pass + + +class SIREntityNameValue(univ.Any): + pass + + +class SIREntityName(univ.Sequence): + pass + +SIREntityName.componentType = namedtype.NamedTypes( + namedtype.NamedType('sirenType', SIREntityNameType()), + namedtype.NamedType('sirenValue', univ.OctetString()) + # CONTAINING the DER-encoded SIREntityNameValue +) + + +class SIREntityNames(univ.SequenceOf): + pass + +SIREntityNames.componentType = SIREntityName() +SIREntityNames.sizeSpec=constraint.ValueSizeConstraint(1, MAX) + + +id_dn = univ.ObjectIdentifier('2.16.840.1.101.2.1.16.0') + + +class siren_dn(SIREntityName): + def __init__(self): + SIREntityName.__init__(self) + self['sirenType'] = id_dn + + +# Key Package Error CMS Content Type + +class EnumeratedErrorCode(univ.Enumerated): + pass + +# Error codes with values <= 33 are aligned with RFC 5934 +EnumeratedErrorCode.namedValues = namedval.NamedValues( + ('decodeFailure', 1), + ('badContentInfo', 2), + ('badSignedData', 3), + ('badEncapContent', 4), + ('badCertificate', 5), + ('badSignerInfo', 6), + ('badSignedAttrs', 7), + ('badUnsignedAttrs', 8), + ('missingContent', 9), + ('noTrustAnchor', 10), + ('notAuthorized', 11), + ('badDigestAlgorithm', 12), + ('badSignatureAlgorithm', 13), + ('unsupportedKeySize', 14), + ('unsupportedParameters', 15), + ('signatureFailure', 16), + ('insufficientMemory', 17), + ('incorrectTarget', 23), + ('missingSignature', 29), + ('resourcesBusy', 30), + ('versionNumberMismatch', 31), + ('revokedCertificate', 33), + ('ambiguousDecrypt', 60), + ('noDecryptKey', 61), + ('badEncryptedData', 62), + ('badEnvelopedData', 63), + ('badAuthenticatedData', 64), + ('badAuthEnvelopedData', 65), + ('badKeyAgreeRecipientInfo', 66), + ('badKEKRecipientInfo', 67), + ('badEncryptContent', 68), + ('badEncryptAlgorithm', 69), + ('missingCiphertext', 70), + ('decryptFailure', 71), + ('badMACAlgorithm', 72), + ('badAuthAttrs', 73), + ('badUnauthAttrs', 74), + ('invalidMAC', 75), + ('mismatchedDigestAlg', 76), + ('missingCertificate', 77), + ('tooManySigners', 78), + ('missingSignedAttributes', 79), + ('derEncodingNotUsed', 80), + ('missingContentHints', 81), + ('invalidAttributeLocation', 82), + ('badMessageDigest', 83), + ('badKeyPackage', 84), + ('badAttributes', 85), + ('attributeComparisonFailure', 86), + ('unsupportedSymmetricKeyPackage', 87), + ('unsupportedAsymmetricKeyPackage', 88), + ('constraintViolation', 89), + ('ambiguousDefaultValue', 90), + ('noMatchingRecipientInfo', 91), + ('unsupportedKeyWrapAlgorithm', 92), + ('badKeyTransRecipientInfo', 93), + ('other', 127) +) + + +class ErrorCodeChoice(univ.Choice): + pass + +ErrorCodeChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('enum', EnumeratedErrorCode()), + namedtype.NamedType('oid', univ.ObjectIdentifier()) +) + + +class KeyPkgID(univ.OctetString): + pass + + +class KeyPkgIdentifier(univ.Choice): + pass + +KeyPkgIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkgID', KeyPkgID()), + namedtype.NamedType('attribute', SingleAttribute()) +) + + +class KeyPkgVersion(univ.Integer): + pass + + +KeyPkgVersion.namedValues = namedval.NamedValues( + ('v1', 1), + ('v2', 2) +) + +KeyPkgVersion.subtypeSpec = constraint.ValueRangeConstraint(1, 65535) + + +id_ct_KP_keyPackageError = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.6') + +class KeyPackageError(univ.Sequence): + pass + +KeyPackageError.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v2')), + namedtype.OptionalNamedType('errorOf', KeyPkgIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('errorBy', SIREntityName()), + namedtype.NamedType('errorCode', ErrorCodeChoice()) +) + + +# Key Package Receipt CMS Content Type + +id_ct_KP_keyPackageReceipt = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.3') + +class KeyPackageReceipt(univ.Sequence): + pass + +KeyPackageReceipt.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v2')), + namedtype.NamedType('receiptOf', KeyPkgIdentifier()), + namedtype.NamedType('receivedBy', SIREntityName()) +) + + +# Key Package Receipt Request Attribute + +class KeyPkgReceiptReq(univ.Sequence): + pass + +KeyPkgReceiptReq.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('encryptReceipt', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('receiptsFrom', SIREntityNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('receiptsTo', SIREntityNames()) +) + + +id_aa_KP_keyPkgIdAndReceiptReq = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.65') + +class KeyPkgIdentifierAndReceiptReq(univ.Sequence): + pass + +KeyPkgIdentifierAndReceiptReq.componentType = namedtype.NamedTypes( + namedtype.NamedType('pkgID', KeyPkgID()), + namedtype.OptionalNamedType('receiptReq', KeyPkgReceiptReq()) +) + + +# Map of Attribute Type OIDs to Attributes are added to +# the ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# Map of CMC Content Type OIDs to CMC Content Types are added to +# the ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_KP_keyPackageError: KeyPackageError(), + id_ct_KP_keyPackageReceipt: KeyPackageReceipt(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7292.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7292.py new file mode 100644 index 0000000000000000000000000000000000000000..1c9f319a5ddbd77fcc524aba8dfc51607d988247 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7292.py @@ -0,0 +1,357 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from the asn1ate tool. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS #12: Personal Information Exchange Syntax v1.1 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7292.txt +# https://www.rfc-editor.org/errata_search.php?rfc=7292 + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc2315 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5958 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +# Initialize the maps used in PKCS#12 + +pkcs12BagTypeMap = { } + +pkcs12CertBagMap = { } + +pkcs12CRLBagMap = { } + +pkcs12SecretBagMap = { } + + +# Imports from RFC 2315, RFC 5652, and RFC 5958 + +DigestInfo = rfc2315.DigestInfo + + +ContentInfo = rfc5652.ContentInfo + +PKCS12Attribute = rfc5652.Attribute + + +EncryptedPrivateKeyInfo = rfc5958.EncryptedPrivateKeyInfo + +PrivateKeyInfo = rfc5958.PrivateKeyInfo + + +# CMSSingleAttribute is the same as Attribute in RFC 5652 except the attrValues +# SET must have one and only one member + +class AttributeType(univ.ObjectIdentifier): + pass + + +class AttributeValue(univ.Any): + pass + + +class AttributeValues(univ.SetOf): + pass + +AttributeValues.componentType = AttributeValue() + + +class CMSSingleAttribute(univ.Sequence): + pass + +CMSSingleAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', AttributeType()), + namedtype.NamedType('attrValues', + AttributeValues().subtype(sizeSpec=constraint.ValueSizeConstraint(1, 1)), + openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) + ) +) + + +# Object identifier arcs + +rsadsi = _OID(1, 2, 840, 113549) + +pkcs = _OID(rsadsi, 1) + +pkcs_9 = _OID(pkcs, 9) + +certTypes = _OID(pkcs_9, 22) + +crlTypes = _OID(pkcs_9, 23) + +pkcs_12 = _OID(pkcs, 12) + + +# PBE Algorithm Identifiers and Parameters Structure + +pkcs_12PbeIds = _OID(pkcs_12, 1) + +pbeWithSHAAnd128BitRC4 = _OID(pkcs_12PbeIds, 1) + +pbeWithSHAAnd40BitRC4 = _OID(pkcs_12PbeIds, 2) + +pbeWithSHAAnd3_KeyTripleDES_CBC = _OID(pkcs_12PbeIds, 3) + +pbeWithSHAAnd2_KeyTripleDES_CBC = _OID(pkcs_12PbeIds, 4) + +pbeWithSHAAnd128BitRC2_CBC = _OID(pkcs_12PbeIds, 5) + +pbeWithSHAAnd40BitRC2_CBC = _OID(pkcs_12PbeIds, 6) + + +class Pkcs_12PbeParams(univ.Sequence): + pass + +Pkcs_12PbeParams.componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString()), + namedtype.NamedType('iterations', univ.Integer()) +) + + +# Bag types + +bagtypes = _OID(pkcs_12, 10, 1) + +class BAG_TYPE(univ.Sequence): + pass + +BAG_TYPE.componentType = namedtype.NamedTypes( + namedtype.NamedType('id', univ.ObjectIdentifier()), + namedtype.NamedType('unnamed1', univ.Any(), + openType=opentype.OpenType('attrType', pkcs12BagTypeMap) + ) +) + + +id_keyBag = _OID(bagtypes, 1) + +class KeyBag(PrivateKeyInfo): + pass + + +id_pkcs8ShroudedKeyBag = _OID(bagtypes, 2) + +class PKCS8ShroudedKeyBag(EncryptedPrivateKeyInfo): + pass + + +id_certBag = _OID(bagtypes, 3) + +class CertBag(univ.Sequence): + pass + +CertBag.componentType = namedtype.NamedTypes( + namedtype.NamedType('certId', univ.ObjectIdentifier()), + namedtype.NamedType('certValue', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('certId', pkcs12CertBagMap) + ) +) + + +x509Certificate = CertBag() +x509Certificate['certId'] = _OID(certTypes, 1) +x509Certificate['certValue'] = univ.OctetString() +# DER-encoded X.509 certificate stored in OCTET STRING + + +sdsiCertificate = CertBag() +sdsiCertificate['certId'] = _OID(certTypes, 2) +sdsiCertificate['certValue'] = char.IA5String() +# Base64-encoded SDSI certificate stored in IA5String + + +id_CRLBag = _OID(bagtypes, 4) + +class CRLBag(univ.Sequence): + pass + +CRLBag.componentType = namedtype.NamedTypes( + namedtype.NamedType('crlId', univ.ObjectIdentifier()), + namedtype.NamedType('crlValue', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('crlId', pkcs12CRLBagMap) + ) +) + + +x509CRL = CRLBag() +x509CRL['crlId'] = _OID(crlTypes, 1) +x509CRL['crlValue'] = univ.OctetString() +# DER-encoded X.509 CRL stored in OCTET STRING + + +id_secretBag = _OID(bagtypes, 5) + +class SecretBag(univ.Sequence): + pass + +SecretBag.componentType = namedtype.NamedTypes( + namedtype.NamedType('secretTypeId', univ.ObjectIdentifier()), + namedtype.NamedType('secretValue', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('secretTypeId', pkcs12SecretBagMap) + ) +) + + +id_safeContentsBag = _OID(bagtypes, 6) + +class SafeBag(univ.Sequence): + pass + +SafeBag.componentType = namedtype.NamedTypes( + namedtype.NamedType('bagId', univ.ObjectIdentifier()), + namedtype.NamedType('bagValue', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('bagId', pkcs12BagTypeMap) + ), + namedtype.OptionalNamedType('bagAttributes', + univ.SetOf(componentType=PKCS12Attribute()) + ) +) + + +class SafeContents(univ.SequenceOf): + pass + +SafeContents.componentType = SafeBag() + + +# The PFX PDU + +class AuthenticatedSafe(univ.SequenceOf): + pass + +AuthenticatedSafe.componentType = ContentInfo() +# Data if unencrypted +# EncryptedData if password-encrypted +# EnvelopedData if public key-encrypted + + +class MacData(univ.Sequence): + pass + +MacData.componentType = namedtype.NamedTypes( + namedtype.NamedType('mac', DigestInfo()), + namedtype.NamedType('macSalt', univ.OctetString()), + namedtype.DefaultedNamedType('iterations', univ.Integer().subtype(value=1)) + # Note: The default is for historical reasons and its use is deprecated +) + + +class PFX(univ.Sequence): + pass + +PFX.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', + univ.Integer(namedValues=namedval.NamedValues(('v3', 3))) + ), + namedtype.NamedType('authSafe', ContentInfo()), + namedtype.OptionalNamedType('macData', MacData()) +) + + +# Local key identifier (also defined as certificateAttribute in rfc2985.py) + +pkcs_9_at_localKeyId = _OID(pkcs_9, 21) + +localKeyId = CMSSingleAttribute() +localKeyId['attrType'] = pkcs_9_at_localKeyId +localKeyId['attrValues'][0] = univ.OctetString() + + +# Friendly name (also defined as certificateAttribute in rfc2985.py) + +pkcs_9_ub_pkcs9String = univ.Integer(255) + +pkcs_9_ub_friendlyName = univ.Integer(pkcs_9_ub_pkcs9String) + +pkcs_9_at_friendlyName = _OID(pkcs_9, 20) + +class FriendlyName(char.BMPString): + pass + +FriendlyName.subtypeSpec = constraint.ValueSizeConstraint(1, pkcs_9_ub_friendlyName) + + +friendlyName = CMSSingleAttribute() +friendlyName['attrType'] = pkcs_9_at_friendlyName +friendlyName['attrValues'][0] = FriendlyName() + + +# Update the PKCS#12 maps + +_pkcs12BagTypeMap = { + id_keyBag: KeyBag(), + id_pkcs8ShroudedKeyBag: PKCS8ShroudedKeyBag(), + id_certBag: CertBag(), + id_CRLBag: CRLBag(), + id_secretBag: SecretBag(), + id_safeContentsBag: SafeBag(), +} + +pkcs12BagTypeMap.update(_pkcs12BagTypeMap) + + +_pkcs12CertBagMap = { + _OID(certTypes, 1): univ.OctetString(), + _OID(certTypes, 2): char.IA5String(), +} + +pkcs12CertBagMap.update(_pkcs12CertBagMap) + + +_pkcs12CRLBagMap = { + _OID(crlTypes, 1): univ.OctetString(), +} + +pkcs12CRLBagMap.update(_pkcs12CRLBagMap) + + +# Update the Algorithm Identifier map + +_algorithmIdentifierMapUpdate = { + pbeWithSHAAnd128BitRC4: Pkcs_12PbeParams(), + pbeWithSHAAnd40BitRC4: Pkcs_12PbeParams(), + pbeWithSHAAnd3_KeyTripleDES_CBC: Pkcs_12PbeParams(), + pbeWithSHAAnd2_KeyTripleDES_CBC: Pkcs_12PbeParams(), + pbeWithSHAAnd128BitRC2_CBC: Pkcs_12PbeParams(), + pbeWithSHAAnd40BitRC2_CBC: Pkcs_12PbeParams(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) + + +# Update the CMS Attribute map + +_cmsAttributesMapUpdate = { + pkcs_9_at_friendlyName: FriendlyName(), + pkcs_9_at_localKeyId: univ.OctetString(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7296.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7296.py new file mode 100644 index 0000000000000000000000000000000000000000..95a191a14ded9bf30fddb5b2d2654eb9382e8bae --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7296.py @@ -0,0 +1,32 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# IKEv2 Certificate Bundle +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7296.txt + +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +class CertificateOrCRL(univ.Choice): + pass + +CertificateOrCRL.componentType = namedtype.NamedTypes( + namedtype.NamedType('cert', rfc5280.Certificate().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('crl', rfc5280.CertificateList().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class CertificateBundle(univ.SequenceOf): + pass + +CertificateBundle.componentType = CertificateOrCRL() diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7633.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7633.py new file mode 100644 index 0000000000000000000000000000000000000000..f518440ff4746dd7ad353d1dca0262c70cc84f6d --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7633.py @@ -0,0 +1,38 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Transport Layer Security (TLS) Feature Certificate Extension +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7633.txt +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# TLS Features Extension + +id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') + +id_pe_tlsfeature = id_pe + (24, ) + + +class Features(univ.SequenceOf): + componentType = univ.Integer() + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_tlsfeature: Features(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7894.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7894.py new file mode 100644 index 0000000000000000000000000000000000000000..41936433d14bf6e0ce074649931e826758251ade --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7894.py @@ -0,0 +1,92 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Alternative Challenge Password Attributes for EST +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7894.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc6402 +from pyasn1_modules import rfc7191 + + +# SingleAttribute is the same as Attribute in RFC 5652, except that the +# attrValues SET must have one and only one member + +Attribute = rfc7191.SingleAttribute + + +# DirectoryString is the same as RFC 5280, except the length is limited to 255 + +class DirectoryString(univ.Choice): + pass + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, 255))) +) + + +# OTP Challenge Attribute + +id_aa_otpChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.56') + +ub_aa_otpChallenge = univ.Integer(255) + +otpChallenge = Attribute() +otpChallenge['attrType'] = id_aa_otpChallenge +otpChallenge['attrValues'][0] = DirectoryString() + + +# Revocation Challenge Attribute + +id_aa_revocationChallenge = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.57') + +ub_aa_revocationChallenge = univ.Integer(255) + +revocationChallenge = Attribute() +revocationChallenge['attrType'] = id_aa_revocationChallenge +revocationChallenge['attrValues'][0] = DirectoryString() + + +# EST Identity Linking Attribute + +id_aa_estIdentityLinking = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.58') + +ub_aa_est_identity_linking = univ.Integer(255) + +estIdentityLinking = Attribute() +estIdentityLinking['attrType'] = id_aa_estIdentityLinking +estIdentityLinking['attrValues'][0] = DirectoryString() + + +# Map of Attribute Type OIDs to Attributes added to the +# ones that are in rfc6402.py + +_cmcControlAttributesMapUpdate = { + id_aa_otpChallenge: DirectoryString(), + id_aa_revocationChallenge: DirectoryString(), + id_aa_estIdentityLinking: DirectoryString(), +} + +rfc6402.cmcControlAttributesMap.update(_cmcControlAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7906.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7906.py new file mode 100644 index 0000000000000000000000000000000000000000..fa5f6b0733c6cc12f4effd830db579b705f90ed3 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7906.py @@ -0,0 +1,736 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# NSA's CMS Key Management Attributes +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7906.txt +# https://www.rfc-editor.org/errata/eid5850 +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc2634 +from pyasn1_modules import rfc4108 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc6010 +from pyasn1_modules import rfc6019 +from pyasn1_modules import rfc7191 + +MAX = float('inf') + + +# Imports From RFC 2634 + +id_aa_contentHint = rfc2634.id_aa_contentHint + +ContentHints = rfc2634.ContentHints + +id_aa_securityLabel = rfc2634.id_aa_securityLabel + +SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier + +SecurityClassification = rfc2634.SecurityClassification + +ESSPrivacyMark = rfc2634.ESSPrivacyMark + +SecurityCategories= rfc2634.SecurityCategories + +ESSSecurityLabel = rfc2634.ESSSecurityLabel + + +# Imports From RFC 4108 + +id_aa_communityIdentifiers = rfc4108.id_aa_communityIdentifiers + +CommunityIdentifier = rfc4108.CommunityIdentifier + +CommunityIdentifiers = rfc4108.CommunityIdentifiers + + +# Imports From RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +Name = rfc5280.Name + +Certificate = rfc5280.Certificate + +GeneralNames = rfc5280.GeneralNames + +GeneralName = rfc5280.GeneralName + + +SubjectInfoAccessSyntax = rfc5280.SubjectInfoAccessSyntax + +id_pkix = rfc5280.id_pkix + +id_pe = rfc5280.id_pe + +id_pe_subjectInfoAccess = rfc5280.id_pe_subjectInfoAccess + + +# Imports From RFC 6010 + +CMSContentConstraints = rfc6010.CMSContentConstraints + + +# Imports From RFC 6019 + +BinaryTime = rfc6019.BinaryTime + +id_aa_binarySigningTime = rfc6019.id_aa_binarySigningTime + +BinarySigningTime = rfc6019.BinarySigningTime + + +# Imports From RFC 5652 + +Attribute = rfc5652.Attribute + +CertificateSet = rfc5652.CertificateSet + +CertificateChoices = rfc5652.CertificateChoices + +id_contentType = rfc5652.id_contentType + +ContentType = rfc5652.ContentType + +id_messageDigest = rfc5652.id_messageDigest + +MessageDigest = rfc5652.MessageDigest + + +# Imports From RFC 7191 + +SIREntityName = rfc7191.SIREntityName + +id_aa_KP_keyPkgIdAndReceiptReq = rfc7191.id_aa_KP_keyPkgIdAndReceiptReq + +KeyPkgIdentifierAndReceiptReq = rfc7191.KeyPkgIdentifierAndReceiptReq + + +# Key Province Attribute + +id_aa_KP_keyProvinceV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.71') + + +class KeyProvinceV2(univ.ObjectIdentifier): + pass + + +aa_keyProvince_v2 = Attribute() +aa_keyProvince_v2['attrType'] = id_aa_KP_keyProvinceV2 +aa_keyProvince_v2['attrValues'][0] = KeyProvinceV2() + + +# Manifest Attribute + +id_aa_KP_manifest = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.72') + + +class ShortTitle(char.PrintableString): + pass + + +class Manifest(univ.SequenceOf): + pass + +Manifest.componentType = ShortTitle() +Manifest.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +aa_manifest = Attribute() +aa_manifest['attrType'] = id_aa_KP_manifest +aa_manifest['attrValues'][0] = Manifest() + + +# Key Algorithm Attribute + +id_kma_keyAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.1') + + +class KeyAlgorithm(univ.Sequence): + pass + +KeyAlgorithm.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyAlg', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('checkWordAlg', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('crcAlg', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +aa_keyAlgorithm = Attribute() +aa_keyAlgorithm['attrType'] = id_kma_keyAlgorithm +aa_keyAlgorithm['attrValues'][0] = KeyAlgorithm() + + +# User Certificate Attribute + +id_at_userCertificate = univ.ObjectIdentifier('2.5.4.36') + + +aa_userCertificate = Attribute() +aa_userCertificate['attrType'] = id_at_userCertificate +aa_userCertificate['attrValues'][0] = Certificate() + + +# Key Package Receivers Attribute + +id_kma_keyPkgReceiversV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.16') + + +class KeyPkgReceiver(univ.Choice): + pass + +KeyPkgReceiver.componentType = namedtype.NamedTypes( + namedtype.NamedType('sirEntity', SIREntityName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('community', CommunityIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class KeyPkgReceiversV2(univ.SequenceOf): + pass + +KeyPkgReceiversV2.componentType = KeyPkgReceiver() +KeyPkgReceiversV2.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +aa_keyPackageReceivers_v2 = Attribute() +aa_keyPackageReceivers_v2['attrType'] = id_kma_keyPkgReceiversV2 +aa_keyPackageReceivers_v2['attrValues'][0] = KeyPkgReceiversV2() + + +# TSEC Nomenclature Attribute + +id_kma_TSECNomenclature = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.3') + + +class CharEdition(char.PrintableString): + pass + + +class CharEditionRange(univ.Sequence): + pass + +CharEditionRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('firstCharEdition', CharEdition()), + namedtype.NamedType('lastCharEdition', CharEdition()) +) + + +class NumEdition(univ.Integer): + pass + +NumEdition.subtypeSpec = constraint.ValueRangeConstraint(0, 308915776) + + +class NumEditionRange(univ.Sequence): + pass + +NumEditionRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('firstNumEdition', NumEdition()), + namedtype.NamedType('lastNumEdition', NumEdition()) +) + + +class EditionID(univ.Choice): + pass + +EditionID.componentType = namedtype.NamedTypes( + namedtype.NamedType('char', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('charEdition', CharEdition().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('charEditionRange', CharEditionRange().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + )) + ), + namedtype.NamedType('num', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('numEdition', NumEdition().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('numEditionRange', NumEditionRange().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) + )) + ) +) + + +class Register(univ.Integer): + pass + +Register.subtypeSpec = constraint.ValueRangeConstraint(0, 2147483647) + + +class RegisterRange(univ.Sequence): + pass + +RegisterRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('firstRegister', Register()), + namedtype.NamedType('lastRegister', Register()) +) + + +class RegisterID(univ.Choice): + pass + +RegisterID.componentType = namedtype.NamedTypes( + namedtype.NamedType('register', Register().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), + namedtype.NamedType('registerRange', RegisterRange().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))) +) + + +class SegmentNumber(univ.Integer): + pass + +SegmentNumber.subtypeSpec = constraint.ValueRangeConstraint(1, 127) + + +class SegmentRange(univ.Sequence): + pass + +SegmentRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('firstSegment', SegmentNumber()), + namedtype.NamedType('lastSegment', SegmentNumber()) +) + + +class SegmentID(univ.Choice): + pass + +SegmentID.componentType = namedtype.NamedTypes( + namedtype.NamedType('segmentNumber', SegmentNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('segmentRange', SegmentRange().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))) +) + + +class TSECNomenclature(univ.Sequence): + pass + +TSECNomenclature.componentType = namedtype.NamedTypes( + namedtype.NamedType('shortTitle', ShortTitle()), + namedtype.OptionalNamedType('editionID', EditionID()), + namedtype.OptionalNamedType('registerID', RegisterID()), + namedtype.OptionalNamedType('segmentID', SegmentID()) +) + + +aa_tsecNomenclature = Attribute() +aa_tsecNomenclature['attrType'] = id_kma_TSECNomenclature +aa_tsecNomenclature['attrValues'][0] = TSECNomenclature() + + +# Key Purpose Attribute + +id_kma_keyPurpose = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.13') + + +class KeyPurpose(univ.Enumerated): + pass + +KeyPurpose.namedValues = namedval.NamedValues( + ('n-a', 0), + ('a', 65), + ('b', 66), + ('l', 76), + ('m', 77), + ('r', 82), + ('s', 83), + ('t', 84), + ('v', 86), + ('x', 88), + ('z', 90) +) + + +aa_keyPurpose = Attribute() +aa_keyPurpose['attrType'] = id_kma_keyPurpose +aa_keyPurpose['attrValues'][0] = KeyPurpose() + + +# Key Use Attribute + +id_kma_keyUse = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.14') + + +class KeyUse(univ.Enumerated): + pass + +KeyUse.namedValues = namedval.NamedValues( + ('n-a', 0), + ('ffk', 1), + ('kek', 2), + ('kpk', 3), + ('msk', 4), + ('qkek', 5), + ('tek', 6), + ('tsk', 7), + ('trkek', 8), + ('nfk', 9), + ('effk', 10), + ('ebfk', 11), + ('aek', 12), + ('wod', 13), + ('kesk', 246), + ('eik', 247), + ('ask', 248), + ('kmk', 249), + ('rsk', 250), + ('csk', 251), + ('sak', 252), + ('rgk', 253), + ('cek', 254), + ('exk', 255) +) + + +aa_keyUse = Attribute() +aa_keyPurpose['attrType'] = id_kma_keyUse +aa_keyPurpose['attrValues'][0] = KeyUse() + + +# Transport Key Attribute + +id_kma_transportKey = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.15') + + +class TransOp(univ.Enumerated): + pass + +TransOp.namedValues = namedval.NamedValues( + ('transport', 1), + ('operational', 2) +) + + +aa_transportKey = Attribute() +aa_transportKey['attrType'] = id_kma_transportKey +aa_transportKey['attrValues'][0] = TransOp() + + +# Key Distribution Period Attribute + +id_kma_keyDistPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.5') + + +class KeyDistPeriod(univ.Sequence): + pass + +KeyDistPeriod.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('doNotDistBefore', BinaryTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('doNotDistAfter', BinaryTime()) +) + + +aa_keyDistributionPeriod = Attribute() +aa_keyDistributionPeriod['attrType'] = id_kma_keyDistPeriod +aa_keyDistributionPeriod['attrValues'][0] = KeyDistPeriod() + + +# Key Validity Period Attribute + +id_kma_keyValidityPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.6') + + +class KeyValidityPeriod(univ.Sequence): + pass + +KeyValidityPeriod.componentType = namedtype.NamedTypes( + namedtype.NamedType('doNotUseBefore', BinaryTime()), + namedtype.OptionalNamedType('doNotUseAfter', BinaryTime()) +) + + +aa_keyValidityPeriod = Attribute() +aa_keyValidityPeriod['attrType'] = id_kma_keyValidityPeriod +aa_keyValidityPeriod['attrValues'][0] = KeyValidityPeriod() + + +# Key Duration Attribute + +id_kma_keyDuration = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.7') + + +ub_KeyDuration_months = univ.Integer(72) + +ub_KeyDuration_hours = univ.Integer(96) + +ub_KeyDuration_days = univ.Integer(732) + +ub_KeyDuration_weeks = univ.Integer(104) + +ub_KeyDuration_years = univ.Integer(100) + + +class KeyDuration(univ.Choice): + pass + +KeyDuration.componentType = namedtype.NamedTypes( + namedtype.NamedType('hours', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_hours)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('days', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_days))), + namedtype.NamedType('weeks', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_weeks)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('months', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_months)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('years', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_years)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +aa_keyDurationPeriod = Attribute() +aa_keyDurationPeriod['attrType'] = id_kma_keyDuration +aa_keyDurationPeriod['attrValues'][0] = KeyDuration() + + +# Classification Attribute + +id_aa_KP_classification = univ.ObjectIdentifier(id_aa_securityLabel) + + +id_enumeratedPermissiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.1') + +id_enumeratedRestrictiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.4') + +id_informativeAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.3') + + +class SecurityAttribute(univ.Integer): + pass + +SecurityAttribute.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class EnumeratedTag(univ.Sequence): + pass + +EnumeratedTag.componentType = namedtype.NamedTypes( + namedtype.NamedType('tagName', univ.ObjectIdentifier()), + namedtype.NamedType('attributeList', univ.SetOf(componentType=SecurityAttribute())) +) + + +class FreeFormField(univ.Choice): + pass + +FreeFormField.componentType = namedtype.NamedTypes( + namedtype.NamedType('bitSetAttributes', univ.BitString()), # Not permitted in RFC 7906 + namedtype.NamedType('securityAttributes', univ.SetOf(componentType=SecurityAttribute())) +) + + +class InformativeTag(univ.Sequence): + pass + +InformativeTag.componentType = namedtype.NamedTypes( + namedtype.NamedType('tagName', univ.ObjectIdentifier()), + namedtype.NamedType('attributes', FreeFormField()) +) + + +class Classification(ESSSecurityLabel): + pass + + +aa_classification = Attribute() +aa_classification['attrType'] = id_aa_KP_classification +aa_classification['attrValues'][0] = Classification() + + +# Split Identifier Attribute + +id_kma_splitID = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.11') + + +class SplitID(univ.Sequence): + pass + +SplitID.componentType = namedtype.NamedTypes( + namedtype.NamedType('half', univ.Enumerated( + namedValues=namedval.NamedValues(('a', 0), ('b', 1)))), + namedtype.OptionalNamedType('combineAlg', AlgorithmIdentifier()) +) + + +aa_splitIdentifier = Attribute() +aa_splitIdentifier['attrType'] = id_kma_splitID +aa_splitIdentifier['attrValues'][0] = SplitID() + + +# Key Package Type Attribute + +id_kma_keyPkgType = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.12') + + +class KeyPkgType(univ.ObjectIdentifier): + pass + + +aa_keyPackageType = Attribute() +aa_keyPackageType['attrType'] = id_kma_keyPkgType +aa_keyPackageType['attrValues'][0] = KeyPkgType() + + +# Signature Usage Attribute + +id_kma_sigUsageV3 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.22') + + +class SignatureUsage(CMSContentConstraints): + pass + + +aa_signatureUsage_v3 = Attribute() +aa_signatureUsage_v3['attrType'] = id_kma_sigUsageV3 +aa_signatureUsage_v3['attrValues'][0] = SignatureUsage() + + +# Other Certificate Format Attribute + +id_kma_otherCertFormats = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.19') + + +aa_otherCertificateFormats = Attribute() +aa_signatureUsage_v3['attrType'] = id_kma_otherCertFormats +aa_signatureUsage_v3['attrValues'][0] = CertificateChoices() + + +# PKI Path Attribute + +id_at_pkiPath = univ.ObjectIdentifier('2.5.4.70') + + +class PkiPath(univ.SequenceOf): + pass + +PkiPath.componentType = Certificate() +PkiPath.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +aa_pkiPath = Attribute() +aa_pkiPath['attrType'] = id_at_pkiPath +aa_pkiPath['attrValues'][0] = PkiPath() + + +# Useful Certificates Attribute + +id_kma_usefulCerts = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.20') + + +aa_usefulCertificates = Attribute() +aa_usefulCertificates['attrType'] = id_kma_usefulCerts +aa_usefulCertificates['attrValues'][0] = CertificateSet() + + +# Key Wrap Attribute + +id_kma_keyWrapAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.21') + + +aa_keyWrapAlgorithm = Attribute() +aa_keyWrapAlgorithm['attrType'] = id_kma_keyWrapAlgorithm +aa_keyWrapAlgorithm['attrValues'][0] = AlgorithmIdentifier() + + +# Content Decryption Key Identifier Attribute + +id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') + + +class ContentDecryptKeyID(univ.OctetString): + pass + + +aa_contentDecryptKeyIdentifier = Attribute() +aa_contentDecryptKeyIdentifier['attrType'] = id_aa_KP_contentDecryptKeyID +aa_contentDecryptKeyIdentifier['attrValues'][0] = ContentDecryptKeyID() + + +# Certificate Pointers Attribute + +aa_certificatePointers = Attribute() +aa_certificatePointers['attrType'] = id_pe_subjectInfoAccess +aa_certificatePointers['attrValues'][0] = SubjectInfoAccessSyntax() + + +# CRL Pointers Attribute + +id_aa_KP_crlPointers = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.70') + + +aa_cRLDistributionPoints = Attribute() +aa_cRLDistributionPoints['attrType'] = id_aa_KP_crlPointers +aa_cRLDistributionPoints['attrValues'][0] = GeneralNames() + + +# Extended Error Codes + +id_errorCodes = univ.ObjectIdentifier('2.16.840.1.101.2.1.22') + +id_missingKeyType = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.1') + +id_privacyMarkTooLong = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.2') + +id_unrecognizedSecurityPolicy = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.3') + + +# Map of Attribute Type OIDs to Attributes added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_contentHint: ContentHints(), + id_aa_communityIdentifiers: CommunityIdentifiers(), + id_aa_binarySigningTime: BinarySigningTime(), + id_contentType: ContentType(), + id_messageDigest: MessageDigest(), + id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), + id_aa_KP_keyProvinceV2: KeyProvinceV2(), + id_aa_KP_manifest: Manifest(), + id_kma_keyAlgorithm: KeyAlgorithm(), + id_at_userCertificate: Certificate(), + id_kma_keyPkgReceiversV2: KeyPkgReceiversV2(), + id_kma_TSECNomenclature: TSECNomenclature(), + id_kma_keyPurpose: KeyPurpose(), + id_kma_keyUse: KeyUse(), + id_kma_transportKey: TransOp(), + id_kma_keyDistPeriod: KeyDistPeriod(), + id_kma_keyValidityPeriod: KeyValidityPeriod(), + id_kma_keyDuration: KeyDuration(), + id_aa_KP_classification: Classification(), + id_kma_splitID: SplitID(), + id_kma_keyPkgType: KeyPkgType(), + id_kma_sigUsageV3: SignatureUsage(), + id_kma_otherCertFormats: CertificateChoices(), + id_at_pkiPath: PkiPath(), + id_kma_usefulCerts: CertificateSet(), + id_kma_keyWrapAlgorithm: AlgorithmIdentifier(), + id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), + id_pe_subjectInfoAccess: SubjectInfoAccessSyntax(), + id_aa_KP_crlPointers: GeneralNames(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8017.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8017.py new file mode 100644 index 0000000000000000000000000000000000000000..fefed1dcd6b5e015824bf3df34ed0879dcc9327b --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8017.py @@ -0,0 +1,153 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS #1: RSA Cryptography Specifications Version 2.2 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8017.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ + +from pyasn1_modules import rfc2437 +from pyasn1_modules import rfc3447 +from pyasn1_modules import rfc4055 +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# Import Algorithm Identifier from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +class DigestAlgorithm(AlgorithmIdentifier): + pass + +class HashAlgorithm(AlgorithmIdentifier): + pass + +class MaskGenAlgorithm(AlgorithmIdentifier): + pass + +class PSourceAlgorithm(AlgorithmIdentifier): + pass + + +# Object identifiers from NIST SHA2 + +hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') +id_sha256 = rfc4055.id_sha256 +id_sha384 = rfc4055.id_sha384 +id_sha512 = rfc4055.id_sha512 +id_sha224 = rfc4055.id_sha224 +id_sha512_224 = hashAlgs + (5, ) +id_sha512_256 = hashAlgs + (6, ) + + +# Basic object identifiers + +pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') +rsaEncryption = rfc2437.rsaEncryption +id_RSAES_OAEP = rfc2437.id_RSAES_OAEP +id_pSpecified = rfc2437.id_pSpecified +id_RSASSA_PSS = rfc4055.id_RSASSA_PSS +md2WithRSAEncryption = rfc2437.md2WithRSAEncryption +md5WithRSAEncryption = rfc2437.md5WithRSAEncryption +sha1WithRSAEncryption = rfc2437.sha1WithRSAEncryption +sha224WithRSAEncryption = rfc4055.sha224WithRSAEncryption +sha256WithRSAEncryption = rfc4055.sha256WithRSAEncryption +sha384WithRSAEncryption = rfc4055.sha384WithRSAEncryption +sha512WithRSAEncryption = rfc4055.sha512WithRSAEncryption +sha512_224WithRSAEncryption = pkcs_1 + (15, ) +sha512_256WithRSAEncryption = pkcs_1 + (16, ) +id_sha1 = rfc2437.id_sha1 +id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2') +id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5') +id_mgf1 = rfc2437.id_mgf1 + + +# Default parameter values + +sha1 = rfc4055.sha1Identifier +SHA1Parameters = univ.Null("") + +mgf1SHA1 = rfc4055.mgf1SHA1Identifier + +class EncodingParameters(univ.OctetString): + subtypeSpec = constraint.ValueSizeConstraint(0, MAX) + +pSpecifiedEmpty = rfc4055.pSpecifiedEmptyIdentifier + +emptyString = EncodingParameters(value='') + + +# Main structures + +class Version(univ.Integer): + namedValues = namedval.NamedValues( + ('two-prime', 0), + ('multi', 1) + ) + +class TrailerField(univ.Integer): + namedValues = namedval.NamedValues( + ('trailerFieldBC', 1) + ) + +RSAPublicKey = rfc2437.RSAPublicKey + +OtherPrimeInfo = rfc3447.OtherPrimeInfo +OtherPrimeInfos = rfc3447.OtherPrimeInfos +RSAPrivateKey = rfc3447.RSAPrivateKey + +RSAES_OAEP_params = rfc4055.RSAES_OAEP_params +rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier + +RSASSA_PSS_params = rfc4055.RSASSA_PSS_params +rSASSA_PSS_Default_Identifier = rfc4055.rSASSA_PSS_Default_Identifier + + +# Syntax for the EMSA-PKCS1-v1_5 hash identifier + +class DigestInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('digestAlgorithm', DigestAlgorithm()), + namedtype.NamedType('digest', univ.OctetString()) + ) + + +# Update the Algorithm Identifier map + +_algorithmIdentifierMapUpdate = { + id_sha1: univ.Null(), + id_sha224: univ.Null(), + id_sha256: univ.Null(), + id_sha384: univ.Null(), + id_sha512: univ.Null(), + id_sha512_224: univ.Null(), + id_sha512_256: univ.Null(), + id_mgf1: AlgorithmIdentifier(), + id_pSpecified: univ.OctetString(), + id_RSAES_OAEP: RSAES_OAEP_params(), + id_RSASSA_PSS: RSASSA_PSS_params(), + md2WithRSAEncryption: univ.Null(), + md5WithRSAEncryption: univ.Null(), + sha1WithRSAEncryption: univ.Null(), + sha224WithRSAEncryption: univ.Null(), + sha256WithRSAEncryption: univ.Null(), + sha384WithRSAEncryption: univ.Null(), + sha512WithRSAEncryption: univ.Null(), + sha512_224WithRSAEncryption: univ.Null(), + sha512_256WithRSAEncryption: univ.Null(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8018.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8018.py new file mode 100644 index 0000000000000000000000000000000000000000..7a44eea8d25e9cb59c44442e0dc683e3b30237f3 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8018.py @@ -0,0 +1,260 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS #5: Password-Based Cryptography Specification, Version 2.1 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8018.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ + +from pyasn1_modules import rfc3565 +from pyasn1_modules import rfc5280 + +MAX = float('inf') + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +# Import from RFC 3565 + +AES_IV = rfc3565.AES_IV + + +# Import from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Basic object identifiers + +nistAlgorithms = _OID(2, 16, 840, 1, 101, 3, 4) + +aes = _OID(nistAlgorithms, 1) + +oiw = _OID(1, 3, 14) + +rsadsi = _OID(1, 2, 840, 113549) + +pkcs = _OID(rsadsi, 1) + +digestAlgorithm = _OID(rsadsi, 2) + +encryptionAlgorithm = _OID(rsadsi, 3) + +pkcs_5 = _OID(pkcs, 5) + + + +# HMAC object identifiers + +id_hmacWithSHA1 = _OID(digestAlgorithm, 7) + +id_hmacWithSHA224 = _OID(digestAlgorithm, 8) + +id_hmacWithSHA256 = _OID(digestAlgorithm, 9) + +id_hmacWithSHA384 = _OID(digestAlgorithm, 10) + +id_hmacWithSHA512 = _OID(digestAlgorithm, 11) + +id_hmacWithSHA512_224 = _OID(digestAlgorithm, 12) + +id_hmacWithSHA512_256 = _OID(digestAlgorithm, 13) + + +# PBES1 object identifiers + +pbeWithMD2AndDES_CBC = _OID(pkcs_5, 1) + +pbeWithMD2AndRC2_CBC = _OID(pkcs_5, 4) + +pbeWithMD5AndDES_CBC = _OID(pkcs_5, 3) + +pbeWithMD5AndRC2_CBC = _OID(pkcs_5, 6) + +pbeWithSHA1AndDES_CBC = _OID(pkcs_5, 10) + +pbeWithSHA1AndRC2_CBC = _OID(pkcs_5, 11) + + +# Supporting techniques object identifiers + +desCBC = _OID(oiw, 3, 2, 7) + +des_EDE3_CBC = _OID(encryptionAlgorithm, 7) + +rc2CBC = _OID(encryptionAlgorithm, 2) + +rc5_CBC_PAD = _OID(encryptionAlgorithm, 9) + +aes128_CBC_PAD = _OID(aes, 2) + +aes192_CBC_PAD = _OID(aes, 22) + +aes256_CBC_PAD = _OID(aes, 42) + + +# PBES1 + +class PBEParameter(univ.Sequence): + pass + +PBEParameter.componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(8, 8))), + namedtype.NamedType('iterationCount', univ.Integer()) +) + + +# PBES2 + +id_PBES2 = _OID(pkcs_5, 13) + + +class PBES2_params(univ.Sequence): + pass + +PBES2_params.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyDerivationFunc', AlgorithmIdentifier()), + namedtype.NamedType('encryptionScheme', AlgorithmIdentifier()) +) + + +# PBMAC1 + +id_PBMAC1 = _OID(pkcs_5, 14) + + +class PBMAC1_params(univ.Sequence): + pass + +PBMAC1_params.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyDerivationFunc', AlgorithmIdentifier()), + namedtype.NamedType('messageAuthScheme', AlgorithmIdentifier()) +) + + +# PBKDF2 + +id_PBKDF2 = _OID(pkcs_5, 12) + + +algid_hmacWithSHA1 = AlgorithmIdentifier() +algid_hmacWithSHA1['algorithm'] = id_hmacWithSHA1 +algid_hmacWithSHA1['parameters'] = univ.Null("") + + +class PBKDF2_params(univ.Sequence): + pass + +PBKDF2_params.componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('specified', univ.OctetString()), + namedtype.NamedType('otherSource', AlgorithmIdentifier()) + ))), + namedtype.NamedType('iterationCount', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), + namedtype.OptionalNamedType('keyLength', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), + namedtype.DefaultedNamedType('prf', algid_hmacWithSHA1) +) + + +# RC2 CBC algorithm parameter + +class RC2_CBC_Parameter(univ.Sequence): + pass + +RC2_CBC_Parameter.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('rc2ParameterVersion', univ.Integer()), + namedtype.NamedType('iv', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(8, 8))) +) + + +# RC5 CBC algorithm parameter + +class RC5_CBC_Parameters(univ.Sequence): + pass + +RC5_CBC_Parameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', + univ.Integer(namedValues=namedval.NamedValues(('v1_0', 16))).subtype( + subtypeSpec=constraint.SingleValueConstraint(16))), + namedtype.NamedType('rounds', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(8, 127))), + namedtype.NamedType('blockSizeInBits', + univ.Integer().subtype(subtypeSpec=constraint.SingleValueConstraint(64, 128))), + namedtype.OptionalNamedType('iv', univ.OctetString()) +) + + +# Initialization Vector for AES: OCTET STRING (SIZE(16)) + +class AES_IV(univ.OctetString): + pass + +AES_IV.subtypeSpec = constraint.ValueSizeConstraint(16, 16) + + +# Initialization Vector for DES: OCTET STRING (SIZE(8)) + +class DES_IV(univ.OctetString): + pass + +DES_IV.subtypeSpec = constraint.ValueSizeConstraint(8, 8) + + +# Update the Algorithm Identifier map + +_algorithmIdentifierMapUpdate = { + # PBKDF2-PRFs + id_hmacWithSHA1: univ.Null(), + id_hmacWithSHA224: univ.Null(), + id_hmacWithSHA256: univ.Null(), + id_hmacWithSHA384: univ.Null(), + id_hmacWithSHA512: univ.Null(), + id_hmacWithSHA512_224: univ.Null(), + id_hmacWithSHA512_256: univ.Null(), + # PBES1Algorithms + pbeWithMD2AndDES_CBC: PBEParameter(), + pbeWithMD2AndRC2_CBC: PBEParameter(), + pbeWithMD5AndDES_CBC: PBEParameter(), + pbeWithMD5AndRC2_CBC: PBEParameter(), + pbeWithSHA1AndDES_CBC: PBEParameter(), + pbeWithSHA1AndRC2_CBC: PBEParameter(), + # PBES2Algorithms + id_PBES2: PBES2_params(), + # PBES2-KDFs + id_PBKDF2: PBKDF2_params(), + # PBMAC1Algorithms + id_PBMAC1: PBMAC1_params(), + # SupportingAlgorithms + desCBC: DES_IV(), + des_EDE3_CBC: DES_IV(), + rc2CBC: RC2_CBC_Parameter(), + rc5_CBC_PAD: RC5_CBC_Parameters(), + aes128_CBC_PAD: AES_IV(), + aes192_CBC_PAD: AES_IV(), + aes256_CBC_PAD: AES_IV(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8418.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8418.py new file mode 100644 index 0000000000000000000000000000000000000000..6e76487c88b18d8bd1a1109141add4e6d750f2e5 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8418.py @@ -0,0 +1,36 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Elliptic Curve Diffie-Hellman (ECDH) Key Agreement Algorithm +# with X25519 and X448 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8418.txt + +from pyasn1.type import univ +from pyasn1_modules import rfc5280 + + +class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class KeyWrapAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +dhSinglePass_stdDH_sha256kdf_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0.11.1') + +dhSinglePass_stdDH_sha384kdf_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0.11.2') + +dhSinglePass_stdDH_sha512kdf_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0.11.3') + +dhSinglePass_stdDH_hkdf_sha256_scheme = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.19') + +dhSinglePass_stdDH_hkdf_sha384_scheme = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.20') + +dhSinglePass_stdDH_hkdf_sha512_scheme = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.21') diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8419.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8419.py new file mode 100644 index 0000000000000000000000000000000000000000..f10994be28e889a056cd136a83a2f62b3d192834 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8419.py @@ -0,0 +1,68 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8419.txt +# https://www.rfc-editor.org/errata/eid5869 + + +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +class ShakeOutputLen(univ.Integer): + pass + + +id_Ed25519 = univ.ObjectIdentifier('1.3.101.112') + +sigAlg_Ed25519 = rfc5280.AlgorithmIdentifier() +sigAlg_Ed25519['algorithm'] = id_Ed25519 +# sigAlg_Ed25519['parameters'] is absent + + +id_Ed448 = univ.ObjectIdentifier('1.3.101.113') + +sigAlg_Ed448 = rfc5280.AlgorithmIdentifier() +sigAlg_Ed448['algorithm'] = id_Ed448 +# sigAlg_Ed448['parameters'] is absent + + +hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') + +id_sha512 = hashAlgs + (3, ) + +hashAlg_SHA_512 = rfc5280.AlgorithmIdentifier() +hashAlg_SHA_512['algorithm'] = id_sha512 +# hashAlg_SHA_512['parameters'] is absent + + +id_shake256 = hashAlgs + (12, ) + +hashAlg_SHAKE256 = rfc5280.AlgorithmIdentifier() +hashAlg_SHAKE256['algorithm'] = id_shake256 +# hashAlg_SHAKE256['parameters']is absent + + +id_shake256_len = hashAlgs + (18, ) + +hashAlg_SHAKE256_LEN = rfc5280.AlgorithmIdentifier() +hashAlg_SHAKE256_LEN['algorithm'] = id_shake256_len +hashAlg_SHAKE256_LEN['parameters'] = ShakeOutputLen() + + +# Map of Algorithm Identifier OIDs to Parameters added to the +# ones in rfc5280.py. Do not add OIDs with absent paramaters. + +_algorithmIdentifierMapUpdate = { + id_shake256_len: ShakeOutputLen(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8479.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8479.py new file mode 100644 index 0000000000000000000000000000000000000000..57f78b62f2c2334827caedee36b9fa74dcc1ba86 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8479.py @@ -0,0 +1,45 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Storing Validation Parameters in PKCS#8 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8479.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + + +id_attr_validation_parameters = univ.ObjectIdentifier('1.3.6.1.4.1.2312.18.8.1') + + +class ValidationParams(univ.Sequence): + pass + +ValidationParams.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', univ.ObjectIdentifier()), + namedtype.NamedType('seed', univ.OctetString()) +) + + +at_validation_parameters = rfc5652.Attribute() +at_validation_parameters['attrType'] = id_attr_validation_parameters +at_validation_parameters['attrValues'][0] = ValidationParams() + + +# Map of Attribute Type OIDs to Attributes added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_attr_validation_parameters: ValidationParams(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8494.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8494.py new file mode 100644 index 0000000000000000000000000000000000000000..fe349e14ca1233f4fbb1f0c7093a3c69a60303b6 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8494.py @@ -0,0 +1,80 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Multicast Email (MULE) over Allied Communications Publication 142 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8494.txt + +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + + +id_mmhs_CDT = univ.ObjectIdentifier('1.3.26.0.4406.0.4.2') + + +class AlgorithmID_ShortForm(univ.Integer): + pass + +AlgorithmID_ShortForm.namedValues = namedval.NamedValues( + ('zlibCompress', 0) +) + + +class ContentType_ShortForm(univ.Integer): + pass + +ContentType_ShortForm.namedValues = namedval.NamedValues( + ('unidentified', 0), + ('external', 1), + ('p1', 2), + ('p3', 3), + ('p7', 4), + ('mule', 25) +) + + +class CompressedContentInfo(univ.Sequence): + pass + +CompressedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('unnamed', univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('contentType-ShortForm', + ContentType_ShortForm().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('contentType-OID', + univ.ObjectIdentifier().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ))), + namedtype.NamedType('compressedContent', + univ.OctetString().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class CompressionAlgorithmIdentifier(univ.Choice): + pass + +CompressionAlgorithmIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithmID-ShortForm', + AlgorithmID_ShortForm().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('algorithmID-OID', + univ.ObjectIdentifier().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class CompressedData(univ.Sequence): + pass + +CompressedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('compressionAlgorithm', CompressionAlgorithmIdentifier()), + namedtype.NamedType('compressedContentInfo', CompressedContentInfo()) +) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8649.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8649.py new file mode 100644 index 0000000000000000000000000000000000000000..c405f050e8e68e22be0b3308b30185ec57742278 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8649.py @@ -0,0 +1,40 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# X.509 Certificate Extension for Hash Of Root Key +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8649.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +id_ce_hashOfRootKey = univ.ObjectIdentifier('1.3.6.1.4.1.51483.2.1') + + +class HashedRootKey(univ.Sequence): + pass + +HashedRootKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('hashValue', univ.OctetString()) +) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_ce_hashOfRootKey: HashedRootKey(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8692.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8692.py new file mode 100644 index 0000000000000000000000000000000000000000..7a6791ad200a4e51a182c79ee5959823de436512 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8692.py @@ -0,0 +1,79 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Algorithm Identifiers for RSASSA-PSS and ECDSA using SHAKEs +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8692.txt +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc4055 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5480 + + +# SHAKE128 One-Way Hash Function + +id_shake128 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.11') + +mda_shake128 = rfc5280.AlgorithmIdentifier() +mda_shake128['algorithm'] = id_shake128 +# mda_shake128['parameters'] is absent + + +# SHAKE256 One-Way Hash Function + +id_shake256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.12') + +mda_shake256 = rfc5280.AlgorithmIdentifier() +mda_shake256['algorithm'] = id_shake256 +# mda_shake256['parameters'] is absent + + +# RSA PSS with SHAKE128 + +id_RSASSA_PSS_SHAKE128 = univ.ObjectIdentifier('1.3.6.1.5.5.7.6.30') + +sa_rSASSA_PSS_SHAKE128 = rfc5280.AlgorithmIdentifier() +sa_rSASSA_PSS_SHAKE128['algorithm'] = id_RSASSA_PSS_SHAKE128 +# sa_rSASSA_PSS_SHAKE128['parameters'] is absent + +pk_rsaSSA_PSS_SHAKE128 = rfc4055.RSAPublicKey() + + +# RSA PSS with SHAKE256 + +id_RSASSA_PSS_SHAKE256 = univ.ObjectIdentifier('1.3.6.1.5.5.7.6.31') + +sa_rSASSA_PSS_SHAKE256 = rfc5280.AlgorithmIdentifier() +sa_rSASSA_PSS_SHAKE256['algorithm'] = id_RSASSA_PSS_SHAKE256 +# sa_rSASSA_PSS_SHAKE256['parameters'] is absent + +pk_rsaSSA_PSS_SHAKE256 = rfc4055.RSAPublicKey() + + +# ECDSA with SHAKE128 + +id_ecdsa_with_shake128 = univ.ObjectIdentifier('1.3.6.1.5.5.7.6.32') + +sa_ecdsa_with_shake128 = rfc5280.AlgorithmIdentifier() +sa_ecdsa_with_shake128['algorithm'] = id_ecdsa_with_shake128 +# sa_ecdsa_with_shake128['parameters'] is absent + +pk_ec = rfc5480.ECPoint() + + +# ECDSA with SHAKE128 + +id_ecdsa_with_shake256 = univ.ObjectIdentifier('1.3.6.1.5.5.7.6.33') + +sa_ecdsa_with_shake256 = rfc5280.AlgorithmIdentifier() +sa_ecdsa_with_shake256['algorithm'] = id_ecdsa_with_shake256 +# sa_ecdsa_with_shake256['parameters'] is absent diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8696.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8696.py new file mode 100644 index 0000000000000000000000000000000000000000..4c6d38d4410b427ed6939daa62fe82c3f9942ee7 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8696.py @@ -0,0 +1,104 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Using Pre-Shared Key (PSK) in the Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8696.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +id_ori = univ.ObjectIdentifier('1.2.840.113549.1.9.16.13') + +id_ori_keyTransPSK = univ.ObjectIdentifier('1.2.840.113549.1.9.16.13.1') + +id_ori_keyAgreePSK = univ.ObjectIdentifier('1.2.840.113549.1.9.16.13.2') + + +class PreSharedKeyIdentifier(univ.OctetString): + pass + + +class KeyTransRecipientInfos(univ.SequenceOf): + componentType = rfc5652.KeyTransRecipientInfo() + + +class KeyTransPSKRecipientInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', + rfc5652.CMSVersion()), + namedtype.NamedType('pskid', + PreSharedKeyIdentifier()), + namedtype.NamedType('kdfAlgorithm', + rfc5652.KeyDerivationAlgorithmIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', + rfc5652.KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('ktris', + KeyTransRecipientInfos()), + namedtype.NamedType('encryptedKey', + rfc5652.EncryptedKey()) + ) + + +class KeyAgreePSKRecipientInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', + rfc5652.CMSVersion()), + namedtype.NamedType('pskid', + PreSharedKeyIdentifier()), + namedtype.NamedType('originator', + rfc5652.OriginatorIdentifierOrKey().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', + rfc5652.UserKeyingMaterial().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('kdfAlgorithm', + rfc5652.KeyDerivationAlgorithmIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', + rfc5652.KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('recipientEncryptedKeys', + rfc5652.RecipientEncryptedKeys()) + ) + + +class CMSORIforPSKOtherInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('psk', + univ.OctetString()), + namedtype.NamedType('keyMgmtAlgType', + univ.Enumerated(namedValues=namedval.NamedValues( + ('keyTrans', 5), ('keyAgree', 10)))), + namedtype.NamedType('keyEncryptionAlgorithm', + rfc5652.KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('pskLength', + univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), + namedtype.NamedType('kdkLength', + univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(1, MAX))) + ) + + +# Update the CMS Other Recipient Info map in rfc5652.py + +_otherRecipientInfoMapUpdate = { + id_ori_keyTransPSK: KeyTransPSKRecipientInfo(), + id_ori_keyAgreePSK: KeyAgreePSKRecipientInfo(), +} + +rfc5652.otherRecipientInfoMap.update(_otherRecipientInfoMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8702.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8702.py new file mode 100644 index 0000000000000000000000000000000000000000..977c278760fbb30da1682c5d0d862ae54cdfc86f --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8702.py @@ -0,0 +1,105 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2020, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# SHAKE One-way Hash Functions for CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8702.txt +# +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc8692 + + +# Imports fprm RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Imports from RFC 8692 + +id_shake128 = rfc8692.id_shake128 + +mda_shake128 = rfc8692.mda_shake128 + +id_shake256 = rfc8692.id_shake256 + +mda_shake256 = rfc8692.mda_shake256 + +id_RSASSA_PSS_SHAKE128 = rfc8692.id_RSASSA_PSS_SHAKE128 + +sa_rSASSA_PSS_SHAKE128 = rfc8692.sa_rSASSA_PSS_SHAKE128 + +pk_rsaSSA_PSS_SHAKE128 = rfc8692.pk_rsaSSA_PSS_SHAKE128 + +id_RSASSA_PSS_SHAKE256 = rfc8692.id_RSASSA_PSS_SHAKE256 + +sa_rSASSA_PSS_SHAKE256 = rfc8692.sa_rSASSA_PSS_SHAKE256 + +pk_rsaSSA_PSS_SHAKE256 = rfc8692.pk_rsaSSA_PSS_SHAKE256 + +id_ecdsa_with_shake128 = rfc8692.id_ecdsa_with_shake128 + +sa_ecdsa_with_shake128 = rfc8692.sa_ecdsa_with_shake128 + +id_ecdsa_with_shake256 = rfc8692.id_ecdsa_with_shake256 + +sa_ecdsa_with_shake256 = rfc8692.sa_ecdsa_with_shake256 + +pk_ec = rfc8692.pk_ec + + +# KMAC with SHAKE128 + +id_KMACWithSHAKE128 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.19') + + +class KMACwithSHAKE128_params(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('kMACOutputLength', + univ.Integer().subtype(value=256)), + namedtype.DefaultedNamedType('customizationString', + univ.OctetString().subtype(value='')) + ) + + +maca_KMACwithSHAKE128 = AlgorithmIdentifier() +maca_KMACwithSHAKE128['algorithm'] = id_KMACWithSHAKE128 +maca_KMACwithSHAKE128['parameters'] = KMACwithSHAKE128_params() + + +# KMAC with SHAKE256 + +id_KMACWithSHAKE256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.20') + + +class KMACwithSHAKE256_params(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('kMACOutputLength', + univ.Integer().subtype(value=512)), + namedtype.DefaultedNamedType('customizationString', + univ.OctetString().subtype(value='')) + ) + + +maca_KMACwithSHAKE256 = AlgorithmIdentifier() +maca_KMACwithSHAKE256['algorithm'] = id_KMACWithSHAKE256 +maca_KMACwithSHAKE256['parameters'] = KMACwithSHAKE256_params() + + +# Update the Algorithm Identifier map in rfc5280.py + +_algorithmIdentifierMapUpdate = { + id_KMACWithSHAKE128: KMACwithSHAKE128_params(), + id_KMACWithSHAKE256: KMACwithSHAKE256_params(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8708.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8708.py new file mode 100644 index 0000000000000000000000000000000000000000..3e9909cf906bf00135faec6916bcf2d1f38b3935 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8708.py @@ -0,0 +1,41 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley +# +# Copyright (c) 2020, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# HSS/LMS Hash-based Signature Algorithm for CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8708.txt + + +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# Object Identifiers + +id_alg_hss_lms_hashsig = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.17') + +id_alg_mts_hashsig = id_alg_hss_lms_hashsig + + +# Signature Algorithm Identifier + +sa_HSS_LMS_HashSig = rfc5280.AlgorithmIdentifier() +sa_HSS_LMS_HashSig['algorithm'] = id_alg_hss_lms_hashsig +# sa_HSS_LMS_HashSig['parameters'] is alway absent + + +# Public Key + +class HSS_LMS_HashSig_PublicKey(univ.OctetString): + pass + + +pk_HSS_LMS_HashSig = rfc5280.SubjectPublicKeyInfo() +pk_HSS_LMS_HashSig['algorithm'] = sa_HSS_LMS_HashSig +# pk_HSS_LMS_HashSig['parameters'] CONTAINS a DER-encoded HSS_LMS_HashSig_PublicKey diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8769.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8769.py new file mode 100644 index 0000000000000000000000000000000000000000..5d2b3006748a8710cd46fd63eed1a589a7e1e69c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8769.py @@ -0,0 +1,21 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2020, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CBOR Content for CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8769.txt +# + +from pyasn1.type import univ + + +id_ct_cbor = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.44') + + +id_ct_cborSequence = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.45')