diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__init__.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/__init__.py new file mode 100644 index 0000000000000000000000000000000000000000..ae0ff01d7be7081323a85a03ea310a9d7b74a583 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/__init__.py @@ -0,0 +1,2 @@ +# http://www.python.org/dev/peps/pep-0396/ +__version__ = '0.4.1' diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc1157.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc1157.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..994fc8530d20b8a98b91c76f9a2db02027775cb6 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc1157.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2251.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2251.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..f9bb209066baf8232ed92cc5ec7e3f63facf03cb Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2251.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2560.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2560.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..d72d5e4d6d86438e53ce42df52b0ea67101efed9 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2560.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2631.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2631.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..ad06ca9cc9437824149b0397ad51eb2fcf2fbe9e Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc2631.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc3657.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc3657.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..79d3157f290e3b5fabafd71ae75fac765a56ef92 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc3657.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4043.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4043.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..bd7f8184d1c339ce25eb61f0b0a1082be64cdc93 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4043.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4490.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4490.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..b3c1df99f6c3ccb2f8e0dd83bb9b16fb4dcaedaa Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4490.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4683.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4683.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..c38d7a2964088b0f69fc0fde3a53eedb9ad821de Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc4683.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5751.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5751.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..8cb4f99b0d43c2b2257ecf3dff84f4a522940da8 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5751.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5917.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5917.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..03092d60bce0cc78a6a7806ddb67a987c20b582e Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5917.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5990.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5990.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..81eade21e816dbe8acee266a22577dba1f13d34d Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc5990.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc6187.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc6187.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..fe9351d04c4b9be14c31e7d85255178e66d4c7ce Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc6187.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc6210.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc6210.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..18907650e2c22f33315c7078af397bf52864b5c9 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc6210.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7585.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7585.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..a56421d1533a65a56b9f9f8e6e2885ffb9efcb48 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7585.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7633.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7633.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..04da4414a5d1c28a5cd5dd20c242967ef4e0ac3b Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7633.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7773.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7773.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..4576eae0e71b83a41ecdec7b13e23f1287404749 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7773.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7914.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7914.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..0a90792da3cd0d17bde36a158ac842beabda3cd0 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc7914.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8017.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8017.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..6767263ab47cf7ff612e60164b8814e3225733fd Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8017.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8103.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8103.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..e15440cd6ba718c12db56a6f6921d2f20274bd80 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8103.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8692.cpython-311.pyc b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8692.cpython-311.pyc new file mode 100644 index 0000000000000000000000000000000000000000..6e3e4242544ee0b2762fbf3f3c53298ce474b7a7 Binary files /dev/null and b/.venv/lib/python3.11/site-packages/pyasn1_modules/__pycache__/rfc8692.cpython-311.pyc differ diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1157.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1157.py new file mode 100644 index 0000000000000000000000000000000000000000..df49e482db687471f80cef2fdd542f72719e7783 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc1157.py @@ -0,0 +1,126 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv1 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc1157.txt +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc1155 + + +class Version(univ.Integer): + namedValues = namedval.NamedValues( + ('version-1', 0) + ) + defaultValue = 0 + + +class Community(univ.OctetString): + pass + + +class RequestID(univ.Integer): + pass + + +class ErrorStatus(univ.Integer): + namedValues = namedval.NamedValues( + ('noError', 0), + ('tooBig', 1), + ('noSuchName', 2), + ('badValue', 3), + ('readOnly', 4), + ('genErr', 5) + ) + + +class ErrorIndex(univ.Integer): + pass + + +class VarBind(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('name', rfc1155.ObjectName()), + namedtype.NamedType('value', rfc1155.ObjectSyntax()) + ) + + +class VarBindList(univ.SequenceOf): + componentType = VarBind() + + +class _RequestBase(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('request-id', RequestID()), + namedtype.NamedType('error-status', ErrorStatus()), + namedtype.NamedType('error-index', ErrorIndex()), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + + +class GetRequestPDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0) + ) + + +class GetNextRequestPDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1) + ) + + +class GetResponsePDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2) + ) + + +class SetRequestPDU(_RequestBase): + tagSet = _RequestBase.tagSet.tagImplicitly( + tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3) + ) + + +class TrapPDU(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('enterprise', univ.ObjectIdentifier()), + namedtype.NamedType('agent-addr', rfc1155.NetworkAddress()), + namedtype.NamedType('generic-trap', univ.Integer().clone( + namedValues=namedval.NamedValues(('coldStart', 0), ('warmStart', 1), ('linkDown', 2), ('linkUp', 3), + ('authenticationFailure', 4), ('egpNeighborLoss', 5), + ('enterpriseSpecific', 6)))), + namedtype.NamedType('specific-trap', univ.Integer()), + namedtype.NamedType('time-stamp', rfc1155.TimeTicks()), + namedtype.NamedType('variable-bindings', VarBindList()) + ) + + +class Pdus(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('get-request', GetRequestPDU()), + namedtype.NamedType('get-next-request', GetNextRequestPDU()), + namedtype.NamedType('get-response', GetResponsePDU()), + namedtype.NamedType('set-request', SetRequestPDU()), + namedtype.NamedType('trap', TrapPDU()) + ) + + +class Message(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('community', Community()), + namedtype.NamedType('data', Pdus()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2251.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2251.py new file mode 100644 index 0000000000000000000000000000000000000000..094922cad0cd052e5b20d6e1078cc740b68de1eb --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2251.py @@ -0,0 +1,563 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# LDAP message syntax +# +# ASN.1 source from: +# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/ldap.asn +# +# Sample captures from: +# http://wiki.wireshark.org/SampleCaptures/ +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +maxInt = univ.Integer(2147483647) + + +class LDAPString(univ.OctetString): + pass + + +class LDAPOID(univ.OctetString): + pass + + +class LDAPDN(LDAPString): + pass + + +class RelativeLDAPDN(LDAPString): + pass + + +class AttributeType(LDAPString): + pass + + +class AttributeDescription(LDAPString): + pass + + +class AttributeDescriptionList(univ.SequenceOf): + componentType = AttributeDescription() + + +class AttributeValue(univ.OctetString): + pass + + +class AssertionValue(univ.OctetString): + pass + + +class AttributeValueAssertion(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('attributeDesc', AttributeDescription()), + namedtype.NamedType('assertionValue', AssertionValue()) + ) + + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + + +class MatchingRuleId(LDAPString): + pass + + +class Control(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('controlType', LDAPOID()), + namedtype.DefaultedNamedType('criticality', univ.Boolean('False')), + namedtype.OptionalNamedType('controlValue', univ.OctetString()) + ) + + +class Controls(univ.SequenceOf): + componentType = Control() + + +class LDAPURL(LDAPString): + pass + + +class Referral(univ.SequenceOf): + componentType = LDAPURL() + + +class SaslCredentials(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('mechanism', LDAPString()), + namedtype.OptionalNamedType('credentials', univ.OctetString()) + ) + + +class AuthenticationChoice(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('simple', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('reserved-1', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('reserved-2', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('sasl', + SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) + ) + + +class BindRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))), + namedtype.NamedType('name', LDAPDN()), + namedtype.NamedType('authentication', AuthenticationChoice()) + ) + + +class PartialAttributeList(univ.SequenceOf): + componentType = univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + ) + + +class SearchResultEntry(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('objectName', LDAPDN()), + namedtype.NamedType('attributes', PartialAttributeList()) + ) + + +class MatchingRuleAssertion(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('type', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('matchValue', + AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + + +class SubstringFilter(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('substrings', + univ.SequenceOf( + componentType=univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ), + namedtype.NamedType( + 'any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) + ), + namedtype.NamedType( + 'final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)) + ) + ) + ) + ) + ) + ) + + +# Ugly hack to handle recursive Filter reference (up to 3-levels deep). + +class Filter3(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + + +class Filter2(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('not', + Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + + +class Filter(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('not', + Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('substrings', SubstringFilter().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))), + namedtype.NamedType('present', AttributeDescription().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))), + namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9))) + ) + + +# End of Filter hack + +class SearchRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('baseObject', LDAPDN()), + namedtype.NamedType('scope', univ.Enumerated( + namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))), + namedtype.NamedType('derefAliases', univ.Enumerated( + namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1), + ('derefFindingBaseObj', 2), ('derefAlways', 3)))), + namedtype.NamedType('sizeLimit', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), + namedtype.NamedType('timeLimit', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), + namedtype.NamedType('typesOnly', univ.Boolean()), + namedtype.NamedType('filter', Filter()), + namedtype.NamedType('attributes', AttributeDescriptionList()) + ) + + +class UnbindRequest(univ.Null): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2) + ) + + +class BindResponse(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('resultCode', univ.Enumerated( + namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), + ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), + ('compareTrue', 6), ('authMethodNotSupported', 7), + ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), + ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), + ('confidentialityRequired', 13), ('saslBindInProgress', 14), + ('noSuchAttribute', 16), ('undefinedAttributeType', 17), + ('inappropriateMatching', 18), ('constraintViolation', 19), + ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), + ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), + ('reserved-35', 35), ('aliasDereferencingProblem', 36), + ('inappropriateAuthentication', 48), ('invalidCredentials', 49), + ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), + ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), + ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), + ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), + ('objectClassModsProhibited', 69), ('reserved-70', 70), + ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), + ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), + ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), + ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('matchedDN', LDAPDN()), + namedtype.NamedType('errorMessage', LDAPString()), + namedtype.OptionalNamedType('referral', Referral().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7))) + ) + + +class LDAPResult(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('resultCode', univ.Enumerated( + namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), + ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), + ('compareTrue', 6), ('authMethodNotSupported', 7), + ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), + ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), + ('confidentialityRequired', 13), ('saslBindInProgress', 14), + ('noSuchAttribute', 16), ('undefinedAttributeType', 17), + ('inappropriateMatching', 18), ('constraintViolation', 19), + ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), + ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), + ('reserved-35', 35), ('aliasDereferencingProblem', 36), + ('inappropriateAuthentication', 48), ('invalidCredentials', 49), + ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), + ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), + ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), + ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), + ('objectClassModsProhibited', 69), ('reserved-70', 70), + ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), + ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), + ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), + ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('matchedDN', LDAPDN()), + namedtype.NamedType('errorMessage', LDAPString()), + namedtype.OptionalNamedType('referral', Referral().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) + ) + + +class SearchResultReference(univ.SequenceOf): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19) + ) + componentType = LDAPURL() + + +class SearchResultDone(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5) + ) + + +class AttributeTypeAndValues(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + + +class ModifyRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('object', LDAPDN()), + namedtype.NamedType('modification', + univ.SequenceOf( + componentType=univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2))) + ), + namedtype.NamedType('modification', AttributeTypeAndValues()))) + ) + ) + ) + + +class ModifyResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7) + ) + + +class AttributeList(univ.SequenceOf): + componentType = univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('type', AttributeDescription()), + namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) + ) + ) + + +class AddRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('entry', LDAPDN()), + namedtype.NamedType('attributes', AttributeList()) + ) + + +class AddResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9) + ) + + +class DelRequest(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10) + ) + + +class DelResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11) + ) + + +class ModifyDNRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('entry', LDAPDN()), + namedtype.NamedType('newrdn', RelativeLDAPDN()), + namedtype.NamedType('deleteoldrdn', univ.Boolean()), + namedtype.OptionalNamedType('newSuperior', + LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + + ) + + +class ModifyDNResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13) + ) + + +class CompareRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('entry', LDAPDN()), + namedtype.NamedType('ava', AttributeValueAssertion()) + ) + + +class CompareResponse(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15) + ) + + +class AbandonRequest(LDAPResult): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16) + ) + + +class ExtendedRequest(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('requestName', + LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class ExtendedResponse(univ.Sequence): + tagSet = univ.Sequence.tagSet.tagImplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24) + ) + componentType = namedtype.NamedTypes( + namedtype.NamedType('resultCode', univ.Enumerated( + namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2), + ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5), + ('compareTrue', 6), ('authMethodNotSupported', 7), + ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10), + ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12), + ('confidentialityRequired', 13), ('saslBindInProgress', 14), + ('noSuchAttribute', 16), ('undefinedAttributeType', 17), + ('inappropriateMatching', 18), ('constraintViolation', 19), + ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21), + ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34), + ('reserved-35', 35), ('aliasDereferencingProblem', 36), + ('inappropriateAuthentication', 48), ('invalidCredentials', 49), + ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52), + ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64), + ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66), + ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68), + ('objectClassModsProhibited', 69), ('reserved-70', 70), + ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81), + ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84), + ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87), + ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))), + namedtype.NamedType('matchedDN', LDAPDN()), + namedtype.NamedType('errorMessage', LDAPString()), + namedtype.OptionalNamedType('referral', Referral().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + + namedtype.OptionalNamedType('responseName', LDAPOID().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))), + namedtype.OptionalNamedType('response', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11))) + ) + + +class MessageID(univ.Integer): + subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint( + 0, maxInt + ) + + +class LDAPMessage(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('messageID', MessageID()), + namedtype.NamedType( + 'protocolOp', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('bindRequest', BindRequest()), + namedtype.NamedType('bindResponse', BindResponse()), + namedtype.NamedType('unbindRequest', UnbindRequest()), + namedtype.NamedType('searchRequest', SearchRequest()), + namedtype.NamedType('searchResEntry', SearchResultEntry()), + namedtype.NamedType('searchResDone', SearchResultDone()), + namedtype.NamedType('searchResRef', SearchResultReference()), + namedtype.NamedType('modifyRequest', ModifyRequest()), + namedtype.NamedType('modifyResponse', ModifyResponse()), + namedtype.NamedType('addRequest', AddRequest()), + namedtype.NamedType('addResponse', AddResponse()), + namedtype.NamedType('delRequest', DelRequest()), + namedtype.NamedType('delResponse', DelResponse()), + namedtype.NamedType('modDNRequest', ModifyDNRequest()), + namedtype.NamedType('modDNResponse', ModifyDNResponse()), + namedtype.NamedType('compareRequest', CompareRequest()), + namedtype.NamedType('compareResponse', CompareResponse()), + namedtype.NamedType('abandonRequest', AbandonRequest()), + namedtype.NamedType('extendedReq', ExtendedRequest()), + namedtype.NamedType('extendedResp', ExtendedResponse()) + ) + ) + ), + namedtype.OptionalNamedType('controls', Controls().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2314.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2314.py new file mode 100644 index 0000000000000000000000000000000000000000..b0edfe09170a6b688a532fc8fc5ae9d4cf4d2abb --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2314.py @@ -0,0 +1,48 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS#10 syntax +# +# ASN.1 source from: +# http://tools.ietf.org/html/rfc2314 +# +# Sample captures could be obtained with "openssl req" command +# +from pyasn1_modules.rfc2459 import * + + +class Attributes(univ.SetOf): + componentType = Attribute() + + +class Version(univ.Integer): + pass + + +class CertificationRequestInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.NamedType('attributes', + Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class Signature(univ.BitString): + pass + + +class SignatureAlgorithmIdentifier(AlgorithmIdentifier): + pass + + +class CertificationRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2437.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2437.py new file mode 100644 index 0000000000000000000000000000000000000000..88641cf07d4edd3639a7fce4f8085c921c40f9c0 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2437.py @@ -0,0 +1,69 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS#1 syntax +# +# ASN.1 source from: +# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2.asn +# +# Sample captures could be obtained with "openssl genrsa" command +# +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules.rfc2459 import AlgorithmIdentifier + +pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') +rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') +md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') +md4WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.3') +md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') +sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') +rsaOAEPEncryptionSET = univ.ObjectIdentifier('1.2.840.113549.1.1.6') +id_RSAES_OAEP = univ.ObjectIdentifier('1.2.840.113549.1.1.7') +id_mgf1 = univ.ObjectIdentifier('1.2.840.113549.1.1.8') +id_pSpecified = univ.ObjectIdentifier('1.2.840.113549.1.1.9') +id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') + +MAX = float('inf') + + +class Version(univ.Integer): + pass + + +class RSAPrivateKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', Version()), + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()), + namedtype.NamedType('privateExponent', univ.Integer()), + namedtype.NamedType('prime1', univ.Integer()), + namedtype.NamedType('prime2', univ.Integer()), + namedtype.NamedType('exponent1', univ.Integer()), + namedtype.NamedType('exponent2', univ.Integer()), + namedtype.NamedType('coefficient', univ.Integer()) + ) + + +class RSAPublicKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()) + ) + + +# XXX defaults not set +class RSAES_OAEP_params(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashFunc', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('maskGenFunc', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('pSourceFunc', AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2560.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2560.py new file mode 100644 index 0000000000000000000000000000000000000000..017ac0b66e638e1dcff4a038699f426e9ce8ac84 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2560.py @@ -0,0 +1,225 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# OCSP request/response syntax +# +# Derived from a minimal OCSP library (RFC2560) code written by +# Bud P. Bruegger +# Copyright: Ancitel, S.p.a, Rome, Italy +# License: BSD +# + +# +# current limitations: +# * request and response works only for a single certificate +# * only some values are parsed out of the response +# * the request does't set a nonce nor signature +# * there is no signature validation of the response +# * dates are left as strings in GeneralizedTime format -- datetime.datetime +# would be nicer +# +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc2459 + + +# Start of OCSP module definitions + +# This should be in directory Authentication Framework (X.509) module + +class CRLReason(univ.Enumerated): + namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8), + ('privilegeWithdrawn', 9), + ('aACompromise', 10) + ) + + +# end of directory Authentication Framework (X.509) module + +# This should be in PKIX Certificate Extensions module + +class GeneralName(univ.OctetString): + pass + + +# end of PKIX Certificate Extensions module + +id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9)) +id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1)) +id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1)) +id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2)) +id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3)) +id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4)) +id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5)) +id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6)) +id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7)) + + +class AcceptableResponses(univ.SequenceOf): + componentType = univ.ObjectIdentifier() + + +class ArchiveCutoff(useful.GeneralizedTime): + pass + + +class UnknownInfo(univ.Null): + pass + + +class RevokedInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('revocationTime', useful.GeneralizedTime()), + namedtype.OptionalNamedType('revocationReason', CRLReason().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class CertID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('issuerNameHash', univ.OctetString()), + namedtype.NamedType('issuerKeyHash', univ.OctetString()), + namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber()) + ) + + +class CertStatus(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('good', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('revoked', + RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('unknown', + UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class SingleResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certID', CertID()), + namedtype.NamedType('certStatus', CertStatus()), + namedtype.NamedType('thisUpdate', useful.GeneralizedTime()), + namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class KeyHash(univ.OctetString): + pass + + +class ResponderID(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('byName', + rfc2459.Name().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('byKey', + KeyHash().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class Version(univ.Integer): + namedValues = namedval.NamedValues(('v1', 0)) + + +class ResponseData(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('responderID', ResponderID()), + namedtype.NamedType('producedAt', useful.GeneralizedTime()), + namedtype.NamedType('responses', univ.SequenceOf(componentType=SingleResponse())), + namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class BasicOCSPResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsResponseData', ResponseData()), + namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()), + namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class ResponseBytes(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('responseType', univ.ObjectIdentifier()), + namedtype.NamedType('response', univ.OctetString()) + ) + + +class OCSPResponseStatus(univ.Enumerated): + namedValues = namedval.NamedValues( + ('successful', 0), + ('malformedRequest', 1), + ('internalError', 2), + ('tryLater', 3), + ('undefinedStatus', 4), # should never occur + ('sigRequired', 5), + ('unauthorized', 6) + ) + + +class OCSPResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('responseStatus', OCSPResponseStatus()), + namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class Request(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('reqCert', CertID()), + namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class Signature(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()), + namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) + + +class TBSRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', Version('v1').subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('requestorName', GeneralName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('requestList', univ.SequenceOf(componentType=Request())), + namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class OCSPRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsRequest', TBSRequest()), + namedtype.OptionalNamedType('optionalSignature', Signature().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2634.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2634.py new file mode 100644 index 0000000000000000000000000000000000000000..2099a4b206ef1323fa0fbd8b7d3d5c9b83d61dac --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2634.py @@ -0,0 +1,336 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add a map for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Enhanced Security Services for S/MIME +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc2634.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedval +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5280 + +MAX = float('inf') + +ContentType = rfc5652.ContentType + +IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber + +SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier + +PolicyInformation = rfc5280.PolicyInformation + +GeneralNames = rfc5280.GeneralNames + +CertificateSerialNumber = rfc5280.CertificateSerialNumber + + +# Signing Certificate Attribute +# Warning: It is better to use SigningCertificateV2 from RFC 5035 + +id_aa_signingCertificate = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.12') + +class Hash(univ.OctetString): + pass # SHA-1 hash of entire certificate; RFC 5035 supports other hash algorithms + + +class IssuerSerial(univ.Sequence): + pass + +IssuerSerial.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', GeneralNames()), + namedtype.NamedType('serialNumber', CertificateSerialNumber()) +) + + +class ESSCertID(univ.Sequence): + pass + +ESSCertID.componentType = namedtype.NamedTypes( + namedtype.NamedType('certHash', Hash()), + namedtype.OptionalNamedType('issuerSerial', IssuerSerial()) +) + + +class SigningCertificate(univ.Sequence): + pass + +SigningCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('certs', univ.SequenceOf( + componentType=ESSCertID())), + namedtype.OptionalNamedType('policies', univ.SequenceOf( + componentType=PolicyInformation())) +) + + +# Mail List Expansion History Attribute + +id_aa_mlExpandHistory = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.3') + +ub_ml_expansion_history = univ.Integer(64) + + +class EntityIdentifier(univ.Choice): + pass + +EntityIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()) +) + + +class MLReceiptPolicy(univ.Choice): + pass + +MLReceiptPolicy.componentType = namedtype.NamedTypes( + namedtype.NamedType('none', univ.Null().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('insteadOf', univ.SequenceOf( + componentType=GeneralNames()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('inAdditionTo', univ.SequenceOf( + componentType=GeneralNames()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class MLData(univ.Sequence): + pass + +MLData.componentType = namedtype.NamedTypes( + namedtype.NamedType('mailListIdentifier', EntityIdentifier()), + namedtype.NamedType('expansionTime', useful.GeneralizedTime()), + namedtype.OptionalNamedType('mlReceiptPolicy', MLReceiptPolicy()) +) + +class MLExpansionHistory(univ.SequenceOf): + pass + +MLExpansionHistory.componentType = MLData() +MLExpansionHistory.sizeSpec = constraint.ValueSizeConstraint(1, ub_ml_expansion_history) + + +# ESS Security Label Attribute + +id_aa_securityLabel = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.2') + +ub_privacy_mark_length = univ.Integer(128) + +ub_security_categories = univ.Integer(64) + +ub_integer_options = univ.Integer(256) + + +class ESSPrivacyMark(univ.Choice): + pass + +ESSPrivacyMark.componentType = namedtype.NamedTypes( + namedtype.NamedType('pString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_privacy_mark_length))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class SecurityClassification(univ.Integer): + pass + +SecurityClassification.subtypeSpec=constraint.ValueRangeConstraint(0, ub_integer_options) + +SecurityClassification.namedValues = namedval.NamedValues( + ('unmarked', 0), + ('unclassified', 1), + ('restricted', 2), + ('confidential', 3), + ('secret', 4), + ('top-secret', 5) +) + + +class SecurityPolicyIdentifier(univ.ObjectIdentifier): + pass + + +class SecurityCategory(univ.Sequence): + pass + +SecurityCategory.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SecurityCategories(univ.SetOf): + pass + +SecurityCategories.componentType = SecurityCategory() +SecurityCategories.sizeSpec = constraint.ValueSizeConstraint(1, ub_security_categories) + + +class ESSSecurityLabel(univ.Set): + pass + +ESSSecurityLabel.componentType = namedtype.NamedTypes( + namedtype.NamedType('security-policy-identifier', SecurityPolicyIdentifier()), + namedtype.OptionalNamedType('security-classification', SecurityClassification()), + namedtype.OptionalNamedType('privacy-mark', ESSPrivacyMark()), + namedtype.OptionalNamedType('security-categories', SecurityCategories()) +) + + +# Equivalent Labels Attribute + +id_aa_equivalentLabels = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.9') + +class EquivalentLabels(univ.SequenceOf): + pass + +EquivalentLabels.componentType = ESSSecurityLabel() + + +# Content Identifier Attribute + +id_aa_contentIdentifier = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.7') + +class ContentIdentifier(univ.OctetString): + pass + + +# Content Reference Attribute + +id_aa_contentReference = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.10') + +class ContentReference(univ.Sequence): + pass + +ContentReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('signedContentIdentifier', ContentIdentifier()), + namedtype.NamedType('originatorSignatureValue', univ.OctetString()) +) + + +# Message Signature Digest Attribute + +id_aa_msgSigDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.5') + +class MsgSigDigest(univ.OctetString): + pass + + +# Content Hints Attribute + +id_aa_contentHint = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.4') + +class ContentHints(univ.Sequence): + pass + +ContentHints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('contentDescription', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('contentType', ContentType()) +) + + +# Receipt Request Attribute + +class AllOrFirstTier(univ.Integer): + pass + +AllOrFirstTier.namedValues = namedval.NamedValues( + ('allReceipts', 0), + ('firstTierRecipients', 1) +) + + +class ReceiptsFrom(univ.Choice): + pass + +ReceiptsFrom.componentType = namedtype.NamedTypes( + namedtype.NamedType('allOrFirstTier', AllOrFirstTier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('receiptList', univ.SequenceOf( + componentType=GeneralNames()).subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +id_aa_receiptRequest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.1') + +ub_receiptsTo = univ.Integer(16) + +class ReceiptRequest(univ.Sequence): + pass + +ReceiptRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('signedContentIdentifier', ContentIdentifier()), + namedtype.NamedType('receiptsFrom', ReceiptsFrom()), + namedtype.NamedType('receiptsTo', univ.SequenceOf(componentType=GeneralNames()).subtype(sizeSpec=constraint.ValueSizeConstraint(1, ub_receiptsTo))) +) + +# Receipt Content Type + +class ESSVersion(univ.Integer): + pass + +ESSVersion.namedValues = namedval.NamedValues( + ('v1', 1) +) + + +id_ct_receipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.1') + +class Receipt(univ.Sequence): + pass + +Receipt.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', ESSVersion()), + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('signedContentIdentifier', ContentIdentifier()), + namedtype.NamedType('originatorSignatureValue', univ.OctetString()) +) + + +# Map of Attribute Type to the Attribute structure is added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_signingCertificate: SigningCertificate(), + id_aa_mlExpandHistory: MLExpansionHistory(), + id_aa_securityLabel: ESSSecurityLabel(), + id_aa_equivalentLabels: EquivalentLabels(), + id_aa_contentIdentifier: ContentIdentifier(), + id_aa_contentReference: ContentReference(), + id_aa_msgSigDigest: MsgSigDigest(), + id_aa_contentHint: ContentHints(), + id_aa_receiptRequest: ReceiptRequest(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# Map of Content Type OIDs to Content Types is added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_receipt: Receipt(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2986.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2986.py new file mode 100644 index 0000000000000000000000000000000000000000..309637d1fe275f1ce34fb9711ff4f704431bc78a --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc2986.py @@ -0,0 +1,75 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Joel Johnson with asn1ate tool. +# Modified by Russ Housley to add support for opentypes by importing +# definitions from rfc5280 so that the same maps are used. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# PKCS #10: Certification Request Syntax Specification +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc2986.txt +# +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +AttributeType = rfc5280.AttributeType + +AttributeValue = rfc5280.AttributeValue + +AttributeTypeAndValue = rfc5280.AttributeTypeAndValue + +Attribute = rfc5280.Attribute + +RelativeDistinguishedName = rfc5280.RelativeDistinguishedName + +RDNSequence = rfc5280.RDNSequence + +Name = rfc5280.Name + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo + + +class Attributes(univ.SetOf): + pass + + +Attributes.componentType = Attribute() + + +class CertificationRequestInfo(univ.Sequence): + pass + + +CertificationRequestInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPKInfo', SubjectPublicKeyInfo()), + namedtype.NamedType('attributes', + Attributes().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0)) + ) +) + + +class CertificationRequest(univ.Sequence): + pass + + +CertificationRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3125.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3125.py new file mode 100644 index 0000000000000000000000000000000000000000..00ff9bff48046eb43c7b611cae59a0fb61987991 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3125.py @@ -0,0 +1,469 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Electronic Signature Policies +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3125.txt +# https://www.rfc-editor.org/errata/eid5901 +# https://www.rfc-editor.org/errata/eid5902 +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import useful +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +Attribute = rfc5280.Attribute + +AttributeType = rfc5280.AttributeType + +AttributeTypeAndValue = rfc5280.AttributeTypeAndValue + +AttributeValue = rfc5280.AttributeValue + +Certificate = rfc5280.Certificate + +CertificateList = rfc5280.CertificateList + +DirectoryString = rfc5280.DirectoryString + +GeneralName = rfc5280.GeneralName + +GeneralNames = rfc5280.GeneralNames + +Name = rfc5280.Name + +PolicyInformation = rfc5280.PolicyInformation + + +# Electronic Signature Policies + +class CertPolicyId(univ.ObjectIdentifier): + pass + + +class AcceptablePolicySet(univ.SequenceOf): + componentType = CertPolicyId() + + +class SignPolExtn(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.NamedType('extnValue', univ.OctetString()) + ) + + +class SignPolExtensions(univ.SequenceOf): + componentType = SignPolExtn() + + +class AlgAndLength(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algID', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('minKeyLength', univ.Integer()), + namedtype.OptionalNamedType('other', SignPolExtensions()) + ) + + +class AlgorithmConstraints(univ.SequenceOf): + componentType = AlgAndLength() + + +class AlgorithmConstraintSet(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('signerAlgorithmConstraints', + AlgorithmConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('eeCertAlgorithmConstraints', + AlgorithmConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('caCertAlgorithmConstraints', + AlgorithmConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('aaCertAlgorithmConstraints', + AlgorithmConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('tsaCertAlgorithmConstraints', + AlgorithmConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + + +class AttributeValueConstraints(univ.SequenceOf): + componentType = AttributeTypeAndValue() + + +class AttributeTypeConstraints(univ.SequenceOf): + componentType = AttributeType() + + +class AttributeConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('attributeTypeConstarints', + AttributeTypeConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('attributeValueConstarints', + AttributeValueConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class HowCertAttribute(univ.Enumerated): + namedValues = namedval.NamedValues( + ('claimedAttribute', 0), + ('certifiedAttribtes', 1), + ('either', 2) + ) + + +class SkipCerts(univ.Integer): + subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class PolicyConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', + SkipCerts().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', + SkipCerts().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class BaseDistance(univ.Integer): + subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class GeneralSubtree(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', + BaseDistance().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0)).subtype( + value=0)), + namedtype.OptionalNamedType('maximum', + BaseDistance().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class GeneralSubtrees(univ.SequenceOf): + componentType = GeneralSubtree() + subtypeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', + GeneralSubtrees().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', + GeneralSubtrees().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class PathLenConstraint(univ.Integer): + subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class CertificateTrustPoint(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('trustpoint', Certificate()), + namedtype.OptionalNamedType('pathLenConstraint', + PathLenConstraint().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('acceptablePolicySet', + AcceptablePolicySet().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('nameConstraints', + NameConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('policyConstraints', + PolicyConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 3))) + ) + + +class CertificateTrustTrees(univ.SequenceOf): + componentType = CertificateTrustPoint() + + +class EnuRevReq(univ.Enumerated): + namedValues = namedval.NamedValues( + ('clrCheck', 0), + ('ocspCheck', 1), + ('bothCheck', 2), + ('eitherCheck', 3), + ('noCheck', 4), + ('other', 5) + ) + + +class RevReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('enuRevReq', EnuRevReq()), + namedtype.OptionalNamedType('exRevReq', SignPolExtensions()) + ) + + +class CertRevReq(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('endCertRevReq', RevReq()), + namedtype.NamedType('caCerts', + RevReq().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class AttributeTrustCondition(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('attributeMandated', univ.Boolean()), + namedtype.NamedType('howCertAttribute', HowCertAttribute()), + namedtype.OptionalNamedType('attrCertificateTrustTrees', + CertificateTrustTrees().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('attrRevReq', + CertRevReq().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('attributeConstraints', + AttributeConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) + + +class CMSAttrs(univ.SequenceOf): + componentType = univ.ObjectIdentifier() + + +class CertInfoReq(univ.Enumerated): + namedValues = namedval.NamedValues( + ('none', 0), + ('signerOnly', 1), + ('fullPath', 2) + ) + + +class CertRefReq(univ.Enumerated): + namedValues = namedval.NamedValues( + ('signerOnly', 1), + ('fullPath', 2) + ) + + +class DeltaTime(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('deltaSeconds', univ.Integer()), + namedtype.NamedType('deltaMinutes', univ.Integer()), + namedtype.NamedType('deltaHours', univ.Integer()), + namedtype.NamedType('deltaDays', univ.Integer()) + ) + + +class TimestampTrustCondition(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('ttsCertificateTrustTrees', + CertificateTrustTrees().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('ttsRevReq', + CertRevReq().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('ttsNameConstraints', + NameConstraints().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('cautionPeriod', + DeltaTime().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('signatureTimestampDelay', + DeltaTime().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 4))) + ) + + +class SignerRules(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('externalSignedData', univ.Boolean()), + namedtype.NamedType('mandatedSignedAttr', CMSAttrs()), + namedtype.NamedType('mandatedUnsignedAttr', CMSAttrs()), + namedtype.DefaultedNamedType('mandatedCertificateRef', + CertRefReq().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0)).subtype( + value='signerOnly')), + namedtype.DefaultedNamedType('mandatedCertificateInfo', + CertInfoReq().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1)).subtype( + value='none')), + namedtype.OptionalNamedType('signPolExtensions', + SignPolExtensions().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class MandatedUnsignedAttr(CMSAttrs): + pass + + +class VerifierRules(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('mandatedUnsignedAttr', MandatedUnsignedAttr()), + namedtype.OptionalNamedType('signPolExtensions', SignPolExtensions()) + ) + + +class SignerAndVerifierRules(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signerRules', SignerRules()), + namedtype.NamedType('verifierRules', VerifierRules()) + ) + + +class SigningCertTrustCondition(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signerTrustTrees', CertificateTrustTrees()), + namedtype.NamedType('signerRevReq', CertRevReq()) + ) + + +class CommitmentTypeIdentifier(univ.ObjectIdentifier): + pass + + +class FieldOfApplication(DirectoryString): + pass + + +class CommitmentType(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('identifier', CommitmentTypeIdentifier()), + namedtype.OptionalNamedType('fieldOfApplication', + FieldOfApplication().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('semantics', + DirectoryString().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class SelectedCommitmentTypes(univ.SequenceOf): + componentType = univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('empty', univ.Null()), + namedtype.NamedType('recognizedCommitmentType', CommitmentType()) + )) + + +class CommitmentRule(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('selCommitmentTypes', SelectedCommitmentTypes()), + namedtype.OptionalNamedType('signerAndVeriferRules', + SignerAndVerifierRules().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('signingCertTrustCondition', + SigningCertTrustCondition().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('timeStampTrustCondition', + TimestampTrustCondition().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('attributeTrustCondition', + AttributeTrustCondition().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('algorithmConstraintSet', + AlgorithmConstraintSet().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('signPolExtensions', + SignPolExtensions().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 5))) + ) + + +class CommitmentRules(univ.SequenceOf): + componentType = CommitmentRule() + + +class CommonRules(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('signerAndVeriferRules', + SignerAndVerifierRules().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('signingCertTrustCondition', + SigningCertTrustCondition().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.OptionalNamedType('timeStampTrustCondition', + TimestampTrustCondition().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('attributeTrustCondition', + AttributeTrustCondition().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('algorithmConstraintSet', + AlgorithmConstraintSet().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('signPolExtensions', + SignPolExtensions().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 5))) + ) + + +class PolicyIssuerName(GeneralNames): + pass + + +class SignPolicyHash(univ.OctetString): + pass + + +class SignPolicyId(univ.ObjectIdentifier): + pass + + +class SigningPeriod(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', useful.GeneralizedTime()), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime()) + ) + + +class SignatureValidationPolicy(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signingPeriod', SigningPeriod()), + namedtype.NamedType('commonRules', CommonRules()), + namedtype.NamedType('commitmentRules', CommitmentRules()), + namedtype.OptionalNamedType('signPolExtensions', SignPolExtensions()) + ) + + +class SignPolicyInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signPolicyIdentifier', SignPolicyId()), + namedtype.NamedType('dateOfIssue', useful.GeneralizedTime()), + namedtype.NamedType('policyIssuerName', PolicyIssuerName()), + namedtype.NamedType('fieldOfApplication', FieldOfApplication()), + namedtype.NamedType('signatureValidationPolicy', SignatureValidationPolicy()), + namedtype.OptionalNamedType('signPolExtensions', SignPolExtensions()) + ) + + +class SignaturePolicy(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('signPolicyHashAlg', AlgorithmIdentifier()), + namedtype.NamedType('signPolicyInfo', SignPolicyInfo()), + namedtype.OptionalNamedType('signPolicyHash', SignPolicyHash()) + ) + + diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3279.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3279.py new file mode 100644 index 0000000000000000000000000000000000000000..f6e24deafc3e52bb79b0ff0811747b1d75899c65 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3279.py @@ -0,0 +1,260 @@ +# +# This file is part of pyasn1-modules. +# +# Copyright (c) 2017, Danielle Madeley +# License: http://snmplabs.com/pyasn1/license.html +# +# Modified by Russ Housley to add maps for use with opentypes. +# +# Algorithms and Identifiers for Internet X.509 Certificates and CRLs +# +# Derived from RFC 3279: +# https://www.rfc-editor.org/rfc/rfc3279.txt +# +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +md2 = _OID(1, 2, 840, 113549, 2, 2) +md5 = _OID(1, 2, 840, 113549, 2, 5) +id_sha1 = _OID(1, 3, 14, 3, 2, 26) +id_dsa = _OID(1, 2, 840, 10040, 4, 1) + + +class DSAPublicKey(univ.Integer): + pass + + +class Dss_Parms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('g', univ.Integer()) + ) + + +id_dsa_with_sha1 = _OID(1, 2, 840, 10040, 4, 3) + + +class Dss_Sig_Value(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('r', univ.Integer()), + namedtype.NamedType('s', univ.Integer()) + ) + + +pkcs_1 = _OID(1, 2, 840, 113549, 1, 1) +rsaEncryption = _OID(pkcs_1, 1) +md2WithRSAEncryption = _OID(pkcs_1, 2) +md5WithRSAEncryption = _OID(pkcs_1, 4) +sha1WithRSAEncryption = _OID(pkcs_1, 5) + + +class RSAPublicKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('modulus', univ.Integer()), + namedtype.NamedType('publicExponent', univ.Integer()) + ) + + +dhpublicnumber = _OID(1, 2, 840, 10046, 2, 1) + + +class DHPublicKey(univ.Integer): + pass + + +class ValidationParms(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('seed', univ.BitString()), + namedtype.NamedType('pgenCounter', univ.Integer()) + ) + + +class DomainParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('g', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.OptionalNamedType('j', univ.Integer()), + namedtype.OptionalNamedType('validationParms', ValidationParms()) + ) + + +id_keyExchangeAlgorithm = _OID(2, 16, 840, 1, 101, 2, 1, 1, 22) + + +class KEA_Parms_Id(univ.OctetString): + pass + + +ansi_X9_62 = _OID(1, 2, 840, 10045) + + +class FieldID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('fieldType', univ.ObjectIdentifier()), + namedtype.NamedType('parameters', univ.Any()) + ) + + +id_ecSigType = _OID(ansi_X9_62, 4) +ecdsa_with_SHA1 = _OID(id_ecSigType, 1) + + +class ECDSA_Sig_Value(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('r', univ.Integer()), + namedtype.NamedType('s', univ.Integer()) + ) + + +id_fieldType = _OID(ansi_X9_62, 1) +prime_field = _OID(id_fieldType, 1) + + +class Prime_p(univ.Integer): + pass + + +characteristic_two_field = _OID(id_fieldType, 2) + + +class Characteristic_two(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('m', univ.Integer()), + namedtype.NamedType('basis', univ.ObjectIdentifier()), + namedtype.NamedType('parameters', univ.Any()) + ) + + +id_characteristic_two_basis = _OID(characteristic_two_field, 3) +gnBasis = _OID(id_characteristic_two_basis, 1) +tpBasis = _OID(id_characteristic_two_basis, 2) + + +class Trinomial(univ.Integer): + pass + + +ppBasis = _OID(id_characteristic_two_basis, 3) + + +class Pentanomial(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('k1', univ.Integer()), + namedtype.NamedType('k2', univ.Integer()), + namedtype.NamedType('k3', univ.Integer()) + ) + + +class FieldElement(univ.OctetString): + pass + + +class ECPoint(univ.OctetString): + pass + + +class Curve(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('a', FieldElement()), + namedtype.NamedType('b', FieldElement()), + namedtype.OptionalNamedType('seed', univ.BitString()) + ) + + +class ECPVer(univ.Integer): + namedValues = namedval.NamedValues( + ('ecpVer1', 1) + ) + + +class ECParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', ECPVer()), + namedtype.NamedType('fieldID', FieldID()), + namedtype.NamedType('curve', Curve()), + namedtype.NamedType('base', ECPoint()), + namedtype.NamedType('order', univ.Integer()), + namedtype.OptionalNamedType('cofactor', univ.Integer()) + ) + + +class EcpkParameters(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('ecParameters', ECParameters()), + namedtype.NamedType('namedCurve', univ.ObjectIdentifier()), + namedtype.NamedType('implicitlyCA', univ.Null()) + ) + + +id_publicKeyType = _OID(ansi_X9_62, 2) +id_ecPublicKey = _OID(id_publicKeyType, 1) + +ellipticCurve = _OID(ansi_X9_62, 3) + +c_TwoCurve = _OID(ellipticCurve, 0) +c2pnb163v1 = _OID(c_TwoCurve, 1) +c2pnb163v2 = _OID(c_TwoCurve, 2) +c2pnb163v3 = _OID(c_TwoCurve, 3) +c2pnb176w1 = _OID(c_TwoCurve, 4) +c2tnb191v1 = _OID(c_TwoCurve, 5) +c2tnb191v2 = _OID(c_TwoCurve, 6) +c2tnb191v3 = _OID(c_TwoCurve, 7) +c2onb191v4 = _OID(c_TwoCurve, 8) +c2onb191v5 = _OID(c_TwoCurve, 9) +c2pnb208w1 = _OID(c_TwoCurve, 10) +c2tnb239v1 = _OID(c_TwoCurve, 11) +c2tnb239v2 = _OID(c_TwoCurve, 12) +c2tnb239v3 = _OID(c_TwoCurve, 13) +c2onb239v4 = _OID(c_TwoCurve, 14) +c2onb239v5 = _OID(c_TwoCurve, 15) +c2pnb272w1 = _OID(c_TwoCurve, 16) +c2pnb304w1 = _OID(c_TwoCurve, 17) +c2tnb359v1 = _OID(c_TwoCurve, 18) +c2pnb368w1 = _OID(c_TwoCurve, 19) +c2tnb431r1 = _OID(c_TwoCurve, 20) + +primeCurve = _OID(ellipticCurve, 1) +prime192v1 = _OID(primeCurve, 1) +prime192v2 = _OID(primeCurve, 2) +prime192v3 = _OID(primeCurve, 3) +prime239v1 = _OID(primeCurve, 4) +prime239v2 = _OID(primeCurve, 5) +prime239v3 = _OID(primeCurve, 6) +prime256v1 = _OID(primeCurve, 7) + + +# Map of Algorithm Identifier OIDs to Parameters added to the +# ones in rfc5280.py. Do not add OIDs with absent paramaters. + +_algorithmIdentifierMapUpdate = { + md2: univ.Null(""), + md5: univ.Null(""), + id_sha1: univ.Null(""), + id_dsa: Dss_Parms(), + rsaEncryption: univ.Null(""), + md2WithRSAEncryption: univ.Null(""), + md5WithRSAEncryption: univ.Null(""), + sha1WithRSAEncryption: univ.Null(""), + dhpublicnumber: DomainParameters(), + id_keyExchangeAlgorithm: KEA_Parms_Id(), + id_ecPublicKey: EcpkParameters(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3281.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3281.py new file mode 100644 index 0000000000000000000000000000000000000000..a78abf9feaa0b3d8b8d37ffab34a2060480e6eee --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3281.py @@ -0,0 +1,331 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# An Internet Attribute Certificate Profile for Authorization +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3281.txt +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc3280 + +MAX = float('inf') + + +def _buildOid(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class ObjectDigestInfo(univ.Sequence): + pass + + +ObjectDigestInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('digestedObjectType', univ.Enumerated( + namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))), + namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()), + namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('objectDigest', univ.BitString()) +) + + +class IssuerSerial(univ.Sequence): + pass + + +IssuerSerial.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc3280.GeneralNames()), + namedtype.NamedType('serial', rfc3280.CertificateSerialNumber()), + namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier()) +) + + +class TargetCert(univ.Sequence): + pass + + +TargetCert.componentType = namedtype.NamedTypes( + namedtype.NamedType('targetCertificate', IssuerSerial()), + namedtype.OptionalNamedType('targetName', rfc3280.GeneralName()), + namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo()) +) + + +class Target(univ.Choice): + pass + + +Target.componentType = namedtype.NamedTypes( + namedtype.NamedType('targetName', rfc3280.GeneralName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('targetGroup', rfc3280.GeneralName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('targetCert', + TargetCert().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +class Targets(univ.SequenceOf): + pass + + +Targets.componentType = Target() + + +class ProxyInfo(univ.SequenceOf): + pass + + +ProxyInfo.componentType = Targets() + +id_at_role = _buildOid(rfc3280.id_at, 72) + +id_pe_aaControls = _buildOid(rfc3280.id_pe, 6) + +id_ce_targetInformation = _buildOid(rfc3280.id_ce, 55) + +id_pe_ac_auditIdentity = _buildOid(rfc3280.id_pe, 4) + + +class ClassList(univ.BitString): + pass + + +ClassList.namedValues = namedval.NamedValues( + ('unmarked', 0), + ('unclassified', 1), + ('restricted', 2), + ('confidential', 3), + ('secret', 4), + ('topSecret', 5) +) + + +class SecurityCategory(univ.Sequence): + pass + + +SecurityCategory.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class Clearance(univ.Sequence): + pass + + +Clearance.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyId', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.DefaultedNamedType('classList', + ClassList().subtype(implicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1)).subtype( + value="unclassified")), + namedtype.OptionalNamedType('securityCategories', univ.SetOf(componentType=SecurityCategory()).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class AttCertVersion(univ.Integer): + pass + + +AttCertVersion.namedValues = namedval.NamedValues( + ('v2', 1) +) + +id_aca = _buildOid(rfc3280.id_pkix, 10) + +id_at_clearance = _buildOid(2, 5, 1, 5, 55) + + +class AttrSpec(univ.SequenceOf): + pass + + +AttrSpec.componentType = univ.ObjectIdentifier() + + +class AAControls(univ.Sequence): + pass + + +AAControls.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.OptionalNamedType('permittedAttrs', + AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedAttrs', + AttrSpec().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.DefaultedNamedType('permitUnSpecified', univ.Boolean().subtype(value=1)) +) + + +class AttCertValidityPeriod(univ.Sequence): + pass + + +AttCertValidityPeriod.componentType = namedtype.NamedTypes( + namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()), + namedtype.NamedType('notAfterTime', useful.GeneralizedTime()) +) + + +id_aca_authenticationInfo = _buildOid(id_aca, 1) + + +class V2Form(univ.Sequence): + pass + + +V2Form.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('issuerName', rfc3280.GeneralNames()), + namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class AttCertIssuer(univ.Choice): + pass + + +AttCertIssuer.componentType = namedtype.NamedTypes( + namedtype.NamedType('v1Form', rfc3280.GeneralNames()), + namedtype.NamedType('v2Form', + V2Form().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class Holder(univ.Sequence): + pass + + +Holder.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('baseCertificateID', IssuerSerial().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('entityName', rfc3280.GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('objectDigestInfo', ObjectDigestInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +class AttributeCertificateInfo(univ.Sequence): + pass + + +AttributeCertificateInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', AttCertVersion()), + namedtype.NamedType('holder', Holder()), + namedtype.NamedType('issuer', AttCertIssuer()), + namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), + namedtype.NamedType('attrCertValidityPeriod', AttCertValidityPeriod()), + namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions()) +) + + +class AttributeCertificate(univ.Sequence): + pass + + +AttributeCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('acinfo', AttributeCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('signatureValue', univ.BitString()) +) + +id_mod = _buildOid(rfc3280.id_pkix, 0) + +id_mod_attribute_cert = _buildOid(id_mod, 12) + +id_aca_accessIdentity = _buildOid(id_aca, 2) + + +class RoleSyntax(univ.Sequence): + pass + + +RoleSyntax.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('roleAuthority', rfc3280.GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('roleName', + rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + +id_aca_chargingIdentity = _buildOid(id_aca, 3) + + +class ACClearAttrs(univ.Sequence): + pass + + +ACClearAttrs.componentType = namedtype.NamedTypes( + namedtype.NamedType('acIssuer', rfc3280.GeneralName()), + namedtype.NamedType('acSerial', univ.Integer()), + namedtype.NamedType('attrs', univ.SequenceOf(componentType=rfc3280.Attribute())) +) + +id_aca_group = _buildOid(id_aca, 4) + +id_pe_ac_proxying = _buildOid(rfc3280.id_pe, 10) + + +class SvceAuthInfo(univ.Sequence): + pass + + +SvceAuthInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('service', rfc3280.GeneralName()), + namedtype.NamedType('ident', rfc3280.GeneralName()), + namedtype.OptionalNamedType('authInfo', univ.OctetString()) +) + + +class IetfAttrSyntax(univ.Sequence): + pass + + +IetfAttrSyntax.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType( + 'policyAuthority', rfc3280.GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) + ), + namedtype.NamedType( + 'values', univ.SequenceOf( + componentType=univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('octets', univ.OctetString()), + namedtype.NamedType('oid', univ.ObjectIdentifier()), + namedtype.NamedType('string', char.UTF8String()) + ) + ) + ) + ) +) + +id_aca_encAttrs = _buildOid(id_aca, 6) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3370.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3370.py new file mode 100644 index 0000000000000000000000000000000000000000..51a9d5c5b1d8944c72222fc52998bed240afb09d --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3370.py @@ -0,0 +1,146 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Cryptographic Message Syntax (CMS) Algorithms +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3370.txt +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc3279 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5751 +from pyasn1_modules import rfc5753 +from pyasn1_modules import rfc5990 +from pyasn1_modules import rfc8018 + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Imports from RFC 3279 + +dhpublicnumber = rfc3279.dhpublicnumber + +dh_public_number = dhpublicnumber + +DHPublicKey = rfc3279.DHPublicKey + +DomainParameters = rfc3279.DomainParameters + +DHDomainParameters = DomainParameters + +Dss_Parms = rfc3279.Dss_Parms + +Dss_Sig_Value = rfc3279.Dss_Sig_Value + +md5 = rfc3279.md5 + +md5WithRSAEncryption = rfc3279.md5WithRSAEncryption + +RSAPublicKey = rfc3279.RSAPublicKey + +rsaEncryption = rfc3279.rsaEncryption + +ValidationParms = rfc3279.ValidationParms + +id_dsa = rfc3279.id_dsa + +id_dsa_with_sha1 = rfc3279.id_dsa_with_sha1 + +id_sha1 = rfc3279.id_sha1 + +sha_1 = id_sha1 + +sha1WithRSAEncryption = rfc3279.sha1WithRSAEncryption + + +# Imports from RFC 5753 + +CBCParameter = rfc5753.CBCParameter + +CBCParameter = rfc5753.IV + +KeyWrapAlgorithm = rfc5753.KeyWrapAlgorithm + + +# Imports from RFC 5990 + +id_alg_CMS3DESwrap = rfc5990.id_alg_CMS3DESwrap + + +# Imports from RFC 8018 + +des_EDE3_CBC = rfc8018.des_EDE3_CBC + +des_ede3_cbc = des_EDE3_CBC + +rc2CBC = rfc8018.rc2CBC + +rc2_cbc = rc2CBC + +RC2_CBC_Parameter = rfc8018.RC2_CBC_Parameter + +RC2CBCParameter = RC2_CBC_Parameter + +PBKDF2_params = rfc8018.PBKDF2_params + +id_PBKDF2 = rfc8018.id_PBKDF2 + + +# The few things that are not already defined elsewhere + +hMAC_SHA1 = univ.ObjectIdentifier('1.3.6.1.5.5.8.1.2') + + +id_alg_ESDH = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.5') + + +id_alg_SSDH = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.10') + + +id_alg_CMSRC2wrap = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.7') + + +class RC2ParameterVersion(univ.Integer): + pass + + +class RC2wrapParameter(RC2ParameterVersion): + pass + + +class Dss_Pub_Key(univ.Integer): + pass + + +# Update the Algorithm Identifier map in rfc5280.py. + +_algorithmIdentifierMapUpdate = { + hMAC_SHA1: univ.Null(""), + id_alg_CMSRC2wrap: RC2wrapParameter(), + id_alg_ESDH: KeyWrapAlgorithm(), + id_alg_SSDH: KeyWrapAlgorithm(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) + + +# Update the S/MIME Capabilities map in rfc5751.py. + +_smimeCapabilityMapUpdate = { + id_alg_CMSRC2wrap: RC2wrapParameter(), + id_alg_ESDH: KeyWrapAlgorithm(), + id_alg_SSDH: KeyWrapAlgorithm(), +} + +rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3414.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3414.py new file mode 100644 index 0000000000000000000000000000000000000000..00420cb01cd9f6cdc6751cdc4a35908b7341f824 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3414.py @@ -0,0 +1,28 @@ +# +# This file is part of pyasn1-modules software. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# SNMPv3 message syntax +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3414.txt +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + + +class UsmSecurityParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('msgAuthoritativeEngineID', univ.OctetString()), + namedtype.NamedType('msgAuthoritativeEngineBoots', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgAuthoritativeEngineTime', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 2147483647))), + namedtype.NamedType('msgUserName', + univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, 32))), + namedtype.NamedType('msgAuthenticationParameters', univ.OctetString()), + namedtype.NamedType('msgPrivacyParameters', univ.OctetString()) + ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3820.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3820.py new file mode 100644 index 0000000000000000000000000000000000000000..b4ba34c05c228789195716b77d30cf4fd31c4c78 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3820.py @@ -0,0 +1,65 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Diffie-Hellman Key Agreement +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc3820.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + + +class ProxyCertPathLengthConstraint(univ.Integer): + pass + + +class ProxyPolicy(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyLanguage', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('policy', univ.OctetString()) + ) + + +class ProxyCertInfoExtension(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pCPathLenConstraint', + ProxyCertPathLengthConstraint()), + namedtype.NamedType('proxyPolicy', ProxyPolicy()) + ) + + +id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) + + +id_pe = id_pkix + (1, ) + +id_pe_proxyCertInfo = id_pe + (14, ) + + +id_ppl = id_pkix + (21, ) + +id_ppl_anyLanguage = id_ppl + (0, ) + +id_ppl_inheritAll = id_ppl + (1, ) + +id_ppl_independent = id_ppl + (2, ) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_proxyCertInfo: ProxyCertInfoExtension(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3852.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3852.py new file mode 100644 index 0000000000000000000000000000000000000000..cf1bb85ad8af94cb05fde9b6ded429ea20113c73 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc3852.py @@ -0,0 +1,706 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc3852.txt +# +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc3280 +from pyasn1_modules import rfc3281 + +MAX = float('inf') + + +def _buildOid(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class AttributeValue(univ.Any): + pass + + +class Attribute(univ.Sequence): + pass + + +Attribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', univ.ObjectIdentifier()), + namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue())) +) + + +class SignedAttributes(univ.SetOf): + pass + + +SignedAttributes.componentType = Attribute() +SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class OtherRevocationInfoFormat(univ.Sequence): + pass + + +OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherRevInfo', univ.Any()) +) + + +class RevocationInfoChoice(univ.Choice): + pass + + +RevocationInfoChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('crl', rfc3280.CertificateList()), + namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class RevocationInfoChoices(univ.SetOf): + pass + + +RevocationInfoChoices.componentType = RevocationInfoChoice() + + +class OtherKeyAttribute(univ.Sequence): + pass + + +OtherKeyAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('keyAttr', univ.Any()) +) + +id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) + + +class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class EncryptedKey(univ.OctetString): + pass + + +class CMSVersion(univ.Integer): + pass + + +CMSVersion.namedValues = namedval.NamedValues( + ('v0', 0), + ('v1', 1), + ('v2', 2), + ('v3', 3), + ('v4', 4), + ('v5', 5) +) + + +class KEKIdentifier(univ.Sequence): + pass + + +KEKIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyIdentifier', univ.OctetString()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KEKRecipientInfo(univ.Sequence): + pass + + +KEKRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('kekid', KEKIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class PasswordRecipientInfo(univ.Sequence): + pass + + +PasswordRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class OtherRecipientInfo(univ.Sequence): + pass + + +OtherRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('oriType', univ.ObjectIdentifier()), + namedtype.NamedType('oriValue', univ.Any()) +) + + +class IssuerAndSerialNumber(univ.Sequence): + pass + + +IssuerAndSerialNumber.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc3280.Name()), + namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()) +) + + +class SubjectKeyIdentifier(univ.OctetString): + pass + + +class RecipientKeyIdentifier(univ.Sequence): + pass + + +RecipientKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), + namedtype.OptionalNamedType('date', useful.GeneralizedTime()), + namedtype.OptionalNamedType('other', OtherKeyAttribute()) +) + + +class KeyAgreeRecipientIdentifier(univ.Choice): + pass + + +KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class RecipientEncryptedKey(univ.Sequence): + pass + + +RecipientEncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientEncryptedKeys(univ.SequenceOf): + pass + + +RecipientEncryptedKeys.componentType = RecipientEncryptedKey() + + +class UserKeyingMaterial(univ.OctetString): + pass + + +class OriginatorPublicKey(univ.Sequence): + pass + + +OriginatorPublicKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('publicKey', univ.BitString()) +) + + +class OriginatorIdentifierOrKey(univ.Choice): + pass + + +OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class KeyAgreeRecipientInfo(univ.Sequence): + pass + + +KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) +) + + +class RecipientIdentifier(univ.Choice): + pass + + +RecipientIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class KeyTransRecipientInfo(univ.Sequence): + pass + + +KeyTransRecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('rid', RecipientIdentifier()), + namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), + namedtype.NamedType('encryptedKey', EncryptedKey()) +) + + +class RecipientInfo(univ.Choice): + pass + + +RecipientInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('ktri', KeyTransRecipientInfo()), + namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('kekri', KEKRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('ori', OtherRecipientInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) +) + + +class RecipientInfos(univ.SetOf): + pass + + +RecipientInfos.componentType = RecipientInfo() +RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class Signature(univ.BitString): + pass + + +class SignerIdentifier(univ.Choice): + pass + + +SignerIdentifier.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), + namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class UnprotectedAttributes(univ.SetOf): + pass + + +UnprotectedAttributes.componentType = Attribute() +UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class ContentType(univ.ObjectIdentifier): + pass + + +class EncryptedContent(univ.OctetString): + pass + + +class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class EncryptedContentInfo(univ.Sequence): + pass + + +EncryptedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), + namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class EncryptedData(univ.Sequence): + pass + + +EncryptedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + +id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) + +id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) + +id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) + + +class DigestAlgorithmIdentifiers(univ.SetOf): + pass + + +DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() + + +class EncapsulatedContentInfo(univ.Sequence): + pass + + +EncapsulatedContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('eContentType', ContentType()), + namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class Digest(univ.OctetString): + pass + + +class DigestedData(univ.Sequence): + pass + + +DigestedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.NamedType('digest', Digest()) +) + + +class ContentInfo(univ.Sequence): + pass + + +ContentInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', ContentType()), + namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class UnauthAttributes(univ.SetOf): + pass + + +UnauthAttributes.componentType = Attribute() +UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class ExtendedCertificateInfo(univ.Sequence): + pass + + +ExtendedCertificateInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('certificate', rfc3280.Certificate()), + namedtype.NamedType('attributes', UnauthAttributes()) +) + + +class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier): + pass + + +class ExtendedCertificate(univ.Sequence): + pass + + +ExtendedCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', Signature()) +) + + +class OtherCertificateFormat(univ.Sequence): + pass + + +OtherCertificateFormat.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), + namedtype.NamedType('otherCert', univ.Any()) +) + + +class AttributeCertificateV2(rfc3281.AttributeCertificate): + pass + + +class AttCertVersionV1(univ.Integer): + pass + + +AttCertVersionV1.namedValues = namedval.NamedValues( + ('v1', 0) +) + + +class AttributeCertificateInfoV1(univ.Sequence): + pass + + +AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), + namedtype.NamedType( + 'subject', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + ) + ), + namedtype.NamedType('issuer', rfc3280.GeneralNames()), + namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()), + namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), + namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions()) +) + + +class AttributeCertificateV1(univ.Sequence): + pass + + +AttributeCertificateV1.componentType = namedtype.NamedTypes( + namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), + namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class CertificateChoices(univ.Choice): + pass + + +CertificateChoices.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc3280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('other', OtherCertificateFormat().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class CertificateSet(univ.SetOf): + pass + + +CertificateSet.componentType = CertificateChoices() + + +class MessageAuthenticationCode(univ.OctetString): + pass + + +class UnsignedAttributes(univ.SetOf): + pass + + +UnsignedAttributes.componentType = Attribute() +UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class SignatureValue(univ.OctetString): + pass + + +class SignerInfo(univ.Sequence): + pass + + +SignerInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('sid', SignerIdentifier()), + namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), + namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), + namedtype.NamedType('signature', SignatureValue()), + namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SignerInfos(univ.SetOf): + pass + + +SignerInfos.componentType = SignerInfo() + + +class SignedData(univ.Sequence): + pass + + +SignedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('certificates', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('signerInfos', SignerInfos()) +) + + +class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier): + pass + + +class MessageDigest(univ.OctetString): + pass + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class OriginatorInfo(univ.Sequence): + pass + + +OriginatorInfo.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('certs', CertificateSet().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class AuthAttributes(univ.SetOf): + pass + + +AuthAttributes.componentType = Attribute() +AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class AuthenticatedData(univ.Sequence): + pass + + +AuthenticatedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), + namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), + namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('mac', MessageAuthenticationCode()), + namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) + +id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) + + +class EnvelopedData(univ.Sequence): + pass + + +EnvelopedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', RecipientInfos()), + namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), + namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class Countersignature(SignerInfo): + pass + + +id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) + +id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) + + +class ExtendedCertificateOrCertificate(univ.Choice): + pass + + +ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', rfc3280.Certificate()), + namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + +id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) + +id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) + + +class SigningTime(Time): + pass + + +id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4043.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4043.py new file mode 100644 index 0000000000000000000000000000000000000000..cf0a801419bb94e56839e2142ba11d193d08f9bc --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4043.py @@ -0,0 +1,43 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Internet X.509 Public Key Infrastructure Permanent Identifier +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4043.txt +# + +from pyasn1.type import char +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) + +id_on = id_pkix + (8, ) + +id_on_permanentIdentifier = id_on + (3, ) + + +class PermanentIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('identifierValue', char.UTF8String()), + namedtype.OptionalNamedType('assigner', univ.ObjectIdentifier()) + ) + + +# Map of Other Name OIDs to Other Name is added to the +# ones that are in rfc5280.py + +_anotherNameMapUpdate = { + id_on_permanentIdentifier: PermanentIdentifier(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4073.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4073.py new file mode 100644 index 0000000000000000000000000000000000000000..3f425b28eddb46b619c06f00fcc366e454734639 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4073.py @@ -0,0 +1,59 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add a map for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Protecting Multiple Contents with the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4073.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +# Content Collection Content Type and Object Identifier + +id_ct_contentCollection = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.19') + +class ContentCollection(univ.SequenceOf): + pass + +ContentCollection.componentType = rfc5652.ContentInfo() +ContentCollection.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +# Content With Attributes Content Type and Object Identifier + +id_ct_contentWithAttrs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.20') + +class ContentWithAttributes(univ.Sequence): + pass + +ContentWithAttributes.componentType = namedtype.NamedTypes( + namedtype.NamedType('content', rfc5652.ContentInfo()), + namedtype.NamedType('attrs', univ.SequenceOf( + componentType=rfc5652.Attribute()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +# Map of Content Type OIDs to Content Types is added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_contentCollection: ContentCollection(), + id_ct_contentWithAttrs: ContentWithAttributes(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4211.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4211.py new file mode 100644 index 0000000000000000000000000000000000000000..c47b3c5dd25a4f11d17ed43c7a5383278af090b9 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4211.py @@ -0,0 +1,396 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Internet X.509 Public Key Infrastructure Certificate Request +# Message Format (CRMF) +# +# ASN.1 source from: +# http://www.ietf.org/rfc/rfc4211.txt +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc3280 +from pyasn1_modules import rfc3852 + +MAX = float('inf') + + +def _buildOid(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) + +id_pkip = _buildOid(id_pkix, 5) + +id_regCtrl = _buildOid(id_pkip, 1) + + +class SinglePubInfo(univ.Sequence): + pass + + +SinglePubInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('pubMethod', univ.Integer( + namedValues=namedval.NamedValues(('dontCare', 0), ('x500', 1), ('web', 2), ('ldap', 3)))), + namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName()) +) + + +class UTF8Pairs(char.UTF8String): + pass + + +class PKMACValue(univ.Sequence): + pass + + +PKMACValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('value', univ.BitString()) +) + + +class POPOSigningKeyInput(univ.Sequence): + pass + + +POPOSigningKeyInput.componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'authInfo', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType( + 'sender', rfc3280.GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)) + ), + namedtype.NamedType( + 'publicKeyMAC', PKMACValue() + ) + ) + ) + ), + namedtype.NamedType('publicKey', rfc3280.SubjectPublicKeyInfo()) +) + + +class POPOSigningKey(univ.Sequence): + pass + + +POPOSigningKey.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('algorithmIdentifier', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class Attributes(univ.SetOf): + pass + + +Attributes.componentType = rfc3280.Attribute() + + +class PrivateKeyInfo(univ.Sequence): + pass + + +PrivateKeyInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer()), + namedtype.NamedType('privateKeyAlgorithm', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('privateKey', univ.OctetString()), + namedtype.OptionalNamedType('attributes', + Attributes().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class EncryptedValue(univ.Sequence): + pass + + +EncryptedValue.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('intendedAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('symmAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('keyAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.NamedType('encValue', univ.BitString()) +) + + +class EncryptedKey(univ.Choice): + pass + + +EncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedValue', EncryptedValue()), + namedtype.NamedType('envelopedData', rfc3852.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class KeyGenParameters(univ.OctetString): + pass + + +class PKIArchiveOptions(univ.Choice): + pass + + +PKIArchiveOptions.componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedPrivKey', + EncryptedKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyGenParameters', + KeyGenParameters().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('archiveRemGenPrivKey', + univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + +id_regCtrl_authenticator = _buildOid(id_regCtrl, 2) + +id_regInfo = _buildOid(id_pkip, 2) + +id_regInfo_certReq = _buildOid(id_regInfo, 2) + + +class ProtocolEncrKey(rfc3280.SubjectPublicKeyInfo): + pass + + +class Authenticator(char.UTF8String): + pass + + +class SubsequentMessage(univ.Integer): + pass + + +SubsequentMessage.namedValues = namedval.NamedValues( + ('encrCert', 0), + ('challengeResp', 1) +) + + +class AttributeTypeAndValue(univ.Sequence): + pass + + +AttributeTypeAndValue.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', univ.ObjectIdentifier()), + namedtype.NamedType('value', univ.Any()) +) + + +class POPOPrivKey(univ.Choice): + pass + + +POPOPrivKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('thisMessage', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('subsequentMessage', + SubsequentMessage().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dhMAC', + univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('agreeMAC', + PKMACValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.NamedType('encryptedKey', rfc3852.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) +) + + +class ProofOfPossession(univ.Choice): + pass + + +ProofOfPossession.componentType = namedtype.NamedTypes( + namedtype.NamedType('raVerified', + univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('signature', POPOSigningKey().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), + namedtype.NamedType('keyEncipherment', + POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.NamedType('keyAgreement', + POPOPrivKey().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) +) + + +class OptionalValidity(univ.Sequence): + pass + + +OptionalValidity.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', rfc3280.Time().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('notAfter', rfc3280.Time().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class CertTemplate(univ.Sequence): + pass + + +CertTemplate.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', rfc3280.Version().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('signingAlg', rfc3280.AlgorithmIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('issuer', rfc3280.Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), + namedtype.OptionalNamedType('validity', OptionalValidity().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.OptionalNamedType('subject', rfc3280.Name().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('publicKey', rfc3280.SubjectPublicKeyInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.OptionalNamedType('subjectUID', rfc3280.UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))), + namedtype.OptionalNamedType('extensions', rfc3280.Extensions().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9))) +) + + +class Controls(univ.SequenceOf): + pass + + +Controls.componentType = AttributeTypeAndValue() +Controls.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class CertRequest(univ.Sequence): + pass + + +CertRequest.componentType = namedtype.NamedTypes( + namedtype.NamedType('certReqId', univ.Integer()), + namedtype.NamedType('certTemplate', CertTemplate()), + namedtype.OptionalNamedType('controls', Controls()) +) + + +class CertReqMsg(univ.Sequence): + pass + + +CertReqMsg.componentType = namedtype.NamedTypes( + namedtype.NamedType('certReq', CertRequest()), + namedtype.OptionalNamedType('popo', ProofOfPossession()), + namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue())) +) + + +class CertReqMessages(univ.SequenceOf): + pass + + +CertReqMessages.componentType = CertReqMsg() +CertReqMessages.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class CertReq(CertRequest): + pass + + +id_regCtrl_pkiPublicationInfo = _buildOid(id_regCtrl, 3) + + +class CertId(univ.Sequence): + pass + + +CertId.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', rfc3280.GeneralName()), + namedtype.NamedType('serialNumber', univ.Integer()) +) + + +class OldCertId(CertId): + pass + + +class PKIPublicationInfo(univ.Sequence): + pass + + +PKIPublicationInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('action', + univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))), + namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo())) +) + + +class EncKeyWithID(univ.Sequence): + pass + + +EncKeyWithID.componentType = namedtype.NamedTypes( + namedtype.NamedType('privateKey', PrivateKeyInfo()), + namedtype.OptionalNamedType( + 'identifier', univ.Choice( + componentType=namedtype.NamedTypes( + namedtype.NamedType('string', char.UTF8String()), + namedtype.NamedType('generalName', rfc3280.GeneralName()) + ) + ) + ) +) + +id_regCtrl_protocolEncrKey = _buildOid(id_regCtrl, 6) + +id_regCtrl_oldCertID = _buildOid(id_regCtrl, 5) + +id_smime = _buildOid(1, 2, 840, 113549, 1, 9, 16) + + +class PBMParameter(univ.Sequence): + pass + + +PBMParameter.componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', univ.OctetString()), + namedtype.NamedType('owf', rfc3280.AlgorithmIdentifier()), + namedtype.NamedType('iterationCount', univ.Integer()), + namedtype.NamedType('mac', rfc3280.AlgorithmIdentifier()) +) + +id_regCtrl_regToken = _buildOid(id_regCtrl, 1) + +id_regCtrl_pkiArchiveOptions = _buildOid(id_regCtrl, 4) + +id_regInfo_utf8Pairs = _buildOid(id_regInfo, 1) + +id_ct = _buildOid(id_smime, 1) + +id_ct_encKeyWithID = _buildOid(id_ct, 21) + + +class RegToken(char.UTF8String): + pass diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4334.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4334.py new file mode 100644 index 0000000000000000000000000000000000000000..44cd31b16699ea923fca604e209f0bb99ff5106e --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4334.py @@ -0,0 +1,75 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Extensions and Attributes Supporting Authentication +# in PPP and Wireless LAN Networks +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4334.txt +# + +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# OID Arcs + +id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') + +id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') + +id_aca = univ.ObjectIdentifier('1.3.6.1.5.5.7.10') + + +# Extended Key Usage Values + +id_kp_eapOverPPP = id_kp + (13, ) + +id_kp_eapOverLAN = id_kp + (14, ) + + +# Wireless LAN SSID Extension + +id_pe_wlanSSID = id_pe + (13, ) + +class SSID(univ.OctetString): + constraint.ValueSizeConstraint(1, 32) + + +class SSIDList(univ.SequenceOf): + componentType = SSID() + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +# Wireless LAN SSID Attribute Certificate Attribute + +id_aca_wlanSSID = id_aca + (7, ) + + +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py + +_certificateExtensionsMap = { + id_pe_wlanSSID: SSIDList(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) + + +# Map of AttributeType OIDs to AttributeValue added to the +# ones that are in rfc5280.py + +_certificateAttributesMapUpdate = { + id_aca_wlanSSID: SSIDList(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4357.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4357.py new file mode 100644 index 0000000000000000000000000000000000000000..42b9e3ecb87a33027a79fcd5fff4fdf67c1f043e --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4357.py @@ -0,0 +1,477 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Additional Cryptographic Algorithms for Use with GOST 28147-89, +# GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 Algorithms +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4357.txt +# https://www.rfc-editor.org/errata/eid5927 +# https://www.rfc-editor.org/errata/eid5928 +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# Import from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Object Identifiers + +id_CryptoPro = univ.ObjectIdentifier((1, 2, 643, 2, 2,)) + + +id_CryptoPro_modules = id_CryptoPro + (1, 1,) + +id_CryptoPro_extensions = id_CryptoPro + (34,) + +id_CryptoPro_policyIds = id_CryptoPro + (38,) + +id_CryptoPro_policyQt = id_CryptoPro + (39,) + + +cryptographic_Gost_Useful_Definitions = id_CryptoPro_modules + (0, 1,) + +gostR3411_94_DigestSyntax = id_CryptoPro_modules + (1, 1,) + +gostR3410_94_PKISyntax = id_CryptoPro_modules + (2, 1,) + +gostR3410_94_SignatureSyntax = id_CryptoPro_modules + (3, 1,) + +gost28147_89_EncryptionSyntax = id_CryptoPro_modules + (4, 1,) + +gostR3410_EncryptionSyntax = id_CryptoPro_modules + (5, 2,) + +gost28147_89_ParamSetSyntax = id_CryptoPro_modules + (6, 1,) + +gostR3411_94_ParamSetSyntax = id_CryptoPro_modules + (7, 1,) + +gostR3410_94_ParamSetSyntax = id_CryptoPro_modules + (8, 1, 1) + +gostR3410_2001_PKISyntax = id_CryptoPro_modules + (9, 1,) + +gostR3410_2001_SignatureSyntax = id_CryptoPro_modules + (10, 1,) + +gostR3410_2001_ParamSetSyntax = id_CryptoPro_modules + (12, 1,) + +gost_CryptoPro_ExtendedKeyUsage = id_CryptoPro_modules + (13, 1,) + +gost_CryptoPro_PrivateKey = id_CryptoPro_modules + (14, 1,) + +gost_CryptoPro_PKIXCMP = id_CryptoPro_modules + (15, 1,) + +gost_CryptoPro_TLS = id_CryptoPro_modules + (16, 1,) + +gost_CryptoPro_Policy = id_CryptoPro_modules + (17, 1,) + +gost_CryptoPro_Constants = id_CryptoPro_modules + (18, 1,) + + +id_CryptoPro_algorithms = id_CryptoPro + +id_GostR3411_94_with_GostR3410_2001 = id_CryptoPro_algorithms + (3,) + +id_GostR3411_94_with_GostR3410_94 = id_CryptoPro_algorithms + (4,) + +id_GostR3411_94 = id_CryptoPro_algorithms + (9,) + +id_Gost28147_89_None_KeyMeshing = id_CryptoPro_algorithms + (14, 0,) + +id_Gost28147_89_CryptoPro_KeyMeshing = id_CryptoPro_algorithms + (14, 1,) + +id_GostR3410_2001 = id_CryptoPro_algorithms + (19,) + +id_GostR3410_94 = id_CryptoPro_algorithms + (20,) + +id_Gost28147_89 = id_CryptoPro_algorithms + (21,) + +id_Gost28147_89_MAC = id_CryptoPro_algorithms + (22,) + +id_CryptoPro_hashes = id_CryptoPro_algorithms + (30,) + +id_CryptoPro_encrypts = id_CryptoPro_algorithms + (31,) + +id_CryptoPro_signs = id_CryptoPro_algorithms + (32,) + +id_CryptoPro_exchanges = id_CryptoPro_algorithms + (33,) + +id_CryptoPro_ecc_signs = id_CryptoPro_algorithms + (35,) + +id_CryptoPro_ecc_exchanges = id_CryptoPro_algorithms + (36,) + +id_CryptoPro_private_keys = id_CryptoPro_algorithms + (37,) + +id_CryptoPro_pkixcmp_infos = id_CryptoPro_algorithms + (41,) + +id_CryptoPro_audit_service_types = id_CryptoPro_algorithms + (42,) + +id_CryptoPro_audit_record_types = id_CryptoPro_algorithms + (43,) + +id_CryptoPro_attributes = id_CryptoPro_algorithms + (44,) + +id_CryptoPro_name_service_types = id_CryptoPro_algorithms + (45,) + +id_GostR3410_2001DH = id_CryptoPro_algorithms + (98,) + +id_GostR3410_94DH = id_CryptoPro_algorithms + (99,) + + +id_Gost28147_89_TestParamSet = id_CryptoPro_encrypts + (0,) + +id_Gost28147_89_CryptoPro_A_ParamSet = id_CryptoPro_encrypts + (1,) + +id_Gost28147_89_CryptoPro_B_ParamSet = id_CryptoPro_encrypts + (2,) + +id_Gost28147_89_CryptoPro_C_ParamSet = id_CryptoPro_encrypts + (3,) + +id_Gost28147_89_CryptoPro_D_ParamSet = id_CryptoPro_encrypts + (4,) + +id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = id_CryptoPro_encrypts + (5,) + +id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = id_CryptoPro_encrypts + (6,) + +id_Gost28147_89_CryptoPro_RIC_1_ParamSet = id_CryptoPro_encrypts + (7,) + + +id_GostR3410_2001_TestParamSet = id_CryptoPro_ecc_signs + (0,) + +id_GostR3410_2001_CryptoPro_A_ParamSet = id_CryptoPro_ecc_signs + (1,) + +id_GostR3410_2001_CryptoPro_B_ParamSet = id_CryptoPro_ecc_signs + (2,) + +id_GostR3410_2001_CryptoPro_C_ParamSet = id_CryptoPro_ecc_signs + (3,) + + +id_GostR3410_2001_CryptoPro_XchA_ParamSet = id_CryptoPro_ecc_exchanges + (0,) + +id_GostR3410_2001_CryptoPro_XchB_ParamSet = id_CryptoPro_ecc_exchanges + (1,) + + +id_GostR3410_94_TestParamSet = id_CryptoPro_signs + (0,) + +id_GostR3410_94_CryptoPro_A_ParamSet = id_CryptoPro_signs + (2,) + +id_GostR3410_94_CryptoPro_B_ParamSet = id_CryptoPro_signs + (3,) + +id_GostR3410_94_CryptoPro_C_ParamSet = id_CryptoPro_signs + (4,) + +id_GostR3410_94_CryptoPro_D_ParamSet = id_CryptoPro_signs + (5,) + + +id_GostR3410_94_CryptoPro_XchA_ParamSet = id_CryptoPro_exchanges + (1,) + +id_GostR3410_94_CryptoPro_XchB_ParamSet = id_CryptoPro_exchanges + (2,) + +id_GostR3410_94_CryptoPro_XchC_ParamSet = id_CryptoPro_exchanges + (3,) + + +id_GostR3410_94_a = id_GostR3410_94 + (1,) + +id_GostR3410_94_aBis = id_GostR3410_94 + (2,) + +id_GostR3410_94_b = id_GostR3410_94 + (3,) + +id_GostR3410_94_bBis = id_GostR3410_94 + (4,) + + +id_GostR3411_94_TestParamSet = id_CryptoPro_hashes + (0,) + +id_GostR3411_94_CryptoProParamSet = id_CryptoPro_hashes + (1,) + + + + +class Gost28147_89_ParamSet(univ.ObjectIdentifier): + pass + +Gost28147_89_ParamSet.subtypeSpec = constraint.SingleValueConstraint( + id_Gost28147_89_TestParamSet, + id_Gost28147_89_CryptoPro_A_ParamSet, + id_Gost28147_89_CryptoPro_B_ParamSet, + id_Gost28147_89_CryptoPro_C_ParamSet, + id_Gost28147_89_CryptoPro_D_ParamSet, + id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet, + id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet, + id_Gost28147_89_CryptoPro_RIC_1_ParamSet +) + + +class Gost28147_89_BlobParameters(univ.Sequence): + pass + +Gost28147_89_BlobParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()) +) + + +class Gost28147_89_MAC(univ.OctetString): + pass + +Gost28147_89_MAC.subtypeSpec = constraint.ValueSizeConstraint(1, 4) + + +class Gost28147_89_Key(univ.OctetString): + pass + +Gost28147_89_Key.subtypeSpec = constraint.ValueSizeConstraint(32, 32) + + +class Gost28147_89_EncryptedKey(univ.Sequence): + pass + +Gost28147_89_EncryptedKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptedKey', Gost28147_89_Key()), + namedtype.OptionalNamedType('maskKey', Gost28147_89_Key().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('macKey', Gost28147_89_MAC()) +) + + +class Gost28147_89_IV(univ.OctetString): + pass + +Gost28147_89_IV.subtypeSpec = constraint.ValueSizeConstraint(8, 8) + + +class Gost28147_89_UZ(univ.OctetString): + pass + +Gost28147_89_UZ.subtypeSpec = constraint.ValueSizeConstraint(64, 64) + + +class Gost28147_89_ParamSetParameters(univ.Sequence): + pass + +Gost28147_89_ParamSetParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('eUZ', Gost28147_89_UZ()), + namedtype.NamedType('mode', + univ.Integer(namedValues=namedval.NamedValues( + ('gost28147-89-CNT', 0), + ('gost28147-89-CFB', 1), + ('cryptoPro-CBC', 2) + ))), + namedtype.NamedType('shiftBits', + univ.Integer(namedValues=namedval.NamedValues( + ('gost28147-89-block', 64) + ))), + namedtype.NamedType('keyMeshing', AlgorithmIdentifier()) +) + + +class Gost28147_89_Parameters(univ.Sequence): + pass + +Gost28147_89_Parameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('iv', Gost28147_89_IV()), + namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()) +) + + +class GostR3410_2001_CertificateSignature(univ.BitString): + pass + +GostR3410_2001_CertificateSignature.subtypeSpec=constraint.ValueSizeConstraint(256, 512) + + +class GostR3410_2001_ParamSetParameters(univ.Sequence): + pass + +GostR3410_2001_ParamSetParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('a', univ.Integer()), + namedtype.NamedType('b', univ.Integer()), + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('x', univ.Integer()), + namedtype.NamedType('y', univ.Integer()) +) + + +class GostR3410_2001_PublicKey(univ.OctetString): + pass + +GostR3410_2001_PublicKey.subtypeSpec = constraint.ValueSizeConstraint(64, 64) + + +class GostR3410_2001_PublicKeyParameters(univ.Sequence): + pass + +GostR3410_2001_PublicKeyParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('publicKeyParamSet', univ.ObjectIdentifier().subtype( + subtypeSpec=constraint.SingleValueConstraint( + id_GostR3410_2001_TestParamSet, + id_GostR3410_2001_CryptoPro_A_ParamSet, + id_GostR3410_2001_CryptoPro_B_ParamSet, + id_GostR3410_2001_CryptoPro_C_ParamSet, + id_GostR3410_2001_CryptoPro_XchA_ParamSet, + id_GostR3410_2001_CryptoPro_XchB_ParamSet + ))), + namedtype.NamedType('digestParamSet', univ.ObjectIdentifier().subtype( + subtypeSpec=constraint.SingleValueConstraint( + id_GostR3411_94_TestParamSet, + id_GostR3411_94_CryptoProParamSet + ))), + namedtype.DefaultedNamedType('encryptionParamSet', + Gost28147_89_ParamSet().subtype(value=id_Gost28147_89_CryptoPro_A_ParamSet + )) +) + + +class GostR3410_94_CertificateSignature(univ.BitString): + pass + +GostR3410_94_CertificateSignature.subtypeSpec = constraint.ValueSizeConstraint(256, 512) + + +class GostR3410_94_ParamSetParameters_t(univ.Integer): + pass + +GostR3410_94_ParamSetParameters_t.subtypeSpec = constraint.SingleValueConstraint(512, 1024) + + +class GostR3410_94_ParamSetParameters(univ.Sequence): + pass + +GostR3410_94_ParamSetParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('t', GostR3410_94_ParamSetParameters_t()), + namedtype.NamedType('p', univ.Integer()), + namedtype.NamedType('q', univ.Integer()), + namedtype.NamedType('a', univ.Integer()), + namedtype.OptionalNamedType('validationAlgorithm', AlgorithmIdentifier()) +) + + +class GostR3410_94_PublicKey(univ.OctetString): + pass + +GostR3410_94_PublicKey.subtypeSpec = constraint.ConstraintsUnion( + constraint.ValueSizeConstraint(64, 64), + constraint.ValueSizeConstraint(128, 128) +) + + +class GostR3410_94_PublicKeyParameters(univ.Sequence): + pass + +GostR3410_94_PublicKeyParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('publicKeyParamSet', univ.ObjectIdentifier().subtype( + subtypeSpec=constraint.SingleValueConstraint( + id_GostR3410_94_TestParamSet, + id_GostR3410_94_CryptoPro_A_ParamSet, + id_GostR3410_94_CryptoPro_B_ParamSet, + id_GostR3410_94_CryptoPro_C_ParamSet, + id_GostR3410_94_CryptoPro_D_ParamSet, + id_GostR3410_94_CryptoPro_XchA_ParamSet, + id_GostR3410_94_CryptoPro_XchB_ParamSet, + id_GostR3410_94_CryptoPro_XchC_ParamSet + ))), + namedtype.NamedType('digestParamSet', univ.ObjectIdentifier().subtype( + subtypeSpec=constraint.SingleValueConstraint( + id_GostR3411_94_TestParamSet, + id_GostR3411_94_CryptoProParamSet + ))), + namedtype.DefaultedNamedType('encryptionParamSet', + Gost28147_89_ParamSet().subtype(value=id_Gost28147_89_CryptoPro_A_ParamSet + )) +) + + +class GostR3410_94_ValidationBisParameters_c(univ.Integer): + pass + +GostR3410_94_ValidationBisParameters_c.subtypeSpec = constraint.ValueRangeConstraint(0, 4294967295) + + +class GostR3410_94_ValidationBisParameters(univ.Sequence): + pass + +GostR3410_94_ValidationBisParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('x0', GostR3410_94_ValidationBisParameters_c()), + namedtype.NamedType('c', GostR3410_94_ValidationBisParameters_c()), + namedtype.OptionalNamedType('d', univ.Integer()) +) + + +class GostR3410_94_ValidationParameters_c(univ.Integer): + pass + +GostR3410_94_ValidationParameters_c.subtypeSpec = constraint.ValueRangeConstraint(0, 65535) + + +class GostR3410_94_ValidationParameters(univ.Sequence): + pass + +GostR3410_94_ValidationParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('x0', GostR3410_94_ValidationParameters_c()), + namedtype.NamedType('c', GostR3410_94_ValidationParameters_c()), + namedtype.OptionalNamedType('d', univ.Integer()) +) + + +class GostR3411_94_Digest(univ.OctetString): + pass + +GostR3411_94_Digest.subtypeSpec = constraint.ValueSizeConstraint(32, 32) + + +class GostR3411_94_DigestParameters(univ.ObjectIdentifier): + pass + +GostR3411_94_DigestParameters.subtypeSpec = constraint.ConstraintsUnion( + constraint.SingleValueConstraint(id_GostR3411_94_TestParamSet), + constraint.SingleValueConstraint(id_GostR3411_94_CryptoProParamSet), +) + + +class GostR3411_94_ParamSetParameters(univ.Sequence): + pass + +GostR3411_94_ParamSetParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('hUZ', Gost28147_89_UZ()), + namedtype.NamedType('h0', GostR3411_94_Digest()) +) + + +# Update the Algorithm Identifier map in rfc5280.py + +_algorithmIdentifierMapUpdate = { + id_Gost28147_89: Gost28147_89_Parameters(), + id_Gost28147_89_TestParamSet: Gost28147_89_ParamSetParameters(), + id_Gost28147_89_CryptoPro_A_ParamSet: Gost28147_89_ParamSetParameters(), + id_Gost28147_89_CryptoPro_B_ParamSet: Gost28147_89_ParamSetParameters(), + id_Gost28147_89_CryptoPro_C_ParamSet: Gost28147_89_ParamSetParameters(), + id_Gost28147_89_CryptoPro_D_ParamSet: Gost28147_89_ParamSetParameters(), + id_Gost28147_89_CryptoPro_KeyMeshing: univ.Null(""), + id_Gost28147_89_None_KeyMeshing: univ.Null(""), + id_GostR3410_94: GostR3410_94_PublicKeyParameters(), + id_GostR3410_94_TestParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_A_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_B_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_C_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_D_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_XchA_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_XchB_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_CryptoPro_XchC_ParamSet: GostR3410_94_ParamSetParameters(), + id_GostR3410_94_a: GostR3410_94_ValidationParameters(), + id_GostR3410_94_aBis: GostR3410_94_ValidationBisParameters(), + id_GostR3410_94_b: GostR3410_94_ValidationParameters(), + id_GostR3410_94_bBis: GostR3410_94_ValidationBisParameters(), + id_GostR3410_2001: univ.Null(""), + id_GostR3411_94: univ.Null(""), + id_GostR3411_94_TestParamSet: GostR3411_94_ParamSetParameters(), + id_GostR3411_94_CryptoProParamSet: GostR3411_94_ParamSetParameters(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4387.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4387.py new file mode 100644 index 0000000000000000000000000000000000000000..c1f4e79acf4f9d839a18d817ffad72293b2a0757 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4387.py @@ -0,0 +1,23 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Store Access via HTTP +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4387.txt +# + + +from pyasn1.type import univ + + +id_ad = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, )) + +id_ad_http_certs = id_ad + (6, ) + +id_ad_http_crls = id_ad + (7,) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4490.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4490.py new file mode 100644 index 0000000000000000000000000000000000000000..b8fe32134e19f38dc385ab67082697235662868c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4490.py @@ -0,0 +1,113 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94, and +# GOST R 34.10-2001 Algorithms with the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4490.txt +# + + +from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful + +from pyasn1_modules import rfc4357 +from pyasn1_modules import rfc5280 + + +# Imports from RFC 4357 + +id_CryptoPro_algorithms = rfc4357.id_CryptoPro_algorithms + +id_GostR3410_94 = rfc4357.id_GostR3410_94 + +id_GostR3410_2001 = rfc4357.id_GostR3410_2001 + +Gost28147_89_ParamSet = rfc4357.Gost28147_89_ParamSet + +Gost28147_89_EncryptedKey = rfc4357.Gost28147_89_EncryptedKey + +GostR3410_94_PublicKeyParameters = rfc4357.GostR3410_94_PublicKeyParameters + +GostR3410_2001_PublicKeyParameters = rfc4357.GostR3410_2001_PublicKeyParameters + + +# Imports from RFC 5280 + +SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo + + +# CMS/PKCS#7 key agreement algorithms & parameters + +class Gost28147_89_KeyWrapParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()), + namedtype.OptionalNamedType('ukm', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(8, 8))) + ) + + +id_Gost28147_89_CryptoPro_KeyWrap = id_CryptoPro_algorithms + (13, 1, ) + + +id_Gost28147_89_None_KeyWrap = id_CryptoPro_algorithms + (13, 0, ) + + +id_GostR3410_2001_CryptoPro_ESDH = id_CryptoPro_algorithms + (96, ) + + +id_GostR3410_94_CryptoPro_ESDH = id_CryptoPro_algorithms + (97, ) + + +# CMS/PKCS#7 key transport algorithms & parameters + +id_GostR3410_2001_KeyTransportSMIMECapability = id_GostR3410_2001 + + +id_GostR3410_94_KeyTransportSMIMECapability = id_GostR3410_94 + + +class GostR3410_TransportParameters(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()), + namedtype.OptionalNamedType('ephemeralPublicKey', + SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('ukm', univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(8, 8))) + ) + +class GostR3410_KeyTransport(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('sessionEncryptedKey', Gost28147_89_EncryptedKey()), + namedtype.OptionalNamedType('transportParameters', + GostR3410_TransportParameters().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +# GOST R 34.10-94 signature algorithm & parameters + +class GostR3410_94_Signature(univ.OctetString): + subtypeSpec = constraint.ValueSizeConstraint(64, 64) + + +# GOST R 34.10-2001 signature algorithms and parameters + +class GostR3410_2001_Signature(univ.OctetString): + subtypeSpec = constraint.ValueSizeConstraint(64, 64) + + +# Update the Algorithm Identifier map in rfc5280.py + +_algorithmIdentifierMapUpdate = { + id_Gost28147_89_CryptoPro_KeyWrap: Gost28147_89_KeyWrapParameters(), + id_Gost28147_89_None_KeyWrap: Gost28147_89_KeyWrapParameters(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4491.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4491.py new file mode 100644 index 0000000000000000000000000000000000000000..60b5560dccaeabe54359e86244156e153120340f --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4491.py @@ -0,0 +1,44 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Using the GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 +# Algorithms with Certificates and CRLs +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4491.txt +# + +from pyasn1_modules import rfc4357 + + +# Signature Algorithm GOST R 34.10-94 + +id_GostR3411_94_with_GostR3410_94 = rfc4357.id_GostR3411_94_with_GostR3410_94 + + +# Signature Algorithm GOST R 34.10-2001 + +id_GostR3411_94_with_GostR3410_2001 = rfc4357.id_GostR3411_94_with_GostR3410_2001 + + +# GOST R 34.10-94 Keys + +id_GostR3410_94 = rfc4357.id_GostR3410_94 + +GostR3410_2001_PublicKey = rfc4357.GostR3410_2001_PublicKey + +GostR3410_2001_PublicKeyParameters = rfc4357.GostR3410_2001_PublicKeyParameters + + +# GOST R 34.10-2001 Keys + +id_GostR3410_2001 = rfc4357.id_GostR3410_2001 + +GostR3410_94_PublicKey = rfc4357.GostR3410_94_PublicKey + +GostR3410_94_PublicKeyParameters = rfc4357.GostR3410_94_PublicKeyParameters diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4683.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4683.py new file mode 100644 index 0000000000000000000000000000000000000000..11ac65aa6860c0db8b0235f5b2882e6a20d951c4 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc4683.py @@ -0,0 +1,72 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Subject Identification Method (SIM) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc4683.txt +# https://www.rfc-editor.org/errata/eid1047 +# + +from pyasn1.type import char +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# Used to compute the PEPSI value + +class HashContent(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('userPassword', char.UTF8String()), + namedtype.NamedType('authorityRandom', univ.OctetString()), + namedtype.NamedType('identifierType', univ.ObjectIdentifier()), + namedtype.NamedType('identifier', char.UTF8String()) + ) + + +# Used to encode the PEPSI value as the SIM Other Name + +id_pkix = rfc5280.id_pkix + +id_on = id_pkix + (8,) + +id_on_SIM = id_on + (6,) + + +class SIM(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()), + namedtype.NamedType('authorityRandom', univ.OctetString()), + namedtype.NamedType('pEPSI', univ.OctetString()) + ) + + +# Used to encrypt the PEPSI value during certificate request + +id_pkip = id_pkix + (5,) + +id_regEPEPSI = id_pkip + (3,) + + +class EncryptedPEPSI(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('identifierType', univ.ObjectIdentifier()), + namedtype.NamedType('identifier', char.UTF8String()), + namedtype.NamedType('sIM', SIM()) + ) + + +# Update the map of Other Name OIDs to Other Names in rfc5280.py + +_anotherNameMapUpdate = { + id_on_SIM: SIM(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5083.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5083.py new file mode 100644 index 0000000000000000000000000000000000000000..26ef550c4795eb678bb10420aa5f162667121d23 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5083.py @@ -0,0 +1,52 @@ +# This file is being contributed to of pyasn1-modules software. +# +# Created by Russ Housley without assistance from the asn1ate tool. +# Modified by Russ Housley to add a map for use with opentypes and +# simplify the code for the object identifier assignment. +# +# Copyright (c) 2018, 2019 Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Authenticated-Enveloped-Data for the Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5083.txt + +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +# CMS Authenticated-Enveloped-Data Content Type + +id_ct_authEnvelopedData = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.23') + +class AuthEnvelopedData(univ.Sequence): + pass + +AuthEnvelopedData.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', rfc5652.CMSVersion()), + namedtype.OptionalNamedType('originatorInfo', rfc5652.OriginatorInfo().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('recipientInfos', rfc5652.RecipientInfos()), + namedtype.NamedType('authEncryptedContentInfo', rfc5652.EncryptedContentInfo()), + namedtype.OptionalNamedType('authAttrs', rfc5652.AuthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('mac', rfc5652.MessageAuthenticationCode()), + namedtype.OptionalNamedType('unauthAttrs', rfc5652.UnauthAttributes().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +# Map of Content Type OIDs to Content Types is added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_authEnvelopedData: AuthEnvelopedData(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5084.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5084.py new file mode 100644 index 0000000000000000000000000000000000000000..76868395619c618edf5a39bba97e9f7a0b9f0785 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5084.py @@ -0,0 +1,97 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from the asn1ate tool, with manual +# changes to AES_CCM_ICVlen.subtypeSpec and added comments +# +# Copyright (c) 2018-2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# AES-CCM and AES-GCM Algorithms fo use with the Authenticated-Enveloped-Data +# protecting content type for the Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5084.txt + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class AES_CCM_ICVlen(univ.Integer): + pass + + +class AES_GCM_ICVlen(univ.Integer): + pass + + +AES_CCM_ICVlen.subtypeSpec = constraint.SingleValueConstraint(4, 6, 8, 10, 12, 14, 16) + +AES_GCM_ICVlen.subtypeSpec = constraint.ValueRangeConstraint(12, 16) + + +class CCMParameters(univ.Sequence): + pass + + +CCMParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('aes-nonce', univ.OctetString().subtype(subtypeSpec=constraint.ValueSizeConstraint(7, 13))), + # The aes-nonce parameter contains 15-L octets, where L is the size of the length field. L=8 is RECOMMENDED. + # Within the scope of any content-authenticated-encryption key, the nonce value MUST be unique. + namedtype.DefaultedNamedType('aes-ICVlen', AES_CCM_ICVlen().subtype(value=12)) +) + + +class GCMParameters(univ.Sequence): + pass + + +GCMParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('aes-nonce', univ.OctetString()), + # The aes-nonce may have any number of bits between 8 and 2^64, but it MUST be a multiple of 8 bits. + # Within the scope of any content-authenticated-encryption key, the nonce value MUST be unique. + # A nonce value of 12 octets can be processed more efficiently, so that length is RECOMMENDED. + namedtype.DefaultedNamedType('aes-ICVlen', AES_GCM_ICVlen().subtype(value=12)) +) + +aes = _OID(2, 16, 840, 1, 101, 3, 4, 1) + +id_aes128_CCM = _OID(aes, 7) + +id_aes128_GCM = _OID(aes, 6) + +id_aes192_CCM = _OID(aes, 27) + +id_aes192_GCM = _OID(aes, 26) + +id_aes256_CCM = _OID(aes, 47) + +id_aes256_GCM = _OID(aes, 46) + + +# Map of Algorithm Identifier OIDs to Parameters is added to the +# ones in rfc5280.py + +_algorithmIdentifierMapUpdate = { + id_aes128_CCM: CCMParameters(), + id_aes128_GCM: GCMParameters(), + id_aes192_CCM: CCMParameters(), + id_aes192_GCM: GCMParameters(), + id_aes256_CCM: CCMParameters(), + id_aes256_GCM: GCMParameters(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5275.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5275.py new file mode 100644 index 0000000000000000000000000000000000000000..1be959814264706401bf7178ebafff0f09062f7a --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5275.py @@ -0,0 +1,404 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# An Internet Attribute Certificate Profile for Authorization +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5275.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc3565 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5751 +from pyasn1_modules import rfc5755 + +MAX = float('inf') + + +# Initialize the map for GLAQueryRequests and GLAQueryResponses + +glaQueryRRMap = { } + + +# Imports from RFC 3565 + +id_aes128_wrap = rfc3565.id_aes128_wrap + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +Certificate = rfc5280.Certificate + +GeneralName = rfc5280.GeneralName + + +# Imports from RFC 5652 + +CertificateSet = rfc5652.CertificateSet + +KEKIdentifier = rfc5652.KEKIdentifier + +RecipientInfos = rfc5652.RecipientInfos + + +# Imports from RFC 5751 + +SMIMECapability = rfc5751.SMIMECapability + + +# Imports from RFC 5755 + +AttributeCertificate = rfc5755.AttributeCertificate + + +# The GL symmetric key distribution object identifier arc + +id_skd = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, 8,)) + + +# The GL Use KEK control attribute + +id_skd_glUseKEK = id_skd + (1,) + + +class Certificates(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pKC', + Certificate().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('aC', + univ.SequenceOf(componentType=AttributeCertificate()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('certPath', + CertificateSet().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +class GLInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('glAddress', GeneralName()) + ) + + +class GLOwnerInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glOwnerName', GeneralName()), + namedtype.NamedType('glOwnerAddress', GeneralName()), + namedtype.OptionalNamedType('certificates', Certificates()) + ) + + +class GLAdministration(univ.Integer): + namedValues = namedval.NamedValues( + ('unmanaged', 0), + ('managed', 1), + ('closed', 2) + ) + + +requested_algorithm = SMIMECapability().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)) +requested_algorithm['capabilityID'] = id_aes128_wrap + + +class GLKeyAttributes(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('rekeyControlledByGLO', + univ.Boolean().subtype(value=0, + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.DefaultedNamedType('recipientsNotMutuallyAware', + univ.Boolean().subtype(value=1, + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.DefaultedNamedType('duration', + univ.Integer().subtype(value=0, + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.DefaultedNamedType('generationCounter', + univ.Integer().subtype(value=2, + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('requestedAlgorithm', requested_algorithm) + ) + + +class GLUseKEK(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glInfo', GLInfo()), + namedtype.NamedType('glOwnerInfo', + univ.SequenceOf(componentType=GLOwnerInfo()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.DefaultedNamedType('glAdministration', + GLAdministration().subtype(value=1)), + namedtype.OptionalNamedType('glKeyAttributes', GLKeyAttributes()) + ) + + +# The Delete GL control attribute + +id_skd_glDelete = id_skd + (2,) + + +class DeleteGL(GeneralName): + pass + + +# The Add GL Member control attribute + +id_skd_glAddMember = id_skd + (3,) + + +class GLMember(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glMemberName', GeneralName()), + namedtype.OptionalNamedType('glMemberAddress', GeneralName()), + namedtype.OptionalNamedType('certificates', Certificates()) + ) + + +class GLAddMember(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('glMember', GLMember()) + ) + + +# The Delete GL Member control attribute + +id_skd_glDeleteMember = id_skd + (4,) + + +class GLDeleteMember(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('glMemberToDelete', GeneralName()) + ) + + +# The GL Rekey control attribute + +id_skd_glRekey = id_skd + (5,) + + +class GLNewKeyAttributes(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('rekeyControlledByGLO', + univ.Boolean().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('recipientsNotMutuallyAware', + univ.Boolean().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('duration', + univ.Integer().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generationCounter', + univ.Integer().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('requestedAlgorithm', + AlgorithmIdentifier().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 4))) + ) + + +class GLRekey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.OptionalNamedType('glAdministration', GLAdministration()), + namedtype.OptionalNamedType('glNewKeyAttributes', GLNewKeyAttributes()), + namedtype.OptionalNamedType('glRekeyAllGLKeys', univ.Boolean()) + ) + + +# The Add and Delete GL Owner control attributes + +id_skd_glAddOwner = id_skd + (6,) + +id_skd_glRemoveOwner = id_skd + (7,) + + +class GLOwnerAdministration(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('glOwnerInfo', GLOwnerInfo()) + ) + + +# The GL Key Compromise control attribute + +id_skd_glKeyCompromise = id_skd + (8,) + + +class GLKCompromise(GeneralName): + pass + + +# The GL Key Refresh control attribute + +id_skd_glkRefresh = id_skd + (9,) + + +class Date(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('start', useful.GeneralizedTime()), + namedtype.OptionalNamedType('end', useful.GeneralizedTime()) + ) + + +class GLKRefresh(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('dates', + univ.SequenceOf(componentType=Date()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +# The GLA Query Request control attribute + +id_skd_glaQueryRequest = id_skd + (11,) + + +class GLAQueryRequest(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glaRequestType', univ.ObjectIdentifier()), + namedtype.NamedType('glaRequestValue', univ.Any(), + openType=opentype.OpenType('glaRequestType', glaQueryRRMap)) + ) + + +# The GLA Query Response control attribute + +id_skd_glaQueryResponse = id_skd + (12,) + + +class GLAQueryResponse(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glaResponseType', univ.ObjectIdentifier()), + namedtype.NamedType('glaResponseValue', univ.Any(), + openType=opentype.OpenType('glaResponseType', glaQueryRRMap)) + ) + + +# The GLA Request/Response (glaRR) arc for glaRequestType/glaResponseType + +id_cmc_glaRR = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 7, 99,)) + + +# The Algorithm Request + +id_cmc_gla_skdAlgRequest = id_cmc_glaRR + (1,) + + +class SKDAlgRequest(univ.Null): + pass + + +# The Algorithm Response + +id_cmc_gla_skdAlgResponse = id_cmc_glaRR + (2,) + +SMIMECapabilities = rfc5751.SMIMECapabilities + + +# The control attribute to request an updated certificate to the GLA and +# the control attribute to return an updated certificate to the GLA + +id_skd_glProvideCert = id_skd + (13,) + +id_skd_glManageCert = id_skd + (14,) + + +class GLManageCert(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('glMember', GLMember()) + ) + + +# The control attribute to distribute the GL shared KEK + +id_skd_glKey = id_skd + (15,) + + +class GLKey(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('glName', GeneralName()), + namedtype.NamedType('glIdentifier', KEKIdentifier()), + namedtype.NamedType('glkWrapped', RecipientInfos()), + namedtype.NamedType('glkAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('glkNotBefore', useful.GeneralizedTime()), + namedtype.NamedType('glkNotAfter', useful.GeneralizedTime()) + ) + + +# The CMC error types + +id_cet_skdFailInfo = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 15, 1,)) + + +class SKDFailInfo(univ.Integer): + namedValues = namedval.NamedValues( + ('unspecified', 0), + ('closedGL', 1), + ('unsupportedDuration', 2), + ('noGLACertificate', 3), + ('invalidCert', 4), + ('unsupportedAlgorithm', 5), + ('noGLONameMatch', 6), + ('invalidGLName', 7), + ('nameAlreadyInUse', 8), + ('noSpam', 9), + ('alreadyAMember', 11), + ('notAMember', 12), + ('alreadyAnOwner', 13), + ('notAnOwner', 14) + ) + + +# Update the map for GLAQueryRequests and GLAQueryResponses + +_glaQueryRRMapUpdate = { + id_cmc_gla_skdAlgRequest: univ.Null(""), + id_cmc_gla_skdAlgResponse: SMIMECapabilities(), +} + +glaQueryRRMap.update(_glaQueryRRMapUpdate) + + +# Update the map for CMC control attributes; since CMS Attributes and +# CMC Controls both use 'attrType', one map is used for both + +_cmcControlAttributesMapUpdate = { + id_skd_glUseKEK: GLUseKEK(), + id_skd_glDelete: DeleteGL(), + id_skd_glAddMember: GLAddMember(), + id_skd_glDeleteMember: GLDeleteMember(), + id_skd_glRekey: GLRekey(), + id_skd_glAddOwner: GLOwnerAdministration(), + id_skd_glRemoveOwner: GLOwnerAdministration(), + id_skd_glKeyCompromise: GLKCompromise(), + id_skd_glkRefresh: GLKRefresh(), + id_skd_glaQueryRequest: GLAQueryRequest(), + id_skd_glaQueryResponse: GLAQueryResponse(), + id_skd_glProvideCert: GLManageCert(), + id_skd_glManageCert: GLManageCert(), + id_skd_glKey: GLKey(), +} + +rfc5652.cmsAttributesMap.update(_cmcControlAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5280.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5280.py new file mode 100644 index 0000000000000000000000000000000000000000..ed5d28f7516bd5e356bccb410a96ba9ee2b47557 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5280.py @@ -0,0 +1,1658 @@ +# coding: utf-8 +# +# This file is part of pyasn1-modules software. +# +# Created by Stanisław Pitucha with asn1ate tool. +# Updated by Russ Housley for ORAddress Extension Attribute opentype support. +# Updated by Russ Housley for AlgorithmIdentifier opentype support. +# +# Copyright (c) 2005-2020, Ilya Etingof +# License: http://snmplabs.com/pyasn1/license.html +# +# Internet X.509 Public Key Infrastructure Certificate and Certificate +# Revocation List (CRL) Profile +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5280.txt +# +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +MAX = float('inf') + + +def _buildOid(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +ub_e163_4_sub_address_length = univ.Integer(40) + +ub_e163_4_number_length = univ.Integer(15) + +unformatted_postal_address = univ.Integer(16) + + +class TerminalType(univ.Integer): + pass + + +TerminalType.namedValues = namedval.NamedValues( + ('telex', 3), + ('teletex', 4), + ('g3-facsimile', 5), + ('g4-facsimile', 6), + ('ia5-terminal', 7), + ('videotex', 8) +) + + +class Extension(univ.Sequence): + pass + + +Extension.componentType = namedtype.NamedTypes( + namedtype.NamedType('extnID', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), + namedtype.NamedType('extnValue', univ.OctetString()) +) + + +class Extensions(univ.SequenceOf): + pass + + +Extensions.componentType = Extension() +Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +physical_delivery_personal_name = univ.Integer(13) + +ub_unformatted_address_length = univ.Integer(180) + +ub_pds_parameter_length = univ.Integer(30) + +ub_pds_physical_address_lines = univ.Integer(6) + + +class UnformattedPostalAddress(univ.Set): + pass + + +UnformattedPostalAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) +) + +ub_organization_name = univ.Integer(64) + + +class X520OrganizationName(univ.Choice): + pass + + +X520OrganizationName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) +) + +ub_x121_address_length = univ.Integer(16) + +pds_name = univ.Integer(7) + +id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) + +id_kp = _buildOid(id_pkix, 3) + +ub_postal_code_length = univ.Integer(16) + + +class PostalCode(univ.Choice): + pass + + +PostalCode.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), + namedtype.NamedType('printable-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) +) + +ub_generation_qualifier_length = univ.Integer(3) + +unique_postal_name = univ.Integer(20) + + +class DomainComponent(char.IA5String): + pass + + +ub_domain_defined_attribute_value_length = univ.Integer(128) + +ub_match = univ.Integer(128) + +id_at = _buildOid(2, 5, 4) + + +class AttributeType(univ.ObjectIdentifier): + pass + + +id_at_organizationalUnitName = _buildOid(id_at, 11) + +terminal_type = univ.Integer(23) + + +class PDSParameter(univ.Set): + pass + + +PDSParameter.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), + namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) +) + + +class PhysicalDeliveryPersonalName(PDSParameter): + pass + + +ub_surname_length = univ.Integer(40) + +id_ad = _buildOid(id_pkix, 48) + +ub_domain_defined_attribute_type_length = univ.Integer(8) + + +class TeletexDomainDefinedAttribute(univ.Sequence): + pass + + +TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + +ub_domain_defined_attributes = univ.Integer(4) + + +class TeletexDomainDefinedAttributes(univ.SequenceOf): + pass + + +TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() +TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + +extended_network_address = univ.Integer(22) + +ub_locality_name = univ.Integer(128) + + +class X520LocalityName(univ.Choice): + pass + + +X520LocalityName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) +) + +teletex_organization_name = univ.Integer(3) + +ub_given_name_length = univ.Integer(16) + +ub_initials_length = univ.Integer(5) + + +class PersonalName(univ.Set): + pass + + +PersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +ub_organizational_unit_name_length = univ.Integer(32) + + +class OrganizationalUnitName(char.PrintableString): + pass + + +OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + +id_at_generationQualifier = _buildOid(id_at, 44) + + +class Version(univ.Integer): + pass + + +Version.namedValues = namedval.NamedValues( + ('v1', 0), + ('v2', 1), + ('v3', 2) +) + + +class CertificateSerialNumber(univ.Integer): + pass + + +algorithmIdentifierMap = {} + + +class AlgorithmIdentifier(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any(), + openType=opentype.OpenType('algorithm', algorithmIdentifierMap) + ) + ) + + +class Time(univ.Choice): + pass + + +Time.componentType = namedtype.NamedTypes( + namedtype.NamedType('utcTime', useful.UTCTime()), + namedtype.NamedType('generalTime', useful.GeneralizedTime()) +) + + +class AttributeValue(univ.Any): + pass + + +certificateAttributesMap = {} + + +class AttributeTypeAndValue(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType( + 'value', AttributeValue(), + openType=opentype.OpenType('type', certificateAttributesMap) + ) + ) + + +class RelativeDistinguishedName(univ.SetOf): + pass + + +RelativeDistinguishedName.componentType = AttributeTypeAndValue() +RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class RDNSequence(univ.SequenceOf): + pass + + +RDNSequence.componentType = RelativeDistinguishedName() + + +class Name(univ.Choice): + pass + + +Name.componentType = namedtype.NamedTypes( + namedtype.NamedType('rdnSequence', RDNSequence()) +) + + +class TBSCertList(univ.Sequence): + pass + + +TBSCertList.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('version', Version()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('thisUpdate', Time()), + namedtype.OptionalNamedType('nextUpdate', Time()), + namedtype.OptionalNamedType( + 'revokedCertificates', univ.SequenceOf( + componentType=univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('userCertificate', CertificateSerialNumber()), + namedtype.NamedType('revocationDate', Time()), + namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) + ) + ) + ) + ), + namedtype.OptionalNamedType( + 'crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) +) + + +class CertificateList(univ.Sequence): + pass + + +CertificateList.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertList', TBSCertList()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class PhysicalDeliveryOfficeName(PDSParameter): + pass + + +ub_extension_attributes = univ.Integer(256) + +certificateExtensionsMap = { +} + +oraddressExtensionAttributeMap = { +} + + +class ExtensionAttribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'extension-attribute-type', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType( + 'extension-attribute-value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)), + openType=opentype.OpenType('extension-attribute-type', oraddressExtensionAttributeMap)) + ) + +id_qt = _buildOid(id_pkix, 2) + +id_qt_cps = _buildOid(id_qt, 1) + +id_at_stateOrProvinceName = _buildOid(id_at, 8) + +id_at_title = _buildOid(id_at, 12) + +id_at_serialNumber = _buildOid(id_at, 5) + + +class X520dnQualifier(char.PrintableString): + pass + + +class PosteRestanteAddress(PDSParameter): + pass + + +poste_restante_address = univ.Integer(19) + + +class UniqueIdentifier(univ.BitString): + pass + + +class Validity(univ.Sequence): + pass + + +Validity.componentType = namedtype.NamedTypes( + namedtype.NamedType('notBefore', Time()), + namedtype.NamedType('notAfter', Time()) +) + + +class SubjectPublicKeyInfo(univ.Sequence): + pass + + +SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( + namedtype.NamedType('algorithm', AlgorithmIdentifier()), + namedtype.NamedType('subjectPublicKey', univ.BitString()) +) + + +class TBSCertificate(univ.Sequence): + pass + + +TBSCertificate.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0)).subtype(value="v1")), + namedtype.NamedType('serialNumber', CertificateSerialNumber()), + namedtype.NamedType('signature', AlgorithmIdentifier()), + namedtype.NamedType('issuer', Name()), + namedtype.NamedType('validity', Validity()), + namedtype.NamedType('subject', Name()), + namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), + namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('extensions', + Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +physical_delivery_office_name = univ.Integer(10) + +ub_name = univ.Integer(32768) + + +class X520name(univ.Choice): + pass + + +X520name.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) +) + +id_at_dnQualifier = _buildOid(id_at, 46) + +ub_serial_number = univ.Integer(64) + +ub_pseudonym = univ.Integer(128) + +pkcs_9 = _buildOid(1, 2, 840, 113549, 1, 9) + + +class X121Address(char.NumericString): + pass + + +X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) + + +class NetworkAddress(X121Address): + pass + + +ub_integer_options = univ.Integer(256) + +id_at_commonName = _buildOid(id_at, 3) + +ub_organization_name_length = univ.Integer(64) + +id_ad_ocsp = _buildOid(id_ad, 1) + +ub_country_name_numeric_length = univ.Integer(3) + +ub_country_name_alpha_length = univ.Integer(2) + + +class PhysicalDeliveryCountryName(univ.Choice): + pass + + +PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + +id_emailAddress = _buildOid(pkcs_9, 1) + +common_name = univ.Integer(1) + + +class X520Pseudonym(univ.Choice): + pass + + +X520Pseudonym.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) +) + +ub_domain_name_length = univ.Integer(16) + + +class AdministrationDomainName(univ.Choice): + pass + + +AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( + tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) +AdministrationDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) +) + + +class PresentationAddress(univ.Sequence): + pass + + +PresentationAddress.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + + +class ExtendedNetworkAddress(univ.Choice): + pass + + +ExtendedNetworkAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType( + 'e163-4-address', univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + ) + ), + namedtype.NamedType('psap-address', PresentationAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) +) + + +class TeletexOrganizationName(char.TeletexString): + pass + + +TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + +ub_terminal_id_length = univ.Integer(24) + + +class TerminalIdentifier(char.PrintableString): + pass + + +TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) + +id_ad_caIssuers = _buildOid(id_ad, 2) + +id_at_countryName = _buildOid(id_at, 6) + + +class StreetAddress(PDSParameter): + pass + + +postal_code = univ.Integer(9) + +id_at_givenName = _buildOid(id_at, 42) + +ub_title = univ.Integer(64) + + +class ExtensionAttributes(univ.SetOf): + pass + + +ExtensionAttributes.componentType = ExtensionAttribute() +ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) + +ub_emailaddress_length = univ.Integer(255) + +id_ad_caRepository = _buildOid(id_ad, 5) + + +class ExtensionORAddressComponents(PDSParameter): + pass + + +ub_organizational_unit_name = univ.Integer(64) + + +class X520OrganizationalUnitName(univ.Choice): + pass + + +X520OrganizationalUnitName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('printableString', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('universalString', char.UniversalString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('utf8String', char.UTF8String().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), + namedtype.NamedType('bmpString', char.BMPString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) +) + + +class LocalPostalAttributes(PDSParameter): + pass + + +teletex_organizational_unit_names = univ.Integer(5) + + +class X520Title(univ.Choice): + pass + + +X520Title.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) +) + +id_at_localityName = _buildOid(id_at, 7) + +id_at_initials = _buildOid(id_at, 43) + +ub_state_name = univ.Integer(128) + + +class X520StateOrProvinceName(univ.Choice): + pass + + +X520StateOrProvinceName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) +) + +physical_delivery_organization_name = univ.Integer(14) + +id_at_surname = _buildOid(id_at, 4) + + +class X520countryName(char.PrintableString): + pass + + +X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) + +physical_delivery_office_number = univ.Integer(11) + +id_qt_unotice = _buildOid(id_qt, 2) + + +class X520SerialNumber(char.PrintableString): + pass + + +X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) + + +class Attribute(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', AttributeType()), + namedtype.NamedType('values', + univ.SetOf(componentType=AttributeValue()), + openType=opentype.OpenType('type', certificateAttributesMap)) + ) + +ub_common_name = univ.Integer(64) + +id_pe = _buildOid(id_pkix, 1) + + +class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): + pass + + +class EmailAddress(char.IA5String): + pass + + +EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) + +id_at_organizationName = _buildOid(id_at, 10) + +post_office_box_address = univ.Integer(18) + + +class BuiltInDomainDefinedAttribute(univ.Sequence): + pass + + +BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( + namedtype.NamedType('type', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), + namedtype.NamedType('value', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) +) + + +class BuiltInDomainDefinedAttributes(univ.SequenceOf): + pass + + +BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() +BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) + +id_at_pseudonym = _buildOid(id_at, 65) + +id_domainComponent = _buildOid(0, 9, 2342, 19200300, 100, 1, 25) + + +class X520CommonName(univ.Choice): + pass + + +X520CommonName.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('utf8String', + char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), + namedtype.NamedType('bmpString', + char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) +) + +extension_OR_address_components = univ.Integer(12) + +ub_organizational_units = univ.Integer(4) + +teletex_personal_name = univ.Integer(4) + +ub_numeric_user_id_length = univ.Integer(32) + +ub_common_name_length = univ.Integer(64) + + +class TeletexCommonName(char.TeletexString): + pass + + +TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + + +class PhysicalDeliveryOrganizationName(PDSParameter): + pass + + +extension_physical_delivery_address_components = univ.Integer(15) + + +class NumericUserIdentifier(char.NumericString): + pass + + +NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) + + +class CountryName(univ.Choice): + pass + + +CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) +CountryName.componentType = namedtype.NamedTypes( + namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), + namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) +) + + +class OrganizationName(char.PrintableString): + pass + + +OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) + + +class OrganizationalUnitNames(univ.SequenceOf): + pass + + +OrganizationalUnitNames.componentType = OrganizationalUnitName() +OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) + + +class PrivateDomainName(univ.Choice): + pass + + +PrivateDomainName.componentType = namedtype.NamedTypes( + namedtype.NamedType('numeric', char.NumericString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), + namedtype.NamedType('printable', char.PrintableString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) +) + + +class BuiltInStandardAttributes(univ.Sequence): + pass + + +BuiltInStandardAttributes.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('country-name', CountryName()), + namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), + namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), + namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), + namedtype.OptionalNamedType('personal-name', PersonalName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) +) + + +class ORAddress(univ.Sequence): + pass + + +ORAddress.componentType = namedtype.NamedTypes( + namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), + namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), + namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) +) + + +class DistinguishedName(RDNSequence): + pass + + +id_ad_timeStamping = _buildOid(id_ad, 3) + + +class PhysicalDeliveryOfficeNumber(PDSParameter): + pass + + +teletex_domain_defined_attributes = univ.Integer(6) + + +class UniquePostalName(PDSParameter): + pass + + +physical_delivery_country_name = univ.Integer(8) + +ub_pds_name_length = univ.Integer(16) + + +class PDSName(char.PrintableString): + pass + + +PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) + + +class TeletexPersonalName(univ.Set): + pass + + +TeletexPersonalName.componentType = namedtype.NamedTypes( + namedtype.NamedType('surname', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('initials', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) +) + +street_address = univ.Integer(17) + + +class PostOfficeBoxAddress(PDSParameter): + pass + + +local_postal_attributes = univ.Integer(21) + + +class DirectoryString(univ.Choice): + pass + + +DirectoryString.componentType = namedtype.NamedTypes( + namedtype.NamedType('teletexString', + char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('printableString', + char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('universalString', + char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + +teletex_common_name = univ.Integer(2) + + +class CommonName(char.PrintableString): + pass + + +CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) + + +class Certificate(univ.Sequence): + pass + + +Certificate.componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsCertificate', TBSCertificate()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signature', univ.BitString()) +) + + +class TeletexOrganizationalUnitName(char.TeletexString): + pass + + +TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) + +id_at_name = _buildOid(id_at, 41) + + +class TeletexOrganizationalUnitNames(univ.SequenceOf): + pass + + +TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() +TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) + +id_ce = _buildOid(2, 5, 29) + +id_ce_issuerAltName = _buildOid(id_ce, 18) + + +class SkipCerts(univ.Integer): + pass + + +SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class CRLReason(univ.Enumerated): + pass + + +CRLReason.namedValues = namedval.NamedValues( + ('unspecified', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('removeFromCRL', 8), + ('privilegeWithdrawn', 9), + ('aACompromise', 10) +) + + +class PrivateKeyUsagePeriod(univ.Sequence): + pass + + +PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +anotherNameMap = { + +} + + +class AnotherName(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type-id', univ.ObjectIdentifier()), + namedtype.NamedType( + 'value', + univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), + openType=opentype.OpenType('type-id', anotherNameMap) + ) + ) + + +class EDIPartyName(univ.Sequence): + pass + + +EDIPartyName.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('partyName', DirectoryString().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) +) + + +class GeneralName(univ.Choice): + pass + + +GeneralName.componentType = namedtype.NamedTypes( + namedtype.NamedType('otherName', + AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('rfc822Name', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('dNSName', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.NamedType('x400Address', + ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.NamedType('directoryName', + Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), + namedtype.NamedType('ediPartyName', + EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), + namedtype.NamedType('uniformResourceIdentifier', + char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), + namedtype.NamedType('iPAddress', + univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), + namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) +) + + +class BaseDistance(univ.Integer): + pass + + +BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class GeneralSubtree(univ.Sequence): + pass + + +GeneralSubtree.componentType = namedtype.NamedTypes( + namedtype.NamedType('base', GeneralName()), + namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.OptionalNamedType('maximum', BaseDistance().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class GeneralNames(univ.SequenceOf): + pass + + +GeneralNames.componentType = GeneralName() +GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class DistributionPointName(univ.Choice): + pass + + +DistributionPointName.componentType = namedtype.NamedTypes( + namedtype.NamedType('fullName', + GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class ReasonFlags(univ.BitString): + pass + + +ReasonFlags.namedValues = namedval.NamedValues( + ('unused', 0), + ('keyCompromise', 1), + ('cACompromise', 2), + ('affiliationChanged', 3), + ('superseded', 4), + ('cessationOfOperation', 5), + ('certificateHold', 6), + ('privilegeWithdrawn', 7), + ('aACompromise', 8) +) + + +class IssuingDistributionPoint(univ.Sequence): + pass + + +IssuingDistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), + namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), + namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) +) + +id_ce_certificatePolicies = _buildOid(id_ce, 32) + +id_kp_emailProtection = _buildOid(id_kp, 4) + + +class AccessDescription(univ.Sequence): + pass + + +AccessDescription.componentType = namedtype.NamedTypes( + namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), + namedtype.NamedType('accessLocation', GeneralName()) +) + + +class IssuerAltName(GeneralNames): + pass + + +id_ce_cRLDistributionPoints = _buildOid(id_ce, 31) + +holdInstruction = _buildOid(2, 2, 840, 10040, 2) + +id_holdinstruction_callissuer = _buildOid(holdInstruction, 2) + +id_ce_subjectDirectoryAttributes = _buildOid(id_ce, 9) + +id_ce_issuingDistributionPoint = _buildOid(id_ce, 28) + + +class DistributionPoint(univ.Sequence): + pass + + +DistributionPoint.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class CRLDistributionPoints(univ.SequenceOf): + pass + + +CRLDistributionPoints.componentType = DistributionPoint() +CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class GeneralSubtrees(univ.SequenceOf): + pass + + +GeneralSubtrees.componentType = GeneralSubtree() +GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class NameConstraints(univ.Sequence): + pass + + +NameConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +class SubjectDirectoryAttributes(univ.SequenceOf): + pass + + +SubjectDirectoryAttributes.componentType = Attribute() +SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_kp_OCSPSigning = _buildOid(id_kp, 9) + +id_kp_timeStamping = _buildOid(id_kp, 8) + + +class DisplayText(univ.Choice): + pass + + +DisplayText.componentType = namedtype.NamedTypes( + namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('visibleString', + char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), + namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) +) + + +class NoticeReference(univ.Sequence): + pass + + +NoticeReference.componentType = namedtype.NamedTypes( + namedtype.NamedType('organization', DisplayText()), + namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) +) + + +class UserNotice(univ.Sequence): + pass + + +UserNotice.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('noticeRef', NoticeReference()), + namedtype.OptionalNamedType('explicitText', DisplayText()) +) + + +class PolicyQualifierId(univ.ObjectIdentifier): + pass + + +policyQualifierInfoMap = { + +} + + +class PolicyQualifierInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyQualifierId', PolicyQualifierId()), + namedtype.NamedType( + 'qualifier', univ.Any(), + openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) + ) + ) + + +class CertPolicyId(univ.ObjectIdentifier): + pass + + +class PolicyInformation(univ.Sequence): + pass + + +PolicyInformation.componentType = namedtype.NamedTypes( + namedtype.NamedType('policyIdentifier', CertPolicyId()), + namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) +) + + +class CertificatePolicies(univ.SequenceOf): + pass + + +CertificatePolicies.componentType = PolicyInformation() +CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class SubjectAltName(GeneralNames): + pass + + +id_ce_basicConstraints = _buildOid(id_ce, 19) + +id_ce_authorityKeyIdentifier = _buildOid(id_ce, 35) + +id_kp_codeSigning = _buildOid(id_kp, 3) + + +class BasicConstraints(univ.Sequence): + pass + + +BasicConstraints.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) +) + +id_ce_certificateIssuer = _buildOid(id_ce, 29) + + +class PolicyMappings(univ.SequenceOf): + pass + + +PolicyMappings.componentType = univ.Sequence( + componentType=namedtype.NamedTypes( + namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), + namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) + ) +) + +PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class InhibitAnyPolicy(SkipCerts): + pass + + +anyPolicy = _buildOid(id_ce_certificatePolicies, 0) + + +class CRLNumber(univ.Integer): + pass + + +CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) + + +class BaseCRLNumber(CRLNumber): + pass + + +id_ce_nameConstraints = _buildOid(id_ce, 30) + +id_kp_serverAuth = _buildOid(id_kp, 1) + +id_ce_freshestCRL = _buildOid(id_ce, 46) + +id_ce_cRLReasons = _buildOid(id_ce, 21) + +id_ce_extKeyUsage = _buildOid(id_ce, 37) + + +class KeyIdentifier(univ.OctetString): + pass + + +class AuthorityKeyIdentifier(univ.Sequence): + pass + + +AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class FreshestCRL(CRLDistributionPoints): + pass + + +id_ce_policyConstraints = _buildOid(id_ce, 36) + +id_pe_authorityInfoAccess = _buildOid(id_pe, 1) + + +class AuthorityInfoAccessSyntax(univ.SequenceOf): + pass + + +AuthorityInfoAccessSyntax.componentType = AccessDescription() +AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_holdinstruction_none = _buildOid(holdInstruction, 1) + + +class CPSuri(char.IA5String): + pass + + +id_pe_subjectInfoAccess = _buildOid(id_pe, 11) + + +class SubjectKeyIdentifier(KeyIdentifier): + pass + + +id_ce_subjectAltName = _buildOid(id_ce, 17) + + +class KeyPurposeId(univ.ObjectIdentifier): + pass + + +class ExtKeyUsageSyntax(univ.SequenceOf): + pass + + +ExtKeyUsageSyntax.componentType = KeyPurposeId() +ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class HoldInstructionCode(univ.ObjectIdentifier): + pass + + +id_ce_deltaCRLIndicator = _buildOid(id_ce, 27) + +id_ce_keyUsage = _buildOid(id_ce, 15) + +id_ce_holdInstructionCode = _buildOid(id_ce, 23) + + +class SubjectInfoAccessSyntax(univ.SequenceOf): + pass + + +SubjectInfoAccessSyntax.componentType = AccessDescription() +SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class InvalidityDate(useful.GeneralizedTime): + pass + + +class KeyUsage(univ.BitString): + pass + + +KeyUsage.namedValues = namedval.NamedValues( + ('digitalSignature', 0), + ('nonRepudiation', 1), + ('keyEncipherment', 2), + ('dataEncipherment', 3), + ('keyAgreement', 4), + ('keyCertSign', 5), + ('cRLSign', 6), + ('encipherOnly', 7), + ('decipherOnly', 8) +) + +id_ce_invalidityDate = _buildOid(id_ce, 24) + +id_ce_policyMappings = _buildOid(id_ce, 33) + +anyExtendedKeyUsage = _buildOid(id_ce_extKeyUsage, 0) + +id_ce_privateKeyUsagePeriod = _buildOid(id_ce, 16) + +id_ce_cRLNumber = _buildOid(id_ce, 20) + + +class CertificateIssuer(GeneralNames): + pass + + +id_holdinstruction_reject = _buildOid(holdInstruction, 3) + + +class PolicyConstraints(univ.Sequence): + pass + + +PolicyConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('requireExplicitPolicy', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('inhibitPolicyMapping', + SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + +id_kp_clientAuth = _buildOid(id_kp, 2) + +id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) + +id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) + +# map of ORAddress ExtensionAttribute type to ExtensionAttribute value + +_oraddressExtensionAttributeMapUpdate = { + common_name: CommonName(), + teletex_common_name: TeletexCommonName(), + teletex_organization_name: TeletexOrganizationName(), + teletex_personal_name: TeletexPersonalName(), + teletex_organizational_unit_names: TeletexOrganizationalUnitNames(), + pds_name: PDSName(), + physical_delivery_country_name: PhysicalDeliveryCountryName(), + postal_code: PostalCode(), + physical_delivery_office_name: PhysicalDeliveryOfficeName(), + physical_delivery_office_number: PhysicalDeliveryOfficeNumber(), + extension_OR_address_components: ExtensionORAddressComponents(), + physical_delivery_personal_name: PhysicalDeliveryPersonalName(), + physical_delivery_organization_name: PhysicalDeliveryOrganizationName(), + extension_physical_delivery_address_components: ExtensionPhysicalDeliveryAddressComponents(), + unformatted_postal_address: UnformattedPostalAddress(), + street_address: StreetAddress(), + post_office_box_address: PostOfficeBoxAddress(), + poste_restante_address: PosteRestanteAddress(), + unique_postal_name: UniquePostalName(), + local_postal_attributes: LocalPostalAttributes(), + extended_network_address: ExtendedNetworkAddress(), + terminal_type: TerminalType(), + teletex_domain_defined_attributes: TeletexDomainDefinedAttributes(), +} + +oraddressExtensionAttributeMap.update(_oraddressExtensionAttributeMapUpdate) + + +# map of AttributeType -> AttributeValue + +_certificateAttributesMapUpdate = { + id_at_name: X520name(), + id_at_surname: X520name(), + id_at_givenName: X520name(), + id_at_initials: X520name(), + id_at_generationQualifier: X520name(), + id_at_commonName: X520CommonName(), + id_at_localityName: X520LocalityName(), + id_at_stateOrProvinceName: X520StateOrProvinceName(), + id_at_organizationName: X520OrganizationName(), + id_at_organizationalUnitName: X520OrganizationalUnitName(), + id_at_title: X520Title(), + id_at_dnQualifier: X520dnQualifier(), + id_at_countryName: X520countryName(), + id_at_serialNumber: X520SerialNumber(), + id_at_pseudonym: X520Pseudonym(), + id_domainComponent: DomainComponent(), + id_emailAddress: EmailAddress(), +} + +certificateAttributesMap.update(_certificateAttributesMapUpdate) + + +# map of Certificate Extension OIDs to Extensions + +_certificateExtensionsMap = { + id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), + id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), + id_ce_keyUsage: KeyUsage(), + id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), + id_ce_certificatePolicies: CertificatePolicies(), + id_ce_policyMappings: PolicyMappings(), + id_ce_subjectAltName: SubjectAltName(), + id_ce_issuerAltName: IssuerAltName(), + id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), + id_ce_basicConstraints: BasicConstraints(), + id_ce_nameConstraints: NameConstraints(), + id_ce_policyConstraints: PolicyConstraints(), + id_ce_extKeyUsage: ExtKeyUsageSyntax(), + id_ce_cRLDistributionPoints: CRLDistributionPoints(), + id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), + id_ce_cRLNumber: univ.Integer(), + id_ce_deltaCRLIndicator: BaseCRLNumber(), + id_ce_issuingDistributionPoint: IssuingDistributionPoint(), + id_ce_cRLReasons: CRLReason(), + id_ce_holdInstructionCode: univ.ObjectIdentifier(), + id_ce_invalidityDate: useful.GeneralizedTime(), + id_ce_certificateIssuer: GeneralNames(), +} + +certificateExtensionsMap.update(_certificateExtensionsMap) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5697.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5697.py new file mode 100644 index 0000000000000000000000000000000000000000..8c5a9d3ecf37c51697443c3f85909afe235e0951 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5697.py @@ -0,0 +1,70 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Other Certificates Extension +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5697.txt + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc4055 + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +CertificateSerialNumber = rfc5280.CertificateSerialNumber + +GeneralNames = rfc5280.GeneralNames + + +# Imports from RFC 4055 + +id_sha1 = rfc4055.id_sha1 + + +# Imports from RFC 5055 +# These are defined here because a module for RFC 5055 does not exist yet + +class SCVPIssuerSerial(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', GeneralNames()), + namedtype.NamedType('serialNumber', CertificateSerialNumber()) + ) + + +sha1_alg_id = AlgorithmIdentifier() +sha1_alg_id['algorithm'] = id_sha1 + + +class SCVPCertID(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('certHash', univ.OctetString()), + namedtype.NamedType('issuerSerial', SCVPIssuerSerial()), + namedtype.DefaultedNamedType('hashAlgorithm', sha1_alg_id) + ) + + +# Other Certificates Extension + +id_pe_otherCerts = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 1, 19,)) + +class OtherCertificates(univ.SequenceOf): + componentType = SCVPCertID() + + +# Update of certificate extension map in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_otherCerts: OtherCertificates(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5751.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5751.py new file mode 100644 index 0000000000000000000000000000000000000000..7e200012c6bda47ed30e5dcd7f3a9daf898dc3f9 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5751.py @@ -0,0 +1,124 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# S/MIME Version 3.2 Message Specification +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5751.txt + +from pyasn1.type import namedtype +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc8018 + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + return univ.ObjectIdentifier(output) + + +# Imports from RFC 5652 and RFC 8018 + +IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber + +RecipientKeyIdentifier = rfc5652.RecipientKeyIdentifier + +SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier + +rc2CBC = rfc8018.rc2CBC + + +# S/MIME Capabilities Attribute + +smimeCapabilities = univ.ObjectIdentifier('1.2.840.113549.1.9.15') + + +smimeCapabilityMap = { } + + +class SMIMECapability(univ.Sequence): + pass + +SMIMECapability.componentType = namedtype.NamedTypes( + namedtype.NamedType('capabilityID', univ.ObjectIdentifier()), + namedtype.OptionalNamedType('parameters', univ.Any(), + openType=opentype.OpenType('capabilityID', smimeCapabilityMap)) +) + + +class SMIMECapabilities(univ.SequenceOf): + pass + +SMIMECapabilities.componentType = SMIMECapability() + + +class SMIMECapabilitiesParametersForRC2CBC(univ.Integer): + # which carries the RC2 Key Length (number of bits) + pass + + +# S/MIME Encryption Key Preference Attribute + +id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16') + +id_aa = _OID(id_smime, 2) + +id_aa_encrypKeyPref = _OID(id_aa, 11) + + +class SMIMEEncryptionKeyPreference(univ.Choice): + pass + +SMIMEEncryptionKeyPreference.componentType = namedtype.NamedTypes( + namedtype.NamedType('issuerAndSerialNumber', + IssuerAndSerialNumber().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('receipentKeyId', + # Yes, 'receipentKeyId' is spelled incorrectly, but kept + # this way for alignment with the ASN.1 module in the RFC. + RecipientKeyIdentifier().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('subjectAltKeyIdentifier', + SubjectKeyIdentifier().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +# The Prefer Binary Inside SMIMECapabilities attribute + +id_cap = _OID(id_smime, 11) + +id_cap_preferBinaryInside = _OID(id_cap, 1) + + +# CMS Attribute Map + +_cmsAttributesMapUpdate = { + smimeCapabilities: SMIMECapabilities(), + id_aa_encrypKeyPref: SMIMEEncryptionKeyPreference(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# SMIMECapabilities Attribute Map +# +# Do not include OIDs in the dictionary when the parameters are absent. + +_smimeCapabilityMapUpdate = { + rc2CBC: SMIMECapabilitiesParametersForRC2CBC(), +} + +smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5752.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5752.py new file mode 100644 index 0000000000000000000000000000000000000000..1d0df8f45977effaf711079f0aa92980755b4e32 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5752.py @@ -0,0 +1,49 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Multiple Signatures in Cryptographic Message Syntax (CMS) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5752.txt +# https://www.rfc-editor.org/errata/eid4444 +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5035 +from pyasn1_modules import rfc5652 + + +class SignAttrsHash(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('algID', rfc5652.DigestAlgorithmIdentifier()), + namedtype.NamedType('hash', univ.OctetString()) + ) + + +class MultipleSignatures(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('bodyHashAlg', rfc5652.DigestAlgorithmIdentifier()), + namedtype.NamedType('signAlg', rfc5652.SignatureAlgorithmIdentifier()), + namedtype.NamedType('signAttrsHash', SignAttrsHash()), + namedtype.OptionalNamedType('cert', rfc5035.ESSCertIDv2()) + ) + + +id_aa_multipleSignatures = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.51') + + +# Map of Attribute Type OIDs to Attributes added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_multipleSignatures: MultipleSignatures(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5755.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5755.py new file mode 100644 index 0000000000000000000000000000000000000000..14f56fc600051edfe4b2dafce032aba8df45b674 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5755.py @@ -0,0 +1,398 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# An Internet Attribute Certificate Profile for Authorization +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5755.txt +# https://www.rfc-editor.org/rfc/rfc5912.txt (see Section 13) +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import opentype +from pyasn1.type import tag +from pyasn1.type import univ +from pyasn1.type import useful + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + +MAX = float('inf') + +# Map for Security Category type to value + +securityCategoryMap = { } + + +# Imports from RFC 5652 + +ContentInfo = rfc5652.ContentInfo + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + +Attribute = rfc5280.Attribute + +AuthorityInfoAccessSyntax = rfc5280.AuthorityInfoAccessSyntax + +AuthorityKeyIdentifier = rfc5280.AuthorityKeyIdentifier + +CertificateSerialNumber = rfc5280.CertificateSerialNumber + +CRLDistributionPoints = rfc5280.CRLDistributionPoints + +Extensions = rfc5280.Extensions + +Extension = rfc5280.Extension + +GeneralNames = rfc5280.GeneralNames + +GeneralName = rfc5280.GeneralName + +UniqueIdentifier = rfc5280.UniqueIdentifier + + +# Object Identifier arcs + +id_pkix = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, )) + +id_pe = id_pkix + (1, ) + +id_kp = id_pkix + (3, ) + +id_aca = id_pkix + (10, ) + +id_ad = id_pkix + (48, ) + +id_at = univ.ObjectIdentifier((2, 5, 4, )) + +id_ce = univ.ObjectIdentifier((2, 5, 29, )) + + +# Attribute Certificate + +class AttCertVersion(univ.Integer): + namedValues = namedval.NamedValues( + ('v2', 1) + ) + + +class IssuerSerial(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('issuer', GeneralNames()), + namedtype.NamedType('serial', CertificateSerialNumber()), + namedtype.OptionalNamedType('issuerUID', UniqueIdentifier()) + ) + + +class ObjectDigestInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('digestedObjectType', + univ.Enumerated(namedValues=namedval.NamedValues( + ('publicKey', 0), + ('publicKeyCert', 1), + ('otherObjectTypes', 2)))), + namedtype.OptionalNamedType('otherObjectTypeID', + univ.ObjectIdentifier()), + namedtype.NamedType('digestAlgorithm', + AlgorithmIdentifier()), + namedtype.NamedType('objectDigest', + univ.BitString()) + ) + + +class Holder(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('baseCertificateID', + IssuerSerial().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('entityName', + GeneralNames().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('objectDigestInfo', + ObjectDigestInfo().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +class V2Form(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('issuerName', + GeneralNames()), + namedtype.OptionalNamedType('baseCertificateID', + IssuerSerial().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.OptionalNamedType('objectDigestInfo', + ObjectDigestInfo().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +class AttCertIssuer(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('v1Form', GeneralNames()), + namedtype.NamedType('v2Form', V2Form().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 0))) + ) + + +class AttCertValidityPeriod(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('notBeforeTime', useful.GeneralizedTime()), + namedtype.NamedType('notAfterTime', useful.GeneralizedTime()) + ) + + +class AttributeCertificateInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('version', + AttCertVersion()), + namedtype.NamedType('holder', + Holder()), + namedtype.NamedType('issuer', + AttCertIssuer()), + namedtype.NamedType('signature', + AlgorithmIdentifier()), + namedtype.NamedType('serialNumber', + CertificateSerialNumber()), + namedtype.NamedType('attrCertValidityPeriod', + AttCertValidityPeriod()), + namedtype.NamedType('attributes', + univ.SequenceOf(componentType=Attribute())), + namedtype.OptionalNamedType('issuerUniqueID', + UniqueIdentifier()), + namedtype.OptionalNamedType('extensions', + Extensions()) + ) + + +class AttributeCertificate(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('acinfo', AttributeCertificateInfo()), + namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), + namedtype.NamedType('signatureValue', univ.BitString()) + ) + + +# Attribute Certificate Extensions + +id_pe_ac_auditIdentity = id_pe + (4, ) + +id_ce_noRevAvail = id_ce + (56, ) + +id_ce_targetInformation = id_ce + (55, ) + + +class TargetCert(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('targetCertificate', IssuerSerial()), + namedtype.OptionalNamedType('targetName', GeneralName()), + namedtype.OptionalNamedType('certDigestInfo', ObjectDigestInfo()) + ) + + +class Target(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('targetName', + GeneralName().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('targetGroup', + GeneralName().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('targetCert', + TargetCert().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 2))) + ) + + +class Targets(univ.SequenceOf): + componentType = Target() + + +id_pe_ac_proxying = id_pe + (10, ) + + +class ProxyInfo(univ.SequenceOf): + componentType = Targets() + + +id_pe_aaControls = id_pe + (6, ) + + +class AttrSpec(univ.SequenceOf): + componentType = univ.ObjectIdentifier() + + +class AAControls(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('pathLenConstraint', + univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), + namedtype.OptionalNamedType('permittedAttrs', + AttrSpec().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('excludedAttrs', + AttrSpec().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.DefaultedNamedType('permitUnSpecified', + univ.Boolean().subtype(value=1)) + ) + + +# Attribute Certificate Attributes + +id_aca_authenticationInfo = id_aca + (1, ) + + +id_aca_accessIdentity = id_aca + (2, ) + + +class SvceAuthInfo(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('service', GeneralName()), + namedtype.NamedType('ident', GeneralName()), + namedtype.OptionalNamedType('authInfo', univ.OctetString()) + ) + + +id_aca_chargingIdentity = id_aca + (3, ) + + +id_aca_group = id_aca + (4, ) + + +class IetfAttrSyntax(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('policyAuthority', + GeneralNames().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('values', univ.SequenceOf( + componentType=univ.Choice(componentType=namedtype.NamedTypes( + namedtype.NamedType('octets', univ.OctetString()), + namedtype.NamedType('oid', univ.ObjectIdentifier()), + namedtype.NamedType('string', char.UTF8String()) + )) + )) + ) + + +id_at_role = id_at + (72,) + + +class RoleSyntax(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('roleAuthority', + GeneralNames().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('roleName', + GeneralName().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))) + ) + + +class ClassList(univ.BitString): + namedValues = namedval.NamedValues( + ('unmarked', 0), + ('unclassified', 1), + ('restricted', 2), + ('confidential', 3), + ('secret', 4), + ('topSecret', 5) + ) + + +class SecurityCategory(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('type', + univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('value', + univ.Any().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1)), + openType=opentype.OpenType('type', securityCategoryMap)) + ) + + +id_at_clearance = univ.ObjectIdentifier((2, 5, 4, 55, )) + + +class Clearance(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyId', + univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('classList', + ClassList().subtype(value='unclassified')), + namedtype.OptionalNamedType('securityCategories', + univ.SetOf(componentType=SecurityCategory())) + ) + + +id_at_clearance_rfc3281 = univ.ObjectIdentifier((2, 5, 1, 5, 55, )) + + +class Clearance_rfc3281(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('policyId', + univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.DefaultedNamedType('classList', + ClassList().subtype(implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1)).subtype( + value='unclassified')), + namedtype.OptionalNamedType('securityCategories', + univ.SetOf(componentType=SecurityCategory()).subtype( + implicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))) + ) + + +id_aca_encAttrs = id_aca + (6, ) + + +class ACClearAttrs(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('acIssuer', GeneralName()), + namedtype.NamedType('acSerial', univ.Integer()), + namedtype.NamedType('attrs', univ.SequenceOf(componentType=Attribute())) + ) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_ac_auditIdentity: univ.OctetString(), + id_ce_noRevAvail: univ.Null(), + id_ce_targetInformation: Targets(), + id_pe_ac_proxying: ProxyInfo(), + id_pe_aaControls: AAControls(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) + + +# Map of AttributeType OIDs to AttributeValue added to the +# ones that are in rfc5280.py + +_certificateAttributesMapUpdate = { + id_aca_authenticationInfo: SvceAuthInfo(), + id_aca_accessIdentity: SvceAuthInfo(), + id_aca_chargingIdentity: IetfAttrSyntax(), + id_aca_group: IetfAttrSyntax(), + id_at_role: RoleSyntax(), + id_at_clearance: Clearance(), + id_at_clearance_rfc3281: Clearance_rfc3281(), + id_aca_encAttrs: ContentInfo(), +} + +rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5914.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5914.py new file mode 100644 index 0000000000000000000000000000000000000000..d125ea2a65f3d9309446c0c06c0ed92035607daa --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5914.py @@ -0,0 +1,119 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Trust Anchor Format +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5914.txt + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +MAX = float('inf') + +Certificate = rfc5280.Certificate + +Name = rfc5280.Name + +Extensions = rfc5280.Extensions + +SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo + +TBSCertificate = rfc5280.TBSCertificate + +CertificatePolicies = rfc5280.CertificatePolicies + +KeyIdentifier = rfc5280.KeyIdentifier + +NameConstraints = rfc5280.NameConstraints + + +class CertPolicyFlags(univ.BitString): + pass + +CertPolicyFlags.namedValues = namedval.NamedValues( + ('inhibitPolicyMapping', 0), + ('requireExplicitPolicy', 1), + ('inhibitAnyPolicy', 2) +) + + +class CertPathControls(univ.Sequence): + pass + +CertPathControls.componentType = namedtype.NamedTypes( + namedtype.NamedType('taName', Name()), + namedtype.OptionalNamedType('certificate', Certificate().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('policySet', CertificatePolicies().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('policyFlags', CertPolicyFlags().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('nameConstr', NameConstraints().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), + namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype( + subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) +) + + +class TrustAnchorTitle(char.UTF8String): + pass + +TrustAnchorTitle.subtypeSpec = constraint.ValueSizeConstraint(1, 64) + + +class TrustAnchorInfoVersion(univ.Integer): + pass + +TrustAnchorInfoVersion.namedValues = namedval.NamedValues( + ('v1', 1) +) + + +class TrustAnchorInfo(univ.Sequence): + pass + +TrustAnchorInfo.componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', TrustAnchorInfoVersion().subtype(value='v1')), + namedtype.NamedType('pubKey', SubjectPublicKeyInfo()), + namedtype.NamedType('keyId', KeyIdentifier()), + namedtype.OptionalNamedType('taTitle', TrustAnchorTitle()), + namedtype.OptionalNamedType('certPath', CertPathControls()), + namedtype.OptionalNamedType('exts', Extensions().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('taTitleLangTag', char.UTF8String().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) +) + + +class TrustAnchorChoice(univ.Choice): + pass + +TrustAnchorChoice.componentType = namedtype.NamedTypes( + namedtype.NamedType('certificate', Certificate()), + namedtype.NamedType('tbsCert', TBSCertificate().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.NamedType('taInfo', TrustAnchorInfo().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) +) + + +id_ct_trustAnchorList = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.34') + +class TrustAnchorList(univ.SequenceOf): + pass + +TrustAnchorList.componentType = TrustAnchorChoice() +TrustAnchorList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5915.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5915.py new file mode 100644 index 0000000000000000000000000000000000000000..82ff4a338bc14aa1924d7d2d16e95753db4194f5 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5915.py @@ -0,0 +1,32 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Elliptic Curve Private Key +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5915.txt + +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5480 + + +class ECPrivateKey(univ.Sequence): + pass + +ECPrivateKey.componentType = namedtype.NamedTypes( + namedtype.NamedType('version', univ.Integer( + namedValues=namedval.NamedValues(('ecPrivkeyVer1', 1)))), + namedtype.NamedType('privateKey', univ.OctetString()), + namedtype.OptionalNamedType('parameters', rfc5480.ECParameters().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('publicKey', univ.BitString().subtype( + explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5990.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5990.py new file mode 100644 index 0000000000000000000000000000000000000000..281316fb81a0b20f5e353f07c3a95b39777709d3 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc5990.py @@ -0,0 +1,237 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Use of the RSA-KEM Key Transport Algorithm in the CMS +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc5990.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + return univ.ObjectIdentifier(output) + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Useful types and definitions + +class NullParms(univ.Null): + pass + + +# Object identifier arcs + +is18033_2 = _OID(1, 0, 18033, 2) + +nistAlgorithm = _OID(2, 16, 840, 1, 101, 3, 4) + +pkcs_1 = _OID(1, 2, 840, 113549, 1, 1) + +x9_44 = _OID(1, 3, 133, 16, 840, 9, 44) + +x9_44_components = _OID(x9_44, 1) + + +# Types for algorithm identifiers + +class Camellia_KeyWrappingScheme(AlgorithmIdentifier): + pass + +class DataEncapsulationMechanism(AlgorithmIdentifier): + pass + +class KDF2_HashFunction(AlgorithmIdentifier): + pass + +class KDF3_HashFunction(AlgorithmIdentifier): + pass + +class KeyDerivationFunction(AlgorithmIdentifier): + pass + +class KeyEncapsulationMechanism(AlgorithmIdentifier): + pass + +class X9_SymmetricKeyWrappingScheme(AlgorithmIdentifier): + pass + + +# RSA-KEM Key Transport Algorithm + +id_rsa_kem = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 14) + + +class GenericHybridParameters(univ.Sequence): + pass + +GenericHybridParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('kem', KeyEncapsulationMechanism()), + namedtype.NamedType('dem', DataEncapsulationMechanism()) +) + + +rsa_kem = AlgorithmIdentifier() +rsa_kem['algorithm'] = id_rsa_kem +rsa_kem['parameters'] = GenericHybridParameters() + + +# KEM-RSA Key Encapsulation Mechanism + +id_kem_rsa = _OID(is18033_2, 2, 4) + + +class KeyLength(univ.Integer): + pass + +KeyLength.subtypeSpec = constraint.ValueRangeConstraint(1, MAX) + + +class RsaKemParameters(univ.Sequence): + pass + +RsaKemParameters.componentType = namedtype.NamedTypes( + namedtype.NamedType('keyDerivationFunction', KeyDerivationFunction()), + namedtype.NamedType('keyLength', KeyLength()) +) + + +kem_rsa = AlgorithmIdentifier() +kem_rsa['algorithm'] = id_kem_rsa +kem_rsa['parameters'] = RsaKemParameters() + + +# Key Derivation Functions + +id_kdf_kdf2 = _OID(x9_44_components, 1) + +id_kdf_kdf3 = _OID(x9_44_components, 2) + + +kdf2 = AlgorithmIdentifier() +kdf2['algorithm'] = id_kdf_kdf2 +kdf2['parameters'] = KDF2_HashFunction() + +kdf3 = AlgorithmIdentifier() +kdf3['algorithm'] = id_kdf_kdf3 +kdf3['parameters'] = KDF3_HashFunction() + + +# Hash Functions + +id_sha1 = _OID(1, 3, 14, 3, 2, 26) + +id_sha224 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 4) + +id_sha256 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 1) + +id_sha384 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 2) + +id_sha512 = _OID(2, 16, 840, 1, 101, 3, 4, 2, 3) + + +sha1 = AlgorithmIdentifier() +sha1['algorithm'] = id_sha1 +sha1['parameters'] = univ.Null("") + +sha224 = AlgorithmIdentifier() +sha224['algorithm'] = id_sha224 +sha224['parameters'] = univ.Null("") + +sha256 = AlgorithmIdentifier() +sha256['algorithm'] = id_sha256 +sha256['parameters'] = univ.Null("") + +sha384 = AlgorithmIdentifier() +sha384['algorithm'] = id_sha384 +sha384['parameters'] = univ.Null("") + +sha512 = AlgorithmIdentifier() +sha512['algorithm'] = id_sha512 +sha512['parameters'] = univ.Null("") + + +# Symmetric Key-Wrapping Schemes + +id_aes128_Wrap = _OID(nistAlgorithm, 1, 5) + +id_aes192_Wrap = _OID(nistAlgorithm, 1, 25) + +id_aes256_Wrap = _OID(nistAlgorithm, 1, 45) + +id_alg_CMS3DESwrap = _OID(1, 2, 840, 113549, 1, 9, 16, 3, 6) + +id_camellia128_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 2) + +id_camellia192_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 3) + +id_camellia256_Wrap = _OID(1, 2, 392, 200011, 61, 1, 1, 3, 4) + + +aes128_Wrap = AlgorithmIdentifier() +aes128_Wrap['algorithm'] = id_aes128_Wrap +# aes128_Wrap['parameters'] are absent + +aes192_Wrap = AlgorithmIdentifier() +aes192_Wrap['algorithm'] = id_aes128_Wrap +# aes192_Wrap['parameters'] are absent + +aes256_Wrap = AlgorithmIdentifier() +aes256_Wrap['algorithm'] = id_sha256 +# aes256_Wrap['parameters'] are absent + +tdes_Wrap = AlgorithmIdentifier() +tdes_Wrap['algorithm'] = id_alg_CMS3DESwrap +tdes_Wrap['parameters'] = univ.Null("") + +camellia128_Wrap = AlgorithmIdentifier() +camellia128_Wrap['algorithm'] = id_camellia128_Wrap +# camellia128_Wrap['parameters'] are absent + +camellia192_Wrap = AlgorithmIdentifier() +camellia192_Wrap['algorithm'] = id_camellia192_Wrap +# camellia192_Wrap['parameters'] are absent + +camellia256_Wrap = AlgorithmIdentifier() +camellia256_Wrap['algorithm'] = id_camellia256_Wrap +# camellia256_Wrap['parameters'] are absent + + +# Update the Algorithm Identifier map in rfc5280.py. +# Note that the ones that must not have parameters are not added to the map. + +_algorithmIdentifierMapUpdate = { + id_rsa_kem: GenericHybridParameters(), + id_kem_rsa: RsaKemParameters(), + id_kdf_kdf2: KDF2_HashFunction(), + id_kdf_kdf3: KDF3_HashFunction(), + id_sha1: univ.Null(), + id_sha224: univ.Null(), + id_sha256: univ.Null(), + id_sha384: univ.Null(), + id_sha512: univ.Null(), + id_alg_CMS3DESwrap: univ.Null(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6010.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6010.py new file mode 100644 index 0000000000000000000000000000000000000000..250e207ba4e87f77d5e30ed87dd69e219728be69 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6010.py @@ -0,0 +1,88 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Certificate Extension for CMS Content Constraints (CCC) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6010.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +AttributeType = rfc5280.AttributeType + +AttributeValue = rfc5280.AttributeValue + + +id_ct_anyContentType = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.0') + + +class AttrConstraint(univ.Sequence): + pass + +AttrConstraint.componentType = namedtype.NamedTypes( + namedtype.NamedType('attrType', AttributeType()), + namedtype.NamedType('attrValues', univ.SetOf( + componentType=AttributeValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class AttrConstraintList(univ.SequenceOf): + pass + +AttrConstraintList.componentType = AttrConstraint() +AttrConstraintList.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +class ContentTypeGeneration(univ.Enumerated): + pass + +ContentTypeGeneration.namedValues = namedval.NamedValues( + ('canSource', 0), + ('cannotSource', 1) +) + + +class ContentTypeConstraint(univ.Sequence): + pass + +ContentTypeConstraint.componentType = namedtype.NamedTypes( + namedtype.NamedType('contentType', univ.ObjectIdentifier()), + namedtype.DefaultedNamedType('canSource', ContentTypeGeneration().subtype(value='canSource')), + namedtype.OptionalNamedType('attrConstraints', AttrConstraintList()) +) + + +# CMS Content Constraints (CCC) Extension and Object Identifier + +id_pe_cmsContentConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.18') + +class CMSContentConstraints(univ.SequenceOf): + pass + +CMSContentConstraints.componentType = ContentTypeConstraint() +CMSContentConstraints.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +# Map of Certificate Extension OIDs to Extensions +# To be added to the ones that are in rfc5280.py + +_certificateExtensionsMap = { + id_pe_cmsContentConstraints: CMSContentConstraints(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMap) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6032.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6032.py new file mode 100644 index 0000000000000000000000000000000000000000..563639a8d66e1dd571ca0f819ab55d59c66b831b --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6032.py @@ -0,0 +1,68 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# CMS Encrypted Key Package Content Type +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6032.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 +from pyasn1_modules import rfc5083 + + +# Content Decryption Key Identifier attribute + +id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') + +class ContentDecryptKeyID(univ.OctetString): + pass + +aa_content_decrypt_key_identifier = rfc5652.Attribute() +aa_content_decrypt_key_identifier['attrType'] = id_aa_KP_contentDecryptKeyID +aa_content_decrypt_key_identifier['attrValues'][0] = ContentDecryptKeyID() + + +# Encrypted Key Package Content Type + +id_ct_KP_encryptedKeyPkg = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.2') + +class EncryptedKeyPackage(univ.Choice): + pass + +EncryptedKeyPackage.componentType = namedtype.NamedTypes( + namedtype.NamedType('encrypted', rfc5652.EncryptedData()), + namedtype.NamedType('enveloped', rfc5652.EnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), + namedtype.NamedType('authEnveloped', rfc5083.AuthEnvelopedData().subtype( + implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) +) + + +# Map of Attribute Type OIDs to Attributes are +# added to the ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + + +# Map of Content Type OIDs to Content Types are +# added to the ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_KP_encryptedKeyPkg: EncryptedKeyPackage(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6187.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6187.py new file mode 100644 index 0000000000000000000000000000000000000000..4be005471623acbe31f20e608fdaddda9830a30b --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6187.py @@ -0,0 +1,22 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# X.509v3 Certificates for Secure Shell Authentication +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6187.txt +# + +from pyasn1.type import univ + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') + +id_kp = id_pkix + (3, ) + +id_kp_secureShellClient = id_kp + (21, ) +id_kp_secureShellServer = id_kp + (22, ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6482.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6482.py new file mode 100644 index 0000000000000000000000000000000000000000..d213a46f8de4f2e71f2a363bd637929b0f6936fa --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6482.py @@ -0,0 +1,74 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# RPKI Route Origin Authorizations (ROAs) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6482.txt +# https://www.rfc-editor.org/errata/eid5881 +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +id_ct_routeOriginAuthz = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.24') + + +class ASID(univ.Integer): + pass + + +class IPAddress(univ.BitString): + pass + + +class ROAIPAddress(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('address', IPAddress()), + namedtype.OptionalNamedType('maxLength', univ.Integer()) + ) + + +class ROAIPAddressFamily(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('addressFamily', + univ.OctetString().subtype( + subtypeSpec=constraint.ValueSizeConstraint(2, 3))), + namedtype.NamedType('addresses', + univ.SequenceOf(componentType=ROAIPAddress()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +class RouteOriginAttestation(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.DefaultedNamedType('version', + univ.Integer().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), + namedtype.NamedType('asID', ASID()), + namedtype.NamedType('ipAddrBlocks', + univ.SequenceOf(componentType=ROAIPAddressFamily()).subtype( + subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) + ) + + +# Map of Content Type OIDs to Content Types added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_routeOriginAuthz: RouteOriginAttestation(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6664.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6664.py new file mode 100644 index 0000000000000000000000000000000000000000..41629d8d7f85ef45a8b28dee523055807eb858dc --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6664.py @@ -0,0 +1,147 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# S/MIME Capabilities for Public Key Definitions +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6664.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5751 +from pyasn1_modules import rfc5480 +from pyasn1_modules import rfc4055 +from pyasn1_modules import rfc3279 + +MAX = float('inf') + + +# Imports from RFC 5280 + +AlgorithmIdentifier = rfc5280.AlgorithmIdentifier + + +# Imports from RFC 3279 + +dhpublicnumber = rfc3279.dhpublicnumber + +Dss_Parms = rfc3279.Dss_Parms + +id_dsa = rfc3279.id_dsa + +id_ecPublicKey = rfc3279.id_ecPublicKey + +rsaEncryption = rfc3279.rsaEncryption + + +# Imports from RFC 4055 + +id_mgf1 = rfc4055.id_mgf1 + +id_RSAES_OAEP = rfc4055.id_RSAES_OAEP + +id_RSASSA_PSS = rfc4055.id_RSASSA_PSS + + +# Imports from RFC 5480 + +ECParameters = rfc5480.ECParameters + +id_ecDH = rfc5480.id_ecDH + +id_ecMQV = rfc5480.id_ecMQV + + +# RSA + +class RSAKeySize(univ.Integer): + # suggested values are 1024, 2048, 3072, 4096, 7680, 8192, and 15360; + # however, the integer value is not limited to these suggestions + pass + + +class RSAKeyCapabilities(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('minKeySize', RSAKeySize()), + namedtype.OptionalNamedType('maxKeySize', RSAKeySize()) + ) + + +class RsaSsa_Pss_sig_caps(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('hashAlg', AlgorithmIdentifier()), + namedtype.OptionalNamedType('maskAlg', AlgorithmIdentifier()), + namedtype.DefaultedNamedType('trailerField', univ.Integer().subtype(value=1)) + ) + + +# Diffie-Hellman and DSA + +class DSAKeySize(univ.Integer): + subtypeSpec = constraint.SingleValueConstraint(1024, 2048, 3072, 7680, 15360) + + +class DSAKeyCapabilities(univ.Choice): + componentType = namedtype.NamedTypes( + namedtype.NamedType('keySizes', univ.Sequence(componentType=namedtype.NamedTypes( + namedtype.NamedType('minKeySize', + DSAKeySize()), + namedtype.OptionalNamedType('maxKeySize', + DSAKeySize()), + namedtype.OptionalNamedType('maxSizeP', + univ.Integer().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 1))), + namedtype.OptionalNamedType('maxSizeQ', + univ.Integer().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 2))), + namedtype.OptionalNamedType('maxSizeG', + univ.Integer().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatSimple, 3))) + )).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), + namedtype.NamedType('keyParams', + Dss_Parms().subtype(explicitTag=tag.Tag( + tag.tagClassContext, tag.tagFormatConstructed, 1))) + ) + + +# Elliptic Curve + +class EC_SMimeCaps(univ.SequenceOf): + componentType = ECParameters() + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +# Update the SMIMECapabilities Attribute Map in rfc5751.py +# +# The map can either include an entry for scap-sa-rsaSSA-PSS or +# scap-pk-rsaSSA-PSS, but not both. One is associated with the +# public key and the other is associated with the signature +# algorithm; however, they use the same OID. If you need the +# other one in your application, copy the map into a local dict, +# adjust as needed, and pass the local dict to the decoder with +# openTypes=your_local_map. + +_smimeCapabilityMapUpdate = { + rsaEncryption: RSAKeyCapabilities(), + id_RSASSA_PSS: RSAKeyCapabilities(), + # id_RSASSA_PSS: RsaSsa_Pss_sig_caps(), + id_RSAES_OAEP: RSAKeyCapabilities(), + id_dsa: DSAKeyCapabilities(), + dhpublicnumber: DSAKeyCapabilities(), + id_ecPublicKey: EC_SMimeCaps(), + id_ecDH: EC_SMimeCaps(), + id_ecMQV: EC_SMimeCaps(), + id_mgf1: AlgorithmIdentifier(), +} + +rfc5751.smimeCapabilityMap.update(_smimeCapabilityMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6955.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6955.py new file mode 100644 index 0000000000000000000000000000000000000000..09f2d6562ee6343bc8f8cc3056270ecab6169b2c --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc6955.py @@ -0,0 +1,108 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Diffie-Hellman Proof-of-Possession Algorithms +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc6955.txt +# + +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc3279 +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + + +# Imports from RFC 5652 + +MessageDigest = rfc5652.MessageDigest + +IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber + + +# Imports from RFC 5280 + +id_pkix = rfc5280.id_pkix + + +# Imports from RFC 3279 + +Dss_Sig_Value = rfc3279.Dss_Sig_Value + +DomainParameters = rfc3279.DomainParameters + + +# Static DH Proof-of-Possession + +class DhSigStatic(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('issuerAndSerial', IssuerAndSerialNumber()), + namedtype.NamedType('hashValue', MessageDigest()) + ) + + +# Object Identifiers + +id_dh_sig_hmac_sha1 = id_pkix + (6, 3, ) + +id_dhPop_static_sha1_hmac_sha1 = univ.ObjectIdentifier(id_dh_sig_hmac_sha1) + + +id_alg_dh_pop = id_pkix + (6, 4, ) + +id_alg_dhPop_sha1 = univ.ObjectIdentifier(id_alg_dh_pop) + +id_alg_dhPop_sha224 = id_pkix + (6, 5, ) + +id_alg_dhPop_sha256 = id_pkix + (6, 6, ) + +id_alg_dhPop_sha384 = id_pkix + (6, 7, ) + +id_alg_dhPop_sha512 = id_pkix + (6, 8, ) + + +id_alg_dhPop_static_sha224_hmac_sha224 = id_pkix + (6, 15, ) + +id_alg_dhPop_static_sha256_hmac_sha256 = id_pkix + (6, 16, ) + +id_alg_dhPop_static_sha384_hmac_sha384 = id_pkix + (6, 17, ) + +id_alg_dhPop_static_sha512_hmac_sha512 = id_pkix + (6, 18, ) + + +id_alg_ecdhPop_static_sha224_hmac_sha224 = id_pkix + (6, 25, ) + +id_alg_ecdhPop_static_sha256_hmac_sha256 = id_pkix + (6, 26, ) + +id_alg_ecdhPop_static_sha384_hmac_sha384 = id_pkix + (6, 27, ) + +id_alg_ecdhPop_static_sha512_hmac_sha512 = id_pkix + (6, 28, ) + + +# Update the Algorithm Identifier map in rfc5280.py + +_algorithmIdentifierMapUpdate = { + id_alg_dh_pop: DomainParameters(), + id_alg_dhPop_sha224: DomainParameters(), + id_alg_dhPop_sha256: DomainParameters(), + id_alg_dhPop_sha384: DomainParameters(), + id_alg_dhPop_sha512: DomainParameters(), + id_dh_sig_hmac_sha1: univ.Null(""), + id_alg_dhPop_static_sha224_hmac_sha224: univ.Null(""), + id_alg_dhPop_static_sha256_hmac_sha256: univ.Null(""), + id_alg_dhPop_static_sha384_hmac_sha384: univ.Null(""), + id_alg_dhPop_static_sha512_hmac_sha512: univ.Null(""), + id_alg_ecdhPop_static_sha224_hmac_sha224: univ.Null(""), + id_alg_ecdhPop_static_sha256_hmac_sha256: univ.Null(""), + id_alg_ecdhPop_static_sha384_hmac_sha384: univ.Null(""), + id_alg_ecdhPop_static_sha512_hmac_sha512: univ.Null(""), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7030.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7030.py new file mode 100644 index 0000000000000000000000000000000000000000..84b6dc5f9a35e63a4bc31d7e0715217c62a469c7 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7030.py @@ -0,0 +1,66 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Enrollment over Secure Transport (EST) +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7030.txt +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +MAX = float('inf') + + +# Imports from RFC 5652 + +Attribute = rfc5652.Attribute + + +# Asymmetric Decrypt Key Identifier Attribute + +id_aa_asymmDecryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.54') + +class AsymmetricDecryptKeyIdentifier(univ.OctetString): + pass + + +aa_asymmDecryptKeyID = Attribute() +aa_asymmDecryptKeyID['attrType'] = id_aa_asymmDecryptKeyID +aa_asymmDecryptKeyID['attrValues'][0] = AsymmetricDecryptKeyIdentifier() + + +# CSR Attributes + +class AttrOrOID(univ.Choice): + pass + +AttrOrOID.componentType = namedtype.NamedTypes( + namedtype.NamedType('oid', univ.ObjectIdentifier()), + namedtype.NamedType('attribute', Attribute()) +) + + +class CsrAttrs(univ.SequenceOf): + pass + +CsrAttrs.componentType = AttrOrOID() +CsrAttrs.subtypeSpec=constraint.ValueSizeConstraint(0, MAX) + + +# Update CMS Attribute Map + +_cmsAttributesMapUpdate = { + id_aa_asymmDecryptKeyID: AsymmetricDecryptKeyIdentifier(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7229.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7229.py new file mode 100644 index 0000000000000000000000000000000000000000..e9bce2d5b61e14fe6428b438fbf8b7cce06cf147 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7229.py @@ -0,0 +1,29 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Object Identifiers for Test Certificate Policies +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7229.txt +# + +from pyasn1.type import univ + + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') + +id_TEST = id_pkix + (13, ) + +id_TEST_certPolicyOne = id_TEST + (1, ) +id_TEST_certPolicyTwo = id_TEST + (2, ) +id_TEST_certPolicyThree = id_TEST + (3, ) +id_TEST_certPolicyFour = id_TEST + (4, ) +id_TEST_certPolicyFive = id_TEST + (5, ) +id_TEST_certPolicySix = id_TEST + (6, ) +id_TEST_certPolicySeven = id_TEST + (7, ) +id_TEST_certPolicyEight = id_TEST + (8, ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7508.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7508.py new file mode 100644 index 0000000000000000000000000000000000000000..66460240f149edf865f46759e862729655a872a0 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7508.py @@ -0,0 +1,90 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Securing Header Fields with S/MIME +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7508.txt +# https://www.rfc-editor.org/errata/eid5875 +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import namedval +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + +import string + +MAX = float('inf') + + +class Algorithm(univ.Enumerated): + namedValues = namedval.NamedValues( + ('canonAlgorithmSimple', 0), + ('canonAlgorithmRelaxed', 1) + ) + + +class HeaderFieldStatus(univ.Integer): + namedValues = namedval.NamedValues( + ('duplicated', 0), + ('deleted', 1), + ('modified', 2) + ) + + +class HeaderFieldName(char.VisibleString): + subtypeSpec = ( + constraint.PermittedAlphabetConstraint(*string.printable) - + constraint.PermittedAlphabetConstraint(':') + ) + + +class HeaderFieldValue(char.UTF8String): + pass + + +class HeaderField(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('field-Name', HeaderFieldName()), + namedtype.NamedType('field-Value', HeaderFieldValue()), + namedtype.DefaultedNamedType('field-Status', + HeaderFieldStatus().subtype(value='duplicated')) + ) + + +class HeaderFields(univ.SequenceOf): + componentType = HeaderField() + subtypeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class SecureHeaderFields(univ.Set): + componentType = namedtype.NamedTypes( + namedtype.NamedType('canonAlgorithm', Algorithm()), + namedtype.NamedType('secHeaderFields', HeaderFields()) + ) + + +id_aa = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, 2, )) + +id_aa_secureHeaderFieldsIdentifier = id_aa + (55, ) + + + +# Map of Attribute Type OIDs to Attributes added to the +# ones that are in rfc5652.py + +_cmsAttributesMapUpdate = { + id_aa_secureHeaderFieldsIdentifier: SecureHeaderFields(), +} + +rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) + diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7585.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7585.py new file mode 100644 index 0000000000000000000000000000000000000000..b3fd4a5bacab6a00a68b78620ff832b0852b5c43 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7585.py @@ -0,0 +1,50 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Network Access Identifier (NAI) Realm Name for Certificates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7585.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# NAI Realm Name for Certificates + +id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') + +id_on = id_pkix + (8, ) + +id_on_naiRealm = id_on + (8, ) + + +ub_naiRealm_length = univ.Integer(255) + + +class NAIRealm(char.UTF8String): + subtypeSpec = constraint.ValueSizeConstraint(1, ub_naiRealm_length) + + +naiRealm = rfc5280.AnotherName() +naiRealm['type-id'] = id_on_naiRealm +naiRealm['value'] = NAIRealm() + + +# Map of Other Name OIDs to Other Name is added to the +# ones that are in rfc5280.py + +_anotherNameMapUpdate = { + id_on_naiRealm: NAIRealm(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7773.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7773.py new file mode 100644 index 0000000000000000000000000000000000000000..0fee2aa346c1da71e57c0143a0bf7515f3ee2bac --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7773.py @@ -0,0 +1,52 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Authentication Context Certificate Extension +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc7773.txt +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# Authentication Context Extension + +e_legnamnden = univ.ObjectIdentifier('1.2.752.201') + +id_eleg_ce = e_legnamnden + (5, ) + +id_ce_authContext = id_eleg_ce + (1, ) + + +class AuthenticationContext(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('contextType', char.UTF8String()), + namedtype.OptionalNamedType('contextInfo', char.UTF8String()) + ) + +class AuthenticationContexts(univ.SequenceOf): + componentType = AuthenticationContext() + subtypeSpec=constraint.ValueSizeConstraint(1, MAX) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_ce_authContext: AuthenticationContexts(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7914.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7914.py new file mode 100644 index 0000000000000000000000000000000000000000..99e95515672280db5df6d0e7e336d678e89d89aa --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc7914.py @@ -0,0 +1,49 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +#The scrypt Password-Based Key Derivation Function +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8520.txt +# https://www.rfc-editor.org/errata/eid5871 +# + +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +id_scrypt = univ.ObjectIdentifier('1.3.6.1.4.1.11591.4.11') + + +class Scrypt_params(univ.Sequence): + componentType = namedtype.NamedTypes( + namedtype.NamedType('salt', + univ.OctetString()), + namedtype.NamedType('costParameter', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), + namedtype.NamedType('blockSize', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), + namedtype.NamedType('parallelizationParameter', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))), + namedtype.OptionalNamedType('keyLength', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, MAX))) + ) + + +# Update the Algorithm Identifier map in rfc5280.py + +_algorithmIdentifierMapUpdate = { + id_scrypt: Scrypt_params(), +} + +rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8209.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8209.py new file mode 100644 index 0000000000000000000000000000000000000000..7d70f51b0c001f5d8165d90bb066f51b68892996 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8209.py @@ -0,0 +1,20 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# BGPsec Router PKI Profile +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8209.txt +# + +from pyasn1.type import univ + + +id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') + +id_kp_bgpsec_router = id_kp + (30, ) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8226.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8226.py new file mode 100644 index 0000000000000000000000000000000000000000..e7fe9460e95d8cef0effb2198859afaf73d5c910 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8226.py @@ -0,0 +1,149 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley with assistance from the asn1ate tool, with manual +# changes to implement appropriate constraints and added comments. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# JWT Claim Constraints and TN Authorization List for certificate extensions. +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8226.txt (with errata corrected) + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import namedtype +from pyasn1.type import tag +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +def _OID(*components): + output = [] + for x in tuple(components): + if isinstance(x, univ.ObjectIdentifier): + output.extend(list(x)) + else: + output.append(int(x)) + + return univ.ObjectIdentifier(output) + + +class JWTClaimName(char.IA5String): + pass + + +class JWTClaimNames(univ.SequenceOf): + pass + +JWTClaimNames.componentType = JWTClaimName() +JWTClaimNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class JWTClaimPermittedValues(univ.Sequence): + pass + +JWTClaimPermittedValues.componentType = namedtype.NamedTypes( + namedtype.NamedType('claim', JWTClaimName()), + namedtype.NamedType('permitted', univ.SequenceOf( + componentType=char.UTF8String()).subtype( + sizeSpec=constraint.ValueSizeConstraint(1, MAX))) +) + + +class JWTClaimPermittedValuesList(univ.SequenceOf): + pass + +JWTClaimPermittedValuesList.componentType = JWTClaimPermittedValues() +JWTClaimPermittedValuesList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + + +class JWTClaimConstraints(univ.Sequence): + pass + +JWTClaimConstraints.componentType = namedtype.NamedTypes( + namedtype.OptionalNamedType('mustInclude', + JWTClaimNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0))), + namedtype.OptionalNamedType('permittedValues', + JWTClaimPermittedValuesList().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 1))) +) + +JWTClaimConstraints.subtypeSpec = constraint.ConstraintsUnion( + constraint.WithComponentsConstraint( + ('mustInclude', constraint.ComponentPresentConstraint())), + constraint.WithComponentsConstraint( + ('permittedValues', constraint.ComponentPresentConstraint())) +) + + +id_pe_JWTClaimConstraints = _OID(1, 3, 6, 1, 5, 5, 7, 1, 27) + + +class ServiceProviderCode(char.IA5String): + pass + + +class TelephoneNumber(char.IA5String): + pass + +TelephoneNumber.subtypeSpec = constraint.ConstraintsIntersection( + constraint.ValueSizeConstraint(1, 15), + constraint.PermittedAlphabetConstraint( + '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '#', '*') +) + + +class TelephoneNumberRange(univ.Sequence): + pass + +TelephoneNumberRange.componentType = namedtype.NamedTypes( + namedtype.NamedType('start', TelephoneNumber()), + namedtype.NamedType('count', + univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(2, MAX))) +) + + +class TNEntry(univ.Choice): + pass + +TNEntry.componentType = namedtype.NamedTypes( + namedtype.NamedType('spc', + ServiceProviderCode().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 0))), + namedtype.NamedType('range', + TelephoneNumberRange().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatConstructed, 1))), + namedtype.NamedType('one', + TelephoneNumber().subtype(explicitTag=tag.Tag(tag.tagClassContext, + tag.tagFormatSimple, 2))) +) + + +class TNAuthorizationList(univ.SequenceOf): + pass + +TNAuthorizationList.componentType = TNEntry() +TNAuthorizationList.sizeSpec = constraint.ValueSizeConstraint(1, MAX) + +id_pe_TNAuthList = _OID(1, 3, 6, 1, 5, 5, 7, 1, 26) + + +id_ad_stirTNList = _OID(1, 3, 6, 1, 5, 5, 7, 48, 14) + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_TNAuthList: TNAuthorizationList(), + id_pe_JWTClaimConstraints: JWTClaimConstraints(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8358.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8358.py new file mode 100644 index 0000000000000000000000000000000000000000..647a366622ade8f56675ef9eae282a1a7661cc34 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8358.py @@ -0,0 +1,50 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Digital Signatures on Internet-Draft Documents +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8358.txt +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc5652 + + +id_ct = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1') + +id_ct_asciiTextWithCRLF = id_ct + (27, ) + +id_ct_epub = id_ct + (39, ) + +id_ct_htmlWithCRLF = id_ct + (38, ) + +id_ct_pdf = id_ct + (29, ) + +id_ct_postscript = id_ct + (30, ) + +id_ct_utf8TextWithCRLF = id_ct + (37, ) + +id_ct_xml = id_ct + (28, ) + + +# Map of Content Type OIDs to Content Types is added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_asciiTextWithCRLF: univ.OctetString(), + id_ct_epub: univ.OctetString(), + id_ct_htmlWithCRLF: univ.OctetString(), + id_ct_pdf: univ.OctetString(), + id_ct_postscript: univ.OctetString(), + id_ct_utf8TextWithCRLF: univ.OctetString(), + id_ct_xml: univ.OctetString(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8360.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8360.py new file mode 100644 index 0000000000000000000000000000000000000000..ca180c18d81b728938526992b9e314009a9eb1de --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8360.py @@ -0,0 +1,44 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Resource Public Key Infrastructure (RPKI) Validation Reconsidered +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8360.txt +# https://www.rfc-editor.org/errata/eid5870 +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc3779 +from pyasn1_modules import rfc5280 + + +# IP Address Delegation Extension V2 + +id_pe_ipAddrBlocks_v2 = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.28') + +IPAddrBlocks = rfc3779.IPAddrBlocks + + +# Autonomous System Identifier Delegation Extension V2 + +id_pe_autonomousSysIds_v2 = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.29') + +ASIdentifiers = rfc3779.ASIdentifiers + + +# Map of Certificate Extension OIDs to Extensions is added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_ipAddrBlocks_v2: IPAddrBlocks(), + id_pe_autonomousSysIds_v2: ASIdentifiers(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8398.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8398.py new file mode 100644 index 0000000000000000000000000000000000000000..151b6321079543ee2ec40dcf7204be5262c314c2 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8398.py @@ -0,0 +1,52 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with some assistance from asn1ate v.0.6.0. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Internationalized Email Addresses in X.509 Certificates +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8398.txt +# https://www.rfc-editor.org/errata/eid5418 +# + +from pyasn1.type import char +from pyasn1.type import constraint +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + +MAX = float('inf') + + +# SmtpUTF8Mailbox contains Mailbox as specified in Section 3.3 of RFC 6531 + +id_pkix = rfc5280.id_pkix + +id_on = id_pkix + (8, ) + +id_on_SmtpUTF8Mailbox = id_on + (9, ) + + +class SmtpUTF8Mailbox(char.UTF8String): + pass + +SmtpUTF8Mailbox.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) + + +on_SmtpUTF8Mailbox = rfc5280.AnotherName() +on_SmtpUTF8Mailbox['type-id'] = id_on_SmtpUTF8Mailbox +on_SmtpUTF8Mailbox['value'] = SmtpUTF8Mailbox() + + +# Map of Other Name OIDs to Other Name is added to the +# ones that are in rfc5280.py + +_anotherNameMapUpdate = { + id_on_SmtpUTF8Mailbox: SmtpUTF8Mailbox(), +} + +rfc5280.anotherNameMap.update(_anotherNameMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8410.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8410.py new file mode 100644 index 0000000000000000000000000000000000000000..98bc97bb14b297a5f3024fb32270201d623e25dd --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8410.py @@ -0,0 +1,43 @@ +# This file is being contributed to pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8410.txt + +from pyasn1.type import univ +from pyasn1_modules import rfc3565 +from pyasn1_modules import rfc4055 +from pyasn1_modules import rfc5280 + + +class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): + pass + + +class CurvePrivateKey(univ.OctetString): + pass + + +id_X25519 = univ.ObjectIdentifier('1.3.101.110') + +id_X448 = univ.ObjectIdentifier('1.3.101.111') + +id_Ed25519 = univ.ObjectIdentifier('1.3.101.112') + +id_Ed448 = univ.ObjectIdentifier('1.3.101.113') + +id_sha512 = rfc4055.id_sha512 + +id_aes128_wrap = rfc3565.id_aes128_wrap + +id_aes256_wrap = rfc3565.id_aes256_wrap diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8520.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8520.py new file mode 100644 index 0000000000000000000000000000000000000000..b9eb6e93778620646e66da18b755266ef29121db --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8520.py @@ -0,0 +1,63 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley with assistance from asn1ate v.0.6.0. +# Modified by Russ Housley to add maps for use with opentypes. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# X.509 Extensions for MUD URL and MUD Signer; +# Object Identifier for CMS Content Type for a MUD file +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8520.txt +# + +from pyasn1.type import char +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 +from pyasn1_modules import rfc5652 + + +# X.509 Extension for MUD URL + +id_pe_mud_url = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.25') + +class MUDURLSyntax(char.IA5String): + pass + + +# X.509 Extension for MUD Signer + +id_pe_mudsigner = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.30') + +class MUDsignerSyntax(rfc5280.Name): + pass + + +# Object Identifier for CMS Content Type for a MUD file + +id_ct_mudtype = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.41') + + +# Map of Certificate Extension OIDs to Extensions added to the +# ones that are in rfc5280.py + +_certificateExtensionsMapUpdate = { + id_pe_mud_url: MUDURLSyntax(), + id_pe_mudsigner: MUDsignerSyntax(), +} + +rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate) + + +# Map of Content Type OIDs to Content Types added to the +# ones that are in rfc5652.py + +_cmsContentTypesMapUpdate = { + id_ct_mudtype: univ.OctetString(), +} + +rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) diff --git a/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8619.py b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8619.py new file mode 100644 index 0000000000000000000000000000000000000000..0aaa811bad0e8cb1f1d7ade6d59c95e702591916 --- /dev/null +++ b/.venv/lib/python3.11/site-packages/pyasn1_modules/rfc8619.py @@ -0,0 +1,45 @@ +# +# This file is part of pyasn1-modules software. +# +# Created by Russ Housley. +# +# Copyright (c) 2019, Vigil Security, LLC +# License: http://snmplabs.com/pyasn1/license.html +# +# Algorithm Identifiers for HKDF +# +# ASN.1 source from: +# https://www.rfc-editor.org/rfc/rfc8619.txt +# + +from pyasn1.type import univ + +from pyasn1_modules import rfc5280 + + +# Object Identifiers + +id_alg_hkdf_with_sha256 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.28') + + +id_alg_hkdf_with_sha384 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.29') + + +id_alg_hkdf_with_sha512 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.3.30') + + +# Key Derivation Algorithm Identifiers + +kda_hkdf_with_sha256 = rfc5280.AlgorithmIdentifier() +kda_hkdf_with_sha256['algorithm'] = id_alg_hkdf_with_sha256 +# kda_hkdf_with_sha256['parameters'] are absent + + +kda_hkdf_with_sha384 = rfc5280.AlgorithmIdentifier() +kda_hkdf_with_sha384['algorithm'] = id_alg_hkdf_with_sha384 +# kda_hkdf_with_sha384['parameters'] are absent + + +kda_hkdf_with_sha512 = rfc5280.AlgorithmIdentifier() +kda_hkdf_with_sha512['algorithm'] = id_alg_hkdf_with_sha512 +# kda_hkdf_with_sha512['parameters'] are absent