class TBSCertificate(Sequence):
# TBSCertificate ::= SEQUENCE {
# version [0] Version DEFAULT v1,
# serialNumber CertificateSerialNumber,
# signature AlgorithmIdentifier,
# issuer Name,
# validity Validity,
# subject Name,
# subjectPublicKeyInfo SubjectPublicKeyInfo,
# issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
# -- If present, version MUST be v2 or v3
# subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
# -- If present, version MUST be v2 or v3
# extensions [3] Extensions OPTIONAL
# -- If present, version MUST be v3 -- }
schema = (
("version", Version(expl=tag_ctxc(0), default="v1")),
("serialNumber", CertificateSerialNumber()),
("signature", AlgorithmIdentifier()),
("issuer", Name()),
("validity", Validity()),
("subject", Name()),
("subjectPublicKeyInfo", SubjectPublicKeyInfo()),
("issuerUniqueID", UniqueIdentifier(impl=tag_ctxp(1), optional=True)),
("subjectUniqueID", UniqueIdentifier(impl=tag_ctxp(2), optional=True)),
("extensions", Extensions(expl=tag_ctxc(3), optional=True)),
)
class ECPrivateKey(Sequence):
schema = (
("version", Integer(ecPrivkeyVer1)),
("privateKey", OctetString()),
("parameters", ECParameters(expl=tag_ctxc(0), optional=True)),
("publicKey", BitString(expl=tag_ctxc(1), optional=True)),
)
class KeyAgreeRecipientInfo(Sequence):
schema = (
("version", CMSVersion(3)),
("originator", OriginatorIdentifierOrKey(expl=tag_ctxc(0))),
("ukm", UserKeyingMaterial(expl=tag_ctxc(1), optional=True)),
("keyEncryptionAlgorithm", KeyEncryptionAlgorithmIdentifier()),
("recipientEncryptedKeys", RecipientEncryptedKeys()),
)
class DistributionPointName(Choice):
# DistributionPointName ::= CHOICE {
# fullName [0] GeneralNames,
# nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
schema = (
("fullName", GeneralNames(impl=tag_ctxc(0))),
("nameRelativeToCRLIssuer",
RelativeDistinguishedName(impl=tag_ctxc(1))),
)
class DistributionPoint(Sequence):
# DistributionPoint ::= SEQUENCE {
# distributionPoint [0] DistributionPointName OPTIONAL,
# reasons [1] ReasonFlags OPTIONAL,
# cRLIssuer [2] GeneralNames OPTIONAL }
schema = (("distributionPoint",
DistributionPointName(expl=tag_ctxc(0), optional=True)),
("reasons", ReasonFlags(impl=tag_ctxc(1), optional=True)),
("cRLIssuer", GeneralNames(impl=tag_ctxc(2), optional=True)))
class AuthorityKeyIdentifier(Sequence):
# AuthorityKeyIdentifier ::= SEQUENCE {
# keyIdentifier [0] KeyIdentifier OPTIONAL,
# authorityCertIssuer [1] GeneralNames OPTIONAL,
# authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
schema = (
("keyIdentifier", KeyIdentifier(impl=tag_ctxp(0), optional=True)),
("authorityCertIssuer", GeneralNames(impl=tag_ctxc(1), optional=True)),
("authorityCertSerialNumber",
CertificateSerialNumber(impl=tag_ctxc(2), optional=True)),
)
class TBSCertificate(Sequence):
schema = (
("version", Version(expl=tag_ctxc(0), default="v1")),
("serialNumber", CertificateSerialNumber()),
("signature", AlgorithmIdentifier()),
("issuer", Name()),
("validity", Validity()),
("subject", Name()),
("subjectPublicKeyInfo", SubjectPublicKeyInfo()),
("issuerUniqueID", UniqueIdentifier(impl=tag_ctxp(1), optional=True)),
("subjectUniqueID", UniqueIdentifier(impl=tag_ctxp(2), optional=True)),
("extensions", Extensions(expl=tag_ctxc(3), optional=True)),
)
class CertificationRequestInfo(Sequence):
schema = (
("version", Integer(0)),
("subject", Name()),
("subjectPKInfo", SubjectPublicKeyInfo()),
("attributes", Attributes(impl=tag_ctxc(0))),
)
class AuthSafe(Sequence):
schema = (
("contentType", ContentType(defines=(
(("content",), {id_data: OctetStringSafeContents()}),
))),
("content", Any(expl=tag_ctxc(0))),
)
class SignedData(Sequence):
# SignedData ::= SEQUENCE {
# version CMSVersion,
# digestAlgorithms DigestAlgorithmIdentifiers,
# encapContentInfo EncapsulatedContentInfo,
# certificates [0] IMPLICIT CertificateSet OPTIONAL,
# crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
# signerInfos SignerInfos }
schema = (
("version", CMSVersion()),
("digestAlgorithms", DigestAlgorithmIdentifiers()),
("encapContentInfo", EncapsulatedContentInfo()),
("certificates", CertificateSet(impl=tag_ctxc(0), optional=True)),
("crls", RevocationInfoChoices(impl=tag_ctxc(1), optional=True)),
("signerInfos", SignerInfos()),
)
class RecipientInfo(Choice):
schema = (
("ktri", KeyTransRecipientInfo()),
("kari", KeyAgreeRecipientInfo(impl=tag_ctxc(1))),
# ("kekri", KEKRecipientInfo(impl=tag_ctxc(2))),
# ("pwri", PasswordRecipientInfo(impl=tag_ctxc(3))),
# ("ori", OtherRecipientInfo(impl=tag_ctxc(4))),
)
class OtherName(Sequence):
# OtherName ::= SEQUENCE {
# type-id OBJECT IDENTIFIER,
# value [0] EXPLICIT ANY DEFINED BY type-id }
schema = (
("type-id", ObjectIdentifier()),
("value", Any(expl=tag_ctxc(0))),
)
class EncapsulatedContentInfo(Sequence):
# EncapsulatedContentInfo ::= SEQUENCE {
# eContentType ContentType,
# eContent [0] EXPLICIT OCTET STRING OPTIONAL }
schema = (
("eContentType", ContentType()),
("eContent", OctetString(expl=tag_ctxc(0), optional=True)),
)
class SafeBag(Sequence):
schema = (
("bagId", ObjectIdentifier(defines=(
(("bagValue",), {id_encryptedData: EncryptedData()}),
))),
("bagValue", PKCS12BagSet(expl=tag_ctxc(0))),
("bagAttributes", PKCS12Attributes(optional=True)),
)
class SignedData(Sequence):
schema = (
("version", CMSVersion()),
("digestAlgorithms", DigestAlgorithmIdentifiers()),
("encapContentInfo", EncapsulatedContentInfo()),
("certificates", CertificateSet(impl=tag_ctxc(0), optional=True)),
# ("crls", RevocationInfoChoices(impl=tag_ctxc(1), optional=True)),
("signerInfos", SignerInfos()),
)
class GostR3410KeyTransport(Sequence):
schema = (
("sessionEncryptedKey", Gost2814789EncryptedKey()),
("transportParameters",
GostR34102001TransportParameters(
impl=tag_ctxc(0),
optional=True,
)),
)
class SignerInfo(Sequence):
# SignerInfo ::= SEQUENCE {
# version CMSVersion,
# sid SignerIdentifier,
# digestAlgorithm DigestAlgorithmIdentifier,
# signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
# signatureAlgorithm SignatureAlgorithmIdentifier,
# signature SignatureValue,
# unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
schema = (
("version", CMSVersion()),
("sid", Any()),
("digestAlgorithm", DigestAlgorithmIdentifier()),
("signedAttrs", SignedAttributes(impl=tag_ctxc(0), optional=True)),
("signatureAlgorithm", SignatureAlgorithmIdentifier()),
("signature", SignatureValue()),
("unsignedAttrs", UnsignedAttributes(impl=tag_ctxc(1), optional=True)),
)
class TBSCertList(Sequence):
schema = (
("version", Version(optional=True)),
("signature", AlgorithmIdentifier()),
("issuer", Name()),
("thisUpdate", Time()),
("nextUpdate", Time(optional=True)),
("revokedCertificates", RevokedCertificates(optional=True)),
("crlExtensions", Extensions(expl=tag_ctxc(0), optional=True)),
)
class GostR34102001TransportParameters(Sequence):
schema = (
("encryptionParamSet", ObjectIdentifier()),
("ephemeralPublicKey",
SubjectPublicKeyInfo(
impl=tag_ctxc(0),
optional=True,
)),
("ukm", OctetString()),
)
class ContentInfo(Sequence):
schema = (
("contentType",
ContentType(defines=((("content", ), {
id_digestedData: DigestedData(),
id_envelopedData: EnvelopedData(),
id_signedData: SignedData(),
}), ))),
("content", Any(expl=tag_ctxc(0))),
)
class ContentInfo(Sequence):
# ContentInfo ::= SEQUENCE {
# contentType ContentType,
# content [0] EXPLICIT ANY DEFINED BY contentType }
schema = (
("contentType",
ContentType(
defines=((("content", ), {
ObjectIdentifier("1.2.840.113549.1.7.2"): SignedData(),
}), ))),
("content", ANY(expl=tag_ctxc(0))),
)
class OriginatorIdentifierOrKey(Choice):
schema = (
# ("issuerAndSerialNumber", IssuerAndSerialNumber()),
# ("subjectKeyIdentifier", SubjectKeyIdentifier(impl=tag_ctxp(0))),
("originatorKey", OriginatorPublicKey(impl=tag_ctxc(1))), )
class EncapsulatedContentInfo(Sequence):
schema = (
("eContentType", ContentType()),
("eContent", OctetString(expl=tag_ctxc(0), optional=True)),
)
class ContentInfo(Sequence):
schema = (
("contentType", ContentType()),
("content", Any(expl=tag_ctxc(0))),
)
class AuthSafe(Sequence):
schema = (
("contentType", ContentType()),
("content", Any(expl=tag_ctxc(0))),
)
class SafeBag(Sequence):
schema = (
("bagId", ObjectIdentifier()),
("bagValue", PKCS12BagSet(expl=tag_ctxc(0))),
("bagAttributes", PKCS12Attributes(optional=True)),
)
