class EncryptionInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('encryptionInfoType', univ.ObjectIdentifier()), namedtype.NamedType('encryptionInfoValue', univ.Any(), openType=opentype.OpenType('encryptionInfoType', ersEncryptionInfoValueMap)) )
class QCStatement(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('statementId', univ.ObjectIdentifier()), namedtype.OptionalNamedType('statementInfo', univ.Any(), openType=opentype.OpenType( 'statementId', qcStatementMap)))
class OtherRevInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('riType', univ.ObjectIdentifier()), namedtype.NamedType('riValue', univ.Any(), openType=opentype.OpenType( 'riType', rfc5652.otherRevInfoFormatMap)))
class ValidationAlg(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('valAlgId', univ.ObjectIdentifier()), namedtype.OptionalNamedType('parameters', univ.Any(), openType=opentype.OpenType( 'valPolId', scvpValidationAlgMap)))
class Message(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType( 'version', univ.Integer(namedValues=namedval.NamedValues(('version-2c', 1)))), namedtype.NamedType('community', univ.OctetString()), namedtype.NamedType('data', univ.Any()))
class ContentInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('contentType', ContentType()), namedtype.OptionalNamedType( 'content', univ.Any().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 0))))
class OtherEvidence(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('oeType', univ.ObjectIdentifier()), namedtype.NamedType('oeValue', univ.Any(), openType=opentype.OpenType('oeType', otherEvidenceMap)))
class GLAQueryResponse(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('glaResponseType', univ.ObjectIdentifier()), namedtype.NamedType('glaResponseValue', univ.Any(), openType=opentype.OpenType('glaResponseType', glaQueryRRMap)))
class SigPolicyQualifierInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('sigPolicyQualifierId', SigPolicyQualifierId()), namedtype.NamedType('sigQualifier', univ.Any(), openType=opentype.OpenType('sigPolicyQualifierId', sigQualifiersMap)))
class OtherRevVals(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('otherRevValType', OtherRevValType()), namedtype.NamedType('otherRevVals', univ.Any(), openType=opentype.OpenType('otherRevValType', otherRevValMap)))
class ExplicitTagDecoder(AbstractSimpleDecoder): protoComponent = univ.Any('') tagFormats = (tag.tagFormatConstructed, ) def valueDecoder(self, fullSubstrate, substrate, asn1Spec, tagSet, length, state, decodeFun, substrateFun): if substrateFun: return substrateFun(self._createComponent(asn1Spec, tagSet, ''), substrate, length) head, tail = substrate[:length], substrate[length:] value, _ = decodeFun(head, asn1Spec, tagSet, length) return value, tail def indefLenValueDecoder(self, fullSubstrate, substrate, asn1Spec, tagSet, length, state, decodeFun, substrateFun): if substrateFun: return substrateFun(self._createComponent(asn1Spec, tagSet, ''), substrate, length) value, substrate = decodeFun(substrate, asn1Spec, tagSet, length) terminator, substrate = decodeFun(substrate, allowEoo=True) if eoo.endOfOctets.isSameTypeWith(terminator) and \ terminator == eoo.endOfOctets: return value, substrate else: raise error.PyAsn1Error('Missing end-of-octets terminator')
class AnotherName(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type-id', univ.ObjectIdentifier()), namedtype.NamedType( 'value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))))
class TimeStampResp(univ.Sequence): """RFC3161 Timestamp Response.""" componentType = namedtype.NamedTypes( namedtype.NamedType("status", PKIStatusInfo()), namedtype.OptionalNamedType("timeStampToken", univ.Any()), )
class ValidationPolRef(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('valPolId', univ.ObjectIdentifier()), namedtype.OptionalNamedType('valPolParams', univ.Any(), openType=opentype.OpenType( 'valPolId', scvpValidationPolMap)))
def _encode_extension(oid, critical, value): ext = rfc2459.Extension() ext['extnID'] = univ.ObjectIdentifier(oid) ext['critical'] = univ.Boolean(critical) ext['extnValue'] = univ.Any(encoder.encode(univ.OctetString(value))) ext = encoder.encode(ext) return ext
def copy_to(self, target_): self.set_component(self.asn1_choice, self.component_name, self.component_value) target_.setComponentByName('id', str(asn1.sorm_request_identifier_voip)) target_.setComponentByName('data', univ.Any(der_encode(self.asn1_choice)))
class CommitmentTypeQualifier(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('commitmentTypeIdentifier', CommitmentTypeIdentifier()), namedtype.NamedType('qualifier', univ.Any(), openType=opentype.OpenType('commitmentTypeIdentifier', commitmentQualifierMap)) )
def setUp(self): openType = opentype.OpenType('id', { 1: univ.Integer(), 2: univ.OctetString() }) self.s = univ.Sequence(componentType=namedtype.NamedTypes( namedtype.NamedType('id', univ.Integer()), namedtype.NamedType('blob', univ.Any(), openType=openType)))
def encode(self): message = asn1.SkrMessage() message['version'] = self.version message['message-id'] = self.message_id message['message-time'] = self.message_time message['id'] = self.id message['data'] = univ.Any(self.encode_data()) return der_encode(message)
class ExtensionAttribute(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) )
def copy_to(self, target_): identifier = asn1.SkrRequestedPstnIdentifier() self.set_component(identifier, 'directory-number', self.directory_number) self.set_component(identifier, 'internal-number', self.internal_number) target_.setComponentByName('id', str(asn1.sorm_request_identifier_pstn)) target_.setComponentByName('data', univ.Any(der_encode(identifier)))
def testTypeCheckOnAssignment(self): self.s.clear() self.s['blob'] = univ.Any(str2octs('xxx')) # this should succeed because Any is untagged and unconstrained self.s['blob'] = univ.Integer(123)
class PolicyQualifierInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('policyQualifierId', PolicyQualifierId()), namedtype.NamedType( 'qualifier', univ.Any(), openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) ) )
class RevokedCertInfo(univ.Sequence): ''' univ.Any type is used instead of this type to avoid unnecessary parsing. ''' componentType = namedtype.NamedTypes( namedtype.NamedType('userCertificate', CertificateSerialNumber()), namedtype.NamedType('revocationDate', Time()), namedtype.OptionalNamedType('crlEntryExts', univ.Any()))
class TSTInfo(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('version', rfc2315.Version()), namedtype.NamedType('policy', univ.ObjectIdentifier()), namedtype.NamedType('messageImprint', univ.Any()), namedtype.NamedType('serialNumber', univ.Integer()), namedtype.NamedType('genTime', useful.GeneralizedTime()), namedtype.OptionalNamedType('accuracy', univ.Any()), namedtype.OptionalNamedType('ordering', univ.Boolean()), namedtype.OptionalNamedType('nonce', univ.Integer()), namedtype.OptionalNamedType( 'tsa', rfc2315.GeneralName().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.OptionalNamedType( 'extensions', rfc2315.Extensions().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 1))))
class InfoTypeAndValue(univ.Sequence): """ InfoTypeAndValue ::= SEQUENCE { infoType OBJECT IDENTIFIER, infoValue ANY DEFINED BY infoType OPTIONAL }""" componentType = namedtype.NamedTypes( namedtype.NamedType('infoType', univ.ObjectIdentifier()), namedtype.OptionalNamedType('infoValue', univ.Any()))
class SecurityCategory(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('type', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1)), openType=opentype.OpenType('type', securityCategoryMap)) )
class GeneralName(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), # namedtype.NamedType('dNSName', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), # namedtype.NamedType('x400Address', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), namedtype.NamedType('directoryName', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), # namedtype.NamedType('ediPartyName', univ.Any().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), # namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), # namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))))
def __encode_extension(self, oid, critical, value): # TODO: have another proxy for crypto_x509.Extension which would # provide public_bytes on the top of what python-cryptography has ext = rfc2459.Extension() # TODO: this does not have to be so weird, pyasn1 now has codecs # which are capable of providing python-native types ext['extnID'] = univ.ObjectIdentifier(oid) ext['critical'] = univ.Boolean(critical) ext['extnValue'] = univ.Any(encoder.encode(univ.OctetString(value))) ext = encoder.encode(ext) return ext
def _extract_values_from_certificate(cert): """ Gets Serial Number, DN and Public Key Hashes. Currently SHA1 is used to generate hashes for DN and Public Key. """ logger = getLogger(__name__) # cert and serial number data = { u'cert': cert, u'issuer': cert.get_issuer().der(), u'serial_number': cert.get_serial_number(), u'algorithm': rfc2437.id_sha1, u'algorithm_parameter': univ.Any(hexValue='0500') # magic number } # DN Hash data[u'name'] = cert.get_subject() cert_der = data[u'name'].der() sha1_hash = hashlib.sha1() sha1_hash.update(cert_der) data[u'name_hash'] = sha1_hash.hexdigest() # public key Hash data['key_hash'] = _get_pubickey_sha1_hash(cert).hexdigest() # CRL and OCSP data['crl'] = None ocsp_uris0 = [] for idx in range(cert.get_extension_count()): e = cert.get_extension(idx) if e.get_short_name() == b'authorityInfoAccess': for line in str(e).split(u"\n"): m = OCSP_RE.match(line) if m: logger.debug(u'OCSP URL: %s', m.group(1)) ocsp_uris0.append(m.group(1)) elif e.get_short_name() == b'crlDistributionPoints': for line in str(e).split(u"\n"): m = CRL_RE.match(line) if m: logger.debug(u"CRL: %s", m.group(1)) data['crl'] = m.group(1) if len(ocsp_uris0) == 1: data['ocsp_uri'] = ocsp_uris0[0] elif len(ocsp_uris0) == 0: data['ocsp_uri'] = u'' else: raise OperationalError( msg=u'More than one OCSP URI entries are specified in ' u'the certificate', errno=ER_FAILED_TO_GET_OCSP_URI, ) data[u'is_root_ca'] = cert.get_subject() == cert.get_issuer() return data