class ROAIPAddress(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('address', IPAddress()),
namedtype.OptionalNamedType('maxLength', univ.Integer()))
output = []
for x in tuple(components):
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class ChangeSubjectName(univ.Sequence):
pass
ChangeSubjectName.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('subject', rfc5280.Name()),
namedtype.OptionalNamedType('subjectAlt', rfc5280.GeneralNames())
)
class AttributeValue(univ.Any):
pass
class CMCStatus(univ.Integer):
pass
CMCStatus.namedValues = namedval.NamedValues(
('success', 0),
('failed', 2),
id_pkip = _buildOid(id_pkix, 5)
id_regCtrl = _buildOid(id_pkip, 1)
class SinglePubInfo(univ.Sequence):
pass
SinglePubInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'pubMethod',
univ.Integer(namedValues=namedval.NamedValues(('dontCare', 0), (
'x500', 1), ('web', 2), ('ldap', 3)))),
namedtype.OptionalNamedType('pubLocation', rfc3280.GeneralName()))
class UTF8Pairs(char.UTF8String):
pass
class PKMACValue(univ.Sequence):
pass
PKMACValue.componentType = namedtype.NamedTypes(
namedtype.NamedType('algId', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('value', univ.BitString()))
def setUp(self):
self.s1 = univ.Sequence(componentType=namedtype.NamedTypes(
namedtype.NamedType('name', univ.OctetString('')),
namedtype.OptionalNamedType('nick', univ.OctetString('')),
namedtype.DefaultedNamedType('age', univ.Integer(34))))
if isinstance(x, univ.ObjectIdentifier):
output.extend(list(x))
else:
output.append(int(x))
return univ.ObjectIdentifier(output)
class ObjectDigestInfo(univ.Sequence):
pass
ObjectDigestInfo.componentType = namedtype.NamedTypes(
namedtype.NamedType('digestedObjectType', univ.Enumerated(
namedValues=namedval.NamedValues(('publicKey', 0), ('publicKeyCert', 1), ('otherObjectTypes', 2)))),
namedtype.OptionalNamedType('otherObjectTypeID', univ.ObjectIdentifier()),
namedtype.NamedType('digestAlgorithm', rfc3280.AlgorithmIdentifier()),
namedtype.NamedType('objectDigest', univ.BitString())
)
class IssuerSerial(univ.Sequence):
pass
IssuerSerial.componentType = namedtype.NamedTypes(
namedtype.NamedType('issuer', rfc3280.GeneralNames()),
namedtype.NamedType('serial', rfc3280.CertificateSerialNumber()),
namedtype.OptionalNamedType('issuerUID', rfc3280.UniqueIdentifier())
)
class CertReq(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('certReqId', univ.Integer()),
namedtype.NamedType('checkAfter', univ.Integer()),
namedtype.OptionalNamedType('reason', PKIFreeText()))
class ProxyPolicy(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('policyLanguage', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('policy', univ.OctetString()))
class TRSUpdateDel(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('dn', ldap.LDAPDN()),
namedtype.OptionalNamedType('unknown', ldap.LDAPString()))
class TRSUpdateMeta(univ.Sequence):
# looks like unknownuuid is present on add ops - could be the parent uuid
componentType = namedtype.NamedTypes(
namedtype.NamedType('entryuuid', TRSUpdateUUID()),
namedtype.NamedType('csn', ldap.LDAPString()),
namedtype.OptionalNamedType('unknownuuid', ldap.LDAPString()))
class PasswordModifyResponseValue(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType(
'genPasswd',
univ.OctetString().subtype(implicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))))
class IDEA_CBCPar(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('iv', univ.OctetString())
# exactly 8 octets, when present
)
class RevInfoWantBack(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('revocationInfo', RevocationInfos()),
namedtype.OptionalNamedType('extraCerts', CertBundle())
)
class ValidationAlg(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('valAlgId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('parameters', univ.Any(),
openType=opentype.OpenType('valPolId', scvpValidationAlgMap))
)
class ValidationPolRef(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('valPolId', univ.ObjectIdentifier()),
namedtype.OptionalNamedType('valPolParams', univ.Any(),
openType=opentype.OpenType('valPolId', scvpValidationPolMap))
)
class SaslCredentials(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('mechanism', LDAPString()),
namedtype.OptionalNamedType('credentials', univ.OctetString()))
class OCSPResponse(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('responseStatus', OCSPResponseStatus()),
namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class PreferredOrLegacyPackageIdentifier(univ.Choice):
pass
PreferredOrLegacyPackageIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType('preferred', PreferredPackageIdentifier()),
namedtype.NamedType('legacy', univ.OctetString()))
class CurrentFWConfig(univ.Sequence):
pass
CurrentFWConfig.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('fwPkgType', univ.Integer()),
namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()))
class PreferredOrLegacyStalePackageIdentifier(univ.Choice):
pass
PreferredOrLegacyStalePackageIdentifier.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'preferredStaleVerNum',
univ.Integer().subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
namedtype.NamedType('legacyStaleVersion', univ.OctetString()))
class Request(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('reqCert', CertID()),
namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class PKIHeader(univ.Sequence):
"""
PKIHeader ::= SEQUENCE {
pvno INTEGER { cmp1999(1), cmp2000(2) },
sender GeneralName,
recipient GeneralName,
messageTime [0] GeneralizedTime OPTIONAL,
protectionAlg [1] AlgorithmIdentifier OPTIONAL,
senderKID [2] KeyIdentifier OPTIONAL,
recipKID [3] KeyIdentifier OPTIONAL,
transactionID [4] OCTET STRING OPTIONAL,
senderNonce [5] OCTET STRING OPTIONAL,
recipNonce [6] OCTET STRING OPTIONAL,
freeText [7] PKIFreeText OPTIONAL,
generalInfo [8] SEQUENCE SIZE (1..MAX) OF
InfoTypeAndValue OPTIONAL
}
"""
componentType = namedtype.NamedTypes(
namedtype.NamedType(
'pvno',
univ.Integer(
namedValues=namedval.NamedValues(('cmp1999', 1), ('cmp2000',
2)))),
namedtype.NamedType('sender', rfc2459.GeneralName()),
namedtype.NamedType('recipient', rfc2459.GeneralName()),
namedtype.OptionalNamedType(
'messageTime',
useful.GeneralizedTime().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.OptionalNamedType(
'protectionAlg',
rfc2459.AlgorithmIdentifier().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 1))),
namedtype.OptionalNamedType(
'senderKID',
rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 2))),
namedtype.OptionalNamedType(
'recipKID',
rfc2459.KeyIdentifier().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 3))),
namedtype.OptionalNamedType(
'transactionID',
univ.OctetString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 4))),
namedtype.OptionalNamedType(
'senderNonce',
univ.OctetString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 5))),
namedtype.OptionalNamedType(
'recipNonce',
univ.OctetString().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 6))),
namedtype.OptionalNamedType(
'freeText',
PKIFreeText().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatConstructed, 7))),
namedtype.OptionalNamedType(
'generalInfo',
univ.SequenceOf(componentType=InfoTypeAndValue().subtype(
subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple,
8)))))
class OCSPRequest(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('tbsRequest', TBSRequest()),
namedtype.OptionalNamedType('optionalSignature', Signature().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
class ProxyCertInfoExtension(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('pCPathLenConstraint',
ProxyCertPathLengthConstraint()),
namedtype.NamedType('proxyPolicy', ProxyPolicy()))
class RevokedInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('revocationTime', useful.GeneralizedTime()),
namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
)
def setUp(self):
self.s1 = univ.Set(componentType=namedtype.NamedTypes(
namedtype.NamedType('name', univ.OctetString('')),
namedtype.OptionalNamedType('null', univ.Null('')),
namedtype.DefaultedNamedType('age', univ.Integer(34))))
self.s2 = self.s1.clone()
SignatureAlgorithmIdentifier = rfc5652.SignatureAlgorithmIdentifier
# CMS Algorithm Protection attribute
id_aa_cmsAlgorithmProtect = univ.ObjectIdentifier('1.2.840.113549.1.9.52')
class CMSAlgorithmProtection(univ.Sequence):
pass
CMSAlgorithmProtection.componentType = namedtype.NamedTypes(
namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
namedtype.OptionalNamedType('signatureAlgorithm',
SignatureAlgorithmIdentifier().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
namedtype.OptionalNamedType('macAlgorithm',
MessageAuthenticationCodeAlgorithm().subtype(
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
)
CMSAlgorithmProtection.subtypeSpec = constraint.ConstraintsUnion(
constraint.WithComponentsConstraint(
('signatureAlgorithm', constraint.ComponentPresentConstraint()),
('macAlgorithm', constraint.ComponentAbsentConstraint())),
constraint.WithComponentsConstraint(
('signatureAlgorithm', constraint.ComponentAbsentConstraint()),
('macAlgorithm', constraint.ComponentPresentConstraint()))
)
class DerefRes(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('derefAttr', AttributeDescription()),
namedtype.NamedType('derefVal', LDAPDN()),
namedtype.OptionalNamedType('attrVals', PartialAttributeList()),
)
namedtype.NamedType(
'baseCertificateID',
rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 0))),
namedtype.NamedType(
'subjectName',
rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(
tag.tagClassContext, tag.tagFormatSimple, 1)))))),
namedtype.NamedType('issuer', rfc5280.GeneralNames()),
namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()),
namedtype.NamedType('attCertValidityPeriod',
rfc3281.AttCertValidityPeriod()),
namedtype.NamedType('attributes',
univ.SequenceOf(componentType=rfc5280.Attribute())),
namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()),
namedtype.OptionalNamedType('extensions', rfc5280.Extensions()))
class AttributeCertificateV1(univ.Sequence):
pass
AttributeCertificateV1.componentType = namedtype.NamedTypes(
namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()),
namedtype.NamedType('signature', univ.BitString()))
class AttributeValue(univ.Any):
pass
Manifest.componentType = namedtype.NamedTypes(
namedtype.NamedType('vendor-id', univ.OctetString()),
namedtype.NamedType('class-id', univ.OctetString()),
namedtype.NamedType('update-priority', univ.Integer()),
namedtype.NamedType('component-name', char.UTF8String()),
namedtype.NamedType('payload-version', char.UTF8String()),
namedtype.NamedType('payload-digest', univ.OctetString()),
namedtype.NamedType('payload-size', univ.Integer()),
namedtype.NamedType('payload-uri', char.UTF8String()),
namedtype.NamedType(
'payload-format',
univ.Enumerated(
namedValues=namedval.NamedValues(('raw-binary',
1), ('arm-patch-stream', 5)))),
namedtype.NamedType('installed-signature', univ.OctetString()),
namedtype.OptionalNamedType('delta-metadata', DeltaMetadata()),
namedtype.OptionalNamedType('vendor-data', univ.OctetString()))
class SignedResource(univ.Sequence):
pass
SignedResource.componentType = namedtype.NamedTypes(
namedtype.NamedType(
'manifest-version',
univ.Enumerated(namedValues=namedval.NamedValues(('v3', 3)))),
namedtype.NamedType('manifest', Manifest()),
namedtype.NamedType('signature', univ.OctetString()))
class Curve(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('a', FieldElement()),
namedtype.NamedType('b', FieldElement()),
namedtype.OptionalNamedType('seed', univ.BitString())
)
def setUp(self):
self.s = univ.Set(componentType=namedtype.NamedTypes(
namedtype.NamedType('place-holder', univ.Null('')),
namedtype.OptionalNamedType('first-name', univ.OctetString()),
namedtype.DefaultedNamedType('age', univ.Integer(33))))
ContentTypeGeneration.namedValues = namedval.NamedValues(('canSource', 0),
('cannotSource', 1))
class ContentTypeConstraint(univ.Sequence):
pass
ContentTypeConstraint.componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', univ.ObjectIdentifier()),
namedtype.DefaultedNamedType(
'canSource',
ContentTypeGeneration().subtype(value='canSource')),
namedtype.OptionalNamedType('attrConstraints', AttrConstraintList()))
# CMS Content Constraints (CCC) Extension and Object Identifier
id_pe_cmsContentConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.18')
class CMSContentConstraints(univ.SequenceOf):
pass
CMSContentConstraints.componentType = ContentTypeConstraint()
CMSContentConstraints.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
# Map of Certificate Extension OIDs to Extensions
# To be added to the ones that are in rfc5280.py
