class Attributes(univ.SetOf): componentType = rfc5280.Attribute()
AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), namedtype.NamedType( 'subject', univ.Choice( componentType=namedtype.NamedTypes( namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) ) ) ), namedtype.NamedType('issuer', rfc5280.GeneralNames()), namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())), namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()), namedtype.OptionalNamedType('extensions', rfc5280.Extensions()) ) class AttributeCertificateV1(univ.Sequence): pass AttributeCertificateV1.componentType = namedtype.NamedTypes( namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString()) )
univ.Choice(componentType=namedtype.NamedTypes( namedtype.NamedType( 'baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 0))), namedtype.NamedType( 'subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatSimple, 1)))))), namedtype.NamedType('issuer', rfc5280.GeneralNames()), namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())), namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()), namedtype.OptionalNamedType('extensions', rfc5280.Extensions())) class AttributeCertificateV1(univ.Sequence): pass AttributeCertificateV1.componentType = namedtype.NamedTypes( namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString())) class AttributeValue(univ.Any):
POPOSigningKey.componentType = namedtype.NamedTypes( namedtype.OptionalNamedType( 'poposkInput', POPOSigningKeyInput().subtype(implicitTag=tag.Tag( tag.tagClassContext, tag.tagFormatConstructed, 0))), namedtype.NamedType('algorithmIdentifier', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('signature', univ.BitString())) class Attributes(univ.SetOf): pass Attributes.componentType = rfc5280.Attribute() class PrivateKeyInfo(univ.Sequence): pass PrivateKeyInfo.componentType = namedtype.NamedTypes( namedtype.NamedType('version', univ.Integer()), namedtype.NamedType('privateKeyAlgorithm', rfc5280.AlgorithmIdentifier()), namedtype.NamedType('privateKey', univ.OctetString()), namedtype.OptionalNamedType( 'attributes', Attributes().subtype( implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))))
# Copyright (c) 2019, Vigil Security, LLC # License: http://snmplabs.com/pyasn1/license.html # # Device Owner Attribute # # ASN.1 source from: # https://www.rfc-editor.org/rfc/rfc5916.txt # from pyasn1.type import univ from pyasn1_modules import rfc5280 # Device Owner Attribute id_deviceOwner = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 69)) at_deviceOwner = rfc5280.Attribute() at_deviceOwner['type'] = id_deviceOwner at_deviceOwner['values'][0] = univ.ObjectIdentifier() # Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. _certificateAttributesMapUpdate = { id_deviceOwner: univ.ObjectIdentifier(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)
# 1. the length is limited to 64; # 2. only the 'utf8String' choice remains because the ASN.1 # specification says: ( WITH COMPONENTS { utf8String PRESENT } ) class DirectoryString(univ.Choice): componentType = namedtype.NamedTypes( namedtype.NamedType( 'utf8String', char.UTF8String().subtype( subtypeSpec=constraint.ValueSizeConstraint(1, 64))), ) # Clearance Sponsor Attribute id_clearanceSponsor = univ.ObjectIdentifier((2, 16, 840, 1, 101, 2, 1, 5, 68)) ub_clearance_sponsor = univ.Integer(64) at_clearanceSponsor = rfc5280.Attribute() at_clearanceSponsor['type'] = id_clearanceSponsor at_clearanceSponsor['values'][0] = DirectoryString() # Add to the map of Attribute Type OIDs to Attributes in rfc5280.py. _certificateAttributesMapUpdate = { id_clearanceSponsor: DirectoryString(), } rfc5280.certificateAttributesMap.update(_certificateAttributesMapUpdate)