1# coding: utf-8 2# 3# This file is part of pyasn1-modules software. 4# 5# Created by Stanisław Pitucha with asn1ate tool. 6# Copyright (c) 2005-2017, Ilya Etingof <etingof@gmail.com> 7# License: http://pyasn1.sf.net/license.html 8# 9# Internet X.509 Public Key Infrastructure Certificate and Certificate 10# Revocation List (CRL) Profile 11# 12# ASN.1 source from: 13# http://www.ietf.org/rfc/rfc5280.txt 14# 15from pyasn1.type import char 16from pyasn1.type import constraint 17from pyasn1.type import namedtype 18from pyasn1.type import namedval 19from pyasn1.type import opentype 20from pyasn1.type import tag 21from pyasn1.type import univ 22from pyasn1.type import useful 23 24MAX = float('inf') 25 26 27def _buildOid(*components): 28 output = [] 29 for x in tuple(components): 30 if isinstance(x, univ.ObjectIdentifier): 31 output.extend(list(x)) 32 else: 33 output.append(int(x)) 34 35 return univ.ObjectIdentifier(output) 36 37 38ub_e163_4_sub_address_length = univ.Integer(40) 39 40ub_e163_4_number_length = univ.Integer(15) 41 42unformatted_postal_address = univ.Integer(16) 43 44 45class TerminalType(univ.Integer): 46 pass 47 48 49TerminalType.namedValues = namedval.NamedValues( 50 ('telex', 3), 51 ('teletex', 4), 52 ('g3-facsimile', 5), 53 ('g4-facsimile', 6), 54 ('ia5-terminal', 7), 55 ('videotex', 8) 56) 57 58 59class Extension(univ.Sequence): 60 pass 61 62 63Extension.componentType = namedtype.NamedTypes( 64 namedtype.NamedType('extnID', univ.ObjectIdentifier()), 65 namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), 66 namedtype.NamedType('extnValue', univ.OctetString()) 67) 68 69 70class Extensions(univ.SequenceOf): 71 pass 72 73 74Extensions.componentType = Extension() 75Extensions.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 76 77physical_delivery_personal_name = univ.Integer(13) 78 79ub_unformatted_address_length = univ.Integer(180) 80 81ub_pds_parameter_length = univ.Integer(30) 82 83ub_pds_physical_address_lines = univ.Integer(6) 84 85 86class UnformattedPostalAddress(univ.Set): 87 pass 88 89 90UnformattedPostalAddress.componentType = namedtype.NamedTypes( 91 namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( 92 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), 93 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( 94 subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) 95) 96 97ub_organization_name = univ.Integer(64) 98 99 100class X520OrganizationName(univ.Choice): 101 pass 102 103 104X520OrganizationName.componentType = namedtype.NamedTypes( 105 namedtype.NamedType('teletexString', char.TeletexString().subtype( 106 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 107 namedtype.NamedType('printableString', char.PrintableString().subtype( 108 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 109 namedtype.NamedType('universalString', char.UniversalString().subtype( 110 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 111 namedtype.NamedType('utf8String', 112 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 113 namedtype.NamedType('bmpString', 114 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) 115) 116 117ub_x121_address_length = univ.Integer(16) 118 119pds_name = univ.Integer(7) 120 121id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) 122 123id_kp = _buildOid(id_pkix, 3) 124 125ub_postal_code_length = univ.Integer(16) 126 127 128class PostalCode(univ.Choice): 129 pass 130 131 132PostalCode.componentType = namedtype.NamedTypes( 133 namedtype.NamedType('numeric-code', char.NumericString().subtype( 134 subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), 135 namedtype.NamedType('printable-code', char.PrintableString().subtype( 136 subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) 137) 138 139ub_generation_qualifier_length = univ.Integer(3) 140 141unique_postal_name = univ.Integer(20) 142 143 144class DomainComponent(char.IA5String): 145 pass 146 147 148ub_domain_defined_attribute_value_length = univ.Integer(128) 149 150ub_match = univ.Integer(128) 151 152id_at = _buildOid(2, 5, 4) 153 154 155class AttributeType(univ.ObjectIdentifier): 156 pass 157 158 159id_at_organizationalUnitName = _buildOid(id_at, 11) 160 161terminal_type = univ.Integer(23) 162 163 164class PDSParameter(univ.Set): 165 pass 166 167 168PDSParameter.componentType = namedtype.NamedTypes( 169 namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( 170 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), 171 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( 172 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) 173) 174 175 176class PhysicalDeliveryPersonalName(PDSParameter): 177 pass 178 179 180ub_surname_length = univ.Integer(40) 181 182id_ad = _buildOid(id_pkix, 48) 183 184ub_domain_defined_attribute_type_length = univ.Integer(8) 185 186 187class TeletexDomainDefinedAttribute(univ.Sequence): 188 pass 189 190 191TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( 192 namedtype.NamedType('type', char.TeletexString().subtype( 193 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 194 namedtype.NamedType('value', char.TeletexString().subtype( 195 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) 196) 197 198ub_domain_defined_attributes = univ.Integer(4) 199 200 201class TeletexDomainDefinedAttributes(univ.SequenceOf): 202 pass 203 204 205TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() 206TeletexDomainDefinedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 207 208extended_network_address = univ.Integer(22) 209 210ub_locality_name = univ.Integer(128) 211 212 213class X520LocalityName(univ.Choice): 214 pass 215 216 217X520LocalityName.componentType = namedtype.NamedTypes( 218 namedtype.NamedType('teletexString', 219 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 220 namedtype.NamedType('printableString', char.PrintableString().subtype( 221 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 222 namedtype.NamedType('universalString', char.UniversalString().subtype( 223 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 224 namedtype.NamedType('utf8String', 225 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 226 namedtype.NamedType('bmpString', 227 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) 228) 229 230teletex_organization_name = univ.Integer(3) 231 232ub_given_name_length = univ.Integer(16) 233 234ub_initials_length = univ.Integer(5) 235 236 237class PersonalName(univ.Set): 238 pass 239 240 241PersonalName.componentType = namedtype.NamedTypes( 242 namedtype.NamedType('surname', char.PrintableString().subtype( 243 subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( 244 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 245 namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( 246 subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( 247 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 248 namedtype.OptionalNamedType('initials', char.PrintableString().subtype( 249 subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( 250 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 251 namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( 252 subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( 253 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 254) 255 256ub_organizational_unit_name_length = univ.Integer(32) 257 258 259class OrganizationalUnitName(char.PrintableString): 260 pass 261 262 263OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 264 265id_at_generationQualifier = _buildOid(id_at, 44) 266 267 268class Version(univ.Integer): 269 pass 270 271 272Version.namedValues = namedval.NamedValues( 273 ('v1', 0), 274 ('v2', 1), 275 ('v3', 2) 276) 277 278 279class CertificateSerialNumber(univ.Integer): 280 pass 281 282 283class AlgorithmIdentifier(univ.Sequence): 284 componentType = namedtype.NamedTypes( 285 namedtype.NamedType('algorithm', univ.ObjectIdentifier()), 286 namedtype.OptionalNamedType('parameters', univ.Any()) 287 ) 288 289 290class Time(univ.Choice): 291 pass 292 293 294Time.componentType = namedtype.NamedTypes( 295 namedtype.NamedType('utcTime', useful.UTCTime()), 296 namedtype.NamedType('generalTime', useful.GeneralizedTime()) 297) 298 299 300class AttributeValue(univ.Any): 301 pass 302 303 304certificateAttributesMap = {} 305 306 307class AttributeTypeAndValue(univ.Sequence): 308 componentType = namedtype.NamedTypes( 309 namedtype.NamedType('type', AttributeType()), 310 namedtype.NamedType( 311 'value', AttributeValue(), 312 openType=opentype.OpenType('type', certificateAttributesMap) 313 ) 314 ) 315 316 317class RelativeDistinguishedName(univ.SetOf): 318 pass 319 320 321RelativeDistinguishedName.componentType = AttributeTypeAndValue() 322RelativeDistinguishedName.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 323 324 325class RDNSequence(univ.SequenceOf): 326 pass 327 328 329RDNSequence.componentType = RelativeDistinguishedName() 330 331 332class Name(univ.Choice): 333 pass 334 335 336Name.componentType = namedtype.NamedTypes( 337 namedtype.NamedType('rdnSequence', RDNSequence()) 338) 339 340 341class TBSCertList(univ.Sequence): 342 pass 343 344 345TBSCertList.componentType = namedtype.NamedTypes( 346 namedtype.OptionalNamedType('version', Version()), 347 namedtype.NamedType('signature', AlgorithmIdentifier()), 348 namedtype.NamedType('issuer', Name()), 349 namedtype.NamedType('thisUpdate', Time()), 350 namedtype.OptionalNamedType('nextUpdate', Time()), 351 namedtype.OptionalNamedType( 352 'revokedCertificates', univ.SequenceOf( 353 componentType=univ.Sequence( 354 componentType=namedtype.NamedTypes( 355 namedtype.NamedType('userCertificate', CertificateSerialNumber()), 356 namedtype.NamedType('revocationDate', Time()), 357 namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) 358 ) 359 ) 360 ) 361 ), 362 namedtype.OptionalNamedType( 363 'crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 364) 365 366 367class CertificateList(univ.Sequence): 368 pass 369 370 371CertificateList.componentType = namedtype.NamedTypes( 372 namedtype.NamedType('tbsCertList', TBSCertList()), 373 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 374 namedtype.NamedType('signature', univ.BitString()) 375) 376 377 378class PhysicalDeliveryOfficeName(PDSParameter): 379 pass 380 381 382ub_extension_attributes = univ.Integer(256) 383 384certificateExtensionsMap = { 385 386} 387 388 389class ExtensionAttribute(univ.Sequence): 390 componentType = namedtype.NamedTypes( 391 namedtype.NamedType( 392 'extension-attribute-type', 393 univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 394 namedtype.NamedType( 395 'extension-attribute-value', 396 univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)), 397 openType=opentype.OpenType('type', certificateExtensionsMap)) 398 ) 399 400id_qt = _buildOid(id_pkix, 2) 401 402id_qt_cps = _buildOid(id_qt, 1) 403 404id_at_stateOrProvinceName = _buildOid(id_at, 8) 405 406id_at_title = _buildOid(id_at, 12) 407 408id_at_serialNumber = _buildOid(id_at, 5) 409 410 411class X520dnQualifier(char.PrintableString): 412 pass 413 414 415class PosteRestanteAddress(PDSParameter): 416 pass 417 418 419poste_restante_address = univ.Integer(19) 420 421 422class UniqueIdentifier(univ.BitString): 423 pass 424 425 426class Validity(univ.Sequence): 427 pass 428 429 430Validity.componentType = namedtype.NamedTypes( 431 namedtype.NamedType('notBefore', Time()), 432 namedtype.NamedType('notAfter', Time()) 433) 434 435 436class SubjectPublicKeyInfo(univ.Sequence): 437 pass 438 439 440SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( 441 namedtype.NamedType('algorithm', AlgorithmIdentifier()), 442 namedtype.NamedType('subjectPublicKey', univ.BitString()) 443) 444 445 446class TBSCertificate(univ.Sequence): 447 pass 448 449 450TBSCertificate.componentType = namedtype.NamedTypes( 451 namedtype.DefaultedNamedType('version', 452 Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, 453 tag.tagFormatSimple, 0)).subtype(value="v1")), 454 namedtype.NamedType('serialNumber', CertificateSerialNumber()), 455 namedtype.NamedType('signature', AlgorithmIdentifier()), 456 namedtype.NamedType('issuer', Name()), 457 namedtype.NamedType('validity', Validity()), 458 namedtype.NamedType('subject', Name()), 459 namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), 460 namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( 461 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 462 namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( 463 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 464 namedtype.OptionalNamedType('extensions', 465 Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 466) 467 468physical_delivery_office_name = univ.Integer(10) 469 470ub_name = univ.Integer(32768) 471 472 473class X520name(univ.Choice): 474 pass 475 476 477X520name.componentType = namedtype.NamedTypes( 478 namedtype.NamedType('teletexString', 479 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 480 namedtype.NamedType('printableString', 481 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 482 namedtype.NamedType('universalString', 483 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 484 namedtype.NamedType('utf8String', 485 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 486 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) 487) 488 489id_at_dnQualifier = _buildOid(id_at, 46) 490 491ub_serial_number = univ.Integer(64) 492 493ub_pseudonym = univ.Integer(128) 494 495pkcs_9 = _buildOid(1, 2, 840, 113549, 1, 9) 496 497 498class X121Address(char.NumericString): 499 pass 500 501 502X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) 503 504 505class NetworkAddress(X121Address): 506 pass 507 508 509ub_integer_options = univ.Integer(256) 510 511id_at_commonName = _buildOid(id_at, 3) 512 513ub_organization_name_length = univ.Integer(64) 514 515id_ad_ocsp = _buildOid(id_ad, 1) 516 517ub_country_name_numeric_length = univ.Integer(3) 518 519ub_country_name_alpha_length = univ.Integer(2) 520 521 522class PhysicalDeliveryCountryName(univ.Choice): 523 pass 524 525 526PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( 527 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( 528 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), 529 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( 530 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 531) 532 533id_emailAddress = _buildOid(pkcs_9, 1) 534 535common_name = univ.Integer(1) 536 537 538class X520Pseudonym(univ.Choice): 539 pass 540 541 542X520Pseudonym.componentType = namedtype.NamedTypes( 543 namedtype.NamedType('teletexString', 544 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 545 namedtype.NamedType('printableString', 546 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 547 namedtype.NamedType('universalString', 548 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 549 namedtype.NamedType('utf8String', 550 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 551 namedtype.NamedType('bmpString', 552 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) 553) 554 555ub_domain_name_length = univ.Integer(16) 556 557 558class AdministrationDomainName(univ.Choice): 559 pass 560 561 562AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( 563 tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) 564AdministrationDomainName.componentType = namedtype.NamedTypes( 565 namedtype.NamedType('numeric', char.NumericString().subtype( 566 subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), 567 namedtype.NamedType('printable', char.PrintableString().subtype( 568 subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) 569) 570 571 572class PresentationAddress(univ.Sequence): 573 pass 574 575 576PresentationAddress.componentType = namedtype.NamedTypes( 577 namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( 578 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 579 namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( 580 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 581 namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( 582 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 583 namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( 584 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 585) 586 587 588class ExtendedNetworkAddress(univ.Choice): 589 pass 590 591 592ExtendedNetworkAddress.componentType = namedtype.NamedTypes( 593 namedtype.NamedType( 594 'e163-4-address', univ.Sequence( 595 componentType=namedtype.NamedTypes( 596 namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 597 namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 598 ) 599 ) 600 ), 601 namedtype.NamedType('psap-address', PresentationAddress().subtype( 602 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 603) 604 605 606class TeletexOrganizationName(char.TeletexString): 607 pass 608 609 610TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) 611 612ub_terminal_id_length = univ.Integer(24) 613 614 615class TerminalIdentifier(char.PrintableString): 616 pass 617 618 619TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) 620 621id_ad_caIssuers = _buildOid(id_ad, 2) 622 623id_at_countryName = _buildOid(id_at, 6) 624 625 626class StreetAddress(PDSParameter): 627 pass 628 629 630postal_code = univ.Integer(9) 631 632id_at_givenName = _buildOid(id_at, 42) 633 634ub_title = univ.Integer(64) 635 636 637class ExtensionAttributes(univ.SetOf): 638 pass 639 640 641ExtensionAttributes.componentType = ExtensionAttribute() 642ExtensionAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) 643 644ub_emailaddress_length = univ.Integer(255) 645 646id_ad_caRepository = _buildOid(id_ad, 5) 647 648 649class ExtensionORAddressComponents(PDSParameter): 650 pass 651 652 653ub_organizational_unit_name = univ.Integer(64) 654 655 656class X520OrganizationalUnitName(univ.Choice): 657 pass 658 659 660X520OrganizationalUnitName.componentType = namedtype.NamedTypes( 661 namedtype.NamedType('teletexString', char.TeletexString().subtype( 662 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 663 namedtype.NamedType('printableString', char.PrintableString().subtype( 664 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 665 namedtype.NamedType('universalString', char.UniversalString().subtype( 666 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 667 namedtype.NamedType('utf8String', char.UTF8String().subtype( 668 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 669 namedtype.NamedType('bmpString', char.BMPString().subtype( 670 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) 671) 672 673 674class LocalPostalAttributes(PDSParameter): 675 pass 676 677 678teletex_organizational_unit_names = univ.Integer(5) 679 680 681class X520Title(univ.Choice): 682 pass 683 684 685X520Title.componentType = namedtype.NamedTypes( 686 namedtype.NamedType('teletexString', 687 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 688 namedtype.NamedType('printableString', 689 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 690 namedtype.NamedType('universalString', 691 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 692 namedtype.NamedType('utf8String', 693 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 694 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) 695) 696 697id_at_localityName = _buildOid(id_at, 7) 698 699id_at_initials = _buildOid(id_at, 43) 700 701ub_state_name = univ.Integer(128) 702 703 704class X520StateOrProvinceName(univ.Choice): 705 pass 706 707 708X520StateOrProvinceName.componentType = namedtype.NamedTypes( 709 namedtype.NamedType('teletexString', 710 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 711 namedtype.NamedType('printableString', 712 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 713 namedtype.NamedType('universalString', 714 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 715 namedtype.NamedType('utf8String', 716 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 717 namedtype.NamedType('bmpString', 718 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) 719) 720 721physical_delivery_organization_name = univ.Integer(14) 722 723id_at_surname = _buildOid(id_at, 4) 724 725 726class X520countryName(char.PrintableString): 727 pass 728 729 730X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) 731 732physical_delivery_office_number = univ.Integer(11) 733 734id_qt_unotice = _buildOid(id_qt, 2) 735 736 737class X520SerialNumber(char.PrintableString): 738 pass 739 740 741X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) 742 743 744class Attribute(univ.Sequence): 745 componentType = namedtype.NamedTypes( 746 namedtype.NamedType('type', AttributeType()), 747 namedtype.NamedType('values', 748 univ.SetOf(componentType=AttributeValue()), 749 openType=opentype.OpenType('type', certificateAttributesMap)) 750 ) 751 752ub_common_name = univ.Integer(64) 753 754id_pe = _buildOid(id_pkix, 1) 755 756 757class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): 758 pass 759 760 761class EmailAddress(char.IA5String): 762 pass 763 764 765EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) 766 767id_at_organizationName = _buildOid(id_at, 10) 768 769post_office_box_address = univ.Integer(18) 770 771 772class BuiltInDomainDefinedAttribute(univ.Sequence): 773 pass 774 775 776BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( 777 namedtype.NamedType('type', char.PrintableString().subtype( 778 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 779 namedtype.NamedType('value', char.PrintableString().subtype( 780 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) 781) 782 783 784class BuiltInDomainDefinedAttributes(univ.SequenceOf): 785 pass 786 787 788BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() 789BuiltInDomainDefinedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 790 791id_at_pseudonym = _buildOid(id_at, 65) 792 793id_domainComponent = _buildOid(0, 9, 2342, 19200300, 100, 1, 25) 794 795 796class X520CommonName(univ.Choice): 797 pass 798 799 800X520CommonName.componentType = namedtype.NamedTypes( 801 namedtype.NamedType('teletexString', 802 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 803 namedtype.NamedType('printableString', 804 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 805 namedtype.NamedType('universalString', 806 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 807 namedtype.NamedType('utf8String', 808 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 809 namedtype.NamedType('bmpString', 810 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) 811) 812 813extension_OR_address_components = univ.Integer(12) 814 815ub_organizational_units = univ.Integer(4) 816 817teletex_personal_name = univ.Integer(4) 818 819ub_numeric_user_id_length = univ.Integer(32) 820 821ub_common_name_length = univ.Integer(64) 822 823 824class TeletexCommonName(char.TeletexString): 825 pass 826 827 828TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) 829 830 831class PhysicalDeliveryOrganizationName(PDSParameter): 832 pass 833 834 835extension_physical_delivery_address_components = univ.Integer(15) 836 837 838class NumericUserIdentifier(char.NumericString): 839 pass 840 841 842NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) 843 844 845class CountryName(univ.Choice): 846 pass 847 848 849CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) 850CountryName.componentType = namedtype.NamedTypes( 851 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( 852 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), 853 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( 854 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 855) 856 857 858class OrganizationName(char.PrintableString): 859 pass 860 861 862OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) 863 864 865class OrganizationalUnitNames(univ.SequenceOf): 866 pass 867 868 869OrganizationalUnitNames.componentType = OrganizationalUnitName() 870OrganizationalUnitNames.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) 871 872 873class PrivateDomainName(univ.Choice): 874 pass 875 876 877PrivateDomainName.componentType = namedtype.NamedTypes( 878 namedtype.NamedType('numeric', char.NumericString().subtype( 879 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), 880 namedtype.NamedType('printable', char.PrintableString().subtype( 881 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) 882) 883 884 885class BuiltInStandardAttributes(univ.Sequence): 886 pass 887 888 889BuiltInStandardAttributes.componentType = namedtype.NamedTypes( 890 namedtype.OptionalNamedType('country-name', CountryName()), 891 namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), 892 namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( 893 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 894 namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( 895 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 896 namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( 897 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), 898 namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( 899 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 900 namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( 901 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), 902 namedtype.OptionalNamedType('personal-name', PersonalName().subtype( 903 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), 904 namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( 905 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) 906) 907 908 909class ORAddress(univ.Sequence): 910 pass 911 912 913ORAddress.componentType = namedtype.NamedTypes( 914 namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), 915 namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), 916 namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) 917) 918 919 920class DistinguishedName(RDNSequence): 921 pass 922 923 924id_ad_timeStamping = _buildOid(id_ad, 3) 925 926 927class PhysicalDeliveryOfficeNumber(PDSParameter): 928 pass 929 930 931teletex_domain_defined_attributes = univ.Integer(6) 932 933 934class UniquePostalName(PDSParameter): 935 pass 936 937 938physical_delivery_country_name = univ.Integer(8) 939 940ub_pds_name_length = univ.Integer(16) 941 942 943class PDSName(char.PrintableString): 944 pass 945 946 947PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) 948 949 950class TeletexPersonalName(univ.Set): 951 pass 952 953 954TeletexPersonalName.componentType = namedtype.NamedTypes( 955 namedtype.NamedType('surname', char.TeletexString().subtype( 956 subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( 957 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 958 namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( 959 subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( 960 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 961 namedtype.OptionalNamedType('initials', char.TeletexString().subtype( 962 subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( 963 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 964 namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( 965 subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( 966 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 967) 968 969street_address = univ.Integer(17) 970 971 972class PostOfficeBoxAddress(PDSParameter): 973 pass 974 975 976local_postal_attributes = univ.Integer(21) 977 978 979class DirectoryString(univ.Choice): 980 pass 981 982 983DirectoryString.componentType = namedtype.NamedTypes( 984 namedtype.NamedType('teletexString', 985 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 986 namedtype.NamedType('printableString', 987 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 988 namedtype.NamedType('universalString', 989 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 990 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 991 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) 992) 993 994teletex_common_name = univ.Integer(2) 995 996 997class CommonName(char.PrintableString): 998 pass 999 1000 1001CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) 1002 1003 1004class Certificate(univ.Sequence): 1005 pass 1006 1007 1008Certificate.componentType = namedtype.NamedTypes( 1009 namedtype.NamedType('tbsCertificate', TBSCertificate()), 1010 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 1011 namedtype.NamedType('signature', univ.BitString()) 1012) 1013 1014 1015class TeletexOrganizationalUnitName(char.TeletexString): 1016 pass 1017 1018 1019TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 1020 1021id_at_name = _buildOid(id_at, 41) 1022 1023 1024class TeletexOrganizationalUnitNames(univ.SequenceOf): 1025 pass 1026 1027 1028TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() 1029TeletexOrganizationalUnitNames.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) 1030 1031id_ce = _buildOid(2, 5, 29) 1032 1033id_ce_issuerAltName = _buildOid(id_ce, 18) 1034 1035 1036class SkipCerts(univ.Integer): 1037 pass 1038 1039 1040SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 1041 1042 1043class CRLReason(univ.Enumerated): 1044 pass 1045 1046 1047CRLReason.namedValues = namedval.NamedValues( 1048 ('unspecified', 0), 1049 ('keyCompromise', 1), 1050 ('cACompromise', 2), 1051 ('affiliationChanged', 3), 1052 ('superseded', 4), 1053 ('cessationOfOperation', 5), 1054 ('certificateHold', 6), 1055 ('removeFromCRL', 8), 1056 ('privilegeWithdrawn', 9), 1057 ('aACompromise', 10) 1058) 1059 1060 1061class PrivateKeyUsagePeriod(univ.Sequence): 1062 pass 1063 1064 1065PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( 1066 namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( 1067 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1068 namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( 1069 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1070) 1071 1072 1073anotherNameMap = { 1074 1075} 1076 1077 1078class AnotherName(univ.Sequence): 1079 componentType = namedtype.NamedTypes( 1080 namedtype.NamedType('type-id', univ.ObjectIdentifier()), 1081 namedtype.NamedType( 1082 'value', 1083 univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), 1084 openType=opentype.OpenType('type-id', anotherNameMap) 1085 ) 1086 ) 1087 1088 1089class EDIPartyName(univ.Sequence): 1090 pass 1091 1092 1093EDIPartyName.componentType = namedtype.NamedTypes( 1094 namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( 1095 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1096 namedtype.NamedType('partyName', DirectoryString().subtype( 1097 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 1098) 1099 1100 1101class GeneralName(univ.Choice): 1102 pass 1103 1104 1105GeneralName.componentType = namedtype.NamedTypes( 1106 namedtype.NamedType('otherName', 1107 AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1108 namedtype.NamedType('rfc822Name', 1109 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 1110 namedtype.NamedType('dNSName', 1111 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 1112 namedtype.NamedType('x400Address', 1113 ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 1114 namedtype.NamedType('directoryName', 1115 Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), 1116 namedtype.NamedType('ediPartyName', 1117 EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), 1118 namedtype.NamedType('uniformResourceIdentifier', 1119 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), 1120 namedtype.NamedType('iPAddress', 1121 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), 1122 namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( 1123 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) 1124) 1125 1126 1127class BaseDistance(univ.Integer): 1128 pass 1129 1130 1131BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 1132 1133 1134class GeneralSubtree(univ.Sequence): 1135 pass 1136 1137 1138GeneralSubtree.componentType = namedtype.NamedTypes( 1139 namedtype.NamedType('base', GeneralName()), 1140 namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( 1141 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), 1142 namedtype.OptionalNamedType('maximum', BaseDistance().subtype( 1143 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1144) 1145 1146 1147class GeneralNames(univ.SequenceOf): 1148 pass 1149 1150 1151GeneralNames.componentType = GeneralName() 1152GeneralNames.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1153 1154 1155class DistributionPointName(univ.Choice): 1156 pass 1157 1158 1159DistributionPointName.componentType = namedtype.NamedTypes( 1160 namedtype.NamedType('fullName', 1161 GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1162 namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( 1163 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1164) 1165 1166 1167class ReasonFlags(univ.BitString): 1168 pass 1169 1170 1171ReasonFlags.namedValues = namedval.NamedValues( 1172 ('unused', 0), 1173 ('keyCompromise', 1), 1174 ('cACompromise', 2), 1175 ('affiliationChanged', 3), 1176 ('superseded', 4), 1177 ('cessationOfOperation', 5), 1178 ('certificateHold', 6), 1179 ('privilegeWithdrawn', 7), 1180 ('aACompromise', 8) 1181) 1182 1183 1184class IssuingDistributionPoint(univ.Sequence): 1185 pass 1186 1187 1188IssuingDistributionPoint.componentType = namedtype.NamedTypes( 1189 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( 1190 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1191 namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( 1192 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), 1193 namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( 1194 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), 1195 namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( 1196 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 1197 namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( 1198 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), 1199 namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( 1200 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) 1201) 1202 1203id_ce_certificatePolicies = _buildOid(id_ce, 32) 1204 1205id_kp_emailProtection = _buildOid(id_kp, 4) 1206 1207 1208class AccessDescription(univ.Sequence): 1209 pass 1210 1211 1212AccessDescription.componentType = namedtype.NamedTypes( 1213 namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), 1214 namedtype.NamedType('accessLocation', GeneralName()) 1215) 1216 1217 1218class IssuerAltName(GeneralNames): 1219 pass 1220 1221 1222id_ce_cRLDistributionPoints = _buildOid(id_ce, 31) 1223 1224holdInstruction = _buildOid(2, 2, 840, 10040, 2) 1225 1226id_holdinstruction_callissuer = _buildOid(holdInstruction, 2) 1227 1228id_ce_subjectDirectoryAttributes = _buildOid(id_ce, 9) 1229 1230id_ce_issuingDistributionPoint = _buildOid(id_ce, 28) 1231 1232 1233class DistributionPoint(univ.Sequence): 1234 pass 1235 1236 1237DistributionPoint.componentType = namedtype.NamedTypes( 1238 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( 1239 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1240 namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( 1241 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 1242 namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( 1243 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 1244) 1245 1246 1247class CRLDistributionPoints(univ.SequenceOf): 1248 pass 1249 1250 1251CRLDistributionPoints.componentType = DistributionPoint() 1252CRLDistributionPoints.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1253 1254 1255class GeneralSubtrees(univ.SequenceOf): 1256 pass 1257 1258 1259GeneralSubtrees.componentType = GeneralSubtree() 1260GeneralSubtrees.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1261 1262 1263class NameConstraints(univ.Sequence): 1264 pass 1265 1266 1267NameConstraints.componentType = namedtype.NamedTypes( 1268 namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( 1269 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1270 namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( 1271 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1272) 1273 1274 1275class SubjectDirectoryAttributes(univ.SequenceOf): 1276 pass 1277 1278 1279SubjectDirectoryAttributes.componentType = Attribute() 1280SubjectDirectoryAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1281 1282id_kp_OCSPSigning = _buildOid(id_kp, 9) 1283 1284id_kp_timeStamping = _buildOid(id_kp, 8) 1285 1286 1287class DisplayText(univ.Choice): 1288 pass 1289 1290 1291DisplayText.componentType = namedtype.NamedTypes( 1292 namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 1293 namedtype.NamedType('visibleString', 1294 char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 1295 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 1296 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) 1297) 1298 1299 1300class NoticeReference(univ.Sequence): 1301 pass 1302 1303 1304NoticeReference.componentType = namedtype.NamedTypes( 1305 namedtype.NamedType('organization', DisplayText()), 1306 namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) 1307) 1308 1309 1310class UserNotice(univ.Sequence): 1311 pass 1312 1313 1314UserNotice.componentType = namedtype.NamedTypes( 1315 namedtype.OptionalNamedType('noticeRef', NoticeReference()), 1316 namedtype.OptionalNamedType('explicitText', DisplayText()) 1317) 1318 1319 1320class PolicyQualifierId(univ.ObjectIdentifier): 1321 pass 1322 1323 1324policyQualifierInfoMap = { 1325 1326} 1327 1328 1329class PolicyQualifierInfo(univ.Sequence): 1330 componentType = namedtype.NamedTypes( 1331 namedtype.NamedType('policyQualifierId', PolicyQualifierId()), 1332 namedtype.NamedType( 1333 'qualifier', univ.Any(), 1334 openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) 1335 ) 1336 ) 1337 1338 1339class CertPolicyId(univ.ObjectIdentifier): 1340 pass 1341 1342 1343class PolicyInformation(univ.Sequence): 1344 pass 1345 1346 1347PolicyInformation.componentType = namedtype.NamedTypes( 1348 namedtype.NamedType('policyIdentifier', CertPolicyId()), 1349 namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) 1350) 1351 1352 1353class CertificatePolicies(univ.SequenceOf): 1354 pass 1355 1356 1357CertificatePolicies.componentType = PolicyInformation() 1358CertificatePolicies.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1359 1360 1361class SubjectAltName(GeneralNames): 1362 pass 1363 1364 1365id_ce_basicConstraints = _buildOid(id_ce, 19) 1366 1367id_ce_authorityKeyIdentifier = _buildOid(id_ce, 35) 1368 1369id_kp_codeSigning = _buildOid(id_kp, 3) 1370 1371 1372class BasicConstraints(univ.Sequence): 1373 pass 1374 1375 1376BasicConstraints.componentType = namedtype.NamedTypes( 1377 namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), 1378 namedtype.OptionalNamedType('pathLenConstraint', 1379 univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) 1380) 1381 1382id_ce_certificateIssuer = _buildOid(id_ce, 29) 1383 1384 1385class PolicyMappings(univ.SequenceOf): 1386 pass 1387 1388 1389PolicyMappings.componentType = univ.Sequence( 1390 componentType=namedtype.NamedTypes( 1391 namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), 1392 namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) 1393 ) 1394) 1395 1396PolicyMappings.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1397 1398 1399class InhibitAnyPolicy(SkipCerts): 1400 pass 1401 1402 1403anyPolicy = _buildOid(id_ce_certificatePolicies, 0) 1404 1405 1406class CRLNumber(univ.Integer): 1407 pass 1408 1409 1410CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 1411 1412 1413class BaseCRLNumber(CRLNumber): 1414 pass 1415 1416 1417id_ce_nameConstraints = _buildOid(id_ce, 30) 1418 1419id_kp_serverAuth = _buildOid(id_kp, 1) 1420 1421id_ce_freshestCRL = _buildOid(id_ce, 46) 1422 1423id_ce_cRLReasons = _buildOid(id_ce, 21) 1424 1425id_ce_extKeyUsage = _buildOid(id_ce, 37) 1426 1427 1428class KeyIdentifier(univ.OctetString): 1429 pass 1430 1431 1432class AuthorityKeyIdentifier(univ.Sequence): 1433 pass 1434 1435 1436AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( 1437 namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( 1438 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1439 namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( 1440 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 1441 namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( 1442 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 1443) 1444 1445 1446class FreshestCRL(CRLDistributionPoints): 1447 pass 1448 1449 1450id_ce_policyConstraints = _buildOid(id_ce, 36) 1451 1452id_pe_authorityInfoAccess = _buildOid(id_pe, 1) 1453 1454 1455class AuthorityInfoAccessSyntax(univ.SequenceOf): 1456 pass 1457 1458 1459AuthorityInfoAccessSyntax.componentType = AccessDescription() 1460AuthorityInfoAccessSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1461 1462id_holdinstruction_none = _buildOid(holdInstruction, 1) 1463 1464 1465class CPSuri(char.IA5String): 1466 pass 1467 1468 1469id_pe_subjectInfoAccess = _buildOid(id_pe, 11) 1470 1471 1472class SubjectKeyIdentifier(KeyIdentifier): 1473 pass 1474 1475 1476id_ce_subjectAltName = _buildOid(id_ce, 17) 1477 1478 1479class KeyPurposeId(univ.ObjectIdentifier): 1480 pass 1481 1482 1483class ExtKeyUsageSyntax(univ.SequenceOf): 1484 pass 1485 1486 1487ExtKeyUsageSyntax.componentType = KeyPurposeId() 1488ExtKeyUsageSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1489 1490 1491class HoldInstructionCode(univ.ObjectIdentifier): 1492 pass 1493 1494 1495id_ce_deltaCRLIndicator = _buildOid(id_ce, 27) 1496 1497id_ce_keyUsage = _buildOid(id_ce, 15) 1498 1499id_ce_holdInstructionCode = _buildOid(id_ce, 23) 1500 1501 1502class SubjectInfoAccessSyntax(univ.SequenceOf): 1503 pass 1504 1505 1506SubjectInfoAccessSyntax.componentType = AccessDescription() 1507SubjectInfoAccessSyntax.subtypeSpec = constraint.ValueSizeConstraint(1, MAX) 1508 1509 1510class InvalidityDate(useful.GeneralizedTime): 1511 pass 1512 1513 1514class KeyUsage(univ.BitString): 1515 pass 1516 1517 1518KeyUsage.namedValues = namedval.NamedValues( 1519 ('digitalSignature', 0), 1520 ('nonRepudiation', 1), 1521 ('keyEncipherment', 2), 1522 ('dataEncipherment', 3), 1523 ('keyAgreement', 4), 1524 ('keyCertSign', 5), 1525 ('cRLSign', 6), 1526 ('encipherOnly', 7), 1527 ('decipherOnly', 8) 1528) 1529 1530id_ce_invalidityDate = _buildOid(id_ce, 24) 1531 1532id_ce_policyMappings = _buildOid(id_ce, 33) 1533 1534anyExtendedKeyUsage = _buildOid(id_ce_extKeyUsage, 0) 1535 1536id_ce_privateKeyUsagePeriod = _buildOid(id_ce, 16) 1537 1538id_ce_cRLNumber = _buildOid(id_ce, 20) 1539 1540 1541class CertificateIssuer(GeneralNames): 1542 pass 1543 1544 1545id_holdinstruction_reject = _buildOid(holdInstruction, 3) 1546 1547 1548class PolicyConstraints(univ.Sequence): 1549 pass 1550 1551 1552PolicyConstraints.componentType = namedtype.NamedTypes( 1553 namedtype.OptionalNamedType('requireExplicitPolicy', 1554 SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1555 namedtype.OptionalNamedType('inhibitPolicyMapping', 1556 SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1557) 1558 1559id_kp_clientAuth = _buildOid(id_kp, 2) 1560 1561id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) 1562 1563id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) 1564 1565# map of AttributeType -> AttributeValue 1566 1567_certificateAttributesMapUpdate = { 1568 id_at_name: X520name(), 1569 id_at_surname: X520name(), 1570 id_at_givenName: X520name(), 1571 id_at_initials: X520name(), 1572 id_at_generationQualifier: X520name(), 1573 id_at_commonName: X520CommonName(), 1574 id_at_localityName: X520LocalityName(), 1575 id_at_stateOrProvinceName: X520StateOrProvinceName(), 1576 id_at_organizationName: X520OrganizationName(), 1577 id_at_organizationalUnitName: X520OrganizationalUnitName(), 1578 id_at_title: X520Title(), 1579 id_at_dnQualifier: X520dnQualifier(), 1580 id_at_countryName: X520countryName(), 1581 id_at_serialNumber: X520SerialNumber(), 1582 id_at_pseudonym: X520Pseudonym(), 1583 id_domainComponent: DomainComponent(), 1584 id_emailAddress: EmailAddress(), 1585} 1586 1587certificateAttributesMap.update(_certificateAttributesMapUpdate) 1588 1589 1590# map of Certificate Extension OIDs to Extensions 1591 1592_certificateExtensionsMap = { 1593 id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), 1594 id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), 1595 id_ce_keyUsage: KeyUsage(), 1596 id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), 1597 id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects? 1598 id_ce_policyMappings: PolicyMappings(), 1599 id_ce_subjectAltName: SubjectAltName(), 1600 id_ce_issuerAltName: IssuerAltName(), 1601 id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), 1602 id_ce_basicConstraints: BasicConstraints(), 1603 id_ce_nameConstraints: NameConstraints(), 1604 id_ce_policyConstraints: PolicyConstraints(), 1605 id_ce_extKeyUsage: ExtKeyUsageSyntax(), 1606 id_ce_cRLDistributionPoints: CRLDistributionPoints(), 1607 id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), 1608 id_ce_cRLNumber: univ.Integer(), 1609 id_ce_deltaCRLIndicator: BaseCRLNumber(), 1610 id_ce_issuingDistributionPoint: IssuingDistributionPoint(), 1611 id_ce_cRLReasons: CRLReason(), 1612 id_ce_holdInstructionCode: univ.ObjectIdentifier(), 1613 id_ce_invalidityDate: useful.GeneralizedTime(), 1614 id_ce_certificateIssuer: GeneralNames(), 1615} 1616 1617certificateExtensionsMap.update(_certificateExtensionsMap) 1618