• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#
2# This file is part of pyasn1-modules software.
3#
4# Created by Russ Housley with assistance from asn1ate v.0.6.0.
5# Modified by Russ Housley to add maps for use with opentypes.
6#
7# Copyright (c) 2019, Vigil Security, LLC
8# License: http://snmplabs.com/pyasn1/license.html
9#
10# X.509 Extensions for IP Addresses and AS Identifiers
11#
12# ASN.1 source from:
13# https://www.rfc-editor.org/rfc/rfc3779.txt
14#
15
16from pyasn1.type import constraint
17from pyasn1.type import namedtype
18from pyasn1.type import tag
19from pyasn1.type import univ
20
21from pyasn1_modules import rfc5280
22
23
24# IP Address Delegation Extension
25
26id_pe_ipAddrBlocks = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.7')
27
28
29class IPAddress(univ.BitString):
30    pass
31
32
33class IPAddressRange(univ.Sequence):
34    pass
35
36IPAddressRange.componentType = namedtype.NamedTypes(
37    namedtype.NamedType('min', IPAddress()),
38    namedtype.NamedType('max', IPAddress())
39)
40
41
42class IPAddressOrRange(univ.Choice):
43    pass
44
45IPAddressOrRange.componentType = namedtype.NamedTypes(
46    namedtype.NamedType('addressPrefix', IPAddress()),
47    namedtype.NamedType('addressRange', IPAddressRange())
48)
49
50
51class IPAddressChoice(univ.Choice):
52    pass
53
54IPAddressChoice.componentType = namedtype.NamedTypes(
55    namedtype.NamedType('inherit', univ.Null()),
56    namedtype.NamedType('addressesOrRanges', univ.SequenceOf(
57        componentType=IPAddressOrRange())
58    )
59)
60
61
62class IPAddressFamily(univ.Sequence):
63    pass
64
65IPAddressFamily.componentType = namedtype.NamedTypes(
66    namedtype.NamedType('addressFamily', univ.OctetString().subtype(
67        subtypeSpec=constraint.ValueSizeConstraint(2, 3))),
68    namedtype.NamedType('ipAddressChoice', IPAddressChoice())
69)
70
71
72class IPAddrBlocks(univ.SequenceOf):
73    pass
74
75IPAddrBlocks.componentType = IPAddressFamily()
76
77
78# Autonomous System Identifier Delegation Extension
79
80id_pe_autonomousSysIds = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.8')
81
82
83class ASId(univ.Integer):
84    pass
85
86
87class ASRange(univ.Sequence):
88    pass
89
90ASRange.componentType = namedtype.NamedTypes(
91    namedtype.NamedType('min', ASId()),
92    namedtype.NamedType('max', ASId())
93)
94
95
96class ASIdOrRange(univ.Choice):
97    pass
98
99ASIdOrRange.componentType = namedtype.NamedTypes(
100    namedtype.NamedType('id', ASId()),
101    namedtype.NamedType('range', ASRange())
102)
103
104
105class ASIdentifierChoice(univ.Choice):
106    pass
107
108ASIdentifierChoice.componentType = namedtype.NamedTypes(
109    namedtype.NamedType('inherit', univ.Null()),
110    namedtype.NamedType('asIdsOrRanges', univ.SequenceOf(
111        componentType=ASIdOrRange())
112    )
113)
114
115
116class ASIdentifiers(univ.Sequence):
117    pass
118
119ASIdentifiers.componentType = namedtype.NamedTypes(
120    namedtype.OptionalNamedType('asnum', ASIdentifierChoice().subtype(
121        explicitTag=tag.Tag(tag.tagClassContext,
122        tag.tagFormatConstructed, 0))),
123    namedtype.OptionalNamedType('rdi', ASIdentifierChoice().subtype(
124        explicitTag=tag.Tag(tag.tagClassContext,
125        tag.tagFormatConstructed, 1)))
126)
127
128
129# Map of Certificate Extension OIDs to Extensions is added to the
130# ones that are in rfc5280.py
131
132_certificateExtensionsMapUpdate = {
133    id_pe_ipAddrBlocks: IPAddrBlocks(),
134    id_pe_autonomousSysIds: ASIdentifiers(),
135}
136
137rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)
138