1# 2# This file is part of pyasn1-modules software. 3# 4# Created by Russ Housley with assistance from asn1ate v.0.6.0. 5# Modified by Russ Housley to add items from the verified errata. 6# Modified by Russ Housley to add maps for use with opentypes. 7# 8# Copyright (c) 2019, Vigil Security, LLC 9# License: http://snmplabs.com/pyasn1/license.html 10# 11# CMS Firmware Wrapper 12# 13# ASN.1 source from: 14# https://www.rfc-editor.org/rfc/rfc4108.txt 15# https://www.rfc-editor.org/errata_search.php?rfc=4108 16# 17 18 19from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful 20 21from pyasn1_modules import rfc5280 22from pyasn1_modules import rfc5652 23 24MAX = float('inf') 25 26 27class HardwareSerialEntry(univ.Choice): 28 pass 29 30HardwareSerialEntry.componentType = namedtype.NamedTypes( 31 namedtype.NamedType('all', univ.Null()), 32 namedtype.NamedType('single', univ.OctetString()), 33 namedtype.NamedType('block', univ.Sequence(componentType=namedtype.NamedTypes( 34 namedtype.NamedType('low', univ.OctetString()), 35 namedtype.NamedType('high', univ.OctetString()) 36 )) 37 ) 38) 39 40 41class HardwareModules(univ.Sequence): 42 pass 43 44HardwareModules.componentType = namedtype.NamedTypes( 45 namedtype.NamedType('hwType', univ.ObjectIdentifier()), 46 namedtype.NamedType('hwSerialEntries', univ.SequenceOf(componentType=HardwareSerialEntry())) 47) 48 49 50class CommunityIdentifier(univ.Choice): 51 pass 52 53CommunityIdentifier.componentType = namedtype.NamedTypes( 54 namedtype.NamedType('communityOID', univ.ObjectIdentifier()), 55 namedtype.NamedType('hwModuleList', HardwareModules()) 56) 57 58 59 60class PreferredPackageIdentifier(univ.Sequence): 61 pass 62 63PreferredPackageIdentifier.componentType = namedtype.NamedTypes( 64 namedtype.NamedType('fwPkgID', univ.ObjectIdentifier()), 65 namedtype.NamedType('verNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) 66) 67 68 69class PreferredOrLegacyPackageIdentifier(univ.Choice): 70 pass 71 72PreferredOrLegacyPackageIdentifier.componentType = namedtype.NamedTypes( 73 namedtype.NamedType('preferred', PreferredPackageIdentifier()), 74 namedtype.NamedType('legacy', univ.OctetString()) 75) 76 77 78class CurrentFWConfig(univ.Sequence): 79 pass 80 81CurrentFWConfig.componentType = namedtype.NamedTypes( 82 namedtype.OptionalNamedType('fwPkgType', univ.Integer()), 83 namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()) 84) 85 86 87class PreferredOrLegacyStalePackageIdentifier(univ.Choice): 88 pass 89 90PreferredOrLegacyStalePackageIdentifier.componentType = namedtype.NamedTypes( 91 namedtype.NamedType('preferredStaleVerNum', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), 92 namedtype.NamedType('legacyStaleVersion', univ.OctetString()) 93) 94 95 96class FirmwarePackageLoadErrorCode(univ.Enumerated): 97 pass 98 99FirmwarePackageLoadErrorCode.namedValues = namedval.NamedValues( 100 ('decodeFailure', 1), 101 ('badContentInfo', 2), 102 ('badSignedData', 3), 103 ('badEncapContent', 4), 104 ('badCertificate', 5), 105 ('badSignerInfo', 6), 106 ('badSignedAttrs', 7), 107 ('badUnsignedAttrs', 8), 108 ('missingContent', 9), 109 ('noTrustAnchor', 10), 110 ('notAuthorized', 11), 111 ('badDigestAlgorithm', 12), 112 ('badSignatureAlgorithm', 13), 113 ('unsupportedKeySize', 14), 114 ('signatureFailure', 15), 115 ('contentTypeMismatch', 16), 116 ('badEncryptedData', 17), 117 ('unprotectedAttrsPresent', 18), 118 ('badEncryptContent', 19), 119 ('badEncryptAlgorithm', 20), 120 ('missingCiphertext', 21), 121 ('noDecryptKey', 22), 122 ('decryptFailure', 23), 123 ('badCompressAlgorithm', 24), 124 ('missingCompressedContent', 25), 125 ('decompressFailure', 26), 126 ('wrongHardware', 27), 127 ('stalePackage', 28), 128 ('notInCommunity', 29), 129 ('unsupportedPackageType', 30), 130 ('missingDependency', 31), 131 ('wrongDependencyVersion', 32), 132 ('insufficientMemory', 33), 133 ('badFirmware', 34), 134 ('unsupportedParameters', 35), 135 ('breaksDependency', 36), 136 ('otherError', 99) 137) 138 139 140class VendorLoadErrorCode(univ.Integer): 141 pass 142 143 144# Wrapped Firmware Key Unsigned Attribute and Object Identifier 145 146id_aa_wrappedFirmwareKey = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.39') 147 148class WrappedFirmwareKey(rfc5652.EnvelopedData): 149 pass 150 151 152# Firmware Package Information Signed Attribute and Object Identifier 153 154id_aa_firmwarePackageInfo = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.42') 155 156class FirmwarePackageInfo(univ.Sequence): 157 pass 158 159FirmwarePackageInfo.componentType = namedtype.NamedTypes( 160 namedtype.OptionalNamedType('fwPkgType', univ.Integer()), 161 namedtype.OptionalNamedType('dependencies', univ.SequenceOf(componentType=PreferredOrLegacyPackageIdentifier())) 162) 163 164FirmwarePackageInfo.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) 165 166 167# Community Identifiers Signed Attribute and Object Identifier 168 169id_aa_communityIdentifiers = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.40') 170 171class CommunityIdentifiers(univ.SequenceOf): 172 pass 173 174CommunityIdentifiers.componentType = CommunityIdentifier() 175 176 177# Implemented Compression Algorithms Signed Attribute and Object Identifier 178 179id_aa_implCompressAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.43') 180 181class ImplementedCompressAlgorithms(univ.SequenceOf): 182 pass 183 184ImplementedCompressAlgorithms.componentType = univ.ObjectIdentifier() 185 186 187# Implemented Cryptographic Algorithms Signed Attribute and Object Identifier 188 189id_aa_implCryptoAlgs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.38') 190 191class ImplementedCryptoAlgorithms(univ.SequenceOf): 192 pass 193 194ImplementedCryptoAlgorithms.componentType = univ.ObjectIdentifier() 195 196 197# Decrypt Key Identifier Signed Attribute and Object Identifier 198 199id_aa_decryptKeyID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.37') 200 201class DecryptKeyIdentifier(univ.OctetString): 202 pass 203 204 205# Target Hardware Identifier Signed Attribute and Object Identifier 206 207id_aa_targetHardwareIDs = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.36') 208 209class TargetHardwareIdentifiers(univ.SequenceOf): 210 pass 211 212TargetHardwareIdentifiers.componentType = univ.ObjectIdentifier() 213 214 215# Firmware Package Identifier Signed Attribute and Object Identifier 216 217id_aa_firmwarePackageID = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.35') 218 219class FirmwarePackageIdentifier(univ.Sequence): 220 pass 221 222FirmwarePackageIdentifier.componentType = namedtype.NamedTypes( 223 namedtype.NamedType('name', PreferredOrLegacyPackageIdentifier()), 224 namedtype.OptionalNamedType('stale', PreferredOrLegacyStalePackageIdentifier()) 225) 226 227 228# Firmware Package Message Digest Signed Attribute and Object Identifier 229 230id_aa_fwPkgMessageDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.41') 231 232class FirmwarePackageMessageDigest(univ.Sequence): 233 pass 234 235FirmwarePackageMessageDigest.componentType = namedtype.NamedTypes( 236 namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), 237 namedtype.NamedType('msgDigest', univ.OctetString()) 238) 239 240 241# Firmware Package Load Error Report Content Type and Object Identifier 242 243class FWErrorVersion(univ.Integer): 244 pass 245 246FWErrorVersion.namedValues = namedval.NamedValues( 247 ('v1', 1) 248) 249 250 251id_ct_firmwareLoadError = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.18') 252 253class FirmwarePackageLoadError(univ.Sequence): 254 pass 255 256FirmwarePackageLoadError.componentType = namedtype.NamedTypes( 257 namedtype.DefaultedNamedType('version', FWErrorVersion().subtype(value='v1')), 258 namedtype.NamedType('hwType', univ.ObjectIdentifier()), 259 namedtype.NamedType('hwSerialNum', univ.OctetString()), 260 namedtype.NamedType('errorCode', FirmwarePackageLoadErrorCode()), 261 namedtype.OptionalNamedType('vendorErrorCode', VendorLoadErrorCode()), 262 namedtype.OptionalNamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()), 263 namedtype.OptionalNamedType('config', univ.SequenceOf(componentType=CurrentFWConfig()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 264) 265 266 267# Firmware Package Load Receipt Content Type and Object Identifier 268 269class FWReceiptVersion(univ.Integer): 270 pass 271 272FWReceiptVersion.namedValues = namedval.NamedValues( 273 ('v1', 1) 274) 275 276 277id_ct_firmwareLoadReceipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.17') 278 279class FirmwarePackageLoadReceipt(univ.Sequence): 280 pass 281 282FirmwarePackageLoadReceipt.componentType = namedtype.NamedTypes( 283 namedtype.DefaultedNamedType('version', FWReceiptVersion().subtype(value='v1')), 284 namedtype.NamedType('hwType', univ.ObjectIdentifier()), 285 namedtype.NamedType('hwSerialNum', univ.OctetString()), 286 namedtype.NamedType('fwPkgName', PreferredOrLegacyPackageIdentifier()), 287 namedtype.OptionalNamedType('trustAnchorKeyID', univ.OctetString()), 288 namedtype.OptionalNamedType('decryptKeyID', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 289) 290 291 292# Firmware Package Content Type and Object Identifier 293 294id_ct_firmwarePackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.16') 295 296class FirmwarePkgData(univ.OctetString): 297 pass 298 299 300# Other Name syntax for Hardware Module Name 301 302id_on_hardwareModuleName = univ.ObjectIdentifier('1.3.6.1.5.5.7.8.4') 303 304class HardwareModuleName(univ.Sequence): 305 pass 306 307HardwareModuleName.componentType = namedtype.NamedTypes( 308 namedtype.NamedType('hwType', univ.ObjectIdentifier()), 309 namedtype.NamedType('hwSerialNum', univ.OctetString()) 310) 311 312 313# Map of Attribute Type OIDs to Attributes is added to the 314# ones that are in rfc5652.py 315 316_cmsAttributesMapUpdate = { 317 id_aa_wrappedFirmwareKey: WrappedFirmwareKey(), 318 id_aa_firmwarePackageInfo: FirmwarePackageInfo(), 319 id_aa_communityIdentifiers: CommunityIdentifiers(), 320 id_aa_implCompressAlgs: ImplementedCompressAlgorithms(), 321 id_aa_implCryptoAlgs: ImplementedCryptoAlgorithms(), 322 id_aa_decryptKeyID: DecryptKeyIdentifier(), 323 id_aa_targetHardwareIDs: TargetHardwareIdentifiers(), 324 id_aa_firmwarePackageID: FirmwarePackageIdentifier(), 325 id_aa_fwPkgMessageDigest: FirmwarePackageMessageDigest(), 326} 327 328rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) 329 330 331# Map of Content Type OIDs to Content Types is added to the 332# ones that are in rfc5652.py 333 334_cmsContentTypesMapUpdate = { 335 id_ct_firmwareLoadError: FirmwarePackageLoadError(), 336 id_ct_firmwareLoadReceipt: FirmwarePackageLoadReceipt(), 337 id_ct_firmwarePackage: FirmwarePkgData(), 338} 339 340rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) 341 342 343# Map of Other Name OIDs to Other Name is added to the 344# ones that are in rfc5280.py 345 346_anotherNameMapUpdate = { 347 id_on_hardwareModuleName: HardwareModuleName(), 348} 349 350rfc5280.anotherNameMap.update(_anotherNameMapUpdate) 351